<div class='os_post_top_link'><a href='http://www.winsupersite.com/reviews/windowsxp_sp2_preview2.asp' target='_blank'>http://www.winsupersite.com/reviews...p2_preview2.asp</a><br /><br /></div>"In January, Microsoft issued a semi-public beta of its upcoming Service Pack 2 (SP2) release for Windows XP, a major upgrade for XP users that's focused largely on security. The Windows XP SP2 Beta isn't feature-complete--Microsoft tells me it's still fine-tuning the final feature set--but it does provide an interesting look at the direction the company is taking with its so-called "Springboard" security technologies, which are designed to retroactively apply recent security thinking to pre-existing products. (XP SP2 isn't the only Springboard release you can expect to see this year: Office 2003 Service Release 1, due in May, will also feature Springboard security technologies, as will Windows Server 2003 Service Pack 1, due in late 2004.)<br /><br />"We've got quite a bit of work to do before its end-user ready," Matt Pilla, senior product manager for the Windows group, told me during a recent visit to the Microsoft campus. "The goal here is to get security features out to customers as soon as possible, but make sure its customizable enough that it doesn't block deployments." Pilla told me that 500 or so beta testers are evaluating the SP2 Beta code, in addition to MSDN Universal members. The goal now is to get feedback on the changes. The SP2 Beta isn't writ in stone: Microsoft has already made some changes since the SP2 Beta release and will significantly change the user interface for updated features like the Windows Firewall and wireless networking between now and the final release, Pilla said.""<br /><br />This isn't directly related to Pocket PCs, but the pending release of SP2 for Windows XP is a significant event. There some cool new features and tools, and we won't have to pay for it like Mac users do for their OS updates. :lol:

There are indirect ways this relates to PocketPC's. For instance, I was told ~6motnhs ago that WinXP SP2 would (perhaps) make Bluetooth support naitive, or, at least enable the MS Bluetooth Optical Keyboard and Mouse Transmitter to do Activesysnc. This was told to me by an MS Bluetooth keyboard tech support representative.

-Brian

It will add support for additional Bluetooth profiles, including DUN, PAN, LAN, etc. It'll also support other Bluetooth dongles, not only the Microsoft one.

Keep this under wraps. If my boss hears this, he'll want us to walk around with a copy on cd and apply the service pack by hand on 10,000 computers.

Again....

nice troll on Macs.
after running baseline security analyser on a few machines this morning - I'll gladly pay $65 for a non-beta OS.

case in point:
NT4.0 server sp6 gets 18(!) security flaws not addressed in windowsupdate
"upgrade" to sp6a - you get 21 vunerabilities ! JOY

"... and we won't have to pay for it like Mac users do for their OS updates. :lol:

After experiencing how neatly Apple handle security updates in OS X, you couldn't pay me enough to use XP! (I have no idea how OS X updates are handled in big networks, though).

cmlp

Heh. Say that next year when MS releases Windows XP: Reloaded (Tentative name.) which will be nothing more then a retooled version of Windows XP with all the patches. Maybe they will throw in a new media player. Gotta give the consumer something to at least make them think they are getting a NEW AND IMPROVED OS!!! Oooooo ahhhhh!!

In jest or not. I think the hack on Mac was really uncalled for. Watching OS X mature over the last 4 versions has been rather interesting. Many, if not most, Macheads agree that OS X .0 and .1 sucked butt. .2 and .3 have show a maturity in the OS that has yet to happen in XP. XP is good but amount of tweaking you need to do to secure the system and make it stable is insane. Whenever I setup a Win XP box it typically takes me 2 hours to get it done right. Which requires doing things as simple as disabling half of the unneeded services MS has running for no reason what so ever. Along with tweaking the system policies, disable the hidden but well know system shares, altering the default security settings on the local drive, along with several dozen other items. To the average user you say the word service they say ser-what? Windows is the supposed happy medium between Linux and OS X. It tries to be both and fails miserably at both ease of use and a robust secure environment. A testament to this is the amount of support I have to do on my relatives XP systems. A tech head can deal with XP without flinching. An average user it's another matter.

Oh and as an FYI I've been running SP2 on my XP laptop for 3 weeks now.
http://www.flexbeta.net/main/comments.php?catid=1&id=6207

The "FEATURES" in XP SP2 aren't that big of a deal as long as the average user has somewhat of a brain. I mean does Microsoft really have to tell the user that they aren't running anti-virus software on their system?!? That they aren't running a firewall or that they don't have auto updates turned on?!? This isn't an ease of use feature. These are the traits of an insecure system out of the box. It smacks of a band-aid fix until (hopefully.) Longhorn comes around to fix this.
The tweaking to WIFI is still neglegable. I still prefer using the Orinoco manager instead. Microsoft's method is clumsy and slow to deal with. 1 click in Orinoco's manager and I can change the profile. It takes several steps in XP and wading through the various options. Oh did I forget to mention that the Orinoco manager doesn't work in XP. Seems as if they don't play well together. Funny that.
Finally the other major item in SP2 is tweaks to IE. Yes the browser that Microsoft has neglected for what? 2 years? We've been stuck on version 6 of IE for so long I guesss innovation no longer applies to the browser anymore. Why update a browser when you own the market? Only now are they adding popup blockers by default. (Something other browsers have had for years.)

I think it goes without saying that SP2 is totally security oriented which is all well and fine but that begs the question. When are we going to get an OS that can focus on real innovation instead of needing to worry about security first?
IMHO beauty of OS X, and something that I think Apple is taking beautiful advantage of, is that the underlying OS is open source. Let others tweak mod and continue to secure the OS while Apple works on tweaking the GUI even more. When a security hole is found Apple simply has to release a patch that they didn't have to find, locate, and create a solution. (In some cases they have found and patches holes themselves but in several circumstances others have found the hole and created a solution. This is Microsoft's quagmire. They are screwed when it comes to security in XP and they know it. Why do you think they are not even bothering with dealing with holes anymore? They are doing exactly what Ballmer and Gates have talked about in interviews. Secure the perimeter of the OS. A firewall is a very crude and basic version of this and I think invariably someone will find a way around it. More enhanced methods will appear in Longhorn but that's at least 2+ years away.
It boils down to this: SP2 is nothing to gloat over. Security patches damn well should be free considering it was Microsoft's fault to begin with. I can only imagine the holy hell users and companies across the world would throw if MS charged for SP's.
As it stand they very well may raise holy hell anyways:
Windows XP SP2 Could Break Existing Apps (http://www.osnews.com/story.php?news_id=6256)
Or better yet: Microsoft: Windows XP SP2 Will be Disruptive (http://www.internetnews.com/ent-news/article.php/3322381)


PS- One other thing I've learned from watching OS X (FYI I don't even own a Mac.) SPs for Macs come in the form of OS X 3.1 OS X.3.2 OS X.3.3 releases. All of which ARE free. Just because Apple, or Linux doesn't call their release 2004, 2005, 2006 or something as revolutionary as XP! Oooo. Doesn't make it any less of a major release. Personally. I think OS X.3 is where OS X.0 should have been from the beginning. But I also think Longhorn should have been started 4 years ago instead of Windows 2000 so it’s a moot point in the end.


PPS- If you want a quick review on the latest beta of XP SP2 try here:
http://www.arstechnica.com/wankerdesk/04q1/sp2-beta-1.html

After experiencing how neatly Apple handle security updates in OS X, you couldn't pay me enough to use XP! (I have no idea how OS X updates are handled in big networks, though).

cmlp

There is something to be said for Automatic Windows Update. It can be tweaked to point to a specific in house server. The tweaked version of Windows Update is called SUS and for my company its now fully implemented nation wide which is a godsend for me. I can't deal with patch rollouts every month and continue to do my job in an efficient manner. Contrary to popular belief patches have to be TESTED before they are rolled out. Our corp HQ has started to do QC on these patches before they are rolled out which I use to do. Doing this every time MS released a patch/es was killing me. Trying to get simple day to day IT tasks done was next to impossible. Heck I haven't been able to go to a Pocket PC usergroup meeting in 4 months because of patches. It was killing me. Not kidding when I say I was at work until 11PM some evenings dicking with tests to make sure it wouldn't blow up any of the 3 system images we have. One of my favorites that I caught was where one of the latter RPC patches that MS has released time and again blew up the Nortel Network VNC client. Lovely. Since December SUS has made my life heaven.

Oh, and I wouldn't say Mac updates smell any sweeter then Microsoft updates. I linger enough on Apple forums to see what happens when a Apple update goes rotten. Case in point. 10.2.8......if you are a Mac user you are well aware of what I'm talking about. :p

What does SP2 Break again???

Mabuhay!!!

Carlo

I love the added control in SP2 though. Especially Internet Explorer and Outlook Express. In IE you can choose to never install certain particular Active X components. For example, Flash. And if you do install it, you can disable it easily. No more annoying "You gotta install Flash" dialogs popping up all the time.
It's also got a great pop-up window blocker. You can easily show blocked pop-ups with a click on the status bar. The only problem is... no matter how often I block the MSN Search page from launching pop-ups, they still become unblocked somehow.
Outlook express no longer loads images in HTML emails. That's a great feature. It's similar to Outlook 2003 now, where there's a note at the top that you can click to download the images if you want to.
Then the firewall seems to be much more feature-rich. It notices when an application is trying to access the network/internet and asks you if you want to allow it. You have the option to always allow it so that notification won't become annoying.

Start familiarizing yourself with the XPSP2 security primer: http://msdn.microsoft.com/security/productinfo/XPSP2/default.aspx


(P.S. On the hardware front it's interesting to see Execution Protection (http://msdn.microsoft.com/security/productinfo/XPSP2/memoryprotection/execprotection.aspx) (blocks buffer overflow execution in the CPU) from AMD taking the lead (http://cbs.marketwatch.com/news/story.asp?guid=%7B605678E9-C043-4B7E-94C7-E693D2BBA696%7D&siteid=google&dist=google) in mainstream parts.
Link 2 (http://www.infoworld.com/article/04/01/14/HNamdbuffer_1.html), Link 3 (http://www.silicon.com/software/security/0,39024655,39117701,00.htm))

For the consumer, the enhancements to IE/OE as previously mentioned look good I agree. Built-in spurious popup blocker in IE (hopefully turned on by default) is a big deal as it may bring this feature into the mainstream and thus fundamentally take away the incentive for unwanted popup advertising techniques in the first place, maybe?

Ditto OE's blocking of remote HTML fetching (joining Outlook 2K3) as to delivering this capability into the majority mainstream. For non-PIM IMAP users, OE is often more attractive than Outlook...

"we won't have to pay for it like Mac users do for their OS updates. :lol:

We don't ;) Unless you're talking about major upgrades. OS 10.3 is a major change from 10.2 like WinXP is to Win2k, though the changes were actually far larger in the kernel than Win2k->WinXP. So whereas Windows users have to wait 2-3 years between any major updates, we get 2-3 years advances in 1 year :) Something I know I gladly pay for!

"we won't have to pay for it like Mac users do for their OS updates. :lol:
Ummm...and how much money is your time worth installing security patches and rebooting and...and..:D In some fashion or another, we all pay.

I've been trialing it on my tablet pc - the popup blocker in IE is a huge improvement, and might possibly be able to drag me back from FireFox. Also, the firewall works though there seemed to be wireless issues for me - wouldn't work on a peer-to-peer network.

Excellent progress, though.

Ummm...and how much money is your time worth installing security patches and rebooting and...and..:D In some fashion or another, we all pay.

I love it when people take the words right out of my mouth! 8)

For the consumer, the enhancements to IE/OE as previously mentioned look good I agree. Built-in spurious popup blocker in IE (hopefully turned on by default) is a big deal as it may bring this feature into the mainstream and thus fundamentally take away the incentive for unwanted popup advertising techniques in the first place, maybe?


In IE, the first time you go to a website with a pop-up window it tells you about the pop-up window and asks you if you want to allow it or block them. If you block them there's a little note underneath the toolbar telling you that a pop-up window has been blocked. Of course, in the settings, you can shut off the little note as well, but a "blocked pop-up window" icon will always appear in the status bar. You can click on that if to show them if it's a worth-while pop-up that you want to see.

The native Bluetooth support will be nice once it works.

It's also got a great pop-up window blocker. You can easily show blocked pop-ups with a click on the status bar. The only problem is... no matter how often I block the MSN Search page from launching pop-ups, they still become unblocked somehow.

I heard, somewhere, that MSN will not be using pop-up ads soon because they actually turn off customers (imagine that) and studies showed that people didn't even look at them for a second (literally). Anytime I ever see that 'slight pause' when the browser is loading, I'm always ready to close whatever is about to pop open.

The "FEATURES" in XP SP2 aren't that big of a deal as long as the average user has somewhat of a brain. I mean does Microsoft really have to tell the user that they aren't running anti-virus software on their system?!? That they aren't running a firewall or that they don't have auto updates turned on?!?
Yes to all of the above. :roll: I have to walk people through This all of the time on their home systems.

... In IE you can choose to never install certain particular Active X components. For example, Flash. And if you do install it, you can disable it easily. No more annoying "You gotta install Flash" dialogs popping up all the time.
It's also got a great pop-up window blocker. You can easily show blocked pop-ups with a click on the status bar.
There is a shareware program called PopUpCop (http://www.popupcop.com) that does this. Its been around for a few years. It supports IE, Netscape and Opera.

You "can choose what techniques and technologies to block, from blocking nothing to turning off images, Java applets, ActiveX controls, JavaScript, and 15 other potentially annoying techniques"

When you get to a site with an activeX plug in, auto-download, etc.. it comes up with a message over top of the normal "do you want to install this" giving you a choice to install it, Not now but maybe next time, or never install from this publisher.

You can block or allow pop-up ads, plug-ins, etc on a site-by-site basis. You choose the level of audio or visual feed back of supressed pop-ups, can enable/disable on the fly, and can set how "aggressive" it is in stopping pop-ups.

It works well.