MEPIS Community Forum

i know it always warms my heart to know that the navy invested so much time and effort in their COTS program to incorporate windows into large platform, mission critical weapons systems

Or maybe, it is the fake chips from China, put in the mission critical weapons system.

actually, they're real chips - it's the all the unknown potential backdoors in the firmware that keep security folks up at night

My daughter, who uses Windows 7, recently got one of these on her computer:



She shut down her computer, but it wouldn't shut down completely until Windows Update had installed a bunch of updates, which took over 10 minutes. When she restarted her computer, it completed booting into a screen with just her wallpaper: No desktop icons, no task bar, no start menu, and no way to start any applications. The only thing she could do was re-install Windows from the rescue disk, losing all her data and apps. (No, despite her mom's preaching, she doesn't back up her system.)

So much for the value of Windows Update. She now has it turned off.

I vividly recall much tecno chatter from years back when it was announced by intel that beginning with pentium 4 and all future chips would be made with built-in backdoors. At the time the announcement boosted the sales of amd chips significantly because at least at the time amd had no intentions of building their chips with backdoors.... or so we were told anyway.

intel and amd may not knowingly be building backdoors, but it's all the 3d party vendors that supply chips to the likes of intel, amd, ibm, etc. that are of real concern.

there's always going to be vulnerabilities, the difference with firmware/hardware related stuff is being able to test it all. realistically, there isn't a method for doing so. software you can always fingerprint, do pattern recognition, etc. but with firmware/hardware the stuff can lay dormant for years and only be triggered under very specific, unknown inputs.

It has been very uneventful for me. Less obtrusive than Vista updates, and no issues.

Yes, the auto-updates are uneventful most of the time. But some of them can be troublesome, as my daughter found out.

On my WinXP setup I found the safest way to install upgrades was to do them manually: I checked Microsoft's security alerts, made a note of the patches that needed to be installed, waited about 2 weeks until Microsoft worked out all the bugs, and then installed them myself one patch at a time (making sure to back up everything first).

It's true my upgrade method left my system unpatched for some time, but it usually takes Microsoft several weeks to identify and fix zero-day exploits while they're on the loose anyway. In the case of Flame, it took them several years to figure out what had happened, and AFAIK they still don't have a fix.

The whole Windows Update mechanism is a cobbled together kludge. When it breaks, it breaks bad.

IMO, the single best thing that Linux has going for it is it's system for package management. I remember being totally blown away by Synaptic, once it finally dawned on me how it worked in a big picture sense -- which did take a bit of a "Eureka" moment.