[PROGRAMMING] Okay, now I'm just getting annoyed

[jducoeur]

The big deal with Windows XP Service Pack 2 was that it was supposed to be more "secure". In practice, it's just irritating. I'm now getting stupid popups all over the place. It insists on asking me for explicit permission before opening an emailed log file. (Despite clearly knowing that it's a text file, since saying "yes" simply opens the file in Notepad.) It demands permission to run programs that I installed quite explicitly. It wouldn't even let eRoom run at all, until I went in through the back door to figure out why the icon was now dead, and re-enable the relevant web pages.

Grr. Haven't these people ever heard of permission fatigue? It's been well-known for many years that if you stick enough popups in peoples' faces, they will simply start answering "yes" without thinking about it. Good security isn't about demanding explicit permission for every little operation, it's about paying attention to what's actually important. This is just ass-covering. ("Oh, but you gave *permission* for that virus to eat your hard drive, so obviously it isn't our fault...")

Comments

[oakleaf-mirror.livejournal.com]

I suspect part of it isn't so much ass-covering as a bit of in your face public relations. Microsoft has taken some heat in the mainstream press for not paying attention to the security aspects of their products. While they haven't gotten nearly as much bad press as they deserve, for this, it's probably an image they want to counter. Being this annoying about dialogues that appear to be related to security is probably meant to reassure the users who aren't tech savvy that Microsoft has made great strides in this area. Now you've got me wondering if I really want to install SP2 on my XP machine.

[hakamadare.livejournal.com]

Now you've got me wondering if I really want to install SP2 on my XP machine.

as my job involves me being subscribed to a number of security-related mailing lists, i've seen that quite a few large IT organizations have advised their users not to install it. my officemate, the local Windows guy, concurs.

-steve

[jducoeur]

Right. Among other things, a serious IT organization probably already has virus-scanners on every desktop and a rock-solid firewall around the building. So many of the security enhancements in XP aren't necessary (and they sometimes conflict with the security measures already in place, I gather)...

[keshwyn]

We had a bunch of students with Symantec and stuff installed on their computers install SP2. VERY ugly. We had to install Symantec before they could even send email again.

[jducoeur]

I suspect part of it isn't so much ass-covering as a bit of in your face public relations.

I'm sure you're right, but that just makes it more annoying. While it's true that part of their security problem is due to making it so very easy for users to do Dumb Things, most of it is simply because of poorly-designed and tested software, with scads of holes in it. But of course, it takes time to clean out 20 years of cruft from the software, so in the meantime they do all this in-your-face hassle to look like they're doing something.

As I said, grr. I do wish this damned OS had been decently designed in the first place, rather than being slowly retrofitted for the modern age.

Now you've got me wondering if I really want to install SP2 on my XP machine.

So far I haven't seen any good reason for it. XP was a huge advance over previous versions of the OS, but SP2 doesn't seem to bring anything to the table that's useful for a savvy user. For those of us who can tell the difference between a potentially dangerous attachment and an intended one, and who have kept up with the *important* security updates for the OS, there doesn't seem to be much added benefit.

(I do note that, without any of the security nonsense in SP2, I've kept my home machine free of virii and malware perfectly easily for a couple of years. A decent NAT/firewall and an understanding of what not to install matters far more than any popups...)

[snarkyman.livejournal.com]

If you install WinXP sp2, do not rely on the built-in firewall. In fact there is already a new virus/trojan that bypasses the XP firewall.

http://isc.sans.org/diary.php?date=2004-09-29
New virus behavior

Our fellow handler Patrick Nolan sent this news about the Surila.k virus. According to the VirusList.com website "In order to gain full access to the Internet, Surila registers itself in the Windows FirewallPolicy, thereby becoming a legal program with full Internet rights."

This will bypass any Firewall settings that may otherwise block the virus from contacting the IRC server is connects to for remote control. The virus installs an HTTP and SMTP proxy server. Traffic to these proxies will be permitted by the modified firewall rules.

[yakshaver.livejournal.com]

Not to defend Microsloth, but I'd never heard of "permission fatigue" either. And the phrase yields only seven hits on Google (http://www.google.com/search?hl=en&ie=UTF-8&q=%22permission+fatigue%22&btnG=Google+Search).

But the problem is much simpler and deeper than not knowing a particular marketing term. The problem is, as Steve Jobs famously said many years ago (and, in 1997, lying through his teeth, apologized for), Microsoft has no taste.