Benefit of 64-bit OS?

Windchild, one of the best posts I have read on this forum. I have the same perspective on things around Windows x64. Regards

 

Well I have worked for 1,5 year in London for two days a week, now only going once or twice a month, but still have not picked up the habit of drinking tea.

Like the commercial though

 

The trust issue cuts both ways. I find it easier to trust a 3rd party vendor than to trust MS. With Linux, the OS is open source. The user knows what's running. They may have compiled that kernel. With a closed source inaccessible kernel, there's no way to know what is going on. There's a vast difference between trusting the Open Source community with the Linux kernel and trusting a big money corporation who only cares about dominating the industry, one that caters to other big money industries, like the entertainment industry with DRM for example. The user is in control of a Linux system. With 64bit MS systems, MS is in control.

That's exactly right. There's much more to this than just trusting that the OS is secure. Some of us who have watched Windows evolve from its 9x days don't like the direction it's going. With each new OS, the user loses more control and the OS stores more usage records. The user knows less about what's running. Trust isn't gained by locking the user out of their system or making it impossible to know what it's doing. No, I won't use an OS I don't trust, not Vista, Windows 7, or any other 64bit MS system.

 

Yes, the trust issue cuts both ways, and people are free to trust or distrust anyone they want. That's the beauty of the world.

Truth be told, though, with Linux, the user only knows what's running if they've read every single line in the OS code as well as the code of all running third party applications and understood it. And added to that, they must also know what the compiler they used does. And know the compiler that was used to compile their compiler, and so on, ad infinitum. Otherwise, they're just making a really, really good guess, and trusting the benevolence and skill of the coders of their OS and software (just like people who use Windows).

As for third party security software vendors, most are in the business to make money, just like Microsoft. Only, what the security software vendors do to make money is completely dependant on there being people who want to screw things up for you with malware and other attacks. If the attacks and malware end, so does their flow of profits, more or less completely. Interesting thought, perhaps, although in no way original.

And that's the way it should be. You don't trust it, you don't use it. That is the wise choice.

In my thinking, no matter what the OS, it's always better to increase the security of the actual operating system instead of slapping third party bandaids on top of it.

 

It's interesting that you view security apps as bandaids. That's how I view MS patches. I'd also prefer that the OS itself was secure on its own, not just in preventing something from getting in, but also having control over what is going out. I have no use for an OS or a vendor that requires me to repeatedly prove that I'm not stealing their precious code, or one that caters to an industry who wants proof that I paid for every bit of media I have. When a company requires you to keep proving that you're not a criminal, they should be required to do the same. Would MS like it if the users required them to constantly prove that they weren't handing our usage records over to the media watchdogs or the NSA, especially when their OS keeps usage records that users can't easily access?

That's one of the primary reasons I'd rather rely on 3rd party software from more than one source to secure a Windows system. On Win2K or 9X, I can use SSM to restrict what can run and a firewall like Kerio to restrict internet access. If I don't want the OS to connect out, I can enforce that choice with that 3rd party software. If I don't want usage records or browser history stored on my system, I can find and erase all of it. No, I can't use 3rd party software to make a system 100% secure, but MS can't build such a system either. If one bases their decision on security track records, MS is the last ones I'd trust to protect me. Everything they've released beforehand had more holes in it than a window screen.

There's another trend involved here that disturbs me. MS has decided that it can dictate what kind of security-ware we can use. It's not a big step for that to be applied to other software. Where does this trend lead, approved software lists? Approved vendors? I won't accept any OS or vendor that tries to dictate what I can use or run on something that I paid for. IMO, an operating system should be a platform for the users choice of software and an interface between the user and the hardware, nothing more, nothing less.

 

This has the potential to be an endless off-topic discussion, but I'll reply. I view many third-party security apps as bandaids, because many of them essentially are bandaids - why, for example, try to prevent loading drivers with some product when there are features built into the operating system that can be used to prevent that?

But really, if you view MS patches, that is to say fixes to discovered vulnerabilities and coding mistakes in the software, as bandaids, then do you view Linux patches as bandaids as well? And if not, how in the blue wonder do you support that kind of twisted position in logic? Just honestly wondering. Me, I view neither as bandaids, seeing how both originate from the source that creates the operating system. In a word, they are simply useful, and not to mention free, updates.

This is exactly the kind of thing that the user has to decide for themselves. Can they deal with Windows having, for example, WGA or WGA Notifications, or can they not. There's plenty of operating systems out there for people who can't. Personally, I strongly dislike having to constantly prove my honesty, but I don't consider it such a big issue that I would cease using Windows. Some other people will feel differently and choose differently, and that is just great. Freedom of choice.

But then again, all of that is true only if MS wants to let you do that, and you trust them to want that. Because they make the OS, and they could pull all kinds of nasty stunts to bypass any software firewall in the universe or store whatever data they wanted in kernel memory space, if they wanted to, and if they were that malicious. If you can control it and find it with third-party software, it's because they didn't bother really hiding it and preventing you from controlling it.

Neither can any Open Source project build a 100 % secure system. In the time that I've used Linux distros, there have been literally hundreds and hundreds of vulnerabilities in the actual Linux kernel and critical apps from window managers to browsers. That's life. Considering how many people are running, researching and trying to find attack methods against Windows, I find Microsoft's security track record with the NT line to be pretty decent, although I've been unhappy with some design choices such as defaulting to admin accounts. Problems are plenty, no disputing that, but I'm saying that it's decent enough to be useful to me as an operating system, compared to the competition.

Microsoft hasn't dictated what kind of security software you can use any more than Linux developers have dictated what kind of security software you can use on Linux. What you can run depends on design choices taken by the OS developers, for example, what kind of drivers they want to allow you to load or what APIs they want you to be able to access. There is no OS where the user can run any software they want (unless the users mysteriously only want to use software coded for that OS or for environments that can be emulated on that OS). It's always the case that the design of the OS limits the kind of software that can be coded to run on it and used on it by end users.

Microsoft hasn't dictated that you can only run security products from these companies, or these particular applications. They're saying that you "can't" run security software that does thing X, such as load unsigned drivers. Quite different from making lists of allowed applications. But then, one can believe in any conspiracy theory one wishes to believe in. And I'll promise that when such theories come true - when MS starts forcing all Windows users to only run software approved by MS - I'll jump right aboard and ditch Windows for good. While we're waiting for that, I'd like to say that I welcome these new changes in x64.

 

On our Vista64, I run only:

- Vista FW - two way
- UAC
- Norton's UAC tool
- MSE

That's it

I think the overall architecture and security features are pretty amazing knowing where Microsoft came from. So for me the 64 bits OS is quite an improvement. I will add Sully's PGS to the setup when it is out of beta (hopefully the virtualise 32 bits aps will work also). Must admit that we do no privacy or money related activities on this PC.

Regards Kees

 

noone_particular

" I find it easier to trust a 3rd party vendor than to trust MS

big money corporation who only cares about dominating the industry

Some of us who have watched Windows evolve from its 9x days don't like the direction it's going. With each new OS, the user loses more control and the OS stores more usage records. The user knows less about what's running "

-

Bang on !

-

Windchild

No, MS hasn't dictated you can only run products or Apps from certain companys, but it makes them pay $ for driver singing, as i mentioned earlier.

 

My friends,

I am impressed by the level of the discussion.

Anyway, we can tackle the problem from both side (security / business):
- Either you like it or not, M$ is heading towards security... With giant steps.
Market required it, M$ is doing it.
- As any company in the world, M$ has to balance between the satisfaction of its users and customers, and the satisfaction of its share holders. M$ can't please everybody, lbut has to please the maximum of people.

After all they make their own OS. They can put whatever they want in it. Whatever! Market and time will judge the quality of their decisions. Maybe Windows share is so huge that nowadays we can't understand/remember it belongs to M$, and we believe we can decide instead of M$ staff. Look in your own company, when managers have to make choices, sometimes they are wrong, sometimes they are right. But it is not a democracy.

Considering the number of people to please, they did quite a good job since Xp.

And please stop with the conspiracy stories. So many people would be so pleased to find such a magic hole or secret record in the OS that the risk is real to end up in a really dirty trial for M$ image...

 

I could respect your post if you didn't keep typing "M$" all the time. Doesn't show you really know that much behind the company.