Re: To SP2 or not to SP2?
From: Bob Ladbury (rladbury_at_kittymail.com)
Date: 03/19/05
- Next message: Jack Sandweiss: "Re: Very simple request on Linksys."
- Previous message: Phil: "Re: Very simple request on Linksys."
- In reply to: Melvin Klassen: "Re: To SP2 or not to SP2?"
- Next in thread: Vanguard: "Re: To SP2 or not to SP2?"
- Reply: Vanguard: "Re: To SP2 or not to SP2?"
- Reply: Melvin Klassen: "Re: To SP2 or not to SP2?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 19 Mar 2005 00:10:51 -0800
Klassen@UVic.CA (Melvin Klassen) wrote in message news:<edkDsTLBzWmk-pn2-lhZWdc12VRfc@localhost>...
> On Thu, 17 Mar 2005 22:19:55, rladbury@kittymail.com wrote:
>
> > I'm sitting on the fence as far as downloading the new
> > Windows XP Sp2 service pack. I've read a lot of reviews,
> > good/bad, but still don't know enough to decide whether
> > I should install the SP2 pack. I note that some "security
> > people" prefer not to touch any windows updates at all.
> > I'd like to get some opinions on precisely why (or if) I
> > should install SP2 (after you read my background!). If I
> > can determine this thing will be of no use to me, I'd rather
> > keep my computer resources intact and avoid it.
> >
> > I'll go through the PRO's side first, because they don't do
> > anything for me:
>
> There are other security-improvements that you didn't list.
> Note that some of the most-recent "buffer-overflow" exploits
> do not affect computers running SP2 -- Microsoft proactively(!)
> fixed many potential exploits, by recompiling most of the source.
If I didn't list them, its because I never found anything on them.
That's why
I posted this message. To my knowledge, Microsoft did not put out a
list
of what specific 'exploits' SP2 was designed to protect against. All I
could
find from them about SP2 is just general improvements made, much of
what i mentioned here. If you know where I can obtain a list of such
information concerning the specific exploits SP2 is supposed to
protect
against, I'd love to hear about it.
> In addition, the pop-up blocker within IE does work, if you do use IE.
>
> > - Installs improved Firewall:
>
> The "base" one works fine, for an "end-user" computer,
> i.e., one not part of a SOHO network. The updated firewall _is_
> improved.
Well, why do you think I called it an "improved firewall"? I also
mentioned
the fact that improved or not, its still a lousy firewall compared to
even
the worst 3rd party firewalls. And I already happen to have the best,
so
as mentioned, this does nothing for me.
> > - Security Improvements to IE and Outlook Express: I don't use Internet
> > Explorer and avoid it like the plague. I only use it if a site won't
> > work with an alternative browser, and even then, I set the security
> > settings as tight as I can. I also don't use Outlook, or any MS program
> > if I can avoid it.
>
> If you do get a virus/worm/trojan on your computer,
> it may exploit IE or OE or Outlook, unless you've patched them.
> Either way, your computer is still infected.
How do you figure, when you just quoted me as saying that I don't use
IE, OE or Outlook?
> > - Security Center: This is nothing short of a joke.
> >
> > - Wireless/Bluetooth Improvements:
> >
> > - Improvements to Windows Media Player:
> >
> > - DEP Feature:
>
> > - Automatic Updates:
> >
> > CON's:
> >
> > So far, I haven't seen a legitimate reason to install SP2, only many
> > reasons not to. Including the fact that you are taking your life in
> > your hands if you try to uninstall it (I once trashed one and a half
> > years of work trying to install SP2). It takes hundreds of megs of HD
> > space, and I'd rather use that for something more suitable, if
> > necessary.
>
> Disk-space is cheap!
Not on my hard drive it isn't, thank you very much.
> Yes, it takes some space to download the SP file(s).
> When you run the file(s), they unpack to a "temporary" directory --
> more space.
> It writes a backup of the about-to-be-changed files into an
> "uninstall" directory - more space.
>
> When the install is complete, and you're happy with SP2,
> you can delete the above files, and reclaim the space.
The reason I'm asking about what SP2 does, is because I want to know
if its
worthwhile -before- installing it, so I can avoid having to go to all
the
fuss you just described (and more). I can very well know whether it's
worthy my while if I know exactly all that it purports to fix or patch
up.
I'm sorry but simply running it is not going to tell me that. Not to
imply that there's anything "simple" about installing this beast...
> > Yes, I realize just installing SP2 means I can begin receiving regular
> > Windows updates, which I won't be able to under my present SP1.
>
> Huh? Automatic updating is available in SP1.
> (My Computer -> right-mouse click -> Properties -> Automatic Updates
> tab)
Haven't tried it yet, but I read somewhere that SP2 spells the death
of SP1 updates. Are they the same updates for SP2 as SP1? It would
seem not, since SP2 has functions and capabilities SP1 doesn't. It
would also seem that if SP1 updates are still available, they won't be
for too long, when MS finally manages to finish updating most people's
machines for SP2. After all, the first thing the updates tell you when
you have SP1 is to take the SP2 update!
> > But I'm also nervous
> > about the Windows Updates, from all the horror stories about people's
> > PC's slowing down, crashing or worse, after taking windows updates.
> > Hackers always seem to treate new updates and service packs as a
> > challenge to circumvent anyway, and I've also read of SP2's security
> > being compromised by such hackers. Maybe in that sense, SP1 machines
> > are safer?
>
> Safer? Not in my opinion. To be safe:
So you're saying all those "potential exploit" patches and all the
rest that SP2 does doesn't make you any safer? I guess that means
you're advising me not to download it.
(BTW, there's a difference between "safe" and "safer"...).
> * run a firewall, to block net-based attacks.
> * run a _quality_ anti-virus product (
> http://www.my-eTrust.com/microsoft )
> to scan what you allow into your computer via E-mail attachments,
> malicious content on web-pages, P2P-content, USENET newsgroups, et
> cetera.
> * practise "safe-computing".
> * try the free Microsoft spyware-scanner (
> http://www.microsoft.com/security )
> * update everything (WinAmp, putty, RealPlayer, AcrobatReader, WinZip)
> that you have chosen to install.
> * apply SP2, and then allow Automatic Updates to download the post-SP2
> fixes.
So now you're advising me that I should take SP2?? And I still don't
know why, because I don't have nearly enough information to make a
judgement as to whether this service pack is worthwhile.
- Next message: Jack Sandweiss: "Re: Very simple request on Linksys."
- Previous message: Phil: "Re: Very simple request on Linksys."
- In reply to: Melvin Klassen: "Re: To SP2 or not to SP2?"
- Next in thread: Vanguard: "Re: To SP2 or not to SP2?"
- Reply: Vanguard: "Re: To SP2 or not to SP2?"
- Reply: Melvin Klassen: "Re: To SP2 or not to SP2?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
