16 more Win 7 "God" modes

[Nelson37]

Oh, and Palin never claimed to be an expert on Russia. She obviously has minimal foreign policy experience, but Alaska does have extensive dealings with and proximity to two seperate foreign countries, and loads of military infrastructure dealing with the Russian threat. She was trying to make a little something out of not very much.

An expert, no, and no claim to be, but it is interesting that she was more closely questioned on this than a former community organizer with even less experience in this area. As in absolutely zero.

[deadrats]

Firstly, I am a programmer, not a "programmer".

no, you a "programmer", because your "knowledge" seems questionable at best, you either are incapable of understanding the implications of what you read or are purposely lying about the potential uses, in short you are being disingenuous, the only question is if it's deliberate.

Secondly, since you have resorted to insult and slander, you are an "idiot". You opened this thread with some nonsense about various COM interfaces in Windows 7 opening new opportunities for maliciousness. Then, when accurately rebuked, you change your tune and start on about malware which has been around for ages and will continue to be. The ability to write programs that exploit weaknesses in the API code isn't new. Turning the firewall on and off isn't new. Admin requirements are necessary.

see, this is what i'm talking about, you are flat out lying about what transpired. the "God" modes i talked about are simply a visual manifestation of the changes made to the win 7 api that allow them to work in the first place, it;s not so much the new interfaces that are the problem but rather the "engine" that drives them.

you, being the scary talented "programmer" that you are, pointed out that the "God" modes were just an interface and asked how exactly they could be exploited, i in turn explained how malware could use the changes made to the win 7 api, that allows those "God" modes to exist in the first place, to circumvent security measures put in place by an end user.

as i have already pointed out, repeatedly, admin requirements are a non-issue on a windows pc, most people run as admin all the time. i also have pointed out that while it was possible to manipulate certain security features in prior windows versions using vb script, turning off the scripting host would prevent that, with win 7 it's no longer necessary to use vb script, you can actually embed the code in a C/C++ program, thus bypassing the protections offered by turning off the scripting host.

I leave you with a very malicious piece of code that can be put in nothing more than a plain text file and requires no compilation etc:

del *.* /s /q

In this case, perhaps the *'s represent your ears and the . a seamingly vanishing brain due to atrophy from exposure to too many neurotoxins.

once again you prove you are a half-assed programmer, putting that line into a text file does absolutely nothing, you need to save it with a .bat extension and it still needs the user to execute it and of course it's possible to configure windows to prevent batch files from running.

lastly, i should point out that i wasn't trying to insult or slander you, if i wanted to do that i would have just pointed out that you are such a lame programmer that you have actually complained that microsoft, intel and amd all advise against using x87 fp math and instead advise you to use sse, and you couldn't understand why those 3 companies all stated that x87 was deprecated, i guess when they were offering classes in "computer organization and assembly language" you decided to skip those semesters. if you like, i'll explain to you why they advise you to use sse instead of x87, just say the word.

seriously though, and i don't mean this in a malicious way, where did you get your programming education? devry? itt-tech? chubb? some other "school" that offers "programming certificates" after completing a 4 month program, a program that doesn't require the "student" to actually pass any tests, as long as you show up and pay the fee you get your "certificate"?

i'm just dying to find out.

[ocgw]

I will "redirect", So are you saying that downloading chit from the world wide web onto a unprotected PC was safe before Windows 7??

if not, what the duck changed?

i'll try this one last time: assume you have 2 pc's, one is running XP 64, the other is running Win 7 64bit, both have remote access disabled, both have the windows firewall enabled, both have the scripting host disabled, both have telnet disabled, neither has an antivirus or any other form of malware protection installed.

you download a virus to both pc's, on the Win 7 pc, thanks to the additions made to the win 7 api, the virus can disable the windows firewall, it can enable telnet, it can can turn on the scripting host service and it can turn on remote access, that same virus can't do that on the XP 64 machine, and for though matter it can't even do that on Vista 64, because even though the Vista api also added some features that ostensibly are meant for easier administration but could be exploited Vista at least had that extremely intrusive UAC that stopped a lot of crap dead in it's tracks, with Win 7 microsoft decided to make it less intrusive and there are tests out there that show as a result Win 7 is way more vulnerable to root kits:

http://www.theregister.co.uk/2009/12/10/win7_vista_security/

microsoft has made win 7 into swiss cheese, not quite as bad as the win 9x days, but still more than a few steps behind it's NT based predecessors. now it's true that you can use 3rd party tools to lock down win 7 fairly tight, but it still annoys me that microsoft felt the need to include in it's api functionality that can harm the vast majority of it's less tech savvy users.

That is a foolish assumption, i would never be stupid enough to run PC's w/ no antivirus protection

That is the best you can come up w/

You can break into my house if I leave all the doors and windoze open

HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA HAHAHAAHA

ps. How exactly "tech savvy" do you have to be to realize you need antivurus protection? Not live in a cave?

ocgw

peace

[Ron B]

i am beginning to believe that i am by far the most computer knowledgeable person on this board

I know enough not to get involved in this conversation; but I am intrigued by the "tin foil beanie".

[deadrats]

I have never "wrote code" in my life and I can see that deadrats has not discovered some new threat or vulnerablity worthy of a public announcenment or any reason to stick to an older OS "out of fear"

"fear mongers" and their "conspiracy theories" lol

do you realize how stupid what you just said is? first i haven't claimed that i discovered any new threat, microsoft themselves have documented the changes they made to the win 7 api, i am just commenting that said changes represent a major new attack vector that didn't exist prior to win 7.

secondly, if you never wrote code in your life then you aren't really qualified to comment on the validity of what i have said, so how about having a nice big cup of STFU?

you're like a guy that hears on the news that a doctor is trying to warn people about the excessive use of antibiotics and you, despite no medical training whatsoever, "know" for a fact that he is wrong.

[ocgw]

I have never "wrote code" in my life and I can see that deadrats has not discovered some new threat or vulnerablity worthy of a public announcenment or any reason to stick to an older OS "out of fear"

"fear mongers" and their "conspiracy theories" lol

do you realize how stupid what you just said is? first i haven't claimed that i discovered any new threat, microsoft themselves have documented the changes they made to the win 7 api, i am just commenting that said changes represent a major new attack vector that didn't exist prior to win 7.

secondly, if you never wrote code in your life then you aren't really qualified to comment on the validity of what i have said, so how about having a nice big cup of STFU?

you're like a guy that hears on the news that a doctor is trying to warn people about the excessive use of antibiotics and you, despite no medical training whatsoever, "know" for a fact that he is wrong.

I understand your angry and frustrated because everyone is wrong but you and we just won't see it lol

Now let me set something straight, although I have never "written code", I took computer hardware, software and networking classes in college, and have been building, programming, and repairing PC's and PC based tools and robots @ GM Engineering World headquarters for 10 years and building gaming rigs and HTPC's @ home for an equal amount of time

(Actually have 16 yrs seniority @ GM all together but some of that time was welding and mechanic)

18 yrs in the trades, 2 journeyman cards (Experimental Product Engineer, Metal Model Maker), 3.5 yrs of college in pipefitting, plumbing, hydrualics, pneumatics, automotive technology, welding, machining, metalurgy, computer science, experienced in heating and cooling, plumbing, pipefitting, hydraulics, pneumatics, welding, automotive mechanics, tool making, die making, machining, AC electrical, DC Electrical, electronic diagnostics, computer programing and repair

It doesn't take a brain surgeon to realize you can get a virus if you don't have AV protection, and we certainly don't need you to shout from the rooftops that Windows 7 is vulnerable w/o AV protection because all OS's are vulnerable w/o AV protection

DUH!

ocgw

peace

[deadrats]

Oh, and Palin never claimed to be an expert on Russia. She obviously has minimal foreign policy experience, but Alaska does have extensive dealings with and proximity to two seperate foreign countries, and loads of military infrastructure dealing with the Russian threat. She was trying to make a little something out of not very much.

An expert, no, and no claim to be, but it is interesting that she was more closely questioned on this than a former community organizer with even less experience in this area. As in absolutely zero.

i don't want this to turn into a political discussion and thus cause this thread to be closed but allow me to talk in very general terms:

1) the "community organizer" in question, did serve in a certain governing body on both the state and federal levels, so in all honesty the two had roughly the same amount of experience.

2) the lady governor is question, aside from being dumb beyond belief, was also a flat out hypocrite, she criticized the community organizer for proposed policies that she, and the rest of her "party" denounced as being patterned after a competing economical system that's contrary to the american system (i am being deliberately vague) yet she sued the major oil companies based in her state and won a yearly "reverse tax" for each citizen of her state, in effect she implemented the same type of hand outs that she claimed the "community organizer" wanted to implement, which has been shown was not the case at all.

that's what makes her, and her supporters, complete and utter bleepholes.

[Nelson37]

Well, Lemme see here, Rats, Johnny M writes code and gets paid for it, and he's not qualified to dispute you, and people who don't write code aren't qualified, so who does that leave?

BTW, I HAVE written code, though it has been a long time ago, got paid for it so it was professionial, my degree is in Computer Science from Ohio U, (3.89) and IMO you are a complete paranoid whackjob and rude to boot.

Your "30 lines of code" example was absolutely hilarious. What you are bitching about is nothing new. Try re-folding the hat so that the corners are more pointy.

[showtaper]

am i the only one that ever studied computer science on this forum?

Yes, and we're very proud of you. Excuse me while I disconnect all of my electronic devices and
return to the fetal position.

[deadrats]

You can break into my house if I leave all the doors and windoze open

omg!!! you almost got it, despite not realizing it. what microsoft has done with win 7 IS leave all the doors and windows unlocked, and even if you lock them microsoft has included functionality that allows them to not only be easily unlocked but opened wide open.

seriously, it's like talking to a semi-retarded chimp, it teases you that it might understand you, then you realize even if you can somehow remove the retardation from consideration the damn thing is still a chimp.

very frustrating.

[ocgw]

You can break into my house if I leave all the doors and windoze open

omg!!! you almost got it, despite not realizing it. what microsoft has done with win 7 IS leave all the doors and windows unlocked, and even if you lock them microsoft has included functionality that allows them to not only be easily unlocked but opened wide open.

seriously, it's like talking to a semi-retarded chimp, it teases you that it might understand you, then you realize even if you can somehow remove the retardation from consideration the damn thing is still a chimp.

very frustrating.

The PC that I use to recover files from infected HDD's is running Windows 7 Ultimate "Signature Edition", and I ain't "scured"

ps. Am I the only guy here that doesn't mind doing "fresh installs" when ppl bring their trashed systems? easy for me, and no returns

ocgw

peace

[deadrats]

Now let me set something straight, although I have never "written code", I took computer hardware, software and networking classes in college, and have been building, programming, and repairing PC's and PC based tools and robots @ GM Engineering World headquarters for 10 years and building gaming rigs and HTPC's @ home for an equal amount of time

(Actually have 16 yrs seniority @ GM all together but some of that time was welding and mechanic)

18 yrs in the trades, 2 journeyman cards (Experimental Product Engineer, Metal Model Maker), 3.5 yrs of college in pipefitting, plumbing hydrualics, pneumatics, automotive technology, welding, machining, metalurgy, computer science, experienced in heating and cooling, plumbing, pipefitting, hydraulics, pneumatics, welding, automotive mechanics, tool making, die making, machining, AC electrical, DC Electrical, electronic diagnostics, computer programing and repair

It doesn't take a brain surgeon to realize you can get a virus if you don't have AV protection, and we certainly don't need you to shout from the rooftops that Windows 7 is vulnerable w/o AV protection because all OS's are vulnerable w/o AV protection

you work for GM? that explains why both my buick regal and my caddy were such pieces of crap, nice job you're doing over there.

you also show that you have no idea what you are talking about, you claim that you have never "written code" but then you say that you took computer hardware, software and networking classes in college and that you have been building, programming, and repairing PC's and PC based tools and robots @ GM Engineering World headquarters for 10 years, which is it, have you ever written any code or haven't you? if you took software classes in clown college (that is where you went to school, next to Crusty, wasn't it?) and have been "programming" pc's @ GM Engineering World headquarters (btw, a quarter for head isn't bad at all), then at some point you had to have written some code, or did you just fake it?

also, evidently it does take a brain surgeon to know how anti-virus programs work, in all the "years" that you have been working on computers, have you ever heard of a virus definition, if the A/V app doesn't have the definition, then it won't detect the virus, a custom written virus that exploits the win 7 api wouldn't be caught by a regular A/V program, you would need an app, like one of the custom firewalls, that also have run time detection that catches all attempts to make any system change and asks if it is allowable, a standard A/V won't stop what i have talked about.

i guess all that "experience" hasn't taught you that.

[deadrats]

Well, Lemme see here, Rats, Johnny M writes code and gets paid for it, and he's not qualified to dispute you, and people who don't write code aren't qualified, so who does that leave?

to put it nicely, johnny has been very disingenuous, the documented changes made to the win 7 api are available for all to see, despite what he says.

BTW, I HAVE written code, though it has been a long time ago, got paid for it so it was professionial, my degree is in Computer Science from Ohio U, (3.89) and IMO you are a complete paranoid whackjob and rude to boot.

Your "30 lines of code" example was absolutely hilarious. What you are bitching about is nothing new. Try re-folding the hat so that the corners are more pointy.

the 30 lines comment was obviously an exaggeration, the changes to the api are new, i think you may need to go back to school for some refresher courses, what were they using back then, Pascal?

and for the record, i pride myself on being rude, paranoid and a whackjob, so thanks for noticing.

btw, is Ohio U a real school? what do you need to get in, open the door?

[CobraPilot]

My apologies to ocgw. I missed the true author in one of those imbedded quotes. You were right to ask, "WTF?".

Deadrats: The bogus dig at Palin has been that she said she could see Russia from her house. It was Tina Fey, portraying Palin, who said that, making a joke. It has morphed into fact, which it is not. Your link certainly doesn't show Palin making the "from my house" comment.

Sorry I brought this up, but I'm sick and tired of the bogus cheap shots being fired at every opportunity.

[ocgw]

Now let me set something straight, although I have never "written code", I took computer hardware, software and networking classes in college, and have been building, programming, and repairing PC's and PC based tools and robots @ GM Engineering World headquarters for 10 years and building gaming rigs and HTPC's @ home for an equal amount of time

(Actually have 16 yrs seniority @ GM all together but some of that time was welding and mechanic)

18 yrs in the trades, 2 journeyman cards (Experimental Product Engineer, Metal Model Maker), 3.5 yrs of college in pipefitting, plumbing hydrualics, pneumatics, automotive technology, welding, machining, metalurgy, computer science, experienced in heating and cooling, plumbing, pipefitting, hydraulics, pneumatics, welding, automotive mechanics, tool making, die making, machining, AC electrical, DC Electrical, electronic diagnostics, computer programing and repair

It doesn't take a brain surgeon to realize you can get a virus if you don't have AV protection, and we certainly don't need you to shout from the rooftops that Windows 7 is vulnerable w/o AV protection because all OS's are vulnerable w/o AV protection

you work for GM? that explains why both my buick regal and my caddy were such pieces of crap, nice job you're doing over there.

you also show that you have no idea what you are talking about, you claim that you have never "written code" but then you say that you took computer hardware, software and networking classes in college and that you have been building, programming, and repairing PC's and PC based tools and robots @ GM Engineering World headquarters for 10 years, which is it, have you ever written any code or haven't you? if you took software classes in clown college (that is where you went to school, next to Crusty, wasn't it?) and have been "programming" pc's @ GM Engineering World headquarters (btw, a quarter for head isn't bad at all), then at some point you had to have written some code, or did you just fake it?

also, evidently it does take a brain surgeon to know how anti-virus programs work, in all the "years" that you have been working on computers, have you ever heard of a virus definition, if the A/V app doesn't have the definition, then it won't detect the virus, a custom written virus that exploits the win 7 api wouldn't be caught by a regular A/V program, you would need an app, like one of the custom firewalls, that also have run time detection that catches all attempts to make any system change and asks if it is allowable, a standard A/V won't stop what i have talked about.

i guess all that "experience" hasn't taught you that.

I am really getting tired of you childish, ignorant name calling, notice I am stooping to your level

I have been building and repairing vehicles (experimental prototypes in Engineering as well as supporting the tests on the vehicles) and building, programming, and repairing the tools and robots that make the vehicles, and maintaining the facilities that the vehicles and tools and robots are built in working in several skilled trade, and technicions positions for the last 18 yrs @ GM, Ford Motor Co, Ingorsal Rand, and Utica products and no, i have never learned to write code

And if you really must know I attended classes @ Henry Ford Community College, Macomb Community College, Oakland County Community college, Delta College, Kapland Career Institute

W/ my education and career choises I have managed to cross the $100K mark on occassion son

So you have never heard of programing a computer other than writing code???

ocgw

peace

[deadrats]

Am I the only guy here that doesn't mind doing "fresh installs" when ppl bring their trashed systems? easy for me, and no returns

"fresh installs" are the hall mark of someone that doesn't know what he is doing or that is too lazy to do it the right way. assuming the hdd in question is the boot drive, after you back up their files and reformat/re-install that still leaves the client with needing to re-install all his software and configure his system the way he wants it to be, if he wanted to wipe out the old installation he could have done that himself, not hire a supposed expert to do the same thing.

what you should be doing is simply attaching the hdd in question to your pc, run thorough virus scans with at least 3 different A/V apps, scan the pc with 3 or 4 malware detectors, things like spybot, malwarebytes, adaware, run a registry cleaner to remove any orphan registry entries, rebuild the mbr (if it's a boot drive) to make sure that there aren't any resident viruses hiding in the mbr, scan the drive using a couple of different rootkit detectors, if the drive already doesn't have it enable compress the contents, run a through disk defrag (with file rearrangement, to optimize the drive), turn off file indexing (it will speed up there drive a bit), and perhaps install a free A/V that has good heuristics, install a good free 3rd party firewall, turn off any services that can be attack vectors, such as the scripting host, remote access, remote registry, etc and finally educate your customers on what you did and why.

clean installs are strictly bush league, it's what the Geek Squad does (only they don't even bother backing up your data), it's like going to a mechanic because the head timing chain broke and he just goes ahead and installs a new engine because it's easier for him to just order a turn key kit and drop it in.

[deadrats]

My apologies to ocgw. I missed the true author in one of those imbedded quotes. You were right to ask, "WTF?".

Deadrats: The bogus dig at Palin has been that she said she could see Russia from her house. It was Tina Fey, portraying Palin, who said that, making a joke. It has morphed into fact, which it is not. Your link certainly doesn't show Palin making the "from my house" comment.

Sorry I brought this up, but I'm sick and tired of the bogus cheap shots being fired at every opportunity.

here she is saying that "you can see russia from land in alaska":

http://www.youtube.com/watch?v=JXL86v8NoGk

maybe not exactly from her house, but a stupid thing to say as a way of trying to show she has foreign policy experience.

i can see nyc from my roof it doesn't mean i have experience with the manhattan housing market.

[The village idiot]

I have to admit that I skipped all of page 3 so far just to make this post...

Yes it is possible to infect some media files. GIF, JPEG, and I guess many of the audio/video files could have an exploit put into them that depending on the application used to view or play them could be a problem. You can get some odd things to happen with a simple .asx (advanced streaming redirector) file that points to media, not sure if you could make it load a virus, but you can do a few odd things. As far as embedding them into the actual stream or file, I'm extremely certain that if it can not be accomplished today, it might be accomplished tomorrow.

I am certainly somewhere between a "programmer" and a programmer and I know that if the scripting host can hook into a feature, that you certainly can hook into that feature with a lower level language like C or probably many of the higher level languages like Python or Java (more run time compiled languages). Suffice it to say the hackers will always be one step ahead since they are the ones finding the exploits and not making them publicly known so that they can be fixed. I seem to recall Apple ignoring an issue that was pretty big until the people that found it and reported it to them went public at the hacker gathering last summer. I can't remember if it was an Apple "computer" or the iphone device (which is also just a computer with a phone module stuck on it).

I think these fears that you have with Win7 are unfounded. I also think there are some really bad holes that are to be discovered in win7. Also the standard operating mode of win7 is to have the user not run as admin. I set up a brand new Toshiba for my father for Christmas, it came with win7 and the first thing it did was have me make an account. This account runs with most permissions but it also asks a lot of questions when anything tries to download or install. I think they did a decent job of protecting the users, much better than previous versions of the OS.

And one final thought.... How safe are the other OS's when something as simple as sudo will get you to admin level and not even require the password. Damn near every Mac would be vulnerable to this one unless you follow their recommendations to create a user with limited rights for your normal account, just like has been the practice for many other OS's for a long time.

[ocgw]

Am I the only guy here that doesn't mind doing "fresh installs" when ppl bring their trashed systems? easy for me, and no returns

"fresh installs" are the hall mark of someone that doesn't know what he is doing or that is too lazy to do it the right way. assuming the hdd in question is the boot drive, after you back up their files and reformat/re-install that still leaves the client with needing to re-install all his software and configure his system the way he wants it to be, if he wanted to wipe out the old installation he could have done that himself, not hire a supposed expert to do the same thing.

what you should be doing is simply attaching the hdd in question to your pc, run thorough virus scans with at least 3 different A/V apps, scan the pc with 3 or 4 malware detectors, things like spybot, malwarebytes, adaware, run a registry cleaner to remove any orphan registry entries, rebuild the mbr (if it's a boot drive) to make sure that there aren't any resident viruses hiding in the mbr, scan the drive using a couple of different rootkit detectors, if the drive already doesn't have it enable compress the contents, run a through disk defrag (with file rearrangement, to optimize the drive), turn off file indexing (it will speed up there drive a bit), and perhaps install a free A/V that has good heuristics, install a good free 3rd party firewall, turn off any services that can be attack vectors, such as the scripting host, remote access, remote registry, etc and finally educate your customers on what you did and why.

clean installs are strictly bush league, it's what the Geek Squad does (only they don't even bother backing up your data), it's like going to a mechanic because the head timing chain broke and he just goes ahead and installs a new engine because it's easier for him to just order a turn key kit and drop it in.

1. I never said i was an expert, I just said ppl are so happy w/ my work it is paying for my new ranch

2. I am more than happy to reinstall their software anyway they like

3. I do save some ppl's installations if they are not too screwed up, but if it takes more time than a fresh install I have to charge them more money

4. If you were a mechanic you would know the obvious, it is sometimes cheaper to replace an engine than to fix it

You ridicule me all you want, but even after wage concessions I make $34USD per hr in straight time for what I do, you can put that in you pipe and smoke it son

Right now I am working 58 hrs a week die setting, die grinding, and making 1st run experimental sheet metal on a 400 ton press w/ experimental dies, in february I go onto training PROGRAMMING a Fadal triple axis mill

How much do you get paid to go around crying, "the sky is falling, the sky is falling"?

ocgw

peace

[deadrats]

And if you really must know I attended classes @ Henry Ford Community College, Macomb Community College, Oakland County Community college, Delta College, Kapland Career Institute

W/ my education nad career choises I have managed to cross the $100K mark on occassion son

So you have never heard of programing a computer other than writing code???

you are the community college king, aren't you?

seriously though, i have no problem with community colleges, my brother went to one and managed to get into a prestigious engineering school, i went to one and managed to get into Pace University, you can get a damned fine education at some junior colleges, especially if you just concentrate on the hard sciences.

in so far as programming a computer without writing code, you need to remember i was a physics and comp sci major, all my programming background is in actually writing code that runs on x86 processors. now i am aware that you can electronically program certain types of computers, such as those those that control robots, i'm assuming that is what you are referring to.

[ocgw]

And if you really must know I attended classes @ Henry Ford Community College, Macomb Community College, Oakland County Community college, Delta College, Kapland Career Institute

W/ my education nad career choises I have managed to cross the $100K mark on occassion son

So you have never heard of programing a computer other than writing code???

you are the community college king, aren't you?

seriously though, i have no problem with community colleges, my brother went to one and managed to get into a prestigious engineering school, i went to one and managed to get into Pace University, you can get a damned fine education at some junior colleges, especially if you just concentrate on the hard sciences.

in so far as programming a computer without writing code, you need to remember i was a physics and comp sci major, all my programming background is in actually writing code that runs on x86 processors. now i am aware that you can electronically program certain types of computers, such as those those that control robots, i'm assuming that is what you are referring to.

Yeah, that's the programming I am talking about, if you just "use" a PC based robot or tool you are an "operator", if you perform the initial set up, and set up jobs to run for others or write the programs for a mill to cut out a part you are a "programmer"

As a condition of employment while serving thru 3 UAW joint apprenticeships I took trade classes @ these community colleges, all core classes, no fluff (liberal arts), I was actually "on the clock" while sitting in class

I took computer classes on my own one time when I was on layoff

Thru the apprenticeships I had to rotate for years thru dozens of buildings learning how to operate, build, maintain, and repair all kinds of machines, PC's, tools, and PC based tools

I am now a "card carrying" DOUBLE JOURNEYMAN

I am now engineering new sheet metal for a 2011 model year Cadillac, I am developing the die and the stamping process w/ a new high strength steel, I could tell you more but then I would have to kill you

ps. back to the subject matter tho, honestly, do you think we would all be better off w/ XP?

ocgw

peace

[deadrats]

I am certainly somewhere between a "programmer" and a programmer and I know that if the scripting host can hook into a feature, that you certainly can hook into that feature with a lower level language like C or probably many of the higher level languages like Python or Java (more run time compiled languages).

not true, the scripting host exists is the "engine" that allows a script to run, if that "engine" is turned off, it can't run. furthermore applications that change system behavior don't actually perform the task themselves, they run in a protected mode call ring 3 (or user mode), they have to make a request to the operating system via a system call (to the api (application programming interface) which in turn uses only trusted OS code to perform the action, if no system call exists or if it's not used, the action will not be performed, the app may terminate with an error or it may just terminate without any feedback.

it is impossible to change any system setting within windows if the application front end doesn't employ an existing system call to a trusted part of the OS that in turn performs the desired operation, in other words you can't bypass the OS to turn off the GUI, the firewall, any of the services, it's not possible, only the OS itself can do that or is the api supports the function call your app can issue a request that it be done.

it's kind of like calling the cops to have someone arrested, you can request that they take someone into custody and charge him with a crime but you can force them to do so nor can you do so yourself (unless you're a cop).

And one final thought.... How safe are the other OS's when something as simple as sudo will get you to admin level and not even require the password. Damn near every Mac would be vulnerable to this one unless you follow their recommendations to create a user with limited rights for your normal account, just like has been the practice for many other OS's for a long time.

you are talking to a certified unix system admin, so you asked the right person. taking linux as an example, sudo is is a utility that allows a user to run a program with the security privileges of another user, by default sudo always prompts for the password of the user you are trying to run as, always.

on some *nixes, depending on how the developers configured the OS, it's no longer possible to login as "root", all admin tasks are done via sudo, i believe this holds true for OS X.

however even when you run as "root", with full privileges, *nixes are designed modular in nature, each part of the OS is a separate entity unto itself, you can swap out any combination of kernel, gui, api, shell, admin tools, etc, as you see fit. if you want to run a linux distro with just the kernel, kde, and modules, you are free to do so, so shell, no c compiler, nothing else, it's this modularity that enables every part of a *nix to run in a sort of virtual sand box, changes made to the gui have no effect on the kernel, you can uninstall the gui and the system will keep running, you can uninstall the shell (normally bash or C) and the system can keep on running, it takes a lot to bring down a *.nix.

in fact there have been rumors from developers inside microsoft that have said that win 7 will be the last monolithic windows OS, primarily because it was claimed that win 7 is composed of something along the lines of 100 million lines of code and managing each part of such a large monolithic OS is a nightmare, plus the fact that development of each part, in order to keep the windows source secure, is highly compartmentalized, with developers of one part not having access to code from other parts of the OS, the developer claimed that the decision had been made to restructure windows as a modular OS, ala linux/unix/OS X.

[Nelson37]

""fresh installs" are the hall mark of someone that doesn't know what he is doing or that is too lazy to do it the right way"

This statement is absolutely moronic, do you pride yourself on that, too? First objective is to SOLVE THE PROBLEM, 2nd is to do it in the most cost effective manner. A format, followed by a fresh install, is quite often the most cost effective way of getting it done.

The process you have outlined is the "hallmark" of a tech trying to pad his or her billable ours, and one who will soon be out of business. That's OK, I get lots of business and customers from people who do it your way and fail to solve the problem.

18 years in the business. My current company is IRI Computer Services. IRI stands for I Run It.

I remember once being asked "why are you arguing with an 8-year-old?" This exchange is similar, not sure if your understanding of politics or computers is more minimal.

[JohnnyMalaria]

I leave you with a very malicious piece of code that can be put in nothing more than a plain text file and requires no compilation etc:

del *.* /s /q

In this case, perhaps the *'s represent your ears and the . a seamingly vanishing brain due to atrophy from exposure to too many neurotoxins.

once again you prove you are a half-assed programmer, putting that line into a text file does absolutely nothing, you need to save it with a .bat extension and it still needs the user to execute it and of course it's possible to configure windows to prevent batch files from running.

Ding-ding. I think the implication is obvious that this would have to be executed somehow. Yet, strangely, embedding malicious code into JPEGs and other media result in spontaneous destruction in your world. I also chose the example because it illustrates that very bad things can happen without having to resort to any WIN32 API calls at all.

lastly, i should point out that i wasn't trying to insult or slander you, if i wanted to do that i would have just pointed out that you are such a lame programmer that you have actually complained that microsoft, intel and amd all advise against using x87 fp math and instead advise you to use sse, and you couldn't understand why those 3 companies all stated that x87 was deprecated, i guess when they were offering classes in "computer organization and assembly language" you decided to skip those semesters. if you like, i'll explain to you why they advise you to use sse instead of x87, just say the word.

Ding-ding... go back and read my post on that subject. The primary issue is that SSE doesn't support 80-bit floating point arithmetic, trigonometry etc. I'll let you join the dots as to the short-sightedness of deprecating the x87 instruction set.

seriously though, and i don't mean this in a malicious way, where did you get your programming education? devry? itt-tech? chubb? some other "school" that offers "programming certificates" after completing a 4 month program, a program that doesn't require the "student" to actually pass any tests, as long as you show up and pay the fee you get your "certificate"?

i'm just dying to find out.

I hope it will be a nice service.

[JohnnyMalaria]

it is impossible to change any system setting within windows if the application front end doesn't employ an existing system call to a trusted part of the OS that in turn performs the desired operation, in other words you can't bypass the OS to turn off the GUI, the firewall, any of the services, it's not possible, only the OS itself can do that or is the api supports the function call your app can issue a request that it be done.

Cr@p. All you need to do is provide a kernel-based driver that your usermode app calls. Everything running in the kernel is implicitly trusted irrespective of vendor. But kernel drivers are a bitch to write.

it's kind of like calling the cops to have someone arrested, you can request that they take someone into custody and charge him with a crime but you can force them to do so nor can you do so yourself (unless you're a cop).

Well, actually you can (depending on your jurisdiction):

http://www.constitution.org/grossack/arrest.htm

in fact there have been rumors from developers inside microsoft

Factual rumors. Or rumored facts. Wow.

that have said that win 7 will be the last monolithic windows OS, primarily because it was claimed that win 7 is composed of something along the lines of 100 million lines of code and managing each part of such a large monolithic OS is a nightmare, plus the fact that development of each part, in order to keep the windows source secure, is highly compartmentalized, with developers of one part not having access to code from other parts of the OS, the developer claimed that the decision had been made to restructure windows as a modular OS, ala linux/unix/OS X.

Let's parse your assertion. Monolithic = compartmentalized. Interesting.

[deadrats]

ps. back to the subject matter tho, honestly, do you think we would all be better off w/ XP?

from a security standpoint, absolutely, there are fewer attack vectors available, in my spare time i like to mess around with computer viruses, and i have had no fewer than half a dozen different viruses running simultaneously on my XP 64 box, with the A/V turned off, just to see what they could do, the system got infected with a rootkit, it was made part of a bot network (i was tracking the remote connections to see where they originated) it had a keylogger and you know what? the system kept chugging along and it took about an hour to get everything under control.

from a performance standpoint there are a couple of reasons why Vista might make sense, for instance it supports NUMA (non-uniform memory access), it is significantly better threaded, and if you were running a dual 6-core system (24 threads total) with "hyper-threaded" ram (i believe it's only available for kingston) you should in theory see better multitasking performance, the DX Compute part of DX 11 has the potential to be a compelling feature, but i would definitely only recommend 64 bit vista (it has a significant security advantage over 32 bit vista, for instance you can't patch the kernel with 64 bit vista) and it also has a more robust UAC (a feature i like).

basically what it comes down to is if you plan on using 32 bit win 7, don't really on any built in windows security measure as they can all be bypassed, use 3rd party firewalls, more than one A/V, keep UAC on, have more than 1 spyware app running (and scan regularly), watch what you download and run on your pc, don't rely on the included encryption protection, use 64 bit firefox if you are going to do any online banking or business, basically put on a tin foil hat and assume that everyone is out to get you.

you'll be glad you did.

[deadrats]

Ding-ding. I think the implication is obvious that this would have to be executed somehow. Yet, strangely, embedding malicious code into JPEGs and other media result in spontaneous destruction in your world. I also chose the example because it illustrates that very bad things can happen without having to resort to any WIN32 API calls at all.

why do you make me say things that will come off as mean? if you embed malicious code in a media file, chances are good that at some point said media file will be viewed, which, hold onto your hat and horse, means the file will be EXECUTED, malicious code and all.

there is a significantly greater chance that a media file will be executed instead of a plain text file being properly structured to perform a malicious act, no?

Ding-ding... go back and read my post on that subject. The primary issue is that SSE doesn't support 80-bit floating point arithmetic, trigonometry etc. I'll let you join the dots as to the short-sightedness of deprecating the x87 instruction set.

SSE doesn't support 80 bit floating point math, huh? it doesn't support trig, huh? it's short-sighted to deprecate the x87 instruction set, huh?

i suggest you read though this:

http://developer.amd.com/documentation/articles/Pages/62720069.aspx

allow me to explain why x87 has been deprecated: it's because of the Core 2, namely conroe. i don't know if you know this but SSE has always been 128 bit instructions, however prior to the conroe it took 2 cycles to execute a single 128 bit SSE instruction, in practice the instructions were broken up and treated as 2 64 bit instructions. when the conroe hit the market everyone was amazed at the performance jump which was due to 2 architectural changes: 1 a single cycle SSE engine, which was capable of executing 128 bit SSE instructions in one cycle and it's ability to execute 4 32/64 bit instructions per cycle. in addition it could also, if the instructions were similar enough, "fuse" a 5th 32 bit instruction with the other 4 and thus with the right kind of code and data it could fetch, execute and retire up to five 32 bit instructions (note that nehelam extended this ability to 64 bit code as well).

now the reason x87 is being deprecated is because OSes will stop supporting x87 code eventually for a number of reasons:

1) despite what you may think, you can do the same math operations using SSE/2/3/4 that you could with x87:

80 bit math? check:

The x87 instruction set uses a series of eight 80-bit registers (plus some special-purpose pointer and control registers) that store values using the IEEE 754 and IEEE 854 floating-point representations.

There are two sets of SIMD registers: a set of eight 64-bit registers, known as MMX registers, which are in reality a reuse of the existing x87 registers. These registers can each hold: eight 8-bit data items packed together, or four 16-bit packed integers, two 32-bit packed integers, or one 64-bit integer.


furthermore if you can do 128 bit math you can do 80 point math, why would you think you can't do lower precision math?

as for doing trig using SSE:

math library implementation of trigonometric functions such as sin , cos , and can somewhat surprisingly, significantly outperform the x87 built-in instructions for these functions.

the article i link to is from 2006, since then both amd and intel use single cycle sse engines, why would your cripple you applications by using slow, 20 year old coding conventions?

furthermore gpu integration into the cpu is right around the corner, sandy bridge will be here before the end of the year, most floating point math will most likely be done on the gpu or via SSE, the only reason to use x87 is because you are too lazy to write fast code or don't have the know-how.

[deadrats]

Cr@p. All you need to do is provide a kernel-based driver that your usermode app calls. Everything running in the kernel is implicitly trusted irrespective of vendor. But kernel drivers are a bitch to write.

LOL!!! did you actually just say that expect a virus writer to code a driver that runs in ring-0 and a virus that calls the driver from within ring-3? really?!? how many certified windows developers do you know that have the programming knowledge to pull off such a thing?

Let's parse your assertion. Monolithic = compartmentalized. Interesting.

"monolithic" describes the structure of the OS, in other words all the parts are intricately woven together and depend on one another, "compartmentalized" refers to the development of the application, one group is responsible for coding the kernel another for coding the shell, neither group gets full access to the other's code, they just get the parts that they need to ensure that the 2 pieces work together.

you don't really think that anyone at microsoft, except for maybe gates, balmer and a few other upper echelon employees has access to all the windows code, do you?

[ocgw]

ps. back to the subject matter tho, honestly, do you think we would all be better off w/ XP?

from a security standpoint, absolutely, there are fewer attack vectors available, in my spare time i like to mess around with computer viruses, and i have had no fewer than half a dozen different viruses running simultaneously on my XP 64 box, with the A/V turned off, just to see what they could do, the system got infected with a rootkit, it was made part of a bot network (i was tracking the remote connections to see where they originated) it had a keylogger and you know what? the system kept chugging along and it took about an hour to get everything under control.

from a performance standpoint there are a couple of reasons why Vista might make sense, for instance it supports NUMA (non-uniform memory access), it is significantly better threaded, and if you were running a dual 6-core system (24 threads total) with "hyper-threaded" ram (i believe it's only available for kingston) you should in theory see better multitasking performance, the DX Compute part of DX 11 has the potential to be a compelling feature, but i would definitely only recommend 64 bit vista (it has a significant security advantage over 32 bit vista, for instance you can't patch the kernel with 64 bit vista) and it also has a more robust UAC (a feature i like).

basically what it comes down to is if you plan on using 32 bit win 7, don't really on any built in windows security measure as they can all be bypassed, use 3rd party firewalls, more than one A/V, keep UAC on, have more than 1 spyware app running (and scan regularly), watch what you download and run on your pc, don't rely on the included encryption protection, use 64 bit firefox if you are going to do any online banking or business, basically put on a tin foil hat and assume that everyone is out to get you.

you'll be glad you did.

I do all that except 1 thing, running UAC is too high a price to pay for security, can't stand the nagging, if I ever get irretrievably infected I can restore from an image in 20 min

Chit I rarely download anything, (I buy 99% of my movies and music), and only use a few trusted programs and websites

hell, even if you get infected it shouldn't be anything to "lose sleep over"

ocgw

peace

[JohnnyMalaria]

Cr@p. All you need to do is provide a kernel-based driver that your usermode app calls. Everything running in the kernel is implicitly trusted irrespective of vendor. But kernel drivers are a bitch to write.

LOL!!! did you actually just say that expect a virus writer to code a driver that runs in ring-0 and a virus that calls the driver from within ring-3? really?!? how many certified windows developers do you know that have the programming knowledge to pull off such a thing?

I'm sorry your comprehension skills are lacking and made up for by unnecessary fearmongering and paranoia. You stated that user-mode apps cannot make system changes and that is correct. But a kernel-mode driver can be written and installed to carry out trusted actions. I made no statement about virii - just a plain fact that you can write a driver and call it from a user-mode app. Been there, done that.

Perhaps you should read this:

http://download.microsoft.com/download/e/b/a/eba1050f-a31d-436b-9281-92cdfeae4b45/KM-UMGuide.doc

Oh, and rootkits are nothing more than kernel-mode malware:

http://igloo.engineeringforfun.com/malwares/Kimmo_Kasslin_Evolution_of_kernel_mode_malware_v2.pdf