soliptic said:
As for the rest.... if you dont use outlook, dont use IE, and you're not a retard, you really dont have much to fear.
Sorry to burst your bubble mate, but as soon as you connect to the Internet, the world connects to you! Even if you're not using Outlook or IE, as soon as that modem connects to your ISP, unless you're running a firewall, you have exposed ~65,000 ports (ways for people to connect to your computer) to every spotty script kiddie out there.
Admittedly, if they want to take control of your PC in any way, they have to trick you into loading their client software onto your PC, which no-one is daft enough to do. But then this code can relatively easilly hidden, and often is, inside cracked versions of software & 'freeware' utilities.
And we haven't even mentioned all the other nice things they can do to you, like denial of service attacks, etc.
The only sure way to stay protected is not to connect to the Internet at all. If you want/need to connect, best get yourself a firewall (ZoneAlarm, etc) as the absolute minimum of protection. XP even has one built in.
martin_e said:
Um... most reports say XP SP2 totally fucks your computer and still leaves huge security holes. Use LINUX - you get what you pay for. Use M$ you pay what they charge you ...
Historically, MS have had a bad rap because of security, which was hurting Bill's bottom line. This was simply because these OSs were architected and written years before they were released, yet the script kiddies all have modern tools at their disposal. About 2 years ago, MS were suffering so much (and let's be honest about it, nothing happens in business unless it affects the bottom line) that Bill ordered the setup of a whole division with MS to deal with the problem. Since then, these guys have had the first and last say in *everything* MS push out the door. I've met some of these guys, and they rank amongst the world's best crackers and security experts, and have free license to attack MS products at will.
The upshot is, XP SP2 is a major update, fixing vulnerabilities that the average user wouldn't even know about (switching services off, switching the firewall on, etc). We've got XP SP2 running on our machines at work, and we've only come across 1 issue - VS.Net remote debugging of SQL Server stored procedures - but there's a patch for this.
Security on PCs, as with anything in life, is about managing the risk. As I mentioned earlier, the only sure way is to stay protected is not to connect your PC to anything, and not to load untrusted software on there. Beyond this, you run the risk of attack. However, as it's all shades of grey, you have to make a judgement as to the level of risk you are willing to take. Again, as in life, to everything, there is a price to pay, you have to ask yourself, "Am I willing to pay that price?"
Bottom line, if I had a 'true' choice of OS, closed source (MS, Apple, etc) or open source (where every spotty herbert knows exactly what is going on within the kernal, drivers, etc, and how to exploit that knowledge), for me, it's a no-brainer.
FWIW, I'm trying to ensure you see both sides of the argument so that you can make an informed decision, which is truly yours to make.
PLUR
:smokingr:
