LIT and security

[crysede]

Good idea

Yeah. Like I said. WE ARE SECURE.

Let's worry about something else now, like Flouride.

The Dangers of Fluoride!

Let the panic commence!

 

[Byron In Exile]

Re: Good idea

The Dangers of Fluoride!

Let the panic commence!

Well, I don't know if it's worth a complete panic, but it's definitely scarier than dirty gym socks.

 

[The Heretic]

Re: Re: Re: Re: It's all done with cookies

They own the desktop, but I still miss OS/2.

Well, OS/2 lives on in NT - more or less.

It wasn't conciously anything to do with that, he just... sort of... "changed."

I've worked with people who quit MS because they could get out of the test department into development. Anytime we discussed MS it was like they had been brainwashed; MS/Bill Gates could do no wrong, etc. - and they weren't even working there anymore. Eventually they went back to work for MS.

I agree -- for lo, the time shall come when their great temples are converted into low-cost housing, and their priests and acolytes sold into training at more efficient and productive companies. Yea, and there shall be a great rejoicing upon the 'Net in those days.

I don't know that they will go away - I kind of doubt it. For a monopoly and a large org, they are rather agile, but not agile enough. Look at IBM; at one time they were just as big and a lot more stodgy - now IBM is well known (in the software engineering arena) as being on the cutting edge of both software and hardware development; for example, IBM is a driving force in the Linux and Java development worlds.

 

[LukkyKnight]

Yeah. Like I said. WE ARE SECURE.

Let's worry about something else now, like Flouride.

Why do you always bring up these inflamatory topics? Can't we all just get along?

 

[Pyper]

Re: Good idea

The Dangers of Fluoride!

Let the panic commence!

What about aspartame or whatever it's called? If given to rats by the truckload, that stuff's deadly.

 

[Guru]

 

[Byron In Exile]

Thanks for the tip Draco. If Lit's SQL servers will allow multiple simultaneous log-ins to the same account from separate IP's...well, obviously it's swiss cheesey.

Insisting on separate IP numbers wouldn't be good. Different computers used by different people may present the same IP number: for example, on a corporate LAN behind a firewall.

Not allowing simultaneous logins is another matter, but it wouldn't really enhance security.

I think the simplest security precaution is to ensure one's Lit password is different from all one's other passwords and use a personal firewall, as the most plausible real life concern would be someone getting into Lit's Admin features and potentially being able to see your IP address and password and backtracking into your machine.

Your IP address is not private information. However, your password should be. Using the same password for two things is a bad idea, but it's what many people do, since it's easier to remember one password. But that can give an administrator at one site access to your account at another. Each password one uses should be unique.

 

[Byron In Exile]

Re: Re: Re: Re: Re: It's all done with cookies

I don't know that they will go away - I kind of doubt it. For a monopoly and a large org, they are rather agile, but not agile enough. Look at IBM; at one time they were just as big and a lot more stodgy - now IBM is well known (in the software engineering arena) as being on the cutting edge...

IBM once ruled the computer world. No company could have unseated them once they entered the personal computer market: they had to do it to themselves. It's hard to believe the way they repeatedly shot themselves in the foot, but it'll probably be the same story with Microsoft.

 

[Byron In Exile]

Security with Microsoft...

http://www.osdata.com/holistic/security/pict/marketshare.gif             http://www.osdata.com/holistic/security/pict/defaced.gif

 

[Byron In Exile]

Re: Re: Re: Re: Re: It's all done with cookies

Well, OS/2 lives on in NT - more or less.

This got me wondering where exactly the divergence was, and I found some interesting articles. Apparently what of OS/2 lives on in NT are all the serious design problems of the early 16-bit version 1.3, which were corrected by IBM after the split. Version 2.11 was the first I used, and it was remarkably smooth and stable, at a time when Windows 95 was just "smoke on the horizon."

If the history is of interest, check out this article from "IQ Newsletter" issue #7, Jan 2000: The Big Blue - Redmond Connection by Diane Gartner

Here are some excerpts on the relationship of OS/2 to NT that I thought particularly interesting, which may help answer the eternal question of why Windows seems to be so incurably unstable (emphasis added):

IBM initially was working on the kernal of OS/2 while Microsoft worked on the Presentation Manager. By 1990, that particular division of labor shifted and IBM took over the development of OS/2, ultimately bringing major improvements from top to bottom. However, IBM's new, expanded role was *not* an after-effect of the erosion of the partnership; rather, the partnership split apart after the two companies realized they had divergent expectations and priorities for OS/2. Microsoft's corporate culture stressed price, looks and speed, or more precisely, an illusion of speed by robbing resources from every background application and giving them to the single foreground application that users will notice most. In contrast, IBM's name was a virtual guarantee of reliability, power and security to their customers. Even when IBM's prices admittedly had been among the highest in the marketplace, users were willing to pay them in exchange for rock-solid performance-- which they do indeed get today from IBM's OS/2, though fortunately at much more competitive prices.

To what does OS/2 owe its stable and robust architecture? Indirectly, it's one of the lasting benefits of the breakup between IBM and Microsoft! But if we look closer, we see it's due to the direct action taken by IBM's programmers when they found a major flaw in the design of OS/2 version 1.0, right at the point where the Microsoft interface met the IBM kernal.

Big Blue's OS/2 team had discovered that the Microsoft approach of placing the Graphic Device Interface (GDI) plus the Graphic User Interface (GUI) into the kernal was a disastrous mistake that led to instability: any little application "bug" or glitch that would affect the interface also could affect the underlying OS and bring it down to a crash. Microsoft was informed of this danger by IBM, but insisted that their approach gave an important benefit of speed by allowing applications to access the kernal directly-- yes, even if it were at the cost of stability. The IBM programmers maintained that such instability was needless, and the crash could be easily prevented; their solution was to separate and protect the OS/2 kernal, without having to sacrifice any speed whatsoever. In fact, IBM independently made that very simple but crucial design improvement, among other innovations, which together have lent stability as well as power to OS/2 ever since the days of version 1.30.

But how did Microsoft react? For reasons we may never be able to fathom, they balked at the very notion of correcting the design error. Whether it was due to obstinancy, vanity or perhaps envy toward IBM's OS/2 programmers, Microsoft's decision was to leave the programming flaw where it was, and ultimately, to leave the team.

In 1991, OS/2 v1.30 was released by both IBM and Microsoft. Although it did include Microsoft code carried over from v1.2, substantial portions were newly coded by IBM. To IBM's credit, they had re-designed the GUI, making it faster, more intuitive and far easier for programmers as well as users. The GUI was further enhanced by Adobe Type 1 fonts, thanks to the new built-in "Adobe Type Manager" font engine.

Perhaps because of the 1990 compromise, this new and improved version of OS/2 was released under slightly different labels by each of the two companies. To confuse matters, Microsoft sold their copies of v1.30 labeled "Microsoft OS/2 NT" in spite of the fact that major portions of the code were developed exclusively by IBM. The Microsoft release of v1.30 thus became the first to affix "NT" to the OS/2 name. Then later in 1991, Microsoft executed the second stage of their embrace & extend plan for OS/2: they renamed the prenatal OS/2 v3.00, the only version remaining under their direct control, to "Windows NT."

Of course, Windows NT was hardly a new and distinct o.s. at that point. It had been changed in name only. Although Microsoft already had hired David Cutler to work on OS/2-cum-NT, the product we may call Windows NT was really just vaporware.... It would not be a bold, new RISC-based o.s., nor would it be stable and robust as IBM had envisioned for OS/2. Instead, Microsoft's OS/2 v3.00 would become Windows NT version 3.10, released in July 1993.

Version numbering aside, the changes made by Microsoft to NT did not include the architectural improvements made by IBM to OS/2. Instead of removing the GDI and GUI from the kernal to keep it clean 'n' lean like OS/2's, Microsoft actually added more code to the kernal of NT. The ever-increasing bloat has not done NT a bit of good. Instability still occurs today in NT versions 3.5x and 4.x and presumably in Windows 2000. The design flaw is now often referred to as a Ring 0 crash, because that spot is where the GDI and GUI are intertwined in NT. Many application programming errors are made in that area because Microsoft neglects to provide third-party developers with essential information on how to avoid the problem.

Such instability does not plague IBM's OS/2. By the time IBM released OS/2 v2.00 in 1992, they not only had cleaned up the kernal but also replaced the old interface with a new, 100% object-oriented GUI called the "Workplace Shell" [see links below]. Though OS/2 v2.00 did not yet have a 32-bit video sybsystem-- that would come a year later in v2.1-- it did sport 32-bit APIs. Because it was designed for 386s or higher, it could take advantage of more than 16 megs of RAM, an option not possible in older systems that remained backward-compatible to 286s. Version 2.00 also offered built-in "Win-OS2" support for Windows 3.0, which IBM had licensed from Microsoft, plus improved DOS compatibility. Support was extended to Win 3.1 in v2.1 in 1993, along with new multimedia capabilities.

Subsequently, IBM released OS/2 Warp version 3 in 1994 and version 4 in 1996, as well as Workspace on Demand (WSOD) in 1997, followed by Warp Server for e-business (WSeb) and Warp Server Advanced in 1999, not to mention Symmetric Multiprocessing (SMP) versions of Warp Server-- all promising and delivering compatibility, networking features, stability and security that cannot be found in OS/2's long-lost twin, Windows NT, aka Windows 2000. It is not NT but OS/2 Warp Server which carries a built-in, high-level firewall borrowed directly from AIX, all because IBM doesn't play around when the security of your webserver and your business are at stake. It is not NT but OS/2 which can run on an ordinary desktop PC, requiring a fraction of the RAM and drive space needed by NT, or by Win9x for that matter, yet offering OS/2's legendary compatibility with a wide array of OSs and also GUIs, from DOS and Windows to *ix and Novell Netware.

Can users of NT say the same for Microsoft, or have they recently purchased a third-party firewall product with a licensing cost equal to or exceeding NT's? Can "the father of NT" David Cutler say the same, when NT cannot run many Windows 9x programs reliably and cannot run DOS or Windows 3.1 programs generally at all? Likewise, NT's interoperability with competing systems such as Netware and Linux is next to nothing-- because Microsoft, with the aid of Cutler's team, designed it that way.

If NT has diverged so sharply from OS/2 in the last decade, then NT's "father" indeed should have no trouble telling them apart. The reliable, scalable, robust and pretty one is IBM's OS/2; the crash-prone troublemaker, so easily cracked from the outside yet lacking in scalability on the inside, is Microsoft's NT [see NT analyses, linked below]. And nobody should know better than Cutler that the breakup between the two companies didn't happen overnight, nor because of DEC's VMS and the old Windows 3.x. It occurred because IBM and Microsoft each have vastly different approaches to operating system architecture.

The one saving grace for Windows users is that IBM is always there to pick up the pieces. Today, IBM is working for Microsoft again-- cleaning up the bugs in Windows 2000, just as they once had cleaned up thousands of Microsoft's Win 3.1 bugs in preparation for Win-OS2. Perhaps the Big Blue-Redmond connection is harder to break than either of them thought a decade ago.

 

[crysede]

Down with Microsoft - Up with Penguins!

 

[The Heretic]

Re: Re: Re: Re: Re: Re: It's all done with cookies

This got me wondering where exactly the divergence was, and I found some interesting articles. Apparently what of OS/2 lives on in NT are all the serious design problems of the early 16-bit version 1.3, which were corrected by IBM after the split.

The quoted history sounds about right, although I can't vouch for all of it, I do think it sounds a lot better than the argument that I had here a while back about whether NT was derived from OS/2 or not (or maybe that was on another forum ).

I was involved in OS/2 development about the time the split happened between IBM and MS, and I know several people that were on the joint team, including the manager of the IBM team. I would go so far as to say that MS was just obstinate or envious of IBM and OS/2 - they went out of their way to undermine OS/2.

But that is all wter under the bridge now; OS/2 is virtually dead (no longer under development) and NT is alive and well. IBM may have their revenge yet; by backing Java in the way they have, they may bring people back from the dark side yet.

 

[Byron In Exile]

Down with Microsoft - Up with Penguins!

        http://www.osdata.com/pict/mscement.png

 

[Byron In Exile]

Re: Re: Re: Re: Re: Re: Re: It's all done with cookies

The quoted history sounds about right, although I can't vouch for all of it, I do think it sounds a lot better than the argument that I had here a while back about whether NT was derived from OS/2 or not (or maybe that was on another forum ).

I wouldn't be surprised if a lot of people are confused now, because at the time they acquired Cutler, Microsoft was throwing out all sorts of spin about how NT was going to be a completely new operating system, from the ground up. It was all crap, but that was the buzz at the time, and I'm sure many still think it was true.

 

[A Desert Rose]

Hi Byron!!!

I do not understand one fucking thing I have read here. But sure am glad to see you again!

 

[ShyGuy68]

I honestly don't understand why people are so scared about cookies from different sites on their computers. I've been on the net for close to 5 years now, and never once have I experienced any attack or anything on my computer, or that other people have signed in as me at any sites that I use.

There are a few things that you can do to lower the security risk, and which I've done myself.

1. Use a firewall, like ZoneAlarm from www.zonelabs.com. They have a version that's free, and which works great.

2. Virus software is a definately must, and there are some good free ones out there as well. www.grisoft.com have a free version, and http://housecall.trendmicro.com/ is a free on-line virus scanner.

3. Create an e-mail account at one of the many webbased services that are out there, and use that when you sign up for newsletters and such. I have hotmail myself, and I can't start to count how many mails I've gotten with virus through that, which hotmail's virus system have detected for me. And only give out the e-mail that you have through your ISP to people you know and trust.

When getting a chain mail from your friends, about a virus infected file that anti virus systems can't detect, and where told how to manually delete certain files, it's most likely a hoax. You can always try to enter the filename in a search engine like google, and there read it's a hoax. Or check out the virus encyclopedia many anti virus sites have (http://www.trendmicro.com/vinfo/virusencyclo/). If you want to keep up with what vira are out there, sign up for a newsletter from the anti virus sites, and only thrust them.

 

[A Desert Rose]

And only give out the e-mail that you have through your ISP to people you know and thrust.

This all makes good sense, but especially this sentence. It should read "WHO you know and thrust."

LMAO

 

[LukkyKnight]

This all makes good sense, but especially this sentence. It should read "WHO you know and thrust."

LMAO

That's the basic thrust of his idea, yes.

 

[ShyGuy68]

This all makes good sense, but especially this sentence. It should read "WHO you know and thrust."

LMAO

Sure make fun of a person who have english as his second language!