|
Posted by Bit Twister on June 14, 2005, 3:32 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>:On Tue, 14 Jun 2005 18:32:46 GMT, Mister C wrote:
>:> This is my setup:
>
>:> 1. I use WinXP + SP1 at home.
>
>:Hmmm, missing lots of updates there. Poor security practice.
>
> As best I (not a Windows expert!) can tell, Microsoft is making
> security patches available for both SP1 and SP2 at present.
(not a Windows expert either) but I would bet they are not.
> Is there a significant security difference between fully-patched SP1
> and fully-patched SP2?
Then why make a SP2.
> I was running SP2 but there was something that wasn't working that
> did work under SP1 that I installed on a different partition.
See there is a difference between SP1 and SP2. I would guess sp2 closed
a security flaw on a system call used by the defunct application.
Could have been an update to make a system call argument mandatory
which is not provided in the failing application causing it to fail.
> If one cannot effectively run one's system with SP2 but can with
> SP1, then is it truly "good security practice" to upgrade to the
> version that is functionally unusable under the local circumstances?
You might want to read the above sentence out loud.
Having an unpatched system is negligent.
Let's say someone uses your unpatched system to steal credit cards and
sells them using your system. Do you think, "but, but, judge, I
installed a patch and I could not run one of my applications so I
backed out the patch." is going to keep you out of jail.
> If so, then would it not be even better security practice to upgrade
> to Windows HP -- a version of Windows that consists of nothing other
> than repeated processor HALT instructions, to keep the system from
> running anything at all ?
Now you are just being stupid. :(
http://www.eeye.com/html/research/upcoming/
My solution was to install Mandrive/Mandrake linux. :)
| 
XML site map