CD drive question

Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

Is there any way to keep my CD-R and DVD drives from winding up every
time I open Windows Explorer? What makes Windows decide to start the
drives? They take 10 seconds to wind up (sounding like a jet engine
the whole time), and Windows won't expand a file tree until they come
up to speed. There must be some way to turn this off. I don't think
it's a hardware issue.
59 answers Last reply
More about drive question
  1. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    If its only ten seconds what does it matter?
  2. Archived from groups: alt.comp.hardware.homebuilt (More info?)

    On 1 Aug 2005 11:54:51 -0700, potnisanish@gmail.com wrote:

    >If its only ten seconds what does it matter?

    Try it with 8 CD's!
    --

    Woodsy,
    Off the Grid, Off the Road, Off my Rocker...
  3. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    "Mxsmanic" <mxsmanic@gmail.com> wrote in message
    news:o5lse1th71evrt3095mumkiiubphg4mcjn@4ax.com...
    > Is there any way to keep my CD-R and DVD drives from winding up every
    > time I open Windows Explorer? What makes Windows decide to start the
    > drives? They take 10 seconds to wind up (sounding like a jet engine
    > the whole time), and Windows won't expand a file tree until they come
    > up to speed. There must be some way to turn this off. I don't think
    > it's a hardware issue.

    download TweakUI (google for it),

    run TeakUI

    go to My Computer, Drives,

    untick your CD and DVD drives hit OK.

    simple

    dj
  4. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Mon, 01 Aug 2005 19:00:42 +0200 As Androids Dreamed Of Electric
    Sheep and then Mxsmanic <mxsmanic@gmail.com> wrote :

    >Is there any way to keep my CD-R and DVD drives from winding up every
    >time I open Windows Explorer? What makes Windows decide to start the
    >drives? They take 10 seconds to wind up (sounding like a jet engine
    >the whole time), and Windows won't expand a file tree until they come
    >up to speed. There must be some way to turn this off. I don't think
    >it's a hardware issue.

    Take the CDs/DVDs out?


    --
    Free Windows/PC help,
    http://www.geocities.com/sheppola/trouble.html
  5. Archived from groups: alt.comp.hardware.homebuilt (More info?)

    Woodsy wrote:

    > On 1 Aug 2005 11:54:51 -0700, potnisanish@gmail.com wrote:
    >
    >
    >>If its only ten seconds what does it matter?
    >
    >
    > Try it with 8 CD's!

    Yeah? And how did you manage get them to spin up sequentially instead of
    all together?
  6. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    potnisanish@gmail.com wrote:
    > If its only ten seconds what does it matter?
    >

    it's annoying and disrupts workflow.

    --
    spammage trappage: replace fishies_ with yahoo

    I'm going to die rather sooner than I'd like. I tried to protect my
    neighbours from crime, and became the victim of it. Complications in
    hospital following this resulted in a serious illness. I now need a bone
    marrow transplant. Many people around the world are waiting for a marrow
    transplant, too. Please volunteer to be a marrow donor:
    http://www.abmdr.org.au/
    http://www.marrow.org/
  7. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    Mxsmanic wrote:

    > Is there any way to keep my CD-R and DVD drives from winding up every
    > time I open Windows Explorer?

    Empty them.

    > What makes Windows decide to start the
    > drives?

    Because when there's something in them there's something to 'explore'.

    > They take 10 seconds to wind up (sounding like a jet engine
    > the whole time), and Windows won't expand a file tree until they come
    > up to speed. There must be some way to turn this off. I don't think
    > it's a hardware issue.
  8. Archived from groups: alt.comp.hardware.homebuilt (More info?)

    On Tue, 02 Aug 2005 02:20:38 -0500, David Maynard <nospam@private.net>
    wrote:

    >Woodsy wrote:
    >
    >> On 1 Aug 2005 11:54:51 -0700, potnisanish@gmail.com wrote:
    >>
    >>
    >>>If its only ten seconds what does it matter?
    >>
    >>
    >> Try it with 8 CD's!
    >
    >Yeah? And how did you manage get them to spin up sequentially instead of
    >all together?
    Use a PII.
    --

    Woodsy,
    Off the Grid, Off the Road, Off my Rocker...
  9. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    potnisanish@gmail.com writes:

    > If its only ten seconds what does it matter?

    A great many programs open an Explorer tree to find files, browse for
    a file, etc., so it matters a great deal.
  10. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    Shep© wrote:
    > On Mon, 01 Aug 2005 19:00:42 +0200 As Androids Dreamed Of Electric
    > Sheep and then Mxsmanic <mxsmanic@gmail.com> wrote :
    >
    >
    >>Is there any way to keep my CD-R and DVD drives from winding up every
    >>time I open Windows Explorer? What makes Windows decide to start the
    >>drives? They take 10 seconds to wind up (sounding like a jet engine
    >>the whole time), and Windows won't expand a file tree until they come
    >>up to speed. There must be some way to turn this off. I don't think
    >>it's a hardware issue.
    >
    >
    > Take the CDs/DVDs out?
    >
    >
    >
    * Click Start, click Run, type GPEDIT.MSC to open Group Policy in
    the Microsoft Management Console.
    * Double-click Computer Configuration, double-click Administrative
    templates, double-click System, and then click Turnoff autoplay.
    * The instructions on your screen describe how to configure this
    setting. Click Properties to display the setting dialog.
    * Click Enabled, and choose CD-ROM drives, then click OK, to stop
    CD autoplay.
    Graham
  11. Archived from groups: alt.comp.hardware.homebuilt (More info?)

    On Tue, 02 Aug 2005 02:20:38 -0500, David Maynard
    <nospam@private.net> wrote:

    >Woodsy wrote:
    >
    >> On 1 Aug 2005 11:54:51 -0700, potnisanish@gmail.com wrote:
    >>
    >>
    >>>If its only ten seconds what does it matter?
    >>
    >>
    >> Try it with 8 CD's!
    >
    >Yeah? And how did you manage get them to spin up sequentially instead of
    >all together?

    See like I vaguely recall windows queries one volume, and
    waits till that one responds to query the next (or times
    out?).
  12. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Tue, 02 Aug 2005 07:00:22 +0200, Mxsmanic
    <mxsmanic@gmail.com> wrote:

    >potnisanish@gmail.com writes:
    >
    >> If its only ten seconds what does it matter?
    >
    >A great many programs open an Explorer tree to find files, browse for
    >a file, etc., so it matters a great deal.

    Set up a server with the drives in it, networked.

    Leave the CDs out of the box, access them virtually with
    something like Daemon Tools or VirtualCD, etc. Daemon Tools
    is among the best at doing so, but maybe someone knows of
    one even better?
  13. Archived from groups: alt.comp.hardware.homebuilt (More info?)

    kony wrote:

    > On Tue, 02 Aug 2005 02:20:38 -0500, David Maynard
    > <nospam@private.net> wrote:
    >
    >
    >>Woodsy wrote:
    >>
    >>
    >>>On 1 Aug 2005 11:54:51 -0700, potnisanish@gmail.com wrote:
    >>>
    >>>
    >>>
    >>>>If its only ten seconds what does it matter?
    >>>
    >>>
    >>>Try it with 8 CD's!
    >>
    >>Yeah? And how did you manage get them to spin up sequentially instead of
    >>all together?
    >
    >
    > See like I vaguely recall windows queries one volume, and
    > waits till that one responds to query the next (or times
    > out?).

    Perhaps but I don't see any reason why it couldn't make a request to the
    next one WHILE the others are spinning up. That's what interrupts are for.
  14. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    Shep© writes:

    > Take the CDs/DVDs out?

    The CDs have to be loaded for the two games I have. It's a lot of
    trouble to dig them out and load the CD drives each time I want to
    play the games, and I don't use the drives often for anything else, so
    I prefer to just leave the CDs there.
  15. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony writes:

    > Set up a server with the drives in it, networked.
    >
    > Leave the CDs out of the box, access them virtually with
    > something like Daemon Tools or VirtualCD, etc. Daemon Tools
    > is among the best at doing so, but maybe someone knows of
    > one even better?

    The games that reference these CDs check to ensure that they are
    indeed inserted in local drives.
  16. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    graham chapman writes:

    > * Click Start, click Run, type GPEDIT.MSC to open Group Policy in
    > the Microsoft Management Console.
    > * Double-click Computer Configuration, double-click Administrative
    > templates, double-click System, and then click Turnoff autoplay.
    > * The instructions on your screen describe how to configure this
    > setting. Click Properties to display the setting dialog.
    > * Click Enabled, and choose CD-ROM drives, then click OK, to stop
    > CD autoplay.

    Autoplay is already turned off.
  17. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Tue, 02 Aug 2005 15:28:39 +0200, Mxsmanic
    <mxsmanic@gmail.com> wrote:

    >kony writes:
    >
    >> Set up a server with the drives in it, networked.
    >>
    >> Leave the CDs out of the box, access them virtually with
    >> something like Daemon Tools or VirtualCD, etc. Daemon Tools
    >> is among the best at doing so, but maybe someone knows of
    >> one even better?
    >
    >The games that reference these CDs check to ensure that they are
    >indeed inserted in local drives.


    Is that just a theory about why it wouldn't work or have you
    actually tried it? I rip games to ISOs to play without the
    disc whenever possible.. hate fooling with CD/DVD/etc when
    it can be avoided. Occasionally "whenever possible" means
    finding a no-cd crack though that's typically when the
    entire game installs to the HDD and it only checks the CD
    just to confirm you have it.

    FWIW, soon Daemon Tools v.4 will be released, should be even
    better at emulation at that point.
  18. Archived from groups: alt.comp.hardware.homebuilt (More info?)

    On Tue, 02 Aug 2005 12:09:03 -0500, David Maynard
    <nospam@private.net> wrote:


    >> See like I vaguely recall windows queries one volume, and
    >> waits till that one responds to query the next (or times
    >> out?).
    >
    >Perhaps but I don't see any reason why it couldn't make a request to the
    >next one WHILE the others are spinning up. That's what interrupts are for.
    >

    Frankly, we've already had the what's-wrong-with-MS argument
    often enough. ;-)
  19. Archived from groups: alt.comp.hardware.homebuilt (More info?)

    kony wrote:
    > On Tue, 02 Aug 2005 12:09:03 -0500, David Maynard
    > <nospam@private.net> wrote:
    >
    >
    >
    >>>See like I vaguely recall windows queries one volume, and
    >>>waits till that one responds to query the next (or times
    >>>out?).
    >>
    >>Perhaps but I don't see any reason why it couldn't make a request to the
    >>next one WHILE the others are spinning up. That's what interrupts are for.
    >>
    >
    >
    > Frankly, we've already had the what's-wrong-with-MS argument
    > often enough. ;-)

    Hehe
  20. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Tue, 02 Aug 2005 15:27:43 +0200 As Androids Dreamed Of Electric
    Sheep and then Mxsmanic <mxsmanic@gmail.com> wrote :

    >Shep© writes:
    >
    >> Take the CDs/DVDs out?
    >
    >The CDs have to be loaded for the two games I have. It's a lot of
    >trouble to dig them out and load the CD drives each time I want to
    >play the games, and I don't use the drives often for anything else, so
    >I prefer to just leave the CDs there.

    Ah!Now you tell us<grin> :)
    Click here,
    http://www.gamecopyworld.com/


    --
    Free Windows/PC help,
    http://www.geocities.com/sheppola/trouble.html
  21. Archived from groups: alt.comp.hardware.homebuilt (More info?)

    David Maynard writes:

    > Perhaps but I don't see any reason why it couldn't make a request to the
    > next one WHILE the others are spinning up. That's what interrupts are for.

    Do IDE devices like CDs and DVDs generate interrupts for "coming up to
    speed"? I recall that floppy disk drives do not; they have to be
    polled (I'm not even sure if they have a "up to speed" signal at all).
  22. Archived from groups: alt.comp.hardware.homebuilt (More info?)

    Mxsmanic wrote:

    > David Maynard writes:
    >
    >
    >>Perhaps but I don't see any reason why it couldn't make a request to the
    >>next one WHILE the others are spinning up. That's what interrupts are for.
    >
    >
    > Do IDE devices like CDs and DVDs generate interrupts for "coming up to
    > speed"? I recall that floppy disk drives do not; they have to be
    > polled (I'm not even sure if they have a "up to speed" signal at all).

    IDE has a lot more capability than a floppy interface.
  23. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony writes:

    > Is that just a theory about why it wouldn't work or have you
    > actually tried it?

    There are entries in the knowledge base for the games that say they
    may crash if an attempt is made to get around a local, physical drive.
  24. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Tue, 02 Aug 2005 23:58:20 +0200, Mxsmanic
    <mxsmanic@gmail.com> wrote:

    >kony writes:
    >
    >> Is that just a theory about why it wouldn't work or have you
    >> actually tried it?
    >
    >There are entries in the knowledge base for the games that say they
    >may crash if an attempt is made to get around a local, physical drive.

    Well... that sounds sufficiently vague enough that it is
    worthless for making any determination. Just throw in the
    disc and rip it to one of the Daemon Tool's supported
    formats. I don't recall the entire list of formats though
    but Google for their 'site, it should list them.
  25. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony writes:

    > Well... that sounds sufficiently vague enough that it is
    > worthless for making any determination. Just throw in the
    > disc and rip it to one of the Daemon Tool's supported
    > formats. I don't recall the entire list of formats though
    > but Google for their 'site, it should list them.

    That's a lot more trouble than I want to go to, and I generally
    conform to vendor requirements for use of licensed software, so if
    they need the CD in the drive, I'll keep it there (although these
    games are so inexpensive that I wonder why anyone would pirate them to
    begin with).

    I used TweakUI to remove the drives from Explorer. I hardly ever
    examine the CD drives directly so I don't really need them in Explorer
    most of the time.
  26. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Wed, 03 Aug 2005 03:30:48 +0200, Mxsmanic
    <mxsmanic@gmail.com> wrote:

    >kony writes:
    >
    >> Well... that sounds sufficiently vague enough that it is
    >> worthless for making any determination. Just throw in the
    >> disc and rip it to one of the Daemon Tool's supported
    >> formats. I don't recall the entire list of formats though
    >> but Google for their 'site, it should list them.
    >
    >That's a lot more trouble than I want to go to, and I generally
    >conform to vendor requirements for use of licensed software, so if
    >they need the CD in the drive, I'll keep it there (although these
    >games are so inexpensive that I wonder why anyone would pirate them to
    >begin with).

    Hmm, OK. I usually make it a point to rip any
    copy-protected CD because it pisses me off when they
    restrict fair-use and when they expect paying customers to
    have to mess with a CD just so THEY don't have to deal with
    as many piracy occurances. I'd rather they just used unique
    installation verification key or something like that that
    had to be confirmed every time the game ran- but there are
    potential problems with that approach too.

    It's not a lot of trouble though, just pop the CD in once
    and rip it while you get on with other work. More trouble
    to wait on a CD access or explorer access, or have to
    shuffle around discs when you need the drive for something
    else, IMO.


    >
    >I used TweakUI to remove the drives from Explorer. I hardly ever
    >examine the CD drives directly so I don't really need them in Explorer
    >most of the time.


    How do you install anything, using "autorun"? I won't want
    that as allowing a disc to run by itself removes a layer of
    protection, if a disc had a virus or that disc decides to
    install some kind of cripping feature (like some audio CDs)
    that's meant for (interferes with?) not only that disc's
    contents but anything else you could be doing on the system.
  27. Archived from groups: alt.comp.hardware.homebuilt (More info?)

    David Maynard writes:

    > IDE has a lot more capability than a floppy interface.

    Does it provide for an interrupt when a drive is up to speed?
  28. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony writes:

    > Hmm, OK. I usually make it a point to rip any
    > copy-protected CD because it pisses me off when they
    > restrict fair-use and when they expect paying customers to
    > have to mess with a CD just so THEY don't have to deal with
    > as many piracy occurances.

    I don't see how fair use enters the picture here.

    It's reasonable to require some sort of token on the PC to prevent a
    program from being used illegally. I just question the wisdom of
    making the token a CD or a dongle. Dongles are extremely irritating.

    > I'd rather they just used unique installation verification
    > key or something like that that had to be confirmed every
    > time the game ran- but there are potential problems with
    > that approach too.

    The problem is, short of burning a custom CD for every customer who
    buys a program, there's no way to protect it other than to examine
    some sort of hardware token that cannot be forged. Even then, the
    program must either have special OS privileges of its own that allow
    it to directly interrogate hardware (extremely unwise and dangerous)
    or it must run on a trusted platform that will allow it to interact
    with tokens and will prohibit spoofing. Neither of these is really an
    acceptable solution.

    > How do you install anything, using "autorun"?

    I have to make the drive visible in Explorer again, then double-click
    on the setup program on the CD. I have autorun disabled because I
    don't like to have anything that runs without me explicitly asking it
    to run.

    > I won't want that as allowing a disc to run by itself removes a layer of
    > protection, if a disc had a virus or that disc decides to
    > install some kind of cripping feature (like some audio CDs)
    > that's meant for (interferes with?) not only that disc's
    > contents but anything else you could be doing on the system.

    I agree. Games are notorious for that, and even some professional
    software that should know better (such as Adobe's CS suite of
    products) do such things. I consider that vandalism.

    I noticed something strange yesterday. In both Microsoft Train
    Simulator and SimCity 4 Rush Hour, I see the _same_ mysterious splash
    screen, with a picture of a bridge on it, before the games actually
    run. I suspect it's some sort of security mechanism but I don't know
    how it works. What really worries me is that I don't know what it has
    installed. I don't like having things installed behind my back.
  29. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Wed, 03 Aug 2005 16:18:12 +0200, Mxsmanic
    <mxsmanic@gmail.com> wrote:

    >kony writes:
    >
    >> Hmm, OK. I usually make it a point to rip any
    >> copy-protected CD because it pisses me off when they
    >> restrict fair-use and when they expect paying customers to
    >> have to mess with a CD just so THEY don't have to deal with
    >> as many piracy occurances.
    >
    >I don't see how fair use enters the picture here.

    I buy a game with the expectation to be able to use it for
    it's intended purpose- the code to play a game. I don't
    agree beforehand to do *anything* the box doesn't clearly
    disclose. I can't just return games after disagreeing with
    a EULA because most retailers won't accept returns for
    refund. Their copy protection interferes with my desired
    use of the product.

    >
    >It's reasonable to require some sort of token on the PC to prevent a
    >program from being used illegally. I just question the wisdom of
    >making the token a CD or a dongle. Dongles are extremely irritating.

    So are CDs, it's a subjective call. Also subjective is
    whether it's reasonable to require some sort of token if
    they can't implement it any better. Good ideas only remain
    good if they can be executed well.


    >
    >> I'd rather they just used unique installation verification
    >> key or something like that that had to be confirmed every
    >> time the game ran- but there are potential problems with
    >> that approach too.
    >
    >The problem is, short of burning a custom CD for every customer who
    >buys a program, there's no way to protect it other than to examine
    >some sort of hardware token that cannot be forged. Even then, the
    >program must either have special OS privileges of its own that allow
    >it to directly interrogate hardware (extremely unwise and dangerous)
    >or it must run on a trusted platform that will allow it to interact
    >with tokens and will prohibit spoofing. Neither of these is really an
    >acceptable solution.

    I agree with this, but only until it means several pieces of
    software require additional bits of hardware or discs. It's
    not a reasonable solution (IMO) on a PC which is meant to
    run multiple things... most of those things presumably
    licensed. We can't very welll extend excuses for game
    developers that don't extend to ALL software, and people
    definitely don't want to have to fool with a disc every time
    they (run the OS, or office, or whatever-else).


    >
    >> How do you install anything, using "autorun"?
    >
    >I have to make the drive visible in Explorer again, then double-click
    >on the setup program on the CD. I have autorun disabled because I
    >don't like to have anything that runs without me explicitly asking it
    >to run.
    >
    >> I won't want that as allowing a disc to run by itself removes a layer of
    >> protection, if a disc had a virus or that disc decides to
    >> install some kind of cripping feature (like some audio CDs)
    >> that's meant for (interferes with?) not only that disc's
    >> contents but anything else you could be doing on the system.
    >
    >I agree. Games are notorious for that, and even some professional
    >software that should know better (such as Adobe's CS suite of
    >products) do such things. I consider that vandalism.
    >

    .... or simply "unauthorized use of a system", since we don't
    agree to let a product do *whatever some coder decides they
    want to do* rather than only that expected per the core /
    described software function.

    >I noticed something strange yesterday. In both Microsoft Train
    >Simulator and SimCity 4 Rush Hour, I see the _same_ mysterious splash
    >screen, with a picture of a bridge on it, before the games actually
    >run. I suspect it's some sort of security mechanism but I don't know
    >how it works. What really worries me is that I don't know what it has
    >installed. I don't like having things installed behind my back.

    If they rquire the game CD, I'd expect they simply check it,
    are just an overbloated way of implementing that. Probably
    some registry keys or hidden files too, but since those
    things are more easily reproducible, are then less
    significant.
  30. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony writes:

    > I buy a game with the expectation to be able to use it for
    > it's intended purpose- the code to play a game.

    And you are able to do so. So no problem.

    > I don't
    > agree beforehand to do *anything* the box doesn't clearly
    > disclose. I can't just return games after disagreeing with
    > a EULA because most retailers won't accept returns for
    > refund.

    In theory, you can return the product to the manufacturer for a
    refund, although it's awkward (and vendors know this).

    > Their copy protection interferes with my desired use of
    > the product.

    Their copy protection allows you to use the product for its licensed
    purpose. As long as your desired use is a use permitted by the
    license, the copy protection doesn't interfere with it.

    > So are CDs, it's a subjective call.

    Yes. As I said, there isn't really a good solution at the moment. I
    think that placing such requirements on a game that costs only $15 is
    excessive, but then again, I suppose that every teenage boy in town
    would steal a copy if there were no protection at all, and those same
    boys are an important part of the target market for the game, so that
    would be quite a loss.

    > Also subjective is
    > whether it's reasonable to require some sort of token if
    > they can't implement it any better. Good ideas only remain
    > good if they can be executed well.

    The market decides. As long as the protection system does not
    interfere with other programs or the operating system, and is not so
    awkward that it prevents one from making legitimate use of the
    program, there is little basis for consumer complaint.

    > I agree with this, but only until it means several pieces of
    > software require additional bits of hardware or discs. It's
    > not a reasonable solution (IMO) on a PC which is meant to
    > run multiple things... most of those things presumably
    > licensed.

    I agree. Requiring special hardware conditions for every program
    would be unworkable.

    > We can't very welll extend excuses for game
    > developers that don't extend to ALL software, and people
    > definitely don't want to have to fool with a disc every time
    > they (run the OS, or office, or whatever-else).

    Yes, but the game developers aren't doing anything illegal under
    current law.

    I did abandon _Train Simulator_ because it somehow managed to crash my
    XP system. Anything that crashes an XP system is doing something both
    privileged and illegal, so the game had to go. It is _very_ poorly
    written, a real mess.

    I've had other games exit abruptly to the OS, which is annoying
    (sometimes annoying enough to stop playing the game) but doesn't hurt
    the rest of the system. A game that causes a system failure, however,
    is a security breach.

    > ... or simply "unauthorized use of a system", since we don't
    > agree to let a product do *whatever some coder decides they
    > want to do* rather than only that expected per the core /
    > described software function.

    Same thing.
  31. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Wed, 03 Aug 2005 23:02:50 +0200, Mxsmanic
    <mxsmanic@gmail.com> wrote:

    >kony writes:
    >
    >> I buy a game with the expectation to be able to use it for
    >> it's intended purpose- the code to play a game.
    >
    >And you are able to do so. So no problem.

    Nope, because every time I run it, it "would" require
    inserting the disc. Box didn't specify that, I didn't agree
    to that, and I certainly wouldn't want to devote a drive to
    that lone purpose. Let them clearly spell out any such
    manditory requirements.


    >
    >> I don't
    >> agree beforehand to do *anything* the box doesn't clearly
    >> disclose. I can't just return games after disagreeing with
    >> a EULA because most retailers won't accept returns for
    >> refund.
    >
    >In theory, you can return the product to the manufacturer for a
    >refund, although it's awkward (and vendors know this).

    In theory, I can't. They haven't paid me for my time. I
    dont' volunteer to go, buy, check, make one or more calls
    and ship (plus pay shipping), receive refund and cash... all
    because they are greedy and choose to hide basic
    requirements. I'd pay $10 more per title to do without all
    that nonsense IF there weren't an alternate way to
    circumvent it.


    >
    >> Their copy protection interferes with my desired use of
    >> the product.
    >
    >Their copy protection allows you to use the product for its licensed
    >purpose.

    No, it only hinders it.


    >As long as your desired use is a use permitted by the
    >license, the copy protection doesn't interfere with it.

    It's permitted by the entire license as disclosed at the
    time my money was taken. If they're willing to go to such
    extra effort to cause problems, then certainly they can also
    go to the trouble of linking an automated refund system that
    sends me a postage-paid, pre-addressed padded envelope and a
    refund check.


    >
    >> So are CDs, it's a subjective call.
    >
    >Yes. As I said, there isn't really a good solution at the moment. I
    >think that placing such requirements on a game that costs only $15 is
    >excessive, but then again, I suppose that every teenage boy in town
    >would steal a copy if there were no protection at all, and those same
    >boys are an important part of the target market for the game, so that
    >would be quite a loss.

    I feel the opposite, that with a $15 game it's more
    justified as they're barely making any money. The more
    premium-priced it is, the less nonsense the buyer ought to
    put up with. Even so, all things have balance- they can
    choose ever-more restrictive measures and watch their sales
    go down, or lesser measures and sales go up. Even if a game
    can be pirated, if they sell more they make more.


    >
    >> Also subjective is
    >> whether it's reasonable to require some sort of token if
    >> they can't implement it any better. Good ideas only remain
    >> good if they can be executed well.
    >
    >The market decides.

    .... decides to go to extra effort to circumvent it for
    paying customers too.


    >As long as the protection system does not
    >interfere with other programs or the operating system,

    It does interfere. We can't argue it's OK for them to do so
    if not OK for other programs too. Typical box has only one
    optical drive, therefore it is obviously interfering with
    running other programs if each program (fairly) needed the
    disc in. Apparently it interferes with OS too, hence this
    thread exists.


    >and is not so
    >awkward that it prevents one from making legitimate use of the
    >program, there is little basis for consumer complaint.

    That's subjective at best.


    >
    >> I agree with this, but only until it means several pieces of
    >> software require additional bits of hardware or discs. It's
    >> not a reasonable solution (IMO) on a PC which is meant to
    >> run multiple things... most of those things presumably
    >> licensed.
    >
    >I agree. Requiring special hardware conditions for every program
    >would be unworkable.

    That's exactly what you're arguing for though- it IS a
    special hardware condition to require an available optical
    drive and swapping out (some other game or app) discs for
    each use. If they want hardware verification, let them
    include a coupon for a free USB hub (since each user only
    needs one for several games) and include a USB verification
    dongle in every box. Swapping out discs though- no thanks.


    >
    >> We can't very welll extend excuses for game
    >> developers that don't extend to ALL software, and people
    >> definitely don't want to have to fool with a disc every time
    >> they (run the OS, or office, or whatever-else).
    >
    >Yes, but the game developers aren't doing anything illegal under
    >current law.

    Perhaps they are, if they try to bind you to a EULA that
    wasn't evident at time of purchase. One can't alter a
    contract after-the-fact. The "fact" being payment, one of
    the parties meeting their end of it.

    The idea that a customer who has already paid can just
    "take additional measures" for a refund is no more valid
    than that the developer could take additional measures to
    facilitate refund the first time a gaming attempt is made
    without the disc installed. At that point, I concede it
    might be necessary to insert the disc as proof of rebate
    eligibility.


    >
    >I did abandon _Train Simulator_ because it somehow managed to crash my
    >XP system. Anything that crashes an XP system is doing something both
    >privileged and illegal, so the game had to go. It is _very_ poorly
    >written, a real mess.
    >
    >I've had other games exit abruptly to the OS, which is annoying
    >(sometimes annoying enough to stop playing the game) but doesn't hurt
    >the rest of the system. A game that causes a system failure, however,
    >is a security breach.

    That's a bit of a catch-22 though, as you're running XP. It
    was never meant to be secure, only to throw out some
    buzz-words to make it seem as though they delivered on their
    advertising, that they weren't blatantly lying to sell their
    next OS.


    >
    >> ... or simply "unauthorized use of a system", since we don't
    >> agree to let a product do *whatever some coder decides they
    >> want to do* rather than only that expected per the core /
    >> described software function.
    >
    >Same thing.

    Could be, but vandalism usually isn't treated so harshly.
    People have been made examples of, in cases of unauthorized
    use.
  32. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Wed, 03 Aug 2005 17:46:33 GMT As Androids Dreamed Of Electric Sheep
    and then kony <spam@spam.com> wrote :

    >On Wed, 03 Aug 2005 16:18:12 +0200, Mxsmanic
    ><mxsmanic@gmail.com> wrote:
    >
    >>kony writes:
    >>
    >>> Hmm, OK. I usually make it a point to rip any
    >>> copy-protected CD because it pisses me off when they
    >>> restrict fair-use and when they expect paying customers to
    >>> have to mess with a CD just so THEY don't have to deal with
    >>> as many piracy occurances.
    >>
    >>I don't see how fair use enters the picture here.
    >
    >I buy a game with the expectation to be able to use it for
    >it's intended purpose- the code to play a game. I don't
    >agree beforehand to do *anything* the box doesn't clearly
    >disclose. I can't just return games after disagreeing with
    >a EULA because most retailers won't accept returns for
    >refund. Their copy protection interferes with my desired
    >use of the product.

    One game,can't remember which,but with it's constant access to the
    required CD in the drive knackered an otherwise good CD drive.From
    that day on I will NEVER leave a CD in the drive if I can hack it off.
    That software company were never going to buy me a new Cdrom drive
    were they?


    --
    Free Windows/PC help,
    http://www.geocities.com/sheppola/trouble.html
  33. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony writes:

    > Nope, because every time I run it, it "would" require
    > inserting the disc. Box didn't specify that, I didn't agree
    > to that, and I certainly wouldn't want to devote a drive to
    > that lone purpose. Let them clearly spell out any such
    > manditory requirements.

    You can return the software to the manufacturer for a refund if you
    don't agree with the terms.

    > In theory, I can't. They haven't paid me for my time. I
    > dont' volunteer to go, buy, check, make one or more calls
    > and ship (plus pay shipping), receive refund and cash... all
    > because they are greedy and choose to hide basic
    > requirements. I'd pay $10 more per title to do without all
    > that nonsense IF there weren't an alternate way to
    > circumvent it.

    You can insist that they pay your expenses. If they refuse, you can
    sue. In theory, you can recover any costs associated with the
    software prior to the point at which you accept the EULA.

    > It's permitted by the entire license as disclosed at the
    > time my money was taken. If they're willing to go to such
    > extra effort to cause problems, then certainly they can also
    > go to the trouble of linking an automated refund system that
    > sends me a postage-paid, pre-addressed padded envelope and a
    > refund check.

    You can always sue to obtain it. I wish someone would.

    > I feel the opposite, that with a $15 game it's more
    > justified as they're barely making any money. The more
    > premium-priced it is, the less nonsense the buyer ought to
    > put up with.

    Then the ultimate insult is Quark XPress, which cost me $2300 and
    requires a dongle. But Quark isn't doing as well these days; I wonder
    why?

    > That's exactly what you're arguing for though- it IS a
    > special hardware condition to require an available optical
    > drive and swapping out (some other game or app) discs for
    > each use.

    I'm not arguing _for_ it, I'm simply listing the options for vendors.
    I don't really think such measures are justified myself.

    If they want hardware verification, let them
    > include a coupon for a free USB hub (since each user only
    > needs one for several games) and include a USB verification
    > dongle in every box.

    USB is bad news. I don't trust it.

    > Perhaps they are, if they try to bind you to a EULA that
    > wasn't evident at time of purchase.

    They can't do that. But someone has to sue in order to force the
    issue ... and nobody ever does.

    > That's a bit of a catch-22 though, as you're running XP. It
    > was never meant to be secure ...

    Actually it was. It's based on NT, which has a secure design (largely
    preserved by XP).

    You don't see the security features of XP because the standard OS
    doesn't provide user-visible interfaces for them, but they are there,
    and they are quite elaborate.

    It is true, however, that DirectX compromises security. Microsoft
    came up with it to satisfy gamers. Originally NT allowed no access to
    hardware, period. DirectX is a compromise that trades security for
    performance. I'm not too happy about it, but there weren't too many
    options for MS, and the gamers were a significant market.

    > ... only to throw out some
    > buzz-words to make it seem as though they delivered on their
    > advertising, that they weren't blatantly lying to sell their
    > next OS.

    I've actually seen the source code, and it's a secure operating
    system. The sophomoric knee-jerk bashing of Microsoft becomes tiring
    after a while, at least for IT professionals.

    > Could be, but vandalism usually isn't treated so harshly.
    > People have been made examples of, in cases of unauthorized
    > use.

    Yes, but I have yet to see a software vendor held responsible for
    damage to a system caused by its copy-protection mechanisms.
  34. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony wrote:
    > On Wed, 03 Aug 2005 23:02:50 +0200, Mxsmanic
    > <mxsmanic@gmail.com> wrote:
    >

    >>
    >>Yes. As I said, there isn't really a good solution at the moment. I
    >>think that placing such requirements on a game that costs only $15 is
    >>excessive, but then again, I suppose that every teenage boy in town
    >>would steal a copy if there were no protection at all, and those same
    >>boys are an important part of the target market for the game, so that
    >>would be quite a loss.
    >
    >
    > I feel the opposite, that with a $15 game it's more
    > justified as they're barely making any money. The more
    > premium-priced it is, the less nonsense the buyer ought to
    > put up with. Even so, all things have balance- they can
    > choose ever-more restrictive measures and watch their sales
    > go down, or lesser measures and sales go up. Even if a game
    > can be pirated, if they sell more they make more.

    To say "if they sell more they make more" is begging the question.

    What makes you think that the increase in 'demand' from "lesser [copy
    protection] measures" would be satisfied by increased sales vs increased
    copying?
  35. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Thu, 04 Aug 2005 03:21:19 -0500, David Maynard
    <nospam@private.net> wrote:


    >> I feel the opposite, that with a $15 game it's more
    >> justified as they're barely making any money. The more
    >> premium-priced it is, the less nonsense the buyer ought to
    >> put up with. Even so, all things have balance- they can
    >> choose ever-more restrictive measures and watch their sales
    >> go down, or lesser measures and sales go up. Even if a game
    >> can be pirated, if they sell more they make more.
    >
    >To say "if they sell more they make more" is begging the question.
    >
    >What makes you think that the increase in 'demand' from "lesser [copy
    >protection] measures" would be satisfied by increased sales vs increased
    >copying?


    Because as much as the various special-interest groups try
    to cry wolf about it, their sales are generally good
    compared to piracy rates. They've never been able to
    establish that those who pirate, would've paid for titles
    had there been no other way to attain them.

    A more reasonable estimate of buyer-base would be those who
    have the disposible cash, or ethics, and among that group it
    is clear they will buy what they want in a free market...
    and it's pretty clear nobody who pays for their software
    wants to have to go to extra lengths to use it because of
    others who don't pay.

    I think lesser copy protection would increase sales AND
    piracy. That means a larger user base which generates more
    buzz about a game, free maketing which further increases the
    user base, a large percentage of which are those who do pay
    for their software. This escalating user base also, often
    causes game add-ons, mods, dedicated game servers and a
    whole array of support and value-added extras that the
    developer didn't have to do anything to maintain, which once
    again adds to the perceived value of a game.

    Since this is a hardware group and a topic that could go on
    and on forever, I'll not spend much more time on this
    tangent of the thread but your thoughts are welcome.
  36. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony wrote:
    > On Thu, 04 Aug 2005 03:21:19 -0500, David Maynard
    > <nospam@private.net> wrote:
    >
    >
    >
    >>>I feel the opposite, that with a $15 game it's more
    >>>justified as they're barely making any money. The more
    >>>premium-priced it is, the less nonsense the buyer ought to
    >>>put up with. Even so, all things have balance- they can
    >>>choose ever-more restrictive measures and watch their sales
    >>>go down, or lesser measures and sales go up. Even if a game
    >>>can be pirated, if they sell more they make more.
    >>
    >>To say "if they sell more they make more" is begging the question.
    >>
    >>What makes you think that the increase in 'demand' from "lesser [copy
    >>protection] measures" would be satisfied by increased sales vs increased
    >>copying?
    >
    >
    >
    > Because as much as the various special-interest groups try
    > to cry wolf about it, their sales are generally good
    > compared to piracy rates.

    One might argue sales are 'good' precisely because of the protection
    schemes you're seeking to eliminate.

    > They've never been able to
    > establish that those who pirate, would've paid for titles
    > had there been no other way to attain them.

    I happen to agree with that, at least to the extent it almost certainly
    isn't as large a number as the suppositions, but the same can be said for
    the reverse. No one has established they would not have paid without a
    'free' copy being available either.

    However, you're seeking to 'reduce' the existing protection so the current
    buyer set that might be tempted to pirate is the issue.

    > A more reasonable estimate of buyer-base would be those who
    > have the disposible cash, or ethics, and among that group it
    > is clear they will buy what they want in a free market...

    Sure, if they can't get it for free.

    Your theory has the implicit presumption that counter piracy efforts have
    no impact, E.g., 'those who have money will buy' and that isn't clear at all.


    > and it's pretty clear nobody who pays for their software
    > wants to have to go to extra lengths to use it because of
    > others who don't pay.

    And no one likes the myriad other security measures one suffers because
    others behave improperly but that comes from living in a society full of of
    human beings.


    > I think lesser copy protection would increase sales AND
    > piracy.

    Even if so it's the ratio that's under consideration.

    > That means a larger user base which generates more
    > buzz about a game,

    As if game 'buzz' were a problem. Dern things are louder than a swarm of
    1950's sci-fi giant killer bees before the first CD hits the street.

    > free maketing which further increases the
    > user base,

    That sounds like buzz words just strung together. How does copy protection
    hinder 'free marketing'? Unless by 'free marketing' you mean "see my CD-R
    copy?"

    > a large percentage of which are those who do pay
    > for their software. This escalating user base also, often
    > causes game add-ons, mods, dedicated game servers and a
    > whole array of support and value-added extras that the
    > developer didn't have to do anything to maintain, which once
    > again adds to the perceived value of a game.

    This is essentially circular logic. All these 'benefits' presume that copy
    protection schemes are useless and people who buy will buy regardless.

    Plus the added presumption there's a whole 'market' of buyers doing without
    for the sole reason they're 'irritated' by it.

    But the biggest presumption that weaves through the entire 'complaint'
    seems to be that companies employ anti piracy measure for no reason but,
    whether you agree with their analysis or not they certainly have one and,
    no company is intentionally irritating their customers, without due
    consideration of the alternatives, for the very reasons you mentioned.

    > Since this is a hardware group and a topic that could go on
    > and on forever, I'll not spend much more time on this
    > tangent of the thread but your thoughts are welcome.

    Sure. It's an interesting topic, though, that everyone has to deal with.
  37. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony writes:

    > Perhaps, but does this mean you avoid cameras and printers
    > and webcams, joysticks, USB keyboards and mice, etc, etc,
    > etc?

    As a general rule, yes.

    > Like it or not it's here to stay.

    Just like the S-100 bus and ISA.

    > Impossible conclusion.

    Not when the OS is truly secure.

    > How can you claim a feature deviates from the NT line when
    > it's in an NT product?

    The code base is NT but various modifications have been made over the
    years, most of them favoring convenience and compatibility/performance
    over security ... because that's what the market wants.

    > It's a nice theory but only holds true if you ignore
    > security holes.

    The vast majority of malware infections don't involve any security
    holes. They occur when PC owners/operators logged in as
    administrators allow malware to download and install itself on their
    machines. This happens when they click on attachments, or when they
    run browers with downloading of active content enabled, or when they
    preview mail in HTML and allow scripts to execute, or when they
    carelessly click on spoofed URLs, and so on. From the standpoint of
    the OS, these are all perfectly legal operations, not security
    breaches ... especially for system administrators, who must be allowed
    to do anything by definition.

    > You deny the patches MS has released?

    No, but not all of them correct technical holes in security, and even
    those that do do not necessarily address _widely exploited_ holes.

    > I"m not half as concerned about application trust once the
    > app is on the system as how that app got on the system.

    This conflicts with your implied concerns about system security.

    > It would be easy to just think a user installed it, but more
    > often it's email or browser.

    E-mail and browser programs don't run by themselves.

    > I'm not trying to condem the
    > entirety of XP, but for it to be "secure", it can't have
    > any blatantly insecure, integral features.

    It doesn't. I run XP and I have no security problems.

    > It's only an illusion to someone who denies plain evidence
    > all around them. Apparently you're only thinking in some
    > small context of what security is, then discounting anything
    > that doesn't fall within that context.

    No, I've just been working in IT for decades and I actually know what
    I'm talking about. I've been listening to the kiddies whine for all
    that time and their voices just become more shrill and unrealistic
    with each passing year. Truly, they have no clue.

    > My credibility is just fine with anyone who has seen a
    > system get infected without their choosing to install a
    > virus.

    There are very few such infections.

    > While there are many who do not practice safe
    > computing, there are far fewer that install something when
    > they have no idea what it is and weren't trying to install
    > anything at the time.

    People do it all the time.

    > Of course they are, they acted anticompetitively and the
    > justice systems of multiple countries have already
    > established as much. They don't fix windows because they
    > have no motivation to do so.

    There's nothing wrong with Windows. And, as I've said, just be glad
    it's not Apple in control, or Microsoft would look terribly innocent
    by comparison.
  38. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Thu, 04 Aug 2005 20:29:53 +0200, Mxsmanic
    <mxsmanic@gmail.com> wrote:


    >> Impossible conclusion.
    >
    >Not when the OS is truly secure.

    .... which it isn't. The existence of patches alone, proves
    this.


    >
    >> How can you claim a feature deviates from the NT line when
    >> it's in an NT product?
    >
    >The code base is NT but various modifications have been made over the
    >years, most of them favoring convenience and compatibility/performance
    >over security ... because that's what the market wants.

    Sure, but they "thought" NT was originally what the market
    wanted too, so it's not any kind of deviation, just the
    natural progression of their plan for NT.


    >
    >> It's a nice theory but only holds true if you ignore
    >> security holes.
    >
    >The vast majority of malware infections don't involve any security
    >holes.

    You're about to describe one...


    >They occur when PC owners/operators logged in as
    >administrators allow

    There's one. "Allow" is nonsense. If something isn't
    specifically chosen for download, that it downloads is a
    security hole. For a user to have to take (any kind of)
    action to counter act this, is a flaw in the OS.


    >... malware to download and install itself on their
    >machines. This happens when they click on attachments,

    Another flaw


    >or when they
    >run browers with downloading of active content enabled,

    another flaw (note flaw means it's insecure).
    NT is not supposed to be a built-it-yourself security kit.

    >or when they
    >preview mail in HTML and allow scripts to execute,

    Another flaw

    "allow" an OS to do what it will and becoming infected,
    means that what the OS WILL do is allow infection. That's
    an insecure OS. You're trying to shift the burden to the
    user when claiming THEY should reconfigure things to make up
    for the already-present insecurities.


    >or when they
    >carelessly click on spoofed URLs, and so on.

    Another insecurity.
    Clicking on _A_N_Y_ link should not infect a system or
    compromise security in any way. That's a flaw, a flaw
    that's commonly exploited because it's been known but only
    patched within a concept of "we won't get rid of the
    insecure features, only trying to block each exploit when it
    becomes popular enough that it is a problem for a "lot" of
    people.


    > From the standpoint of
    >the OS, these are all perfectly legal operations, not security
    >breaches ... especially for system administrators, who must be allowed
    >to do anything by definition.

    Doesn't matter. Adminstrators who do any of the
    aforementioned things and end up exploited/infected/etc,
    have revealed a flaw. Administrators are given full system
    configuration ability, it is no arguement that suddenly a
    system should be vulnerable from the outside UNLESS the
    admin specifically changes default settings to open a NEW
    hole.


    >
    >> You deny the patches MS has released?
    >
    >No, but not all of them correct technical holes in security, and even
    >those that do do not necessarily address _widely exploited_ holes.

    True, not all, but that must also be seen as a concession
    that some do. When do we consider it secure? After a patch
    3 months ago, or yesterday's patch, or one a year from now?

    The flaws were there all along, it's only the kiddies and
    whistle-blowers that announce them proudly and loudly
    enough. Those USING those exploits aren't going to draw
    attention to how they're doing it unless their sole purpose
    was publicity or shaming MS.


    >
    >> I"m not half as concerned about application trust once the
    >> app is on the system as how that app got on the system.
    >
    >This conflicts with your implied concerns about system security.

    Not at all, system security as seen from the OS perspective
    includes any and all aspects. If one portion of it is very
    very secure but another isn't, it's fairly irrelevant that
    the one portion was secure, the end result can be same
    either way.


    >
    >> It would be easy to just think a user installed it, but more
    >> often it's email or browser.
    >
    >E-mail and browser programs don't run by themselves.

    Nope, but the OS uses them, and shared code.

    >
    >> I'm not trying to condem the
    >> entirety of XP, but for it to be "secure", it can't have
    >> any blatantly insecure, integral features.
    >
    >It doesn't. I run XP and I have no security problems.

    Great. What you really mean though, is that you're not
    aware of any breeches. Not being infected is not a sign
    that it's impossible or secure.


    >
    >> It's only an illusion to someone who denies plain evidence
    >> all around them. Apparently you're only thinking in some
    >> small context of what security is, then discounting anything
    >> that doesn't fall within that context.
    >
    >No, I've just been working in IT for decades and I actually know what
    >I'm talking about. I've been listening to the kiddies whine for all
    >that time and their voices just become more shrill and unrealistic
    >with each passing year. Truly, they have no clue.

    It's easier to ignore them if you discount valid claims?
    I find it impossible for you to claim security when
    so-called "critical" patches are released, let alone SP2.

    I think you're only conceptualizing security within some
    very narrow context instead of looking at the OS as a whole,
    and without realizing that plenty of people don't _choose_
    to become infected knowingly. It's true that they should
    practice safer computing- but that is largely becaue of the
    security holes present. If they have to take extra measure,
    it should be to open holes, not prevent exploitation.

    >
    >> My credibility is just fine with anyone who has seen a
    >> system get infected without their choosing to install a
    >> virus.
    >
    >There are very few such infections.

    An unfounded claim. Who chooses to install a virus?
    Who chooses to get infected from an email attachment?
    Nobody, you're claiming they should avoid default OS actions
    else it's their fault. Nope, that is a clear sign of
    insecurity.


    >
    >> While there are many who do not practice safe
    >> computing, there are far fewer that install something when
    >> they have no idea what it is and weren't trying to install
    >> anything at the time.
    >
    >People do it all the time.

    People also get infected without doing it.
    While many may not know the exact mechanisms in which
    they'll get infected, few and far inbetween are those who
    have no idea that there are viri, adware, etc, nor that
    installing that which they have no knowedge about, is an
    inherant risk. Over and over you could see examples of
    people trying to clean such things off of their systems with
    no action on their part that they can attribute to the
    infection. Choosing to install it, would be an obvious
    entry point, we can safely assume many didn't occur because
    of it.


    >
    >> Of course they are, they acted anticompetitively and the
    >> justice systems of multiple countries have already
    >> established as much. They don't fix windows because they
    >> have no motivation to do so.
    >
    >There's nothing wrong with Windows. And, as I've said, just be glad
    >it's not Apple in control, or Microsoft would look terribly innocent
    >by comparison.


    "Nothing wrong"?

    This is a hardware group and I can see we'll never reach an
    agreement so I feel it's best to just end the discussion of
    OS now.
  39. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony writes:

    > ... which it isn't. The existence of patches alone, proves
    > this.

    No OS is completely secure. The number of patches available for an OS
    is not necessarily correlated with its security, since there are many
    reasons to issue patches, and many motivations for doing so.

    > Sure, but they "thought" NT was originally what the market
    > wanted too, so it's not any kind of deviation, just the
    > natural progression of their plan for NT.

    It's a deviation from the original notion of a secure operating
    system. It turns out that customers are not interested in security
    and will not buy highly secure operating systems. They want systems
    that are happy and friendly and will run all their favorite programs,
    particularly games.

    > There's one. "Allow" is nonsense.

    Not if you're logged in as the administrator. When you're the
    administrator, everything is allowed. If you don't want to allow
    everything, you don't log in as administrator, period.

    > If something isn't
    > specifically chosen for download, that it downloads is a
    > security hole.

    No, it may simply mean that your system is configured to download
    active content automatically. As a system administrator, it's up to
    you to look into such configuration issues.

    If the system is configured that way by default, it's a marketing
    decision, not a flaw in system security. The default configuration of
    an OS isn't the same as the intrinsic security.

    > For a user to have to take (any kind of)
    > action to counter act this, is a flaw in the OS.

    No, see above.

    > NT is not supposed to be a built-it-yourself security kit.

    It wasn't. But customers complained about the system being secure by
    default, so subsequent operating systems based on NT were more open.
    Now the pendulum has swung the other way, slightly, but who knows
    where the market will drive it in the future?

    > "allow" an OS to do what it will and becoming infected,
    > means that what the OS WILL do is allow infection.

    The OS does what it's told, if the person doing the telling is the
    system administrator.

    > That's an insecure OS.

    No, all operating systems work that way.

    Every operating system assumes that administrators are fully
    competent. There are no controls on what administrators may do.

    > You're trying to shift the burden to the user when claiming THEY
    > should reconfigure things to make up for the already-present insecurities.

    The burden IS on the user, and that's the real problem with computer
    security today. You cannot compensate for stupid users with magic
    operating system features. You have to assume that administrators are
    competent.

    > Clicking on _A_N_Y_ link should not infect a system or
    > compromise security in any way. That's a flaw, a flaw
    > that's commonly exploited because it's been known but only
    > patched within a concept of "we won't get rid of the
    > insecure features, only trying to block each exploit when it
    > becomes popular enough that it is a problem for a "lot" of
    > people.

    It's a configuration choice. A secure configuration will generate
    more complaints than an insecure configuration, because most people
    will whine when they cannot download active content automatically, but
    relatively few will care if active content is downloaded silently and
    automatically. These are choices made by the market, not the vendor,
    and they are unrelated to the intrinsic security of the system.

    > Doesn't matter.

    It matters a great deal. Rule 1 of computer security is that you
    don't sign on as root if you don't need to be root. If you are root,
    you take full responsibility for anything you do.

    > Adminstrators who do any of the
    > aforementioned things and end up exploited/infected/etc,
    > have revealed a flaw.

    No. Administrators are allowed to these things. They are allowed to
    do anything. That's why they are administrators. Every OS provides
    for administrative access, because it has to. The OS has to trust
    _someone_.

    > Administrators are given full system
    > configuration ability, it is no arguement that suddenly a
    > system should be vulnerable from the outside UNLESS the
    > admin specifically changes default settings to open a NEW
    > hole.

    When you are logged on as administrator, it's up to you to make sure
    your configuration is secure.

    > True, not all, but that must also be seen as a concession
    > that some do.

    There are bugs in every OS.

    > When do we consider it secure? After a patch
    > 3 months ago, or yesterday's patch, or one a year from now?

    It's already secure. My XP system is secure.

    > The flaws were there all along, it's only the kiddies and
    > whistle-blowers that announce them proudly and loudly
    > enough.

    Unfortunately, the kiddies don't really understand what they are
    talking about.

    > Nope, but the OS uses them, and shared code.

    The OS doesn't use e-mail or browsers. Only users do that. These
    applications are userland processes to the OS.

    > Great. What you really mean though, is that you're not
    > aware of any breeches. Not being infected is not a sign
    > that it's impossible or secure.

    Well, my machine has been secure ever since I started using PCs, so I
    must be doing something right, and the OS doesn't seem to be a
    problem.

    > It's easier to ignore them if you discount valid claims?

    I don't discount valid claims. Then again, I don't often hear valid
    claims, either.

    > I find it impossible for you to claim security when
    > so-called "critical" patches are released, let alone SP2.

    I don't. Like I said, I know whereof I speak.

    > I think you're only conceptualizing security within some
    > very narrow context instead of looking at the OS as a whole ...

    No, I'm doing just the opposite. I have a much broader perspective
    than the kiddies, who have never seen anything except PCs.

    > ... and without realizing that plenty of people don't _choose_
    > to become infected knowingly.

    The fact that they don't choose it doesn't mean that it's not their
    responsibility.

    Some people don't choose to be hit by a truck, but if they cross a
    busy street carelessly they risk being hit.

    Computers are not for complete idiots. A minimum amount of competence
    is required to keep a computer secure. People who don't have that
    minimum amount of competence will regularly see their computers
    infected.

    > It's true that they should
    > practice safer computing- but that is largely becaue of the
    > security holes present.

    No, it's because safe computing is something that everyone needs to
    learn, just as they learn safe driving, safe drinking, and so on.

    > An unfounded claim. Who chooses to install a virus?

    The user. All the infections I've seen came from user actions.

    > Who chooses to get infected from an email attachment?

    Anyone who double clicks on untrusted executable attachments.

    > Nobody, you're claiming they should avoid default OS actions
    > else it's their fault. Nope, that is a clear sign of
    > insecurity.

    No, it's a clear sign of clueless users. It's it the fault of a power
    saw that your hand will be cut off if you push it into the saw?
  40. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Mon, 01 Aug 2005 19:00:42 +0200, Mxsmanic <mxsmanic@gmail.com> put
    finger to keyboard and composed:

    >Is there any way to keep my CD-R and DVD drives from winding up every
    >time I open Windows Explorer? What makes Windows decide to start the
    >drives? They take 10 seconds to wind up (sounding like a jet engine
    >the whole time), and Windows won't expand a file tree until they come
    >up to speed. There must be some way to turn this off. I don't think
    >it's a hardware issue.

    If you want to explore a particular drive or folder, say C:\Windows,
    then go to Start -> Run and type "explorer c:\windows". You could also
    create a desktop shortcut for your favourite drive or folder, and you
    could assign it a shortcut key combination, eg Ctrl-Alt-C.


    - Franc Zabkar
    --
    Please remove one 's' from my address when replying by email.
  41. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    Franc Zabkar writes:

    > If you want to explore a particular drive or folder, say C:\Windows,
    > then go to Start -> Run and type "explorer c:\windows". You could also
    > create a desktop shortcut for your favourite drive or folder, and you
    > could assign it a shortcut key combination, eg Ctrl-Alt-C.

    Hmm ... not a bad idea. I'll try that.
  42. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony writes:

    > If the saw is marketed as a device to put your hand into,
    > yes an argument can be made that it's the saw's (company's)
    > fault. Windows XP is that saw.

    Explain the Windows equivalent of being told to put one's hand into a
    saw.

    > You argue over and over about what a USER is "supposed" to
    > be doing.

    Because the real problem with computer security is users. No matter
    how secure you try to make a system, you cannot secure it completely
    unless you can trust your users with whatever capabilities they are
    given. (In the case of the administrator, by the way, that means 100%
    trust.)

    Most compromises of Windows and indeed of all operating systems depend
    upon human intervention by users who are too stupid, dishonest, or
    careless to properly respect security procedures. There is no way to
    protect against this type of compromise through any technical feature
    of the operating system alone. When I audit the security of a
    computer system, I don't worry too much about the OS itself; I worry
    about what the users are doing.
  43. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony wrote:
    > On Thu, 04 Aug 2005 20:29:53 +0200, Mxsmanic
    > <mxsmanic@gmail.com> wrote:

    >
    >>>While there are many who do not practice safe
    >>>computing, there are far fewer that install something when
    >>>they have no idea what it is and weren't trying to install
    >>>anything at the time.
    >>
    >>People do it all the time.
    >
    >
    > People also get infected without doing it.
    > While many may not know the exact mechanisms in which
    > they'll get infected, few and far inbetween are those who
    > have no idea that there are viri, adware, etc, nor that
    > installing that which they have no knowedge about, is an
    > inherant risk. Over and over you could see examples of
    > people trying to clean such things off of their systems with
    > no action on their part that they can attribute to the
    > infection. Choosing to install it, would be an obvious
    > entry point, we can safely assume many didn't occur because
    > of it.

    Pardon me but you waaaaaaaaaaaaaaaaaay underestimate what people will
    'install' even when they 'know'. Most people know there are 'viruses' but
    they haven't a clue how they work and no matter HOW much you tell them to
    not install things they still do because they don't think whatever it is is
    a 'problem' for the obvious reason that malware doesn't come with a warning
    sign attached to it. In fact, it's just the opposite. Malware tries to look
    as 'nice and legit' as possible and people fall for it over and over even
    after being bit.

    And that's before you get to "the kids are always downloading things" and
    popups that fake the close X or reverse the <yes><no> or have them both a
    yes regardless of what the button says, people who will never get it
    through their head that "readme.TXT.js" is not a text file, fake 'security'
    emails, and "your account needs renewing."

    True, people do not intentionally infect their systems but they do it all
    the time, in droves, by their own actions. And I assure you that when asked
    they'll tell you they haven't done a thing because they don't know they did it.
  44. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony wrote:

    > On Fri, 05 Aug 2005 11:37:45 +0200, Mxsmanic
    > <mxsmanic@gmail.com> wrote:


    >>
    >>Because the real problem with computer security is users.
    >
    >
    > Again, wrong.
    > MS sought to be the sole source of operating system on
    > PCs-for-the-masses. One can't argue these masses are
    > supposed to have advanced security oriented training, but
    > even if they did, it would be to CLOSE holes, prevent the
    > insecure features from infecting their system. That's the
    > opposite of secure.
    >

    I'm sorry but Mxsmanic is right and there's nothing you can do to make
    something 'secure' from users without removing the users ability to control it.

    Knives aren't 'safe' unless no one touches them. Cars aren't 'safe' unless
    you remove the drivers. And computers aren't 'secure' unless you remove the
    users.

    The most you can do is add warning labels and safety features, like
    scabbards and finger guards, but you can't stop some lunatic from running
    across the skating rink with a blade in his hands and it's absurd to blame
    the knife maker if he falls on the stupid thing.
  45. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Fri, 5 Aug 2005 09:00:11 -0700, "JAD"
    <kapasitor@earthcharter.net> wrote:

    >yeah yeah yeah should we wait for xinux? Give the rhetoric a
    >break.......You know what?, you all should have been around in the early
    >80's and 70's and used computers, with that experience behind you wouldn't
    >(shouldn't) be talking bulllshit. The problem with any OS is the element
    >that spends its every waking moment writing destructive code and use that to
    >make things insecure.

    Dear clueless one, I WAS using computers in the 80's and
    70's. Thanks for trolling by though!


    > Too bad we can't see the what things would be like if MS never
    >was...........

    yes, it is a shame we can't have both perspectives
    simultaneously.


    >I would think that this forum wouldn't even exist.

    WOW, you truely are an idiot. "Hardware" groups would
    unquestionably exist because usenet did.

    > I have been
    >waiting for an usable OS since 1989, alternatives are all but dead. ANYTHING
    >that YOUR machine does, gets itself into, gets infected, won't boot,
    >crashes, or whatever the hell else your complaining about IS YOUR FAULT.
    >Instead throwing up all the same old rhetoric, why don't you learn to USE
    >and SECURE YOUR system.

    OK, then deny this quote (not mine):

    "On August 9th, Microsoft is set to release six patches to
    fix possible serious security holes in its Windows operating
    systems:

    Some of the vulnerabilities carry a maximum severity rating
    of "critical," meaning they could put Windows machines at
    risk of an Internet worm, even without any user action."


    Now, if you had your head out of your arse you'd have noted
    that I never claimed I didn't learn to use or secure "my"
    systems. If you could read for comprehension you'd have
    noted all along that the argument was that further actions
    are necessary to do so, a clear sign it isn't yet secure for
    the general populace to which it's marketed.

    No matter how great you are at securing the boxes under your
    control, OTHER peoples' insecurty can still effect you.

    It's a matter of making a product suitable for the market
    it's targeted towards. No matter how much you want to blame
    the users, there's no point to it. They could similarly
    claim you're cluess at any of their respective trades and
    that you should become more competent at (whatever), but
    this is not the scenario faced by avg joe computer users-
    they are not expected to do brain surgery themselves, build
    their own TV sets or any other technical endevours yet you
    argue they should have operating system security insights.
    Come back to reality, the grand idea doesn't work as proven
    over the past few years of viri, worms, spyware, etc.
  46. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    "kony" <spam@spam.com> wrote in message
    news:je77f1ddfcqa9fa1athlp7ubfnnm2rlekc@4ax.com...
    > On Fri, 5 Aug 2005 09:00:11 -0700, "JAD"
    > <kapasitor@earthcharter.net> wrote:
    >
    >>yeah yeah yeah should we wait for xinux? Give the rhetoric a
    >>break.......You know what?, you all should have been around in the early
    >>80's and 70's and used computers, with that experience behind you wouldn't
    >>(shouldn't) be talking bulllshit. The problem with any OS is the element
    >>that spends its every waking moment writing destructive code and use that
    >>to
    >>make things insecure.
    >
    > Dear clueless one, I WAS using computers in the 80's and
    > 70's.
    Then speak as though you have

    >Thanks for trolling by though!


    I resent that as I have been logged into this group for many years, trolling
    is not my speciality.
    But I realize that its a good way of getting people not to read the other
    side of the story.


    >> Too bad we can't see the what things would be like if MS never
    >>was...........
    >
    > yes, it is a shame we can't have both perspectives
    > simultaneously.
    >
    >
    >>I would think that this forum wouldn't even exist.
    >


    > WOW, you truely are an idiot. "Hardware" groups would
    > unquestionably exist because usenet did.
    >
    un huh with what type of traffic? Oh wait I forgot, you would like just a
    'select' few to use the web. A select few hardware producers and those who
    can figure out xinux.
    Lets go back to bulletin boards and z modem downloads. Hmm were things
    'secure' then?


    >> I have been
    >>waiting for an usable OS since 1989, alternatives are all but dead.
    >>ANYTHING
    >>that YOUR machine does, gets itself into, gets infected, won't boot,
    >>crashes, or whatever the hell else your complaining about IS YOUR FAULT.
    >>Instead throwing up all the same old rhetoric, why don't you learn to USE
    >>and SECURE YOUR system.
    >
    > OK, then deny this quote (not mine):


    Why?...its you who say its the software producers problem and I say its the
    degenerates that produce viruses and exploit the holes instead of using
    their knowledge to a positive end.
    >
    > "On August 9th, Microsoft is set to release six patches to
    > fix possible serious security holes in its Windows operating
    > systems:

    Much like MANY products, things are recalled because of defect, I do not see
    an attack from degenerates as a defect. NOTHING (other than nature) is
    perfect. Even though people try and sue the auto industry for their tires
    being stolen, its utter bullshit and doesn't make it justified. Even though
    people have tried to screw the auto industry, they turned around and offered
    anti theft devices. They drive like idiots and roll over and its the tires,
    its the car, its EVERYTHING else but them (thats the 21st century way). Its
    not the manufacturers problem that there are ignorant drivers on the roads
    anymore than there are crooks in the world, its our fault/problem.

    >
    > Some of the vulnerabilities carry a maximum severity rating
    > of "critical," meaning they could put Windows machines at
    > risk of an Internet worm, even without any user action."
    >
    Yeah someone's porno jpgs may be in jeopardy or their 4th of July AVi's
    maybe infiltrated. AFA commercial implications...PC-HOMEBUILT is the name of
    these groups. From what I have seen, companies need to be way more picky
    about WHO they hire to do their administrating and not worry what OS they
    are running.

    >
    >
    > Now, if you had your head out of your arse you'd have noted
    > that I never claimed I didn't learn to use or secure "my"
    > systems. If you could read for comprehension you'd have
    > noted all along that the argument was that further actions
    > are necessary to do so, a clear sign it isn't yet secure for
    > the general populace to which it's marketed.

    follow your advice, except I would compare you to an Ostridge with his head
    in the sand.

    >
    > No matter how great you are at securing the boxes under your
    > control, OTHER peoples' insecurty can still effect you.
    >
    > It's a matter of making a product suitable for the market
    > it's targeted towards. No matter how much you want to blame
    > the users, there's no point to it. They could similarly
    > claim you're cluess at any of their respective trades and
    > that you should become more competent at (whatever), but
    > this is not the scenario faced by avg joe computer users-
    > they are not expected to do brain surgery themselves, build
    > their own TV sets or any other technical endevours yet you
    > argue they should have operating system security insights.

    come on.....as long as there are humans that do 'evil' things, nothing is
    safe.
    A punk paints a tag on your wall, you blame the paint manufacture because it
    didn't erase automatically?
    Someone breaks into your car, you blame the glass company/auto industry
    because your 12000$ stereo was too enticing?
    Someone breaks into your house, you blame the door /window manufacturer
    because it didnt hold up under the crowbar?

    Microsoft does what it can to 'keep at bay' the people who spend their lives
    trying to make a name for themselves.
    They have never said that any software is 100% secure, thus(1 of the
    reasons) you 'lease' and never buy...its always a work in progress, much
    like all security issues. There are WAY too many scenarios for all the bases
    to be covered for any amount of time.

    > Come back to reality, the grand idea doesn't work as proven
    > over the past few years of viri, worms, spyware, etc.

    I know where I am, You have lost your way. If linux were 60% as popular as
    windows, and Java, active X etc. enabled, and had an integrated
    browser...how secure do you think it would be?
  47. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Fri, 05 Aug 2005 20:24:25 +0200, Mxsmanic
    <mxsmanic@gmail.com> wrote:

    >kony writes:
    >
    >> Do you advocate using Windows Update?
    >
    >Not in automatic mode.

    Then what mode?
    Would that use IE?
    Would you have to have features enabled that HAVE been used
    to exploit IE to get WIndows Update to work? Yes.

    >
    >> Do you expect people to use IE for it?
    >
    >No.

    Then how did you propose the average joe, who has only
    windows system, to get them?

    >
    >> How about Messenger, is it a running service by default?
    >
    >I think it was, but I don't know now, although Windows Messenger is
    >harmless. I have it set to manual, though.

    "Harm" is not constrained by your definition. Security does
    not hinge on whether you consider something inherantly "bad"
    or "harmful", rather than actions specifically undesirable
    by the user or owner of the system.

    >
    >> Again, wrong.
    >
    >No, it's right. I've been doing security for a long time.

    You may know a great deal about security, but that doesn't
    begin to mean you can blame users. Quite the contrary, it's
    evidence that the users would NOT be expected to know these
    things you've learned over a "long time".

    > Users are
    >by far the weakest link in IT security. Unless you can get them to
    >behave, the rest is a waste of time.

    .... only so long as you assume windows is secure. Faulty
    argument, if windows were secure then the typical user
    behaviors would not result in security breeches.

    Perhaps you fail to see who this OS is marketed towards.
    It's intended to be used by the masses. It would be
    ridiculous to claim the masses will be, should be highly
    educated about every technology they come in contact with in
    their lives. It is quite unreasonable and any other
    profession could make same claim, instead of realizing that
    technology does not exist to become a burden but to serve.


    >
    >> Exactly, you have to "try" to make it secure, because it isn't yet.
    >
    >You can design it secure, which was largely the case with NT.

    I'm sure it had a good beginning, then hole by hole it
    degraded.

    >
    >> Yes, you're talking about managing them as much as
    >> reasonable to minimize the insecurity that is in fact
    >> present, and trusting them to not act in a way that makes it
    >> likely they'll be exploited though these insecurities, or
    >> trying to fix the holes left open so less trust is needed.
    >
    >The major insecurity present is the users themselves.

    Again, NO.
    Users can indeed do stupid things, but the real chance of
    insecurity exists without any user action. IN FACT, MS
    themselves have issued critical security updates that
    specifically mention risks without any user action. Do you
    claim even MS is wrong?

    This is a silly discussion, no matter how much you want to
    argue it, the proof is all around you. People get infected
    because they didn't take additional measures that are
    unreaslistic to expect from those in unrelated professions.

    You would like to claim you're right because of some vast
    knowledge about it, but that's exactly why you're wrong,
    because you keep ignoring the lack of security experience
    that the avg. user has.
  48. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    On Fri, 05 Aug 2005 11:57:01 -0500, David Maynard
    <nospam@private.net> wrote:


    >> People also get infected without doing it.
    >> While many may not know the exact mechanisms in which
    >> they'll get infected, few and far inbetween are those who
    >> have no idea that there are viri, adware, etc, nor that
    >> installing that which they have no knowedge about, is an
    >> inherant risk. Over and over you could see examples of
    >> people trying to clean such things off of their systems with
    >> no action on their part that they can attribute to the
    >> infection. Choosing to install it, would be an obvious
    >> entry point, we can safely assume many didn't occur because
    >> of it.
    >
    >Pardon me but you waaaaaaaaaaaaaaaaaay underestimate what people will
    >'install' even when they 'know'. Most people know there are 'viruses' but
    >they haven't a clue how they work and no matter HOW much you tell them to
    >not install things they still do because they don't think whatever it is is
    >a 'problem' for the obvious reason that malware doesn't come with a warning
    >sign attached to it. In fact, it's just the opposite. Malware tries to look
    >as 'nice and legit' as possible and people fall for it over and over even
    >after being bit.

    Yes, it is in fact a reality that some people will install
    such things. That is no proof that it doesn't happen
    without a user making such a choice, nor that it is the
    majority of cases.


    >
    >And that's before you get to "the kids are always downloading things" and
    >popups that fake the close X or reverse the <yes><no> or have them both a
    >yes regardless of what the button says, people who will never get it
    >through their head that "readme.TXT.js" is not a text file, fake 'security'
    >emails, and "your account needs renewing."

    If a user goes out on the 'net and enters their personal
    info into a fake website, I wouldn't consider that an OS
    security breech. If a kid downloads a file and runs it,
    that is not an OS security breech either, it is what the
    user chose to do. I'm not trying to lump together every
    possible malware on the planet nor every possible user
    mistake and blame the OS for it all. On the other hand, IF
    a user did none of these things, they still don't have
    security.


    >
    >True, people do not intentionally infect their systems but they do it all
    >the time, in droves, by their own actions. And I assure you that when asked
    >they'll tell you they haven't done a thing because they don't know they did it.

    That's a large part of why the holes shouldn't be open in
    the first place.
  49. Archived from groups: alt.comp.hardware.pc-homebuilt,alt.comp.hardware.homebuilt (More info?)

    kony wrote:

    > On Fri, 05 Aug 2005 11:57:01 -0500, David Maynard
    > <nospam@private.net> wrote:
    >
    >
    >
    >>>People also get infected without doing it.
    >>>While many may not know the exact mechanisms in which
    >>>they'll get infected, few and far inbetween are those who
    >>>have no idea that there are viri, adware, etc, nor that
    >>>installing that which they have no knowedge about, is an
    >>>inherant risk. Over and over you could see examples of
    >>>people trying to clean such things off of their systems with
    >>>no action on their part that they can attribute to the
    >>>infection. Choosing to install it, would be an obvious
    >>>entry point, we can safely assume many didn't occur because
    >>>of it.
    >>
    >>Pardon me but you waaaaaaaaaaaaaaaaaay underestimate what people will
    >>'install' even when they 'know'. Most people know there are 'viruses' but
    >>they haven't a clue how they work and no matter HOW much you tell them to
    >>not install things they still do because they don't think whatever it is is
    >>a 'problem' for the obvious reason that malware doesn't come with a warning
    >>sign attached to it. In fact, it's just the opposite. Malware tries to look
    >>as 'nice and legit' as possible and people fall for it over and over even
    >>after being bit.
    >
    >
    > Yes, it is in fact a reality that some people will install
    > such things.

    That's what I mean about you waaaaaaaaaaaaaaaaaaaay underestimating it. It
    ain't just 'some people'.

    > That is no proof that it doesn't happen
    > without a user making such a choice,

    Now that's a silly comment. Of course they do it 'by choice', whatever it
    is vs whatever they thought it was, and no one suggested otherwise.

    > nor that it is the
    > majority of cases.

    And you base that on what? The well known sophistication, savvy, and
    expertise of the average computer user?


    >>And that's before you get to "the kids are always downloading things" and
    >>popups that fake the close X or reverse the <yes><no> or have them both a
    >>yes regardless of what the button says, people who will never get it
    >>through their head that "readme.TXT.js" is not a text file, fake 'security'
    >>emails, and "your account needs renewing."
    >
    >
    > If a user goes out on the 'net and enters their personal
    > info into a fake website, I wouldn't consider that an OS
    > security breech. If a kid downloads a file and runs it,
    > that is not an OS security breech either, it is what the
    > user chose to do. I'm not trying to lump together every
    > possible malware on the planet nor every possible user
    > mistake and blame the OS for it all.

    The point was that 99% of the time you'll never know they didn't do
    precisely that, or something else equally unfortunate.

    > On the other hand, IF
    > a user did none of these things, they still don't have
    > security.

    There's a hell of a lot of other things they can, and do, do too.

    >>True, people do not intentionally infect their systems but they do it all
    >>the time, in droves, by their own actions. And I assure you that when asked
    >>they'll tell you they haven't done a thing because they don't know they did it.
    >
    >
    > That's a large part of why the holes shouldn't be open in
    > the first place.

    Well, it would solve the problem by no one having the patience to operate
    the computer, much less buy it.

    Wouldn't make them 'secure', because nothing is; there just wouldn't be any
    to speak of.
Ask a new question

Read More

Homebuilt Hardware Systems