New from MS-Windows Media Player now adware friendly

[CDS]

I never said it had no memory memagement. Just a shit one.

You claimed that windows didnt have a protected memory scheme. Which is blatently wrong.

Didn't I take that back about 3 posts above, saying that the comment didn't come out the way it intended to?

[General Zod]

I can't claim it is simply because I don't have experience with every OS thats out there... and I'll be very suprised if you have, as well.

But I have heard of some *very* bad ones.

i don't need to have experience with every os out there to do a ten minute google search and confirm the facts in question, which you're apparently too lazy to do yourself.

[Xon]

Oh please. If the administrator really wanted to get into your files he could.

Yes, the administrator can gain access to the files if he wants. But normally he will not(Can we say "Privacy reasons"?) in the corperate world.

However, If the files are encypted and Domain doesnt have a encryption key backup policy, only the person with the decryption key can read those files. Which is by default a single user.

Thats what passwords are for. The reason why you can simply type in
su -
is so that if you have the rights to (ie. you "have root") you can simply log in as root without logging out, something that windows hasn't managed yet.

sudo is also good at this.

And you can do that under windows too.

[Xon]

Didn't I take that back about 3 posts above, saying that the comment didn't come out the way it intended to?

I never said it had no memory memagement. Just a shit one.

You didnt address the point at all and you are still wrong on that one too.

Windows memory manager isnt some trivial hackjob someone wrote in an afternoon. And has very good preformance.

[CDS]

I can't claim it is simply because I don't have experience with every OS thats out there... and I'll be very suprised if you have, as well.

But I have heard of some *very* bad ones.

i don't need to have experience with every os out there to do a ten minute google search and confirm the facts in question, which you're apparently too lazy to do yourself.

OK, challenge accepted
Googling for "Worst OS?" and looking at the first page (I have better things to do with my spare time):
The top post is about windows, but the general feeling on there was that the worst windows was ME, so we'll count that as ME, OK?
WinME: 1
"Windows": 1
WinXP: 3
OS9: 3

It seems it's a draw between XP and OS9.

[CDS]

Thats what passwords are for. The reason why you can simply type in
su -
is so that if you have the rights to (ie. you "have root") you can simply log in as root without logging out, something that windows hasn't managed yet.

sudo is also good at this.

And you can do that under windows too.

You can't in any domain'd 'dozed machine I've seen.

[CDS]

Windows memory manager isnt some trivial hackjob someone wrote in an afternoon. And has very good preformance.

My large collection of BSOD's would like to beg to differ

[Xon]

Thats what passwords are for. The reason why you can simply type in
su -
is so that if you have the rights to (ie. you "have root") you can simply log in as root without logging out, something that windows hasn't managed yet.

sudo is also good at this.

And you can do that under windows too.

You can't in any domain'd 'dozed machine I've seen.

runas

Runas

Allows a user to run specific tools and programs with different permissions than the user's current logon provides.

Syntax
runas [{/profile|/noprofile}] [/env] [/netonly] [/smartcard] [/showtrustlevels] [/trustlevel] /user:UserAccountName program

Parameters
/profile : Loads the user's profile. /profile is the default.

/no profile : Specifies that the user's profile is not to be loaded. This allows the application to load more quickly, but it can also cause a malfunction in some applications.

/env : Specifies that the current network environment be used instead of the user's local environment.

/netonly : Indicates that the user information specified is for remote access only.

/smartcard : Indicates whether the credentials are to be supplied from a smartcard.

/showtrustlevels : Lists the /trustlevel options.

/trustlevel : Specifies the level of authorization at which the application is to run. Use /showtrustlevels to see the trust levels available.

/user:UserAccountName : Specifies the name of the user account under which to run the program. The user account format should be user@domain or Domain\User.

program : Specifies the program or command to run using the account specified in /user.

/? : Displays help at the command prompt.

Remarks
• It is good practice for administrators to use an account with restrictive permissions to perform routine, nonadministrative tasks, and to use an account with broader permissions only when performing specific administrative tasks. To accomplish this without logging off and back on, log on with a regular user account, and then use the runas command to run the tools that require the broader permissions.

(Underlining mine)

epal

Background
To reach some of the benefits of deploying a Windows 2000 infrastructure it is important to limit the end-user's ability to make changes to the core components of the operating system. Windows 2000 system administrators now have the option of giving users local User or Power User privileges. Under these privileges it is possible to perform the majority of the tasks that an end-user needs to complete to get their job done. However, some non-Windows 2000 logo compliant applications may not properly run. While there are a number of issues related to application not running under a user context, it is important to distinguished between security related requirements and other issues related to application compatibility.

The Elevated Privileges Application Launcher, EPAL, tool is designed to assist a fairly narrow spectrum of the application compatibility issues. It only deals with the ability of letting an application launch under some other user privilege, so that it has access to certain components of the local registry or the file system. With EPAL the network administrator now has the ability of only giving the user local user privileges on their systems and have the application execute and some higher privilege level on the local system that they are currently logged on with.

EPAL leverages the Windows 2000 Active Directory functionality to minimize the amount of effort on the part of network administrators to manage an environment in which a user has the privilege to execute an application under some other context. It does this by creating a Windows 2000 security principal and a Windows 2000 Group. The security principal, account, is the context that EPAL will use to launch a particular application. This account will need to be a member of the appropriate elevated group of the local Windows 2000 workstation. The Windows 2000 Group is used to maintain a membership list of those users that have been authorized to run a particular application using the elevated access.

"Drop my rights" utility

The DropMyRights Application
DropMyRights is a very simple application to help users who must run as an administrator run applications in a much-safer context—that of a non-administrator. It does this by taking the current user's token, removing various privileges and SIDs from the token, and then using that token to start another process, such as Internet Explorer or Outlook. This tool works just as well with Mozilla's Firefox, Eudora, or Lotus Notes e-mail.

That enough for demonstrate that you are wrong?

Windows memory manager isnt some trivial hackjob someone wrote in an afternoon. And has very good preformance.

My large collection of BSOD's would like to beg to differ

WTF, BSOD's have nothing todo with the memory manager proformance! But everything todo with bad drivers or failing hardware.

[CDS]

<snip>
That enough for demonstrate that you are wrong?

Wow. Didn't know that. I stand corrected.

WTF, BSOD's have nothing todo with the memory manager proformance! But everything todo with bad drivers or failing hardware.

Infoworld will answer that one for me.

Snip when quoting and dress your links, please - Phong

[phongn]

Type in rm -rf as root, and you'll see why it's important that you shouldn't stay logged in as root.

You still don't get the point. You continue to insist that the point of having restricted access acounts (User accounts in Windows parlance, normal users in *nix) is to prevent accidential data loss if you do something like rm-rf * or del /s *. That is one benefit but it isn't the real reason, which is to keep people out of your data and prevent users from mucking around where they shouldn't be. As for the Administrator or root users, that's a red herring. I wasn't talking about admins peeking at your data, I was referring to other, normal users.

OK, challenge accepted
Googling for "Worst OS?" and looking at the first page (I have better things to do with my spare time):
The top post is about windows, but the general feeling on there was that the worst windows was ME, so we'll count that as ME, OK?

Don't be an idiot, he was telling you to do quick research. He wasn't saying to go to Google and skim the results and call it a day

link will answer that one for me.

Congratulations, you've shown that a ten-year-old operating system has some issues. Furthermore your original post argued that standard processes could overwrite something else's memory NOT driver-level things.

[CDS]

Type in rm -rf as root, and you'll see why it's important that you shouldn't stay logged in as root.

You still don't get the point. You continue to insist that the point of having restricted access acounts (User accounts in Windows parlance, normal users in *nix) is to prevent accidential data loss if you do something like rm-rf * or del /s *. That is one benefit but it isn't the real reason, which is to keep people out of your data and prevent users from mucking around where they shouldn't be. As for the Administrator or root users, that's a red herring. I wasn't talking about admins peeking at your data, I was referring to other, normal users.

No no, I was saying that it's why you shouldn't be using admin as a normal account.

Don't be an idiot, he was telling you to do quick research. He wasn't saying to go to Google and skim the results and call it a day

Thats all the time I have to do research in.

[phongn]

Don't be an idiot, he was telling you to do quick research. He wasn't saying to go to Google and skim the results and call it a day

Thats all the time I have to do research in.

You're new here so you might not have noticed but when it comes to debates this board often demands a high level of research and knowledge. If you come in attempting to Google you way through you'll get creamed and most here are not as kind as ggs and myself.

[Xon]

Thats all the time I have to do research in.

My rebutals took a max of 20 minutes each. If that! I spent more time spellchecking & proofreading than I did looking up my infomation.

[CDS]

You're new here so you might not have noticed but when it comes to debates this board often demands a high level of research and knowledge. If you come in attempting to Google you way through you'll get creamed and most here are not as kind as ggs and myself.

OK, thanks for the advice.

[General Zod]

Don't be an idiot, he was telling you to do quick research. He wasn't saying to go to Google and skim the results and call it a day

Thats all the time I have to do research in.

if you have the time to spew 4 pages worth of bullshit then you have the time to do 30 minutes of research required to at least pretend you're knowledgable on the topic that's being discussed. your bullshit post above doesn't exactly count either.

[CDS]

[General Zod]

so i take it that means you're not even going to attempt to back up your bullshit with anything more substantial than anecdotal evidence?

[CDS]

so i take it that means you're not even going to attempt to back up your bullshit with anything more substantial than anecdotal evidence?

In all seriousness, I have better things to do in my life.