| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Aug 2006 04:56:01 -0400
From: wac <waldoalvarez00@...il.com>
To: "Eliah Kagan" <degeneracypressure@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: 70 million computers are using Windows 98 right
now
On 8/1/06, Eliah Kagan <degeneracypressure@...il.com> wrote:
>
> On 7/27/06, wac wrote:
> > > > Now, Linux is definitely not a natural migration pathway. That
> theory
> > of
> > > > adapting server oriented operating systems to the desktop, and
> believe
> > if
> > > > was going to be a succes has proven to be wrong.
> > >
> > > Really? Windows 2000, Windows XP, and Mac OS X seem to work pretty
> > > well for novice users...
> >
> >
> > Sorry I don't get the point here.
> >
> > > Or are you belaboring the misguided claim that Linux is fundamentally
> > > a server-based system but that Windows NT is not?
> >
> >
> > There was Windows NT workstation ;). With windows was the other way.
> From
> > desktop to server. Of course you can change Linux so much that it won't
> be
> > Linux anymore. Definitely putting an X server on top of unix won't make
> it
> > ready for desktop, that's a fact.
>
> Are you honestly claiming that Windows NT Server has a nonintuitive
> user interface and yet Windows NT Workstation has an intuitive user
> interface? (Or was that a joke?) They are the same operating system
> except for additional executables and registry tweaks.
Of course not, they are almost the same. Hey! take a look at winNT
4.0resources in explorer some bitmaps say windows NT server,
workstation and
there was a 3rd one, I don't remember very well. I don't even consider
windows OS server oriented at all (that is why I mentioned the workstation
thing if interested). I can say then something similar. Adapting desktop
oriented OS to server ... And yes numbers proof that. Anyway I guess is a
problem of selling more or having it installed on more computers. But then
that's not my problem. Mine and many others are having their problems
solved. And yes I can tell you a couple of stories about that. I have some
windows servers. And guess what. I'm praying for a linux/freebsd or whatever
*nix you can name. But then the persons across the sea just can't install
that. Then I guess that would give you an answer about the installer
interfaces you talk later. No, they just can't intall a Linux at all, and
beleive me, I tried hard to make that happen. Imagine a FreeBSD or something
else. My only chances would have been for example to use some virtualization
software and install other OS in some partition and then pray that a boot
loader installer from windows would wake up correctly the other OS. As you
can see that was a big IF we were not ready to take. Anyway I was left
without choices and now the software those servers run had to be built on
top of Windows. Well IOCompletionsPorts work OK as long as the non paged
pool doesn't drains out when the number of opened sockets goes too high. Yes
even with the registry hack to increase its size. Also the use of windows
for example included having to install a comercial SSH software instead of
OpennSSH (no the cywin port was not ok, it hanged the server sometimes
because of it's emulation created a process for every user logged in). Ohh
yes we are talking about real money here. Beleive me I really prayed for a
damn good user friendly installer once.
When you said,
> "server-based" I thought you meant "designed for enterprise
> client-server situations." If you mean "designed to be used
> exclusively on a dedicated server box operated by a technically
> learned network administrator" then (by definition) no general purpose
> operating system (be it Windows, Linux, FreeBSD, OpenBSD, NetBSD, or
> any other) is server-based. Saying that noobs can't use Linux doesn't
> make it so. FreeBSD is a particular general purpose operating system
> that is perhaps almost exclusively used by people who know well what
> they are doing (or are willing to put in the time and effort to
> learn)--and Mac OS X is based on FreeBSD. (To be fair, some elements
> are based on NeXTstep, which is another operating system used almost
> exclusvely by the technically inclined.)
This notion that you can't
> take an operating system that has been traditionally hard to use and
> make it easier is senslessly defeatist and unsupported by evidence,
> though it may be partially self-fulfilling.
Ok where is that evidence? MacOS X is not a good example when you have
little choices you can make. What would you intall in a mac instead? Linux?
Then I guess we have the same situation here. But also keep in mind that the
only thing that Mc X got from freebsd was the kernel. Anyway I'm not an
expert here so I guess that I can't talk very much about the subject. So far
I see that Windows is more used on the desktop than any other OS and yet you
have to pay for the license (or violate it) and all the rest of the sh.. we
all know. And now some Macs have intel inside. Are we going to see the Apple
selling Wintel too in the future? Maybe, when they realize that they are
probably going to sell more computers.
As an aside, if you're saying that Windows NT is even based on Windows
> 9x, I would take argument with this.
This is a claim I never did.
Would you say that OS/2 is based
> on Windows 9x?
Of course not. It was based somehow in MS-DOS. It was supposed to be the
succesor of that one. But then M$ dropped the whole thing to IBM and made
Windows.
Windows 9x is based on,
and essentially the same
> operating system as, Windows 3.x,
No. That's wrong. It maybe is essentially the same that Win 3.x + Wins32 (9x
was superior of course). But hey win 3.x was 16 bits and was preentive to
name a few.
but Windows NT is wholly different
> (and wholly superior).
Not as different as win9x and win3.x. But yes that 16 bits superlock,
kernel writable memory zones, and the not secure at all FAT that 9x had
makes NT a lot superior. There were more thigs too ;) but that is written on
msdn.
> > Have them install ReactOS without assistance, and get back to me.
> > > (Hopefully their machine doesn't have fake parity RAM.)
> >
> >
> > Is the same way as windows 2000 and they have done that already.
>
> It is the same way as Windows 2000 when it works...but if they have
> installed it successfully, and they are technically clueless, then
> that does speak well of ReactOS--it says that its installer can
> compete with the installer in Ubuntu, or Fedora, or Mandriva...all
> stable systems compared with ReactOS.
>
> > > Or you could use NDISwrapper in Linux (or FreeBSD) and run your
> > > Windows drivers, without rewriting any driver code. Sure, it doesn't
> > > work for everything. Neither does ReactOS.
> >
> > Why try to put patches to linux when you can have a non patched system
> ready
> > to go? And with 0 lerning time too ;). From the security point of view
> > that's important since it starts right at the user. Remember how many
> > security problems we see today with incorrectly configured
> systems. Observe
> > also that you have to patch the thing from 2 sides, putting an emulation
> > layer on top of it and down in the kernel.
>
> If your purpose is to run Windows programs in a Windows environment,
> only, then ideally ReactOS is better than Linux--when ReactOS becomes
> stable enough to be suitable for production environments, this will
> really be the case.
>
> It is worth mentioning that NDISwrapper is not a "patch" for Linux in
> the sense that has all the connotations--it is a part of the kernel.
> You don't have to be running a forked-off kernel to use
> NDISwrapper--you just have to enable the module.
Is a patch in the sense that you have to put something extra that maybe
works if properly configured. Too mucho ifs. Looks like compiling something
for cygwin in order to make it run in windows. Jeje I could tell you about
that a couple of things. And yes luckly we now have modules in the linux
kernel if enabled. Anyway I doubt that my next door neighbour will do that
ok. Jeje I would have to have a look at the manual before even using
modprobe. Jeje imagine making him manually install a driver made for windows
using that. Guess what. I will tell you a little secret.I once tried to run
WINE just to look how that worked. Well it started giving troubles here and
there and since I was only doing that for mere curiosity well I have never
emulated a damn thing in there. I probably have managed to end up running
something there but then with Windows/ReactOS thing are so simple. And then
that is the whole point. Why waste your time when you don't have too? Keep
in mind that if something doesn't runs in ReactOS then it probably doesn't
works in WINE either since that layer is the same. So aside from stability
there is not much that a WINE+Linux+NdisWrapper will fix things.
Many of the incorrectly configured systems are Windows systems, and
> many are Linux or other *nix systems as well. These days, most are due
> to network administrators going and turning services on that were off
> by default without securing them. Almost all popular Linux
> distributions today ship with services turned off by default or with
> their ports firewalled by default.
>
> > Yes there is sense. I'm making a critic to those that make things hard
> > without need. Also why adapt a server oriented OS when you don't have
> to?
>
> The operating systems you are referring to as "server oriented" seem
> to be the ones that would be better-labeled "stable and powerful
> enough to be used in big enterprise environments.
No I refer to server oriented OS to those that are better designed prepared
to.... Run in server scenarios. For example not havig a GUI when you don't
need it eating memory that could be spent in for example more threads or
opened sockets or cache. And that also eat bandwidth. Or for example having
remote management tools that really work. With windows sooner or later you
end up using terminal services (for example to install software remotely but
not reduced to that). Ohh well I have dialup. And no ADSL or some high
bandwith connection is not an option sometimes. Jeje that takes ages. Not to
mention that you have to leave an opened port (that puts open to the
internet another gimme user password ready to be bruteforced/list forced or
something if not properly configured to delay succesive attempts) in order
to allow that comunication unless for example you route all that traffic
over an SSH channel. Tricks and patches here and there. Well fortunately it
works. But never for example as a linux would do. Come on even to acces the
help you can't open a man page or something like it.
" Desktop
> environments deserve to not crash and not suck too. 'Nuff said.
Of course but then that goes for all the software.
> What is more effective, that some people develop something situable or
> > millions have to learn something without need? Definitely less resources
> > will be wasted. And we are talking about a big difference.
>
> Would you care to tell me about all the arcane skills that Mac OS X
> users have had to learn to run their UNIX variant?
You have just given another example then ;).
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists