August 27, 2004
-
GEEKLAND
Windows XP Service Pack 2: When Betas Escape
Why SP2 installations may cause systems to crash
This week countless IT managers, such as the ones over at IBM are
testing the latest service pack for Windows XP, service pack 2 (SP2).
What many are calling “security pack 2” is also being applied en masse
by the general public in home office and small businesses across the
world for the advertised purpose of improving cyber security and the
overall user experience. Or “eXPerience”, as Microsoft calls it.But
what many don’t know may really hurt them. IT managers will discover
what they need to know from the safe distance of test machines, which
they use to insure stability before deploying the upgrades across the
business. But home and small business users probably will not have the
good fortune of that option and, if they are not careful the results
could be catastrophic.I’ll
give you a brief rundown on them and then go into them a bit deeper
(But staying out of the really-tall grass as much as I can here).The two main areas I’ll focus on are:
1. Users
may be confused by various ways the new service pack inconsistently
interacts with their current security software and may be fooled into
giving up better security with their personal firewall in favor of
Windows’ generic offering.What
tests have shown is that SP2 doesn’t seem to always play nicely with
often critical and commonly found software. Most notably for small
businesses, Symantec’s Norton Firewall and antivirus software, the most
widely used such software at this time.But some users may not even make it that far.
2. Trouble could be lurking even before SP2 is fully installed
Beyond
the inconsistent way I have seen SP2 interact and manifest after
installation on test PC’s, there is one thing that could ruin more than
your weekend- and may even force you to completely reformat and
reinstall an otherwise healthy Windows configuration. This could mean
hours, if not days for small businesses that rely on one or two
computers for a large part of their day to day activity. This has to do
with the way the Service Pack’s installer packages handles the file
copy part of installation.Now for the those überdull detals.
First
the inconsistencies in the user’s SP2 security landscape: for users of
all versions of Norton Internet Security and Norton Personal Firewall,
SP2’s new “Security Center” (found in the Control Panel) seems to have
trouble recognizing which security software is already installed by the
user and what exactly to do about it. At times it will prompt the user
to take action with a cryptic message and at other times the user’s
input will not be requested at all, the changes made without his
knowing.An example of this is when the new
at times will recognize that Norton’s antivirus software is installed,
at times not. Sometimes it will see the Norton firewall and ask if you
want to disable the Windows Firewall in favor of it, or not. Now
Symantec says they plan to release a patch to help this a bit in the
near future, but until then, if you have SP2 installed, take what the
says with a grain of salt. All of these differences across all
flavors were only the tip of the ice berg: the above being
observed between machines running the exact same release versions of
Symantec software. On another machine on which I earlier installed the
beta version of the service pack, release candidate 2, much of the
functionality of the
was disabled or unavailable even after updating to the public-release
version. Norton Internet Security Standard and other software
versions seem to offer even more to the already hit-and-miss mix for
the user. No doubt it will leave the Symantec and Microsoft call
centers swamped as users wind up more confused than ever about which
firewall to run or if they really have any antivirus software, if it
really still works, or why it might be if they already have
service pack 2, does the Windows Update site still tell them they
should “find out more” about and “install” that service pack.More troubling, that the users in many cases now must actually disable their
Norton personal firewall software in order to even take advantage of
the Windows Update home page. No word as yet about any forthcoming
patches for this. So much for the “security initiative”. It appears
Microsoft is more interested in becoming a direct competitor with
Symantec than they are in allowing continuity in established computer
security.But
why worry about protecting your computer from hackers if a bad
installation takes it down instead? This is what I discovered and
consider to be of bigger concern because of what it might mean to the
SOHO user. It is something which is most likely to threaten the
computers of home and small businesses without any IT staff, the most.
It has to do with the service pack’s install package. What I noticed on
one test machine was the installer’s failure to properly assess the
amount of available storage space on the hard drive where the Windows
operating system itself resides- and where the service pack files were
to be copied. In theory, this could cause the routine to continue
adding files to the drive until it became completely full and failed-
causing the system to crash. Since the pack were only partially
installed at that point, the system might become corrupt and unable to
properly load when the user attempted to restart his computer. In the
beginning of the setup process it tells the user it is checking for
available disk space before it begins to copy files, but in this
case I was able to observe the drive quickly fall as low as 80
megabytes of total free space before I stepped in and manually moved
some other files to a different drive. The drive had about 1 gigabytes
of free space prior to the install, which is the point of the test. I
would recommend you have at least 2 to 3 gigabytes free to insure the
smoothest possible install. But if I had been a user with a system with
a gigabyte or less of space available and only relied on information as
would be readily seen by a typical end-user, I would have been in
serious trouble. In such a position, no information about required
space for the service pack would have been seen.In
times past service pack installations, as is common for most
application installations, would check available disk space before
beginning to copy files and typically when insufficient space had been
detected, the installer would abort and prompt the user to try to free
up some more space then attempt the software installation again. In the
case of Microsoft’s latest Windows XP service pack release, this does
not seem to be the case. And what would the average user then do? Plug
his drive into another machine, rescues his data, do a dirty install?
This is what I mean when I rant that Microsoft is way out of touch with
the average user. As a systems engineer, it’s a constant race to stay
ahead of the information needed to keep it running smoothly. So where
does that leave the average user?Naturally,
nothing can beat user-vigilance and there are always a few basic things
you can do to guard against evil installers like this one. As always,
before applying any major updates or changes to your computer, as well
as on a regular basis- as big of a pain as it might seem, be sure you
have backed up all of your important files and then make certain you
have enough space on your hard drive for the software you plan to
install. I recommend you also create a separate partition on your hard
drive for the location of your personal files and data. This will help
if ever you wind up in a pinch and need to reformat your C:
drive and reinstall Windows- which will happen at some point. To find out more about partitioning your hard drive, visit the Partition Magic website. Of
vital importance is that you always make sure you have at least 20% of
the drive where your Windows folder is located free. This is not only
necessary to allow space for updates to Windows, but is needed to help
it run smoothly to allow the system to properly defragment the hard drive periodically, when necessary.More advanced users might also want to keep a CD of Knoppix Linux
handy. Booting to such a CD will provide an emergency back door without
adding or deleting any critical files on your computer and will allow
you, providing the right drivers, a way to back up your data to some
device or network location.And
do your homework. Any changes you do make to your system may have
unexpected or mixed results. Be ready for them by reading up the
offerings provided by your software and hardware vendors’ support
websites. As for Service Pack 2, I would give it some more time, and
watch to see if any more bugs pop up, such as the ones IBM and other
vendors are currently trying to wrestle with.This
one without a doubt needed to spend a little more time in the oven.
Microsoft may have tried to do too much in one service pack and may
have not put security ahead of other money-makers, as they had wished
the public to believe. Par example, as part of this service pack
Microsoft also released major aesthetic and functionality revamps to
their Tablet PC and Media PC lines of the XP family, along with several
new games and toys for those Windows versions included. These probably
should have been separate projects for a later time. While the Tablet
PC updates made for a “cooler” tablet experience, I think we could have
waited a little longer perhaps in favor of a more polished service pack
whose sole focus was Microsoft’s newfound “passion” for security.
Instead what we wound up with was a chaotic group of offerings, the
best of which went to fringe users, all of which arrived several months
behind schedule.At
Microsoft the question for consumers may be “where do you want to go
today”, but without a common-sense comprehensive user-friendly
approach, it may force some small businesses to bankruptcy court.Resources:
Windows XP SP2 More Secure? Not So Fast
Windows XP Service Pack 2: Will It Cripple Your Network?
Don’t trust that built-in SP2 Windows firewall: Windows XP SP2 Features Security Crater – Report
Microsoft’s Starting List of Programs that Mis-behave with SP2
Security Watch Special: Windows XP SP2 Security Center Spoofing Threat
Recommended download to help prevent website spoofing:
Spoof Stick freeware is almost foolproof in helping the user know if he is visiting the actual site the page tells him he is: http://www.corestreet.com/spoofstick/
I know Jeff at Beautiful Atrocities has
razzed me about this in his blogs, but I definitely recommend a
browser other than Internet Explorer for most users. If security
vulnerabilities were craters, Internet Explorer (IE) would be the
moon. A more down-to-earth pick instead is Mozilla’s Firefox.
Though still in the last stages of beta (0.9.3), it still easily beats
IE for security, good looks and usability. Pages render great 98% of
the time too, including Blogbat’s (some sites are built specifically
for IE). That number is bound to improve with gaining acceptance. http://www.mozilla.org/products/firefox/“eXPeriences”:
Symantec – Dropping SP2 Support for 2003,2003 AV?
____________________________________________________________
Comments (2)
Yikes – my creaky old computer is already having trouble dealing with Limewire. I hate the look of Firefox, it’s too much like Netscape, that’s the only reason I don’t use it. Good warning, tho, I’ll link back.
Altho I still get pop-ups at Drudge on IE that I don’t get on Firefox. BTW, have u given any more thot to moving yr stuff off Xanga? I was trying to link to yr Johnny Depp thing the other day and it was maddening…
Version 6.0 of Joyfax Server with Cool Fax Editor has arrived!
It also allows to choose a specific fax device to an user group for
sending faxes.
Please check:
@__@