If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Should I install SP1 for Win 7?
I have Windows 7 Home Edition and have held off installing SP1 because
earlier reports indicated some sighnificant problems after the installation. Would appreciate comments and input regarding its stability now that several months have elapsed since its initial introduction and there may have been fixes or corrections to any problems that have arisen. Is the update of significant value and are there install caveats? Mary. |
Ads |
#2
|
|||
|
|||
Should I install SP1 for Win 7?
On 11/24/2011 11:57 AM, ECLiPSE 2002 wrote:
I have Windows 7 Home Edition and have held off installing SP1 because earlier reports indicated some sighnificant problems after the installation. Would appreciate comments and input regarding its stability now that several months have elapsed since its initial introduction and there may have been fixes or corrections to any problems that have arisen. Is the update of significant value and are there install caveats? Mary. This is discussed all of the time in: alt.windows7.general For me personally, there is nothing in there that I need. -- Bill Gateway M465e ('06 era) - Thunderbird v3.0 Centrino Core Duo T2400 1.83GHz - 2GB - Windows XP SP3 |
#3
|
|||
|
|||
Should I install SP1 for Win 7?
On Thu, 24 Nov 2011 12:02:22 -0600, BillW50 wrote:
On 11/24/2011 11:57 AM, ECLiPSE 2002 wrote: I have Windows 7 Home Edition and have held off installing SP1 because earlier reports indicated some sighnificant problems after the installation. Would appreciate comments and input regarding its stability now that several months have elapsed since its initial introduction and there may have been fixes or corrections to any problems that have arisen. Is the update of significant value and are there install caveats? Mary. This is discussed all of the time in: alt.windows7.general For me personally, there is nothing in there that I need. Thanks Bill, I wasn't aware of the windows7 newsgroup. I will spend some time there. Mary |
#4
|
|||
|
|||
Should I install SP1 for Win 7?
"ECLiPSE 2002" wrote in message ... I have Windows 7 Home Edition and have held off installing SP1 because earlier reports indicated some sighnificant problems after the installation. Would appreciate comments and input regarding its stability now that several months have elapsed since its initial introduction and there may have been fixes or corrections to any problems that have arisen. Is the update of significant value and are there install caveats? Any real install issues have long since been addressed. However, as with any update there is always a risk, so make sure your backups are up to date before installing it. There are no significant new features in the Service Pack (Microsoft has moved away from using Service Packs to introduce new features, as I understand it). It is primarily a rollup of previously issued patches and fixes, and includes all hotfixes up to the release. As many of these hotfixes were never released through Windows Update, SP1 is the only way of getting these updates (short of tracking them all down and installing them manually). There are also a number of stability and reliability updates included in SP1 that you won't get otherwise. You really should install it - and should ignore those misguided souls who recommend against it. Their primary rationale seems to be that they can manage their system security just as well without the security patches Microsoft provides than they can with them. I've never understood that mindset - if the people who make my home security system provided me with an update because they discovered a flaw that would allow an intruder into the home without the alert being triggered, no matter how well prepared I was otherwise, I would want that update, wouldn't you? -- Zaphod Vell, Zaphod's just zis guy, ya know? - Gag Halfrunt |
#5
|
|||
|
|||
Should I install SP1 for Win 7?
In ,
Zaphod Beeblebrox wrote: You really should install it - and should ignore those misguided souls who recommend against it. Actually if you had decades of experience with patches, you would say the lemmings that tell you to update because it is good for you are the real misguided souls. I'll take experience, knowledge, research, and experimentation over the lemmings any day. Their primary rationale seems to be that they can manage their system security just as well without the security patches Microsoft provides than they can with them. That is because trusting in security patches to protect your system doesn't really work. As security holes are always going to be there in any complex OS (Windows isn't alone here). And even if programmers always patch them when they are found (Microsoft has taken a couple of years to patch some of them after they were found), there are always going to be zillions more anyway. And this method of protecting your system is totally futile. It just doesn't work. As it is always a day late and a dollar short. I've never understood that mindset - if the people who make my home security system provided me with an update because they discovered a flaw that would allow an intruder into the home without the alert being triggered, no matter how well prepared I was otherwise, I would want that update, wouldn't you? That is because you can't install third party software with your home security. Your only choice is with the company who made the device. Personal computers are totally different! You can shop around for the best security product. And you don't have to trust Microsoft for your security needs. And to be honest with you, Microsoft has and continues to produce very weak security software. This is just one area that Microsoft really hasn't been very good at. So why put your faith in them? Since OS security patches are always a day late (which can be years late actually) and a dollar short, what can you do? Lots of things that work so much better actually. For example real time AV databases can often be updated twice or more per day (like Avast for example). So you don't have to worry about a security hole that has been there for years, as you are covered. Whether the hole has been plugged or not. This simple addition is vastly superior to security patches. And works very well except for zero day vulnerabilities. This means a vulnerability so new that the AV doesn't know about it yet (usually newer than 24 hours old). So we have another method. Take the Maxthon browser for example. Even when security patches and AV fails, Maxthon still caught them. Maxthon Beats Microsoft to the Punch Creating Barrier to Zero-day Attacks - PR Newswire http://www.prnasia.com/pr/10/01/100058511-1.html This is called sandboxing. Anything new coming in ends up in a box and can't get out to do any harm. And a day later your AV will be updated and will be able to take it out without a problem. Depending on Microsoft's security patches for your needs, well that could take a month or two, or even years before Microsoft develops a patch for it. Although if you are stupid enough to wait that long, I say go for it. ;-) -- Bill Gateway M465e ('06 era) - OE-QuoteFix v1.19.2 Centrino Core Duo T2400 1.83GHz - 2GB - Windows XP SP3 |
#6
|
|||
|
|||
Should I install SP1 for Win 7?
"BillW50" wrote in message ... In , Zaphod Beeblebrox wrote: You really should install it - and should ignore those misguided souls who recommend against it. Actually if you had decades of experience with patches, I do. In individual computer, small home/business networks, as well as LAN and WAN corporate environments. you would say the lemmings that tell you to update because it is good for you are the real misguided souls. I disagree. I'll take experience, knowledge, research, and experimentation over the lemmings any day. Please describe, in detail, how *your* "knowledge, research, and experimentation" is better than Microsoft, Gartner Research, Cisco, and every computer security company and professional out there? Because they all say, without exception, that you need to apply OS security patches and fixes, promptly and regularly, as a part of securing your systems. Their primary rationale seems to be that they can manage their system security just as well without the security patches Microsoft provides than they can with them. That is because trusting in security patches to protect your system doesn't really work. First, it does work - as a reasonable, rational *part* of a comprehensive approach to security. Second, who said anything about trusting in them, especially trusting in them alone, which is what you are implying? Firewall, intrusion detection, email filtering/scanning, web filtering/scanning, antivirus/antimalware/antispyware, all play a part in system security, as do OS patches. Why in the world would you neglect one of the layers? Would you fail to apply a security update to one of the other layers? What is different about applying a security patch to the OS? As security holes are always going to be there in any complex OS (Windows isn't alone here). And even if programmers always patch them when they are found (Microsoft has taken a couple of years to patch some of them after they were found), there are always going to be zillions more anyway. And this method of protecting your system is totally futile. It just doesn't work. As it is always a day late and a dollar short. Please reference the many news stories in the past where massive outbreaks of various pieces of malware could have been thwarted by OS patches that had been released well in advance of the outbreak. Like Conficker, Sasser, Zotob, etc. Again, keeping systems patched and up-to-date is only one layer in a multi-layer approach to protecting your system. I've never understood that mindset - if the people who make my home security system provided me with an update because they discovered a flaw that would allow an intruder into the home without the alert being triggered, no matter how well prepared I was otherwise, I would want that update, wouldn't you? That is because you can't install third party software with your home security. Your only choice is with the company who made the device. Sure you can - guard dogs, dead bolts, security doors, etc. Plenty of third party add-ons for my home security system. But even withthe add-ons, I would still want to apply the update, wouldn't you? Personal computers are totally different! You can shop around for the best security product. And you don't have to trust Microsoft for your security needs. And to be honest with you, Microsoft has and continues to produce very weak security software. This is just one area that Microsoft really hasn't been very good at. So why put your faith in them? I don't "put my faith in [just] them", as with anyone serious about security, I use various third party tools to enhance the security of my system - but again, if the additional protection is available, why NOT install it? Since OS security patches are always a day late (which can be years late actually) and a dollar short, what can you do? Lots of things that work so much better actually. For example real time AV databases can often be updated twice or more per day (like Avast for example). So you don't have to worry about a security hole that has been there for years, as you are covered. Whether the hole has been plugged or not. This simple addition is vastly superior to security patches. And works very well except for zero day vulnerabilities. This means a vulnerability so new that the AV doesn't know about it yet (usually newer than 24 hours old). See my previous example of massive outbreaks of malware that would have been stopped in their tracks had systems only been up to date with OS security patches. And (not to sound like a broken record), why NOT install the additional protection? So we have another method. Take the Maxthon browser for example. Even when security patches and AV fails, Maxthon still caught them. Maxthon Beats Microsoft to the Punch Creating Barrier to Zero-day Attacks - PR Newswire http://www.prnasia.com/pr/10/01/100058511-1.html I would argue that this isn't "another (as in different) method" , but as I've been saying all along, an additional layer in a comprehensive approach to system security. But as I've said, why neglect one of the other layers - or as you put it, "why put your faith in them [Maxthon]"? This is called sandboxing. Anything new coming in ends up in a box and can't get out to do any harm. And a day later your AV will be updated and will be able to take it out without a problem. Sandboxes aren't impermeable. AV (as you point out) is reactive, not proactive. In fact, none of the layers are perfect - if they were, we wouldn't need any of the others now would we? So, we improve each layer as much as we can, update them, patch them, replace them as needed. Only fools neglect them. Depending on Microsoft's security patches for your needs, well that could take a month or two, or even years before Microsoft develops a patch for it. Although if you are stupid enough to wait that long, I say go for it. Who is waiting? You make it sound like you have to choose between applying OS patches and using any additional methods - but they are complimentary to each other, not exclusive. So install your antivirus and keep it updated. Sandbox your browser, use a firewall, filter your email, - AND patch your OS. There is no good reason to neglect it. -- Zaphod Pan-Galactic Gargle Blaster: A cocktail based on Janx Spirit. The effect of one is like having your brain smashed out by a slice of lemon wrapped round a large gold brick. |
#7
|
|||
|
|||
Should I install SP1 for Win 7?
In ,
Zaphod Beeblebrox wrote: "BillW50" wrote in message ... In , Zaphod Beeblebrox wrote: You really should install it - and should ignore those misguided souls who recommend against it. Actually if you had decades of experience with patches, I do. In individual computer, small home/business networks, as well as LAN and WAN corporate environments. So do I. Although I also done it the so-called right way and the so-called wrong way and tested the results. Very few people actually do this. Most people are lemmings and just accept what they are told. you would say the lemmings that tell you to update because it is good for you are the real misguided souls. I disagree. Of course you would. Because you know of no other way. I'll take experience, knowledge, research, and experimentation over the lemmings any day. Please describe, in detail, how *your* "knowledge, research, and experimentation" is better than Microsoft, Gartner Research, Cisco, and every computer security company and professional out there? Because they all say, without exception, that you need to apply OS security patches and fixes, promptly and regularly, as a part of securing your systems. Just follow the money trail. Just look at Microsoft for example. They place such a low priority on security updates it is laughable. After all why would it take about two years to plug a known security hole? Microsoft isn't alone here either, other companies does the very same thing. I bet they assign such a low priority because they too know plugging security holes are just futile. And of course Microsoft, Gartner Research, Cisco, etc. are going to tell you to install security patches and fixes. Why wouldn't they? As it makes the lemmings feel secure even though it is only a false sense of security nonetheless. And selling this false sense of security sells and they make millions off of it. So why are some of us better than the above? Easy, as we hear reports of people having success of doing otherwise. And instead of writing them off as nuts, we investigate, research, and experiment to have the necessary data to prove them wrong. But guess what? The data proves them to be right all along. Well I have been running Windows since '93 (using other OS about 15 years before that). And I always did things the lemming way and listened to whatever Microsoft, Gartner Research, Cisco, etc. said to do and it made me feel smart. And in that time, I never had a Windows virus. So I must be doing things right, right? Well Microsoft finally forced me to start doing things the wrong way. As they sold Asus OEM XP licenses for the meager EeePC 701 netbook with only 4GB of SSD space. With SP2 installed, you only had 200MB free. There was no way to even install updates as they just wouldn't fit ever! So I figured I wouldn't no longer have a clean record of never having a Windows virus, thanks for Microsoft accepting money for licenses that they knew that could never be updated. Well guess what? I never got any. I was totally prepared for the worst and backed up every chance I got (multiple versions of course), just in case. And I figured I would be doing a lot of restoring. Well I used those EeePCs on the Internet for a whole year and still no viruses. So I gambled, I have a few dozen of computers here and I'll just stop updating half of them for experimental purposes only just to see what happens. Well that was three years ago and none of them ever picked up a single virus either. So who are you going to believe Zaphod? People who tells you that you better keep your OS up-to-date or you will get viruses. Or people who doesn't get viruses and doesn't update their OS? Their primary rationale seems to be that they can manage their system security just as well without the security patches Microsoft provides than they can with them. That is because trusting in security patches to protect your system doesn't really work. First, it does work - as a reasonable, rational *part* of a comprehensive approach to security. No it doesn't work, period! You know what is involved with security patches? First finding them all is an impossible task for starters. Secondly every time you patch an OS, you are bound to break some driver or application. This is an enormous task and no wonder it takes many companies (Microsoft included) a couple of years to come up with a patch for a security hole to the public that was known two years ago. So what good is being two years too late? Second, who said anything about trusting in them, especially trusting in them alone, which is what you are implying? Firewall, intrusion detection, email filtering/scanning, web filtering/scanning, antivirus/antimalware/antispyware, all play a part in system security, as do OS patches. Why in the world would you neglect one of the layers? Would you fail to apply a security update to one of the other layers? What is different about applying a security patch to the OS? No you don't need all of those layers for one. No wonder some complain their computers are slow because they have way too many layers installed. That email filtering is redundant for one with a real time AV. The secret to success is to reduce the layers down to as little as possible and to still be protected. As security holes are always going to be there in any complex OS (Windows isn't alone here). And even if programmers always patch them when they are found (Microsoft has taken a couple of years to patch some of them after they were found), there are always going to be zillions more anyway. And this method of protecting your system is totally futile. It just doesn't work. As it is always a day late and a dollar short. Please reference the many news stories in the past where massive outbreaks of various pieces of malware could have been thwarted by OS patches that had been released well in advance of the outbreak. Like Conficker, Sasser, Zotob, etc. Again, keeping systems patched and up-to-date is only one layer in a multi-layer approach to protecting your system. Conficker, Sasser, Zotob, etc. are thwarted by an up-to-date AV and a sandbox too. I've never understood that mindset - if the people who make my home security system provided me with an update because they discovered a flaw that would allow an intruder into the home without the alert being triggered, no matter how well prepared I was otherwise, I would want that update, wouldn't you? That is because you can't install third party software with your home security. Your only choice is with the company who made the device. Sure you can - guard dogs, dead bolts, security doors, etc. Plenty of third party add-ons for my home security system. But even withthe add-ons, I would still want to apply the update, wouldn't you? Those are not the updates I was thinking about. But I see your point. Although would I install the update for my home security system? That is debatable. If they came out with an endless cycle of updates, then no I wouldn't. As I would write them off as they can't get it right and have no business programming their own hardware. And I speak as a hardware engineer who has written the software for my designs too. I don't like programming per se... but if I have to explain how the hardware works in detail to a programmer, it is just often easier to write the program myself. Personal computers are totally different! You can shop around for the best security product. And you don't have to trust Microsoft for your security needs. And to be honest with you, Microsoft has and continues to produce very weak security software. This is just one area that Microsoft really hasn't been very good at. So why put your faith in them? I don't "put my faith in [just] them", as with anyone serious about security, I use various third party tools to enhance the security of my system - but again, if the additional protection is available, why NOT install it? Because more security software isn't better! The more you install, the more likely they are going to trip over themselves. The secret is less is better while still maintaining protection without being redundant. Since OS security patches are always a day late (which can be years late actually) and a dollar short, what can you do? Lots of things that work so much better actually. For example real time AV databases can often be updated twice or more per day (like Avast for example). So you don't have to worry about a security hole that has been there for years, as you are covered. Whether the hole has been plugged or not. This simple addition is vastly superior to security patches. And works very well except for zero day vulnerabilities. This means a vulnerability so new that the AV doesn't know about it yet (usually newer than 24 hours old). See my previous example of massive outbreaks of malware that would have been stopped in their tracks had systems only been up to date with OS security patches. And (not to sound like a broken record), why NOT install the additional protection? You say would have been stopped by up-to-date security patches because that is what you believe. Yet I hear reports all of the time of people who religiously keep them up-to-date and who still get malware. So how is that possible? Now there is another camp that sports a firewall, AV, and a sandbox environment that doesn't get viruses and who doesn't update their OS. Amazing how that works, eh? So we have another method. Take the Maxthon browser for example. Even when security patches and AV fails, Maxthon still caught them. Maxthon Beats Microsoft to the Punch Creating Barrier to Zero-day Attacks - PR Newswire http://www.prnasia.com/pr/10/01/100058511-1.html I would argue that this isn't "another (as in different) method" , but as I've been saying all along, an additional layer in a comprehensive approach to system security. But as I've said, why neglect one of the other layers - or as you put it, "why put your faith in them [Maxthon]"? No, you need three basic things for total security. 1) A stealth firewall (XP and later already has this one build in) 2) A good real time AV 3) A sandbox to cover everything including things that nobody thought of yet Notice that OS updates isn't even in the list? This is called sandboxing. Anything new coming in ends up in a box and can't get out to do any harm. And a day later your AV will be updated and will be able to take it out without a problem. Sandboxes aren't impermeable. AV (as you point out) is reactive, not proactive. In fact, none of the layers are perfect - if they were, we wouldn't need any of the others now would we? So, we improve each layer as much as we can, update them, patch them, replace them as needed. Only fools neglect them. There are only three layers for total protection. Yet you want to add tons more. So I disagree. You only need the basic three and that is all. Although you can reduce it to just one for total protection if you wanted. But it comes with some limitations and having the basic three has virtually no limitations. For example, with a real time AV and a sandbox, you really don't need a stealth firewall. The problem I have going without is that you are totally exposed on the Internet and hackers, bots, etc. can see you. And about 99.9% of the problems start here. So going without is just a dumb idea and your just asking for trouble. It is like walking through a very bad neighborhood at night alone without protection. Sure if you are a super hero or something, no problem. For the rest of us, just don't do it! A real time AV is important because anything opened or executed gets checked through the malware database before it can do anything. And if it doesn't get a clean bill of health, it can't be opened or executed. At least not without your permission first anyway. A sandbox like environment including Sandboxie, Avast (latest version includes a sandbox), Windows Embedded, Windows SteadyState (free), etc. can protect you against virtually anything all by itself. In fact, this is what most public computers use to keep their systems malware free. And things like Windows Embedded and Windows SteadyState can be locked down so tight that nothing can change the OS or applications. Not even Windows Updates or AV updates (and if they can't get in, virtually anything else can't either). And anybody who has suffered from virus attacks again and again, I would think should highly consider installing something like this. Depending on Microsoft's security patches for your needs, well that could take a month or two, or even years before Microsoft develops a patch for it. Although if you are stupid enough to wait that long, I say go for it. Who is waiting? You make it sound like you have to choose between applying OS patches and using any additional methods - but they are complimentary to each other, not exclusive. So install your antivirus and keep it updated. Sandbox your browser, use a firewall, filter your email, - AND patch your OS. There is no good reason to neglect it. Well in the long past, I would have totally agreed with you and anybody who said differently was just plum crazy. But thanks to Microsoft for forcing me to go without updates, I now know that isn't so at all. ;-) -- Bill Gateway M465e ('06 era) - OE-QuoteFix v1.19.2 Centrino Core Duo T2400 1.83GHz - 2GB - Windows XP SP3 |
#8
|
|||
|
|||
Should I install SP1 for Win 7?
In ,
Zaphod Beeblebrox wrote: "BillW50" wrote in message ... In , Zaphod Beeblebrox wrote: You really should install it - and should ignore those misguided souls who recommend against it. Actually if you had decades of experience with patches, I do. In individual computer, small home/business networks, as well as LAN and WAN corporate environments. So do I. Although I also done it the so-called right way and the so-called wrong way and tested the results. Very few people actually do this. Most people are lemmings and just accept what they are told. you would say the lemmings that tell you to update because it is good for you are the real misguided souls. I disagree. Of course you would. Because you know of no other way. I'll take experience, knowledge, research, and experimentation over the lemmings any day. Please describe, in detail, how *your* "knowledge, research, and experimentation" is better than Microsoft, Gartner Research, Cisco, and every computer security company and professional out there? Because they all say, without exception, that you need to apply OS security patches and fixes, promptly and regularly, as a part of securing your systems. Just follow the money trail. Just look at Microsoft for example. They place such a low priority on security updates it is laughable. After all why would it take about two years to plug a known security hole? Microsoft isn't alone here either, other companies does the very same thing. I bet they assign such a low priority because they too know plugging security holes are just futile. And of course Microsoft, Gartner Research, Cisco, etc. are going to tell you to install security patches and fixes. Why wouldn't they? As it makes the lemmings feel secure even though it is only a false sense of security nonetheless. And selling this false sense of security sells and they make millions off of it. So why are some of us better than the above? Easy, as we hear reports of people having success of doing otherwise. And instead of writing them off as nuts, we investigate, research, and experiment to have the necessary data to prove them wrong. But guess what? The data proves them to be right all along. Well I have been running Windows since '93 (using other OS about 15 years before that). And I always did things the lemming way and listened to whatever Microsoft, Gartner Research, Cisco, etc. said to do and it made me feel smart. And in that time, I never had a Windows virus. So I must be doing things right, right? Well Microsoft finally forced me to start doing things the wrong way. As they sold Asus OEM XP licenses for the meager EeePC 701 netbook with only 4GB of SSD space. With SP2 installed, you only had 200MB free. There was no way to even install updates as they just wouldn't fit ever! So I figured I wouldn't no longer have a clean record of never having a Windows virus, thanks for Microsoft accepting money for licenses that they knew that could never be updated. Well guess what? I never got any. I was totally prepared for the worst and backed up every chance I got (multiple versions of course), just in case. And I figured I would be doing a lot of restoring. Well I used those EeePCs on the Internet for a whole year and still no viruses. So I gambled, I have a few dozen of computers here and I'll just stop updating half of them for experimental purposes only just to see what happens. Well that was three years ago and none of them ever picked up a single virus either. So who are you going to believe Zaphod? People who tells you that you better keep your OS up-to-date or you will get viruses. Or people who doesn't get viruses and doesn't update their OS? Their primary rationale seems to be that they can manage their system security just as well without the security patches Microsoft provides than they can with them. That is because trusting in security patches to protect your system doesn't really work. First, it does work - as a reasonable, rational *part* of a comprehensive approach to security. No it doesn't work, period! You know what is involved with security patches? First finding them all is an impossible task for starters. Secondly every time you patch an OS, you are bound to break some driver or application. This is an enormous task and no wonder it takes many companies (Microsoft included) a couple of years to come up with a patch for a security hole to the public that was known two years ago. So what good is being two years too late? Second, who said anything about trusting in them, especially trusting in them alone, which is what you are implying? Firewall, intrusion detection, email filtering/scanning, web filtering/scanning, antivirus/antimalware/antispyware, all play a part in system security, as do OS patches. Why in the world would you neglect one of the layers? Would you fail to apply a security update to one of the other layers? What is different about applying a security patch to the OS? No you don't need all of those layers for one. No wonder some complain their computers are slow because they have way too many layers installed. That email filtering is redundant for one with a real time AV. The secret to success is to reduce the layers down to as little as possible and to still be protected. As security holes are always going to be there in any complex OS (Windows isn't alone here). And even if programmers always patch them when they are found (Microsoft has taken a couple of years to patch some of them after they were found), there are always going to be zillions more anyway. And this method of protecting your system is totally futile. It just doesn't work. As it is always a day late and a dollar short. Please reference the many news stories in the past where massive outbreaks of various pieces of malware could have been thwarted by OS patches that had been released well in advance of the outbreak. Like Conficker, Sasser, Zotob, etc. Again, keeping systems patched and up-to-date is only one layer in a multi-layer approach to protecting your system. Conficker, Sasser, Zotob, etc. are thwarted by an up-to-date AV and a sandbox too. I've never understood that mindset - if the people who make my home security system provided me with an update because they discovered a flaw that would allow an intruder into the home without the alert being triggered, no matter how well prepared I was otherwise, I would want that update, wouldn't you? That is because you can't install third party software with your home security. Your only choice is with the company who made the device. Sure you can - guard dogs, dead bolts, security doors, etc. Plenty of third party add-ons for my home security system. But even withthe add-ons, I would still want to apply the update, wouldn't you? Those are not the updates I was thinking about. But I see your point. Although would I install the update for my home security system? That is debatable. If they came out with an endless cycle of updates, then no I wouldn't. As I would write them off as they can't get it right and have no business programming their own hardware. And I speak as a hardware engineer who has written the software for my designs too. I don't like programming per se... but if I have to explain how the hardware works in detail to a programmer, it is just often easier to write the program myself. Personal computers are totally different! You can shop around for the best security product. And you don't have to trust Microsoft for your security needs. And to be honest with you, Microsoft has and continues to produce very weak security software. This is just one area that Microsoft really hasn't been very good at. So why put your faith in them? I don't "put my faith in [just] them", as with anyone serious about security, I use various third party tools to enhance the security of my system - but again, if the additional protection is available, why NOT install it? Because more security software isn't better! The more you install, the more likely they are going to trip over themselves. The secret is less is better while still maintaining protection without being redundant. Since OS security patches are always a day late (which can be years late actually) and a dollar short, what can you do? Lots of things that work so much better actually. For example real time AV databases can often be updated twice or more per day (like Avast for example). So you don't have to worry about a security hole that has been there for years, as you are covered. Whether the hole has been plugged or not. This simple addition is vastly superior to security patches. And works very well except for zero day vulnerabilities. This means a vulnerability so new that the AV doesn't know about it yet (usually newer than 24 hours old). See my previous example of massive outbreaks of malware that would have been stopped in their tracks had systems only been up to date with OS security patches. And (not to sound like a broken record), why NOT install the additional protection? You say would have been stopped by up-to-date security patches because that is what you believe. Yet I hear reports all of the time of people who religiously keep them up-to-date and who still get malware. So how is that possible? Now there is another camp that sports a firewall, AV, and a sandbox environment that doesn't get viruses and who doesn't update their OS. Amazing how that works, eh? So we have another method. Take the Maxthon browser for example. Even when security patches and AV fails, Maxthon still caught them. Maxthon Beats Microsoft to the Punch Creating Barrier to Zero-day Attacks - PR Newswire http://www.prnasia.com/pr/10/01/100058511-1.html I would argue that this isn't "another (as in different) method" , but as I've been saying all along, an additional layer in a comprehensive approach to system security. But as I've said, why neglect one of the other layers - or as you put it, "why put your faith in them [Maxthon]"? No, you need three basic things for total security. 1) A stealth firewall (XP and later already has this one build in) 2) A good real time AV 3) A sandbox to cover everything including things that nobody thought of yet Notice that OS updates isn't even in the list? This is called sandboxing. Anything new coming in ends up in a box and can't get out to do any harm. And a day later your AV will be updated and will be able to take it out without a problem. Sandboxes aren't impermeable. AV (as you point out) is reactive, not proactive. In fact, none of the layers are perfect - if they were, we wouldn't need any of the others now would we? So, we improve each layer as much as we can, update them, patch them, replace them as needed. Only fools neglect them. There are only three layers for total protection. Yet you want to add tons more. So I disagree. You only need the basic three and that is all. Although you can reduce it to just one for total protection if you wanted. But it comes with some limitations and having the basic three has virtually no limitations. For example, with a real time AV and a sandbox, you really don't need a stealth firewall. The problem I have going without is that you are totally exposed on the Internet and hackers, bots, etc. can see you. And about 99.9% of the problems start here. So going without is just a dumb idea and your just asking for trouble. It is like walking through a very bad neighborhood at night alone without protection. Sure if you are a super hero or something, no problem. For the rest of us, just don't do it! A real time AV is important because anything opened or executed gets checked through the malware database before it can do anything. And if it doesn't get a clean bill of health, it can't be opened or executed. At least not without your permission first anyway. A sandbox like environment including Sandboxie, Avast (latest version includes a sandbox), Windows Embedded, Windows SteadyState (free), etc. can protect you against virtually anything all by itself. In fact, this is what most public computers use to keep their systems malware free. And things like Windows Embedded and Windows SteadyState can be locked down so tight that nothing can change the OS or applications. Not even Windows Updates or AV updates (and if they can't get in, virtually anything else can't either). And anybody who has suffered from virus attacks again and again, I would think should highly consider installing something like this. Depending on Microsoft's security patches for your needs, well that could take a month or two, or even years before Microsoft develops a patch for it. Although if you are stupid enough to wait that long, I say go for it. Who is waiting? You make it sound like you have to choose between applying OS patches and using any additional methods - but they are complimentary to each other, not exclusive. So install your antivirus and keep it updated. Sandbox your browser, use a firewall, filter your email, - AND patch your OS. There is no good reason to neglect it. Well in the long past, I would have totally agreed with you and anybody who said differently was just plum crazy. But thanks to Microsoft for forcing me to go without updates, I now know that isn't so at all. ;-) -- Bill Gateway M465e ('06 era) - OE-QuoteFix v1.19.2 Centrino Core Duo T2400 1.83GHz - 2GB - Windows XP SP3 |
#9
|
|||
|
|||
Should I install SP1 for Win 7?
On 11/25/2011 7:04 AM, ECLiPSE 2002 wrote:
On Thu, 24 Nov 2011 12:02:22 -0600, BillW50 wrote: On 11/24/2011 11:57 AM, ECLiPSE 2002 wrote: I have Windows 7 Home Edition and have held off installing SP1 because earlier reports indicated some sighnificant problems after the installation. Would appreciate comments and input regarding its stability now that several months have elapsed since its initial introduction and there may have been fixes or corrections to any problems that have arisen. Is the update of significant value and are there install caveats? Mary. This is discussed all of the time in: alt.windows7.general For me personally, there is nothing in there that I need. Thanks Bill, I wasn't aware of the windows7 newsgroup. I will spend some time there. Looking forward to seeing you there! -- Roy Smith Windows 7 Home Premium 64-Bit Thunderbird 8.0 Saturday, November 26, 2011 5:24:40 AM |
Thread Tools | |
Display Modes | |
|
|