Feeds

Good for you, good for Microsoft - here comes WinXP SP2

You know it makes sense...

  • alert
  • submit to reddit

3 Big data security analytics techniques

Microsoft is setting itself challenging - although as yet unspecified - targets for deployment of XP SP2 by the end of the year, and is aiming for 'sustained' awareness activity lasting a full year after it's released. The company is still going through a tooth-sucking process in deciding whether or not it can afford to give it away free, but it's probably safe to presume that it'll be possible to get it free with minimal effort, and that even if you're not prepared to expend this you'll only pay postage.

Microsoft is no stranger to ludicrous claims about budgets, and no doubt we'll be hearing a few of these when SP2 ships in a couple of months and the marketing droids have had their say, but it seems reasonable to presume that this really will be a substantial financial hit for the company. It's putting out something which is really going to be a non-trivial, must-have upgrade to the current shipping version of Windows, but not only is it not levying the traditional tab, it's going to be shouldering most if not all of the distribution and promotion costs. Historically the droids have gone with eye candy-heavy retreads with debatable added functionality after about two years, while this time they'll be promoting something of genuine and general benefit for free.

So, what's the catch? Well, the droids, who have already floated the words "XP Reloaded" and are no doubt currently muttering 'mid-life kick' to themselves, will no doubt think of a few, but currently it's possible to think fairly positively about SP2. According to Microsoft execs (of the non-droid variety), about 80 per cent of SP2 is security-related, and it clearly does many useful, sensible and desirable things. It makes it much harder for the unwary to run dangerous attachments, makes it easier to implement and stick to security policies, does a pretty sophisticated job on popups, and makes serious improvements to the functionality and usability of the built-in firewall.

And although there are clearly Microsoft-friendly payloads you might not necessarily want attached to this, there are clear signs that the company is trying to some extent to stay honest. The firewall, for example, comes with a checking system designed to figure out whether you're running your own software firewall or not, and whether or not this is being updated in accordance with its vendor's preferences. If all is well, then the Microsoft firewall doesn't run, and hence Microsoft at least in principle avoids trashing third party software businesses. But then you get into the problem of how the firewall (or MS AV software) figures this out - the third party vendor obviously has to be working in close cooperation with Microsoft, and playing by whatever rules Microsoft decides to set.

Obviously the broader issue of why it sets the rules and how much you trust it to set fair rules is there. Similarly, the defaults for automatic update (download and install) are something many experienced users still won't be happy about, because it clearly increases the extent of Microsoft's control over its users, and the company will clearly be able to benefit from this in the longer term. But on the other hand, the more experienced user can always change the settings, and these days probably accepts that anything that reduces the number of zombie PCs firing crap as the world is, on balance, beneficial. And how else can you deal with the zombie PCs?

Microsoft also gains in other areas. Although it has made plenty noise about Windows XP sales, it has not been entirely successful in persuading users to upgrade from Windows 2000. This has in the past been a perfectly rational decision on the part of many users, because the base features of the operating systems are pretty similar. But XP2 will change that, and heavy emphasis on security will widen the gap between XP and Win2k. If SP2 is the must have upgrade for XP, then it really makes XP the must have upgrade for Win2k, at last. And as Microsoft is putting a lot of work into making SP2 valuable and desirable in the business market, then it's probably the kick that finally gets business customers to shift.

Basically, the message you should take away about SP2 is that Microsoft is giving you something that's good for you, that's what's good for you is good for Microsoft, and that this really can't be helped is the world as it is currently constituted. Nor, although you can wonder about the slice of SP2 that isn't about security, can you entirely disentangle it. Some of the security functionality, for example, is dependent on the .NET Framework, so that has to come too, and WMP is an 'integral part of Windows', so what do you mean you didn't want it? Goes with the territory, people... ®

Related links:

Microsoft irks ISVs with XP SP2 delay
Microsoft bigs up on XP SP2

Combat fraud and increase customer satisfaction

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Ex–Apple CEO John Sculley: Ousting Steve Jobs 'was a mistake'
Twenty-nine years later, post-Pepsi exec has flat-forehead moment
Number crunching suggests Yahoo! US is worth less than nothing
China and Japan holdings worth more than entire company
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.