Home page logo
/

isn logo Information Security News mailing list archives

Win-XP vs Red Hat 7.2
From: InfoSec News <isn () c4i org>
Date: Tue, 30 Oct 2001 03:22:52 -0600 (CST)

http://www.theregister.co.uk/content/4/22533.html

Dumb and patronizing vs high-strung and demanding
By Thomas C Greene in Washington
Posted: 29/10/2001 at 21:42 GMT

I've had no end of fun this weekend installing and uninstalling and
reinstalling and reuninstalling Windows-XP Home Edition and Red Hat
7.2 Personal Edition, both of which launched last week. I won't get
into the Pro editions because most buyers in that market know what
they want.

Electronic Babysitter

However, if you're a basic PC user thinking about buying XP, don't.
It's basically malware. It harangues you with nagging, fake-friendly
reminders to obtain a Passport and submit to product activation, and
treats you like a child when you try to do anything heretical, like
install a device driver of which it disapproves.

You get your first hint of its 'you're an idiot; let Daddy help'
posture during the install, where the progress summary informs you
that Windows is "analyzing your computer". Yeah, right. Analyze
this....

Got a suspicious piece of hardware on that box of yours? You might be
out of luck if XP doesn't like the drivers it needs to function. MS
has a new scheme of 'preferring' signed drivers which it will
distribute, automatically, no less, via its support Web site.

That wouldn't be quite so bad if the digital hand of Daddy wasn't
programmed deep within XP to keep us all from harm. In the old days,
when you went to install a driver manually, you could search through a
list of those you'd installed previously and stuff around until you
got one going to your satisfaction. No more.

If you've already installed one that XP 'likes' but then attempt to
choose one it 'dislikes', you won't be given the chance to defy the
Wisdom of Redmond. You'll get a little message telling you that
'Windows has determined that the driver already loaded better suits
your hardware.' And that's it. Gone is the little query allowing you
to 'install your choice anyway.' Let Daddy help.

During the installation of any unsigned driver using the 'Wizard'
you'll be harangued twice with warnings that it's not signed, and
invited to interrupt your work to view Redmond's PR propaganda on why
this driver-signing is ever so much in your best interest. The
anti-competitive implications of a regime like this are covered in a
previous story here http://www.theregister.co.uk/content/4/22495.html.
I'm just going to concentrate on the irritations for ordinary users.

Network support is largely concealed for your safety. Devices,
services and protocols which one used to be allowed to install no
longer appear anywhere, either in the Control Panel networking system
app or in the add/remove system app.

No, you have to install the device first, and let the Wizard decide
what support to install. All you can enable on your own is client for
MS networks and basic TCP/IP. That's it!

Screw you if your network configuration is a bit eccentric, like mine.
Using the Wizard and Control Panel, I can't even find the stuff I
need, and what XP thinks I need is wrong, wrong, wrong.... After a
full day of tinkering I have to accept that my crummy 56K modem
connection to my crummy MSN account, which I use only while on the
road, is the only connection I can have with XP, unless I decide to
buy new hardware, or do a manual install off the Windows CD, which
pretty much isolates causal users from driver success.

Look and Feel

The splash screen looks a lot better, but the desktop is a queer blend
of slick graphics and kindergarten safety engineering. "Start Here" a
large yellow balloon pointed at the start menu informs you. This goes
on until you click the start menu button while the balloon is
displayed. Otherwise you get it with each re-boot until you
capitulate.

Other balloons emerge from the tray toolbar, urging you to 'take a
tour of Windows XP', get yourself a Passport, and enjoy the pleasure
of product activation.

Menus and windows default to full-on graphics entertainment mode. They
fade in and out, they have shading and shadowing, menus not only fade,
they 'slide', and icons have immense palettes, all of which gobbles up
immense amounts of system resources for absolutely nothing, and slows
your desktop to a crawl. If you're nine years old, you are just going
to love it. If you're a few years older, you'll resent the choking
paternalistic atmosphere of vapid gee-whiz kiddie entertainment
(babysitting), euphemism, and fake-friendly bullying.

Security? 

Incredibly, MS has failed to include a virus scanner in spite of its
recent public humiliations by means of Code Red and Sircam and its
sudden interest in security. Outlook is still one of the finest worm
and virus propagation mechanisms known to man, though the IE6 package
now includes a version of Outlook Express which no longer launches
executables. But you still can't force OE or Outlook to display HTML
message bodies as plain text, to avoid malicious links, AxtiveX
controls, JavaScript and 'Web bugs'. No, the advertising lobby
wouldn't like that. The spam industry would object. 'Functionality'
(bloody illiterate word) has got to take precedence over common sense.

Viruses, worms and Trojans make their way onto your machine because of
Outlook's default insecurity, or because you are an idiot and you'll
download anything off the Web that sounds interesting and launch it,
or because your teenage kids take what they think are porn and music
files from their 'friends' in IRC and ICQ without question. The
solution is a virus scanner and a more secure Outlook -- and we'd have
both if MS was actually serious about security, which it obviously
isn't.

There's a firewall in XP, which is installed by default whenever you
make a new Internet or networking connection. It's also turned full-on
by default. This covers the clueless newbies who'll be making their
first forays onto the Net from XP.

But if, by some miracle, your device drivers are all up to XP's
demanding standards and you successfully carry over an existing
connection from a previous version of Windows, the firewall has to be
enabled manually. Not the best situation, but clearly better than
nothing.

As for the firewall itself, I recently wrote a satirical article
http://www.theregister.co.uk/content/55/22509.html 'lauding' its power
on the basis of a "Full Stealth" A+ rating I got from Gibson
Research's little ShieldsUp toy. I'll be subjecting the firewall to
more rigorous testing this week, and I fully expect it to be a
disappointment. Just like ShieldsUp.....

The Alternative

Red Hat launched its 7.2 version of Linux this week (kernel 2.4.7). I
knew I was going to hate XP, and I was looking for Red Hat to offer
something to compete with it. The timing couldn't have been better, if
only Red Hat had exploited it.

What I wanted to see was some indication that Red Hat understands what
XP is about and for whom it was developed. I wanted them to make a
real leap to coincide with the XP launch and give me an opportunity to
say, here's a fabulous OS which will save you money, time, and
frustration. I wanted to say, here's an OS any fool can install with
ease, and run with pleasure.

But alas, if XP is dumbed-down to unbearable depths, 7.2 is still
bitchy, unpredictable and high-maintenance, like some
upper-middle-class girlfriend. It's still stuck in the realm of
advanced users. Damn.

First off, I couldn't get the installation CD to run. I re-booted
about eight times, but it just spun up and died, and went to the next
boot device. On the Red Hat support site I found an article explaining
that when a CD-ROM is connected to an IDE controller (just like mine),
the program has 'problems'.

OK, so if you know the issue exists, then why not fix it?

But as we all know, Red Hat isn't just full of 'fit-and-finish'
problems; it's full of unpredictable fit-and-finish problems. On every
eighth or tenth re-boot, the installer would actually load. Go figure.

Once the install program loads, things get a lot easier. 7.2
accurately recognized every piece of hardware on my system, a real
breakthrough.

I was getting optimistic. So what if there's a little gremlin in the
CD-ROM autorun....

So I chose my mount points and allocated disk space and formatted for
ext3, and installed the GRUB boot loader and KDE desktop.

The format went well, but the system froze during the file
installation. My CD tray was graciously opened for me. Bugger.

So I re-booted eight or ten times, until the install program
mysteriously ran again. I double-checked everything, and even ran the
'check for bad blocks' option, which slows things down considerably.

The system froze during the file installation, and my CD tray was
graciously opened for me.

So I fdisked the sucker and started over. Rebooted eight or....you get
it. This time, the installation went perfectly. So I rebooted, but the
GRUB loader just sat there. Bugger.

But I'd made a boot floppy, which worked. KDE looked good, but I
didn't play around for long. I wanted to see how GNOME looked, too. So
I fdisked, rebooted and re-installed the same setup except for the
desktop, and the choice of LILO in place of GRUB.

While the files were being installed, I reached for my drink (Stoli
and sirop de cassis with a splash of club soda), and inadvertently
caused my mouse to move a couple of millimeters.

Immediately crashed -- CD graciously ejected. Bugger.

Fdisked again, re-booted until the magic happened, formatted, and
crashed again during file installation.

Repeated three more times. No joy. This OS is nowhere near ready to
compete with XP. And that really is a pity, since it outclasses it by
a mile.

Fit-and-finish. If these OS's were cars, XP would be the Warner
Brothers Special Edition minivan, and 7.2 would be a Yugo well on its
way to becoming a KIA.

Damn.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.


  By Date           By Thread  

Current thread:
  • Win-XP vs Red Hat 7.2 InfoSec News (Oct 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault