Sigh. I guess I should make good on my stated intent to write about things that annoy me and/or interesting technology, or failing that technology that annoys me. So on that note I've got something to say about Windows Vista. Yes, I am aware that it is no longer 2007 and no one cares about Vista anymore. Windows 7 is in RC with a slated RTM date of late October 2009. Vista is old news for everyone, except me.
When Vista came out I took one look at UAC, read a few articles about how slow it was, and swore never to use the OS. I figuratively pulled the blankie of corporate hardware and licensing over my head. At the time I had an employer supplied Thinkpad running XP that no one had ever got around to putting on the domain and a pretty kick-ass corporate desktop running Gentoo x64. I was happy with what I had and all I knew about Vista was that I didn't like it.
That was then. Now I'm on my own without the luxury of someone else paying for volume license keys. I had to buy my own laptop and live with the available OEM options. Sure I could drop the MSFT products and run Linux, I have no problem with Linux on the desktop and for the most part I can live without MS Office. I could do that, but can I afford to? I'm running my own business, I can't afford to have technology problems which might interfere with my ability to work. Specifically, I need to be able to run IDA. I asked around and was warned I'd spend more time fighting with WINE than reversing and I can't afford to fiddle with settings and hope it works. Forage Security's second computer will run Gentoo, but for better or for worse I'm now a Vista x64 Business Edition user. And you know what? It's not that bad.
I'm running SP2, UAC is enabled, aside from the perplexing and pointless relabeling of familiar control panel items, the experience (no pun intended) is much like that of XP, only smoother. Maybe it's the visual effects. Only problem so far has been that SSLTunnel doesn't seem to be supported on x64 and I don't have the expertise (or the time) to port the driver files. Oh well.
If you're still reading, you may be wondering if all this rambling about Vista being "not that bad" has a point. It actually does. I was at my bank the other day and couldn't help but notice that all the teller's machines were running Windows 2000. Fine and dandy for them, I'm sure, but last time I checked extended support for Windows 2000 is expected to cease July 13, 2010. That means just over a year from now there will be no more publicly available security patches and it's way past time to retire those boxes.
Nevertheless, a large enterprise can afford and may choose to pay for continued support even after the end of generally available extended support. But let's face it, the end is nigh for the one of the most popular operating systems in history. Now, if you're a "for-real" cyber criminal and you are sitting on a remotely exploitable buffer overflow in Windows 2000, what do you do? Exploit it now and see it patched within a couple of months? Probably. MS08-067 showed that even when the patch is available, hundreds of thousands of systems can still be compromised. But maybe you'll wait until July 14, 2010 knowing that most of the people still running 2K at that time will never see a patch. I guess you'd do whatever seemed the most profitable, I don't know which way that is.
On the other side, if you're running the IT department of a fortune 500 company, and you've (hopefully, finally) just finished migrating all you NT4 hosts to Server 2003 and are now faced with the costly prospect of an even larger migration of Server and Desktop 2000 hosts... what do you do? Well, look at the timing, it's obvious that this has occurred to MSFT too. Windows 7 promises to improve on the lessons learned with Vista, but there is not going to be a Window 7 Server, instead we'll get Windows Server 2008 R2 at about the same time Windows 7 hits the streets. All of this before 2K expires.
But is it soon enough? By now, IT departments have learned to wait for SP1. And quite frankly, 9 months isn't long enough for a major organization to adopt a new desktop operating system. Those with a lot of foresight are already testing their applications with the release candidate and training their users. Those that haven't started yet will probably take a long hard look at the matured Vista SP2 offering for their desktops.
AFAIK IDA has a Linux version (albeit only the text-mode UI if I recall correctly). The last time I tried to use IDA + Wine (around one year ago) it had all kind of weird problems (like after switching away from IDA I couldn't switch back because it wasn't appearing in the alt+tab list), but hopefully this got fixed (either by Ilfak or by the Wine guys).ReplyDelete
Congrats for starting a blog (I found out about it from the Computer Defense blog and immediately subscribed).
Thanks for the encouragement. I am now the proud holder of an IDA Pro 5.5 License and have already begun to enjoy it. Yes, IDA does have a Linux terminal/command line based version, which I've not seen yet, but I'm sure I will use in the near future. Your experience with IDA+WINE is typical of what I read about on the subject.ReplyDelete
Ilfak's blog (http://hexblog.com/) doesn't turn up any hits when searched for WINE.
The WINE AppDB entry http://appdb.winehq.org/objectManager.php?sClass=version&iId=10025 basically says it's "pretty good, but not perfect" with Pro 5.2.
As for Vista, the continued experience is pretty good, except I find the UAC "double prompt" to be a little intrusive. By that I mean the first window telling you that this action will need elevated privileges, and the second asking you if you want to give said privileges. Though I can see that this approach is more likely to make people take notice.
Otherwise, Vista UAC has caused me to abandon my long time favourite text editor, Crimson Editor (Emerald Editor Community Edition). Crimson stores session data in the registry and causes Vista to prompt me to authorize it every time I launch it, no thanks. I switched to Notepad++, something that HT (http://www.computerdefense.org) has been prodding me to do for about three years. My only other complaint is that I would like something analogous to `sudo` for the Windows command prompt (maybe PowerShell offers this?). It's annoying to have to open another cmd shell as administrator to do fairly trivial things like `ipconfig /flushdns`.
All in all, I'm still pretty happy with the Vista experience. My shell needs are fulfilled by my nice set of purposed Gentoo VMs.