Prev: looking for font
Next: win-dh
From: cjw3 on 15 Feb 2005 02:21 The newly built system boots off of the CD and the XP Pro installation begins loading the files and then when the blue (installation) screen shows: "Setup is starting Windows" - nothing else happens; the system just sits there. I'm stumped as this has never happened to me before. Any suggestions to try?
From: Mark D. Zacharias on 15 Feb 2005 06:17 Is the hard drive confirmed functioning, that is not locking up the IDE channel, before install? Could be the HD hasn't been detected properly. Mark Z. "cjw3" <cjw3(a)yahoo.com> wrote in message news:8r8311t4c1i805j89u60tek1elh96qbvlf(a)4ax.com... > The newly built system boots off of the CD and the XP Pro installation > begins loading the files and then when the blue (installation) screen > shows: "Setup is starting Windows" - nothing else happens; the > system just sits there. I'm stumped as this has never happened to me > before. > > Any suggestions to try?
From: root on 15 Feb 2005 08:35 On Tue, 15 Feb 2005 07:21:54 GMT, cjw3 <cjw3(a)yahoo.com> wrote: >The newly built system boots off of the CD and the XP Pro installation >begins loading the files and then when the blue (installation) screen >shows: "Setup is starting Windows" - nothing else happens; the >system just sits there. I'm stumped as this has never happened to me >before. > >Any suggestions to try? Try reading this for more info on what you are getting yourself into: Futurepower logo Contact | About Futurepower ý Windows XP Shows the Direction Microsoft is Going. by Michael Jennings, Futurepower ý Computer Systems Last updated February 16, 2003. The latest version of this article can be found at http://www.hevanet.com/peace/microsoft.htm. An equivalent address is http://www.futurepower.net/microsoft.htm. French version: Pour une version rýcente de cet article en Franýais, visitez http://www.hevanet.com/peace/microsoft-fr.htm Spanish version: Para la ýltima versiýn del artýculo en castellano, visite http://www.hevanet.com/peace/microsoft-es.htm. This article follows the settings of your browser. Adjust your browser to a comfortable width for reading. This article is frequently updated. If you have visited it before, select View/Reload in your browser (or type Control-R), so you read the version on the web site, and not the one stored in your computer. French version added December 31, 2002: Pour une version rýcente de cet article en Franýais, visitez http://www.hevanet.com/peace/microsoft-fr.htm. November 15, 2002: Bruce Schneier recommends this article. Bruce Schneier, well-known computer security analyst, said in his November 15 newsletter [counterpane.com] that this article is "A well-written analysis of the major security/ privacy/ stability concerns of Windows XP." Mr. Schneier wrote the books Applied Cryptography and Secrets and Lies: Digital Security in a Networked World, and other books [counterpane.com]. Spanish version added November 3, 2002: Para la ýltima versiýn del artýculo en castellano, visite http://www.hevanet.com/peace/microsoft-es.htm. You have a right to know. You have a right to all the information you need to make an informed choice about any product you buy. The author wrote this article because of the need to give his customers fundamental information about the direction Microsoft wants to take them. Few people have the technical background to understand fully the advantages and disadvantages of software as complex as an operating system. Without fundamental information, it is difficult for non-professionals to understand the advice of professionals. The author is not anti-Microsoft in any way. There appear to be management problems at Microsoft, but the author would like any problems to be fixed, rather than have the entire world suffer through Microsoft doing poorly. Because he has spent considerable time trying to understand the problems, and because he cares deeply about fixing the problems, the author is, in that sense, "more pro-Microsoft than Bill Gates". This article is support for your own investigation. Use this article to support your own thinking and investigation. It is not intended as direct advice. If you don't have enough technical knowledge to evaluate the information presented here, please do not simply believe the author of this article. To avoid misunderstanding, find someone with technical knowledge who can help you. If you need help evaluating the issues here, the following remarks may be useful in choosing someone to help: Computer professionals are sometimes not computer users. Often those who know a lot about computers are not especially heavy users of their own computers. They may not have encountered some of the problems that are mentioned in this article. Often people who only use their computers for email, web browsing, and word processing wipe their hard disks clean and re-install everything every few months. This avoids some of the problems. Some of the problems mentioned below are most serious for companies that have thousands of employees who use numerous special applications. The seriousness of an objection is not proportional to its intensity. Sometimes there have been people who have complained very strongly about something written here. When strong objections have been evaluated, they have sometimes been found to be small in comparison to the intensity of their expression. There are people whose self-esteem is strongly tied to their knowledge of computers. When they discover something that they don't know they sometimes have a negative reaction that sounds like a serious objection. Consider conflict of interest. Consider whether the advice of a technically knowledgeable person is influenced by conflict of interest. For, example, if someone has spent many years taking expensive courses in administering Microsoft software, he or she may be very reluctant to say, or see, anything negative. This is particularly true if the person has a spouse and children and mortgage, and no other good way of earning money. Consider each issue separately and carefully. It's necessary to evaluate each issue carefully. If someone raises an objection that is discovered to be valid, that does not necessarily mean that other issues are without merit. Notify the author of corrections. If you find a mistake in this article, please write the author at the address at the end so that it can be corrected. On December 29, 2002, for example, someone mentioned that there was a mistake in wording in a section of a former version of this article. He also asked a question about something that was not well documented. Corrections were made and 14 new paragraphs were added the same day. Not all corrections and additions are made this quickly. However, the article has been revised and extended more than 50 times since it was first published. Hidden Connections Microsoft Windows XP connects with other computers, or expects to be allowed through the user's network protection firewall, in more than 16 ways. Network security is something the computer user and the operating system supplier need to do together, but Microsoft seems to show little sensitivity to the user's security needs. The issue is not that the connections are always bad for the user. The issue is that Microsoft has moved from making operating systems that are independent to making operating systems that try to connect to Microsoft's own computers, and are somewhat dependent on new ways of having access through the software firewall. Windows XP is the first Microsoft operating system to challenge whether the user can have control over his or her own computer. Windows 98 does not connect to Microsoft's computers. Microsoft Windows 98 connects to Microsoft's computers only by user request. Windows XP connects with Microsoft's computers and expects to be allowed through the user's firewall in many new ways. Each user has a responsibility to control what goes in and out of his or her computer. Microsoft's new networking arrangements make this difficult. Here is a (probably incomplete) list of ways Windows XP tries to connect each user's computer to Microsoft's computers, or expects to be allowed through the user's software firewall: 1. Application Layer Gateway Service (Requires server rights. "Server rights" means that this Microsoft software inside your computer can set up an arrangement that allows other computers to control it.) 2. Fax Service 3. File Signature Verification 4. Generic Host Process for Win32 Services (Requires server rights.) 5. Microsoft Direct Play Voice Test 6. Microsoft Help and Support Center (If you don't stop it, using "Help and Support" notifies Microsoft of the subject of your search.) 7. Microsoft Help Center Hosting Server (Wants server rights.) 8. Microsoft Management Console 9. Microsoft Media Player (Tells Microsoft the music and videos you like. See the February 20, 2002 Security Focus article Why is Microsoft watching us watch DVD movies? [securityfocus.com].) 10. Microsoft Network Availability Test 11. Microsoft Volume Shadow Copy Service 12. Microsoft Windows Media Configuration Utility (Setup_wm.exe, sometimes runs when you use Windows Media Player.) 13. MS DTC Console program 14. Run DLL as an app (There is no indication about which DLL or which function in the DLL.) 15. Services and Controller app 16. Time Service, sets the time on your computer from Microsoft's computer. (This can be changed to get the time from another time server.) The new connections create three major issues for users: 1) The new Microsoft policy creates security concerns: a) The new policy creates enormous difficulty in making the user's computer secure. How can someone write rules about connecting for use with a firewall when Microsoft doesn't supply sufficient information about what each service is doing? It is possible for a skilled professional to research what each service normally does. However, even a professional cannot know the behavior of Windows XP in all unusual cases; the program is too complicated. b) The new connections may have created new classes of security vulnerabilities. Microsoft software has consistently been found to be extremely defective. (See the section, Why so many defects?) There is apparently very little explanation from Microsoft and no review by security professionals outside Microsoft concerning the new methods of connecting. 2) Microsoft has programmed Windows XP to contact other computers and transfer information from the user's computer to the other computers: a) If you have only three DVDs that your children watch sometimes on your home machine that is always connected to the Internet (through a broadband connection), you may not care that Microsoft knows when they watch them. If you seldom use the Windows XP help facility, you may not care that Microsoft is able to know the level of expertise of the people who use your computer. However, if you are using Windows XP in a large corporation or a government, the fact that another organization believes that it can gather data from you may be completely unacceptable. b) Even if, with an enormous amount of effort, professionals determined what information is sent to other computers, it cannot be known what information is sent in unusual circumstances. As mentioned above, there are simply too many pathways in complicated software to check all of them. (Contrast this with the Linux and BSD operating systems: Changes are discussed intensively and openly before they are made. The instructions to the computer [source code] are open for anyone to see and criticize. Those who program open source software have no interest in collecting information about the people they serve.) 3) By changing the way its operating systems connect, Microsoft has created uncertainty about its intentions: a) What is the purpose of the new policy? Where does Microsoft intend to go with this new direction? We don't have answers. b) Microsoft has shown it feels free to create new kinds of connections without any review by or explanation to the computing community. Microsoft sees the user as someone who has no rights, apparently. Big companies that must plan their computer use years in advance commit their companies to an operating system. With Windows XP they cannot know what that commitment means; maybe if they accept Microsoft's behavior now, Microsoft will do something they cannot accept in the future, making a costly change necessary. c) Not only does the new policy show that Microsoft believes it can make changes to its software at any time without review, but the company has shown that it believes it can force those changes on the user. For example, sometimes Microsoft has used security upgrades to change the operation of other components of its software, or to change the licensing terms. To get a necessary security upgrade, it is necessary to agree to whatever Microsoft has decided. Even if it could be known that Microsoft Windows XP makes no objectionable information available to Microsoft, and creates no new security vulnerabilities, that could change at any time. To generate the above list of ways that Windows XP connects, disable Microsoft's firewall and use the Zone Labs [zonelabs.com] ZoneAlarm firewall, which is free for personal use. The free version is located at the link Download FREE ZoneAlarm. (You may not want to buy a spyware removal program, as ZoneLabs suggests. Spybot [kolla.de] is a good spyware removal program, and it is free. Also see the Spybot mirror site [ejrs.com]. The former best spyware remover, Ad-Aware [lavasoftusa.com], was not updated from September 2002 to February 2003. Now there is a new version, but it seems sensible to wait to use Ad-Aware again until the new software has been extensively tried and reviewed.) Also, Tiny Personal Firewall is reputed to be a good software firewall for Microsoft Windows. A software firewall is necessary, even for people who have a hardware firewall, and the Microsoft software firewall that comes with Windows XP has very limited features. When Windows XP tries to connect to another computer, ZoneAlarm will display a dialog box asking whether that is okay. If you say no to some of the requests, some functions of Windows XP will not work (such as networking). An article from Microsoft called Managing Automatic Updating and Download Technologies in Windows XP [microsoft.com] mentions 11 ways in which Windows XP components automatically download software from Microsoft computers. The article says, "Outlined below is a list of components, applications, and technologies discussed in this whitepaper that have the ability to automatically download and install updated software and information from the Internet." Note that this does not say that the 11 are the only ways that Microsoft XP connects with Microsoft's computers. It says that the 11 are the only ones "discussed in this whitepaper". The Microsoft article tells how to disable the hidden downloading. However, the disabling is very time-consuming. Also, Microsoft has a history of using defect fixes and security fixes to change the operating system settings. This means that all the settings would need to be checked after every defect fix or security vulnerability fix. Windows XP will operate without a connection to the internet. Windows XP will operate if the user uses a hardware firewall that blocks unwanted connections. However, most users don't know how to block connections. They are connected without being notified. It is expensive to evaluate the present privacy and security vulnerabilities of these connections and impossible to evaluate the future vulnerabilities. Not everyone can afford to pay. If the huge change in direction from Windows 98 is continued, it seems reasonable to worry that future versions of Windows could become more dependent on Microsoft computers than Windows XP is now. That would fit with Microsoft's new policy of trying to convert customers to paying every year even if there have been no upgrades. Often there is other hidden operation, no notification, and/or insufficient or no explanation. There are other ways that Microsoft keeps control: * All versions of Microsoft Office keep a number that identifies your computer in each file you create that includes Visual Basic macros. Office 97 keeps an identifying number even if there are no macros. (The free and excellent Open Office [openoffice.org] does not have this problem, even when it uses the Microsoft file formats.) * The software that comes with some Microsoft mice has reduced functionality until you let it connect to Microsoft computers. The major issue in this section is that, to satisfy the legitimate needs of users, computer software makers need to recognize a partnership between the themselves and the users. Microsoft, however, often devises methods without fully explaining them and changes the operation of its software without notice. For example, there are strange protocols. Try putting each of these links that Microsoft calls "URLs" (Addresses are called Uniform Resource Locators.) in the address box of Microsoft Internet Explorer running on Windows XP. To do this test, it is necessary to take the spaces out of each of the lines shown. The spaces were inserted because unbroken lines prevent re-sizing the browser width. 1. MS-ITS:C:\WINDOWS\Help\ tcpip.chm::/sag_TCPIP_pro_Ping.htm (Remember to delete the spaces if you test this line.) "MS-ITS:" is a Microsoft help protocol. To see other examples, right-click on a link in the Windows XP Help and Support Center. Choose Properties. Note that in the screen image of a sample Properties window, Windows XP says that "MS-ITS:" is an "Unknown Protocol". It is not unknown, it is documented in an untitled Microsoft article with the heading To link from a contents or index entry to a topic in another compiled help file [microsoft.com]. The article says that "MS-ITS:" is a new version of the "mk:@MSITStore:" protocol. Note also that what Microsoft calls the "Address - URL" is not all shown. It is necessary to select the URL and scroll down to see the last part. The window size chosen by whoever programmed it is not large enough to display the average address. 2. mk:@MSITStore:C:\WINDOWS\ Help\whatnew.chm::/ idh_whatnew_tuneupwiz.htm (Remember to delete the spaces if you test this line.) The "mk:@MSITStore:" help protocol is the version that existed before "MS-ITS:", the above article says. 3. ms-help://MS.VSCC/MS.MSDNVS/ vbcon/html/vbconMigrating VI60ApplicationsToVS70.htm (Remember to delete the spaces if you test this line.) The "ms-help://" protocol is a help protocol associated with Microsoft Developer Network. 4. hcp://system/sysinfo/ sysInfoLaunch.htm (Remember to delete the spaces if you test this line.) For explanation of the "hcp://" protocol, see the May 23, 2000 Microsoft article, An Overview of PCHealth and Windows Millennium [microsoft.com]. The article discusses "HCP automation objects" which it says allow help content to "be located anywhere, including the local machine, the intranet, and the Internet." But the HTTP protocol allows this; why a new protocol? These four help message protocols allow help information to be linked to other help information. But standard web pages do this using a world standard protocol, "HTTP://", the HyperText Transport Protocol, with HTML coding. Why invent four new protocols when an excellent one was already available? Of course, all of the new protocols can be used only in Microsoft's browser, Internet Explorer. This tends to lock programmers and users to Microsoft Windows. Consider the problem this creates for a computer professional. Someone concerned with computer security may wonder about the limits of these protocols. What is the definitive list of all the ways Microsoft uses them? In 2002, 71 security vulnerabilities were found in Internet Explorer. Are there bugs in the help protocols? Also, for example, firewalls cannot provide protection if a protocol tunnels through using the universally allowed HTTP protocol. The protocols are implemented in a quirky way. They are sloppily documented. There are no world standards. If you send someone a URL in one of the Microsoft-invented protocols by email, you have to remember to tell him or her to use Internet Explorer, or he or she will only get an error message. It is difficult or impossible to learn why Microsoft invented four new protocols, and ignored the world standard. Whoever is served by having four new protocols, it does not seem to be the customer. This example of the help protocols is only a very small one to illustrate an overall point. There are many, many quirky implementations like this. Each one, considered separately, might be accepted. When there are many it is a considerable burden for both professionals and users. It is important to understand the nature of what is written in this section. Many people use software that only runs under a Windows operating system; for those people, Microsoft has a monopoly in operating systems. There is nothing in this section that would cause such a person to give up necessary software. The point is that the manner in which Microsoft manages its business creates difficulties. Microsoft has many initiatives and purposes that are not what its customers would choose. Why so many defects? The fact that Windows XP makes your computer dependent on Microsoft computers is bad not only because you lose control over your computer, but because Microsoft produces defective software and doesn't patch defects quickly. For example, on December 9, 2002, there were 19 security vulnerabilities [pivx.com] in Microsoft's internet browser, Microsoft Internet Explorer. Some of these defects allow a malicious web site designer to "execute arbitrary commands, read local files, and do anything the user can ... do to his machine". These defects allowed an attacker to take control even if the user had a perfect software firewall and a perfect hardware firewall. The attack could use the HTTP protocol which all firewalls allow. This extreme exposure existed for years. Here is the recent record. The list of defects has been similar for years. Also, this is a record only of security defects, not all defects: * June 18, 2002: 18 vulnerabilities * August 8, 2002: 22 vulnerabilities * September 9, 2002: 19 vulnerabilities * November 19, 2002: 32 vulnerabilities * December 9, 2002: 19 vulnerabilities. (Microsoft fixed 15 on Nov. 20, but two new ones were found.) This is a terrible record for a company that has $50 billion [biz.yahoo.com] in the bank. ("Total Current Assets") Obviously, with that kind of money, Microsoft could fix the defects if it wanted to fix them. Since the defects are very public and Microsoft has the money, it seems reasonable to suppose that top management at Microsoft has deliberately decided that some defects should remain. The defects in Internet Explorer are examples in only one program. All of Microsoft's software seems to be of comparable quality. See, for example, the Microsoft Crash Gallery. The security vulnerabilities are often very public. For one of many examples, see the December 21, 2001 Associated Press article published by USA Today, XP flaw due to 'buffer overflow' [usatoday.com]. There are a variety of plausible reasons why Microsoft would allow so many defects in its software. Since Microsoft has a virtual monopoly, it is enormously profitable to sell users sloppily written software, and then later sell them upgrades to that software. It also seems possible that there is a connection between the huge number of defects and the U.S. government's friendly treatment of Microsoft's law-breaking [usdoj.gov]. The U.S. government's CIA and FBI and NSA departments spy on the entire world, and unpatched vulnerabilities in Microsoft software help spies. Another theory is that the quality of management at Microsoft is so poor that the company simply cannot motivate its programmers to do better. One of the causes of security vulnerabilities is called "unchecked buffer", in which a program takes input, but does not check the input before it is used. A search using the Google search engine for web pages at Microsoft sites exclusively about "unchecked buffer" shows hundreds of entries. This and other indicators suggest that Microsoft may have for years allowed its programmers to submit sloppy programming, and now problems are difficult to find and fix. Solve security problems: Don't let Microsoft connect. There is a solution to problems with network security of Microsoft software that involves using two computers for each user. Use an old computer to connect to the Internet; it does not matter if it is slow. Run the Linux operating system and the Mozilla browser and email client on the old computer. Use a new computer for all other tasks. Use a KVM switch to connect one Keyboard, Video monitor, and Mouse to both computers. Run both computers simultaneously. Remove the TCP/IP protocol software from the new computer running the new Microsoft operating system, so that it cannot possibly connect to the Internet. For file sharing, network the computers together using a protocol like NETBEUI or IPX, or other means. IOGear makes KVM switches that have no video degradation at high resolution. Technical Support is sometimes not available from Microsoft. When there is an extremely technical problem with a Microsoft product, it is often difficult to get help. A common problem with technical support staff in general, not just with Microsoft technical support, is that they tend to work for themselves, not for the customer. Technical support people have greater job security if they give less help. If they are very efficient in reducing problems, it is likely that the company will reduce its staff. Also, there is an enormous conflict of interest: Companies pay their technical support staff less than $20 per hour, and they usually charge an average of $120 per hour or more to provide help. Having software defects is extremely profitable. A friend of the author was the chief computer support person for a company with an annual gross income of $300 million. The company had purchased the most expensive technical support available from Microsoft, but Microsoft was unable to fix a problem in their SQL Server product for many months. SQL Server would become unusable and only re-booting the server would cure the problem. (This was several years ago. The problem has since been cured.) Two programmers wrote a humorous article about difficulty getting help from Microsoft that compares Microsoft Technical Support to Psychic Friends Network. (Psychic Friends Network is a company in the U.S. that, in the author's opinion, takes advantage of poorly educated people who believe that a stranger can fix their personal problems by talking on the telephone.) The 1998 article, Microsoft Technical Support vs. The Psychic Friends Network [bmug.org (Dec. 29, 2002: Server down?)] or Microsoft Technical Support vs. The Psychic Friends Network [netscrap.com], says: "In terms of technical expertise, we found that a Microsoft technician using Knowledge Base was about as helpful as a Psychic Friends reader using Tarot Cards. All in all, however, the Psychic Friends Network proved to be a much friendlier organization than Microsoft Technical Support." That article is linked here because it reflects the author's extensive experience, too. The author has sold Microsoft products as part of complete business computer systems since 1983. The author once reported several serious problems with Windows 98 to a Microsoft technical support representative who seemed especially knowledgeable and kind, and he just laughed. He was unable to get any answers, and he did not have any way of contacting someone who could get the answers. Some of the problems were never fixed. For the others, the author got help from the technical support department of a large computer parts distributor. Of course, these issues were much more difficult than those from average users. The author reported the five problems in Windows XP mentioned below several months ago before the release of SP1 (Service Pack 1). Only one was cured with the release of SP1. That fix was not documented. Open source software suppliers are often fast to fix defects. On Sunday, December 8, 2002, the author found a very minor defect in version 1.2 of the Mozilla [mozilla.org] internet browser. Mozilla is entirely free software and the author's favorite browser. When testing fragments of HTML pages (not full web pages), the first line would sometimes be displayed in an incorrect font. This was a very minor defect, but it caused minor problems for the author because he often tests complicated HTML fragments to check how they look. At 9:01 AM on Sunday, the author of this article used Bugzilla [mozilla.org], Mozilla's defect reporting web site, to report the defect. At 9:10 AM, 9 minutes later (9 minutes on a Sunday!), the author received an email saying that the defect had been already been fixed in version 1.2.1 of Mozilla. The author had not yet installed the new version because it had been reported that it only fixed one defect that the author had not experienced. Recall from the section above that, on December 9, 2002, Microsoft's browser had 19 known unpatched security vulnerabilities, some of them extremely serious. Mozilla has none. This is different than would be expected, by a wide margin. In one case, you pay money for the product (The Internet Explorer browser is part of Windows XP.) and the service, and you get a poor product and poor service. In another case, the product and service are entirely free, and both are superb. The skepticism experienced by the average businessperson when someone says, "The product from the big company is poor quality; the free product is better", slows the acceptance of open source software. Some web sites have been written to use proprietary Microsoft features, instead of the world standards. These sites must be visited using Internet Explorer. Deliberately allowed to crash. Resource Meter, a Microsoft program supplied with Windows 98, is able to predict most Windows 98 crashes. It would have been easy to integrate this program into the Win 98 operating system and program it to prevent the running of additional programs or to provide an error message, rather than let the OS crash. Microsoft did not do this. See below for information about how to run a test yourself. Windows 95, Windows 98, and Windows ME (all closely related to each other) were designed in such a way that it was inevitable that they would crash. Windows 95 was originally designed with a 64 kilobyte limitation on some resources that would have caused it to crash sooner than it does. Protests by knowledgeable people at that time caused Microsoft to increase that artificial limit to 128 kilobytes. At that time, memory was very expensive. When memory became cheaper, and it became common that people would run more than one big program at the same time, crashing became extremely common. Microsoft did nothing to solve the problem. It might not have been possible to fix the problem in an elegant way, but it was, and is, possible to fix the problem. Therefore, it seems reasonable to say that the crashing is deliberate Microsoft policy. The crashing is often given as the biggest problem users have with Windows 98 SE (Second Edition); if it were fixed with a simple patch, many people would not buy Windows XP. Here's a test you can do easily on a Windows 98, Windows 98 SE, or Windows ME system. Start the program called Resource Meter by clicking on Programs/ Accessories/ System Tools/ Resource Meter. If you copy the icon and put it into your Startup folder, Resource Meter will start every time you start Windows. Resource Meter displays three quantities: System Resources, User Resources, and GDI Resources. It is the limited User Resources and GDI Resources that cause Windows to crash. No matter how much memory you have in your computer, if you use close to the limit of User Resources or GDI Resources, Microsoft Windows 95, 98, or ME will crash. For 16 bit programs, User Resources and GDI Resources are limited to 128 kilobytes each. That's 128,000 bytes (approximately, because of a different scheme of counting memory), no matter how much memory you have installed. For 32 bit programs, User Resources and GDI Resources are limited to 2 Megabytes each. These limitations are known to a few computer professionals, and are sometimes discussed in technical forums. However, very few users know about the limitations, and most don't know why their systems crash. If you run Resource Meter and watch it carefully, you can, usually, prevent crashes by closing a program whenever you get close to crashing. This doesn't work, however, when a program makes a request for memory that is unexpectedly large. Instead of refusing the request and giving a message to the user, Windows will crash. The resource design limits are especially cruel to users because they lose their work when their systems crash. They are also cruel because users often spend money to install more memory in their computers, not realizing it won't make a difference. Why would Microsoft allow deliberate limitations? Apparently because it be the only way to get users to spend more money to upgrade later. For most users, the only reason to buy Windows XP is because it crashes less. Windows XP doesn't crash, it becomes less usable. Windows XP doesn't have the artificial GDI and User resource limitations of Windows 95, 98, and ME. All of the installed memory is available to the Windows XP operating system when it needs it. However Windows XP becomes shaky when enough programs are loaded that all of the installed memory is in use. Windows XP, and all modern operating systems, have a feature called virtual memory that is supposed to put programs on the hard disk that are loaded but not being currently used. However, this feature does not work well in Windows XP. When the memory limit is reached, a Windows XP system takes a long time to respond and does a lot of disk access. Sometimes the disk access, called "thrashing" because it indicates something is not working properly, continues for 45 seconds or 90 seconds or more after clicking on a loaded program to bring it to the top of the desktop. The result is that Windows XP becomes less usable and eventually must be rebooted. In contrast, the virtual memory feature in the Linux operating system works extremely well. There is disk access, of course, but only what would be expected. Microsoft seems to know about the problem. If there are more than 21 programs loaded, the programs may be presented out of order on the taskbar. Some programs may not be displayed on the taskbar, and the ones that aren't displayed change as you use them. This seems to be a way of discouraging users from opening many programs at the same time, so that they won't experience the problem with virtual memory. Windows XP may provide no local security. Managers are being allowed to believe that Windows XP is secure under conditions in which it isn't secure. Since it is necessary to supply a password, the impression is created that there is no other way of gaining access. That is not true. Neither Windows XP nor any other operating system provides security against an attacker who has physical access to a computer and can start the computer with another operating system. The administrator password can be changed. A product called Locksmith [winternals.com] can change the administrator password on any Windows XP, Windows 2000, or Windows NT system. This means that an attacker can have complete control over the computer. There is free software for changing the password, also. For example, see the article, Offline NT Password & Registry Editor, Bootdisk [eunet.no]. The problem here is not that Microsoft could have provided better local security in this case. Anyone who has access to a diskette or CD-ROM drive attached to a computer and can run a different operating system can replace the file that contains the password. The problem is that Microsoft allows people to think that there is more security than actually exists. Note that the attacker can change the administrator password, but cannot discover the password that existed originally, because it is made inaccessible in a manner that is completely secure. It is possible, however, for the attacker to 1) copy the file that contains the encrypted password, 2) change the password and gain access, and then 3) change the password back to the original by copying the original file back to the system. Since the password would the same as before, an unchanged password would not be evidence that no attack occurred. A new copy of the operating system can be loaded. An intruder can load a second copy of Windows XP or Windows 2000 in a different folder from the original, using an operating system CD that can be bought at any computer store. After starting the computer using the new copy, the intruder is able to access, copy, and use all files that have not been encrypted. It is possible to use the Windows XP recovery console without a password. A security flaw in Windows XP allows accessing the recovery console without a password. (The recovery console is a feature intended to allow emergency access to files by someone who knows the password.) The article, XP passwords rendered useless [briansbuzz.com], shows how. You cannot know now to what contract provisions you will be held in the future. Microsoft has changed the terms of the contract to which users are bound by including the new contract with some security and other defect fixes. Recent security patches require that the user agree to a contract that gives Microsoft administrator privileges over the user's computer [theregus.com]. (Administrator privileges give complete control over the computer and all data stored on it.) See also, Microsoft EULA requests root rights - again [theregus.com]. The contract says that if a user wants to patch his or her system against a defect that would allow an attack over the Internet, he or she must give Microsoft legal control over the computer. This article explains the issue in more depth: Microsoft's Digital Rights Management-- A Little Deeper [bsdvault.net]. It helps to think like a lawyer when you take apart the crucial sentence. The sentence, "These security related updates may disable your ability to copy and/or play Secure Content and [my emphasis] use other software on your computer" legally includes this meaning: "These updates may disable your ability to use other software on your computer." Note that the term "security related updates" is meaningless since some of the updates have no relation to user security. So, the sentence effectively means that Microsoft can control the user's computer without notice and whenever it wants. Since Microsoft can change the contract at any time and without control by the user, Microsoft can bind users to contracts that it invents in the future. This is a new development in contract law. A user is bound to a new contract if he or she wants defect fixes and security fixes. But this gives the user no control, since once security flaws are widely known, every computer must have the fixes or remain vulnerable. Users invest considerable money and time into their computers, and cannot avoid agreeing to the new contract without giving up their entire investment and disrupting their business and personal activities. Microsoft Keeps Control: Microsoft has abandoned its earlier successful business model. Previously, Microsoft did not write its software in such a way as to keep control after the software was sold. This was an extremely successful way to do business. Microsoft made hundreds of billions of dollars and became the largest software company in the world. In recent years, however, Microsoft has invented numerous ways of keeping control: You must have permission from Microsoft to install software you own. In Windows XP there is a system called Windows Product Activation (WPA) that requires users to get permission from Microsoft when first installing its software and every time the user's hardware changes significantly. Note that WPA is used only on the Windows XP Home and Professional versions. The Windows XP Corporate version is identical to the Professional version, except that it does not use product activation. Microsoft pretends that software dies. Microsoft has recently been saying that its products have a limited life. For example, see Microsoft's October 15, 2002 revisions of the June 3, 2002 articles, Windows Desktop Product Life Cycle Support and Availability Policies for Businesses and Windows Desktop Product Life-Cycle Guidelines for Consumers [microsoft.com]. Microsoft calls these guidelines, but, for customers, they are rules. Windows 98 dies on January 16, 2005. The most widely used operating system in the world will be declared dead on January 16, 2005, according to a table at the bottom of the Life Cycle policy pages mentioned above. The right-hand column says, "End of Life (effective date after end of online self-help support)". Microsoft often changes its policies. Note that Microsoft's policies can and do change at any time without warning or discussion. There have been two versions of the "life-cycle" policy in a little more than four months. The version as this is being written (February 6, 2003) is at least the third. The articles say the policy was first published February 2001. Microsoft is also not required to make its policies clear; in this example, the writing is confusing. Microsoft's customers often use software for 10 years or more. Microsoft's artificial limits may be much shorter than the length of time computer systems are used by customers, who often use the same software for 10 years or more. If software is working well, customers often feel there is no reason to buy something new. There are, basically, two kinds of software. There is content creation software like word processors, spreadsheets, and photo editing software. In the last several years, this kind of software has advanced rapidly. There may be good reason to have the latest version of this kind of software. Then there is production software for accounting and inventory, for example. With production software, someone does data entry and possibly someone else runs reports. If the reports are sufficient, there is no need to change the software, even if it has been used for 10 years or more. Since data entry speed is limited by typing speed, and report printing is limited by printer speed, there is often no need for faster hardware when using production software. There are many reasons not to change a computer system that works well: 1) The new software probably has defects. There may be defects in the new system that did not exist in the old. It is usually possible to fix the defects, but that usually takes time. When Windows XP was first released, the author had problems with crashing because of video drivers, for example. There were severe problems with an Intel driver call the Intel Application Accelerator. Many scripts written for Windows 98 needed to be re-written. The mouse software for both Microsoft mice and LogiTech mice did not work completely. 2) Do you want to pay for training? A new computer operating system requires that staff be re-trained. This is more expensive than just the cost of employee time if the staff is already very busy. 3) If it works, why change? It is wise not to change a system that has been carefully audited and shown to work perfectly, such as an accounting system. The security that comes from knowing that all the problems have been found has caused very large companies to continue to use an accounting system written in the COBOL computer language for more than 30 years. 4) Sometimes old software won't run. Sometimes old software will not run on a new operating system. There are many programs that run perfectly under Windows 98 that cannot be used under Windows XP. At the time of this writing, February 6, 2003, the latest version of MAS 90, an accounting program for companies with complicated accounting needs, does not run reliably on Windows XP, but works fine on Windows 98. 5) Seriously Reduced Functionality Sometimes the old software does things the new software doesn't. Windows XP has very seriously reduced functionality: a) Windows 98 can copy all of its own files, Windows XP cannot. The Windows XP file system is artificially crippled; it cannot copy some of its own system files. This makes it difficult to make functional backups. Microsoft apparently uses this crippling as copy protection. b) Reduced Functionality: Hard disks cannot be moved. Windows XP, and Windows 2000, make it very difficult to move a hard drive to another computer. Microsoft has written Windows XP so that it cannot be easily moved to another computer. This article on Intel's web site describes the problem: Moving a Hard Drive to a New Motherboard [Intel.com]. The article says, "Moving a hard drive with Windows 2000 or Windows XP already installed to a new motherboard without reinstalling the operating system is not recommended." (This is a universal problem; Intel motherboards are only being used as an example.) Note that the problem is not just moving a hard drive to a new motherboard; the same problem is encountered when moving a copy of all software on a hard drive to a new motherboard. It is thus impossible to make functional backups. Instead, it is necessary to re-install the operating system and all the programs, progam updates, and security patches. Note that the link in the intel article called "Microsoft's knowledge base article" is a dead link. The other link, the one in the sentence, "For additional information, please refer to these instructions from Microsoft", is also dead. This issue is apparently not seen as important by Intel; Intel will sell more computer hardware if hard drive software organization cannot be moved from one computer to another. (It is possible to find the Microsoft information, which merely describes the difficulty of moving a hard drive installation to another computer in more detail.) c) In some ways, even Windows 95 is better. In some ways, Windows XP has less functionality than even Windows 95. For example, the command line interface (CLI, also called DOS) in Windows 95 is more responsive to shortcut keys. Sometimes when the user presses a shortcut key in Windows XP, the system does not respond for 20 seconds. Windows 95 responds immediately, Windows 98 is sometimes slow, but the shortcut facility in Windows XP is unusably slow. WPA and software death can force users to pay more. The two schemes of WPA and artificial software death together give Microsoft a way of preventing people from using Windows XP on a new computer, for example when they upgrade their hardware after several years. It would work like this: WPA prevents a customer from re-installing Windows XP on a new machine without Microsoft's permission. Microsoft may not give permission after declaring that that the software has died. If Microsoft won't give permission, the user may be required to buy new software; a customer could not move a working Windows XP system to new hardware. Computer companies and consultants are required to disclose their customer information. Those who supply computer services involving Windows XP Corporate version can no longer keep the names of their customers private. The policy of forced disclosure abandons a tradition of business privacy that is thousands of years old. This may be an important fact for a large company to consider; possibly the fact that Microsoft forces disclosure will cause computer professionals to be less enthusiastic about supporting Microsoft products. This might become a big issue during the expected life of a computer system. If a system works well, there is no need to replace it. Sometimes companies keep their systems for 10 years or more. Microsoft requires that professionals give this information about their customers: 1. Contact Name ("Full name") 2. END USER Company Name [Microsoft's emphasis] 3. Address ("No PO Boxes please. Must be physical address.") 4. Telephone Number 5. END USER Email Address [Microsoft's emphasis] 6. Purchase Order Number Microsoft, or even a disloyal Microsoft employee, could decide to make use of this information, and approach a customer directly. A government that uses proprietary software is not an independent government. A government that wants to be independent of other governments, or that represents itself as controlled by its own people, can use proprietary software only if there is easy access to the source code. (The source code is the original instructions in which the software was written.) This is because it is possible for someone to put instructions in proprietary software to spy on or to sabotage government operations. The alternative to closed source, proprietary, software is open source software. It is difficult to believe that so many people would be so charitable, but more than 100,000 programmers have donated their time to produce excellent free operating systems and word processors and many other programs. Not only is the source code and the entire product completely free, but the more popular programs get a lot of attention from programmers, so mistakes are found quickly. The most popular open source, free operating systems are Linux and BSD. Linux, provided by companies like RedHat, SuSe, and others, is useful for desktop computers and servers. OpenBSD, FreeBSD, and NetBSD, all closely related, are very secure and excellent for server computers. Anyone can have as many free copies of this software as desired. The companies who sell open source software make money by selling technical support. There is a strong movement away from proprietary software. However, at present using Microsoft software is sometimes necessary because there are many programs that users need that are not supplied in Linux or BSD versions. Also, Linux and BSD are sometimes more difficult to configure. Microsoft's shared source policy is not equivalent to open source. On January 14, 2003, Microsoft announced in a press release that it would allow governments to look at the source code of Microsoft products: A Matter of National Security: Microsoft Government Security Program Provides National Governments with Access to Windows Source Code [microsoft.com]. Microsoft's policy of allowing government programmers to see source code is not equivalent to having open source code. A thorough review of the more than 40 million lines of source code in Windows XP is far more than even a government can attempt. It would be easy for someone to hide spy instructions that could be controlled from outside. This is not unlikely. The U.S. government's spy agencies, the CIA, NSA, and others, have an essentially unlimited amount of money. They can and do exploit any method of spying. The U.S. government has bombed 14 countries in 35 years. Organizations should not assume that those who think killing is a way of solving problems will suddenly become moral when they consider computer software. Good programmers are not willing to sign the non-competition and non-disclosure agreements that Microsoft requires. They fear that would put them at risk of a Microsoft lawsuit. Even if they were found in court not to have infringed on Microsoft's contract, the cost of the lawsuit would be enormous. Also, they could lose their jobs over any such dispute. It is possible that the only real effect of Microsoft's shared source policy is to cripple an organization's best programmers, so that they cannot work in any field in which Microsoft has an interest. The article Why isn't Microsoft's shared source a step forward? [linux.org.au] discusses many of the reasons why Microsoft's policy does not solve the problems of closed source software. One section of the article, Question Time mentions questions that can be asked of Microsoft representatives. The Summary suggests a way to score closed source, open source, and shared source software based on your organization's needs. Open source software provides the security that anyone in the world can see the source code, not just a few government programmers. In practice, this means that there is a high likelihood that sneaky elements in software will be found. It has occasionally happened that someone has hidden sneaky software in changes that were submitted to open source software developers. The intensity of review of open source software is such that it seldom happens that destructive changes are accepted, and, when it has happened, the corruption has been quickly found. Microsoft could allow everyone to see its source code. But most software companies, not just Microsoft, have been unwilling to show anyone their source code because they feel that would help someone else make a competing product. This is not as big a problem as it might appear at first. For example, everyone can see everything about the Star Wars movies. That has not made Star Wars movies unprofitable. Everyone can borrow books at the library. That has not meant that booksellers cannot sell books. Intellectual property is not easily copied legally even when it is completely open. True open source would prevent Microsoft's monopoly. Microsoft maintains its monopoly by using hidden operations in the Microsoft Word word processor, and in Microsoft's networking, for example. If Microsoft were to allow anyone to see its source code, the monopoly would eventually disappear. Cost is a small factor. Sometimes organizations with thousands of computers have adopted Linux or another free operating system. They have saved millions of dollars in licensing costs. Surprisingly, however, cost is not a large factor in choosing software. If the non-free software is slightly easier to use, the time saved can easily be worth the purchase cost. Microsoft keeps control. Another reason that independent organizations cannot logically use Microsoft software is that Microsoft has both old and new methods of keeping control of software that it sells. It is very expensive to begin using an operating system, and once an operating system is in use, it is difficult to stop using it. Changes cannot be made quickly if some new undesirable aspect is discovered, as when Microsoft changes the terms of its licenses. Governments cannot bind themselves to unknown future limitations and invasion of privacy and remain free. A bill introduced to the Congress of Peru, Bill Number 1609, Free Software in Public Administration [English translation at pimientolinux.com], gives several reasons why government software must be open. The reasons given in paragraphs 10, 11, and 12 of the bill have been re-written below to make them easier to read and to avoid problems with inaccurate translation. A government must guarantee that the citizens have free access to government information. To achieve this, it is necessary that the coding of the data [file format] not be tied to a sole provider. The use of standard and open formats guarantees this free access, making possible the creation of compatible software [and software that does not require paying money to get access]. A government must guarantee that public information is permanently available. It is necessary that the use and maintenance of software does not depend on the good will of the providers, nor on monopolistic conditions imposed by them. Permanent availability of public information can be guaranteed only by the availability of the source code of the software used to access the information. A government must guarantee national security. It is necessary to have systems that are devoid of elements that allow remote control or the secret transmission of information to third-parties. Therefore, it is required to have systems whose source code is freely accessible to the public, so that its inspection is allowed by the State, the citizens and a great number of freelance experts in the world. Introduction of the bill caused Microsoft to write a letter of protest [English translation at pimientolinux.com]. The English translation of the response to this letter [pimientolinux.com] stated the reasons for the bill more clearly in paragraphs 5 to 8. The letter of response to Microsoft also discusses what the Peruvian bill does not do: * The law does not forbid the production of proprietary software. * The law does not forbid the sale of proprietary software. * The law does not specify which concrete software to use. [The word "concrete" should probably be "specific".] * The law does not dictate the supplier from whom software will be bought. * The law does not limit the terms under which a software product can be licensed. (The punctuation was changed to agree with the standards used in this article.) Microsoft arranged that the U.S. ambassador to Peru tried to stop the bill. See the July 27, 2002 Wired News article, Microsoft's Big Stick in Peru [wired.com]. The article says, "Congressman Edgar Villanueva, the bill's chief sponsor, said he considers Hamilton's letter to be "overt pressure" on Peru by the United States and Microsoft. If so, the letter would continue the long-standing U.S. tradition of meddling in Latin American affairs, political analysts say." Information about the Peruvian bill is collected on a web page called Peruvian Activism. The government of the United Kingdom (England, Scotland, Northern Ireland, and Wales) is considering these issues, also. A policy called Open Source Software, Use within U.K. Government issued on July 15, 2002 by the U.K. Office of Government Commerce says, (Scroll down almost to the bottom of the page; there is no need to use the links.) "Security of government systems is vital. Properly configured OSS can be at least as secure as proprietary systems, and OSS is currently subject to fewer Internet attacks. A balance needs to be struck between the availability of security administration skills and the advantages of many diverse systems. In some cases mainstream proprietary products may be significantly less secure than open source alternatives (see Gartner report Nimda Worm shows you can't always patch fast enough dated 19/9/01 by John Pescatore)." The article about the Nimda worm mentioned above is available at Gartner's web site: Nimda Worm Shows You Can't Always Patch Fast Enough [gartner.com]. The Nimda work is a vulnerability only in Microsoft software. It has done enormous damage. About Microsoft's product IIS, the article said, "Thus, using Internet-exposed IIS Web servers securely has a high cost of ownership. Enterprises using Microsoft's IIS Web server software have to update every IIS server with every Microsoft security patch that comes out - almost weekly." Many other governments are considering moving away from closed source software. One of the state governments of India, for example, is considering a Memorandum Submitted by Members of the Free Software Users' Group [symonds.net]. The memorandum objects to the planned purchase by the Kerala state government of Microsoft Windows 98 software. The memorandum discusses several very serious reasons why closed source software should not be used in the schools in Kerala state. The memorandum says, for example, "... by confining students' training to a particular brand of software, the government would be giving undue preference to a particular vendor and their software thus discriminating against vendors of other software. Thus, even by providing software free of cost to the schools, the said company will make immense profits, ..." In the United States, Microsoft has considerable political power. It has been estimated that the cost to U.S. businesses for only four Windows-based infections, Nimda, Code Red, SirCam and Love Bug, was about $13 billion. These infections were possible because of the unusually poor security design of Microsoft Windows. No other operating system has had such vulnerability. However, the U.S. government seems to be taking little or no action to correct the problem. One reason may be that there is an unusually close relationship between Microsoft and top U.S. government agencies. For example, Howard Schmidt, vice chairman of the White House's National Critical Infrastructure Protection Board, was previously Microsoft's chief security officer. Scott Charney, Microsoft's current security officer, is a former federal official. Microsoft is one of the computer industry's top contributors of political money, according to the Top Contributors spreadsheet of the Center for Responsive Politics [opensecrets.org]. Microsoft contributed $2,997,854 to political campaigns for the 2002 elections. There are people in the U.S. government who heavily favor the un-enlightened interests of U.S. businesses. For example, see the Computer & Communications Industry Association's [ccianet.org] July 24, 2002 news release, CCIA Opposes Hollywood Vigilante Legislation [ccianet.org], which discusses a bill sponsored by Congressman Howard Berman of California. The bill would allow big companies to intrude upon or destroy web sites if they think the sites are infringing their copyrights. Will Rodger of the CCIA has been quoted as saying, "The larger question, which the [U.S.] government seems to be ignoring, is, why aren't we looking at the problems caused by a monoculture, a single operating system which serves as a single point of failure on the Internet? If there are 60,000 Windows viruses, fewer than 100 Mac viruses, and maybe a dozen Unix viruses, why aren't the problems with Windows an issue?" Senator John McCain [senate.gov] and many others say that the U.S. government has been corrupted by money disguised as campaign contributions. (Those who live outside the U.S. may need to be told that Senator McCain is a Republican, the same political party as President Bush.) A December 6, 2002 CNN article Documents: Donors promised political access [cnn.com] mentions another method of corruption. The article says, 'When Microsoft Corp., a $100,000-plus donor to Republicans, planned to attend the party's major fund-raising gala in 2000, it asked to be seated next to "Sen. (Paul) Coverdell or leadership, Commerce Committee or Judiciary Committee," according to a GOP memo. At the time, the company was battling a major antitrust case that threatened to break the company into two. The memo added Microsoft did not want to sit with Sen. Orrin Hatch, R-Utah, a major critic.' Support for Microsoft products may be affected by ongoing legal vulnerabilities. The antitrust case against Microsoft is now 12 years old. See the timeline [washingtonpost.com] by the Washington Post. ABC News also indexes information about the cases; see Microsoft vs. DOJ: An Index to Microsoft Trial Coverage [abcnews.go.com]. A group called ProComp [procompetition.org] publishes a text-only timeline it calls Timeline of Events Surrounding Microsoft Antitrust Case [procompetition.org]. ProComp is an "umbrella organization for companies and groups supporting the Department of Justice's action against Microsoft". In summary, Microsoft was found by the courts to have broken the law. The case has resulted in considerable bad feeling toward Microsoft. Companies may want to evaluate the possible future problems in partnering with, and being dependent on, a company that has broken the law. For more information about the Microsoft anti-trust case, see the November 5, 1999 U.S. government document Court's Findings of Fact [usdoj.gov]. The 207 double-spaced pages of this document list abuses for which Microsoft was found guilty. There are numerous sentences like this one: 411. Many of the tactics that Microsoft has employed have also harmed consumers indirectly by unjustifiably distorting competition. A legal documents company, FindLaw, has better indexing of this document: Microsoft Antitrust Trial Findings of Fact [findlaw.com]. The U.S. Department of Justice maintains an index of the current case, United States v. Microsoft Current Case [usdoj.gov]. The case was decided on November 1, 2002. Section J on page 7 of the final decree, which begins "No provision of this Final Judgment shall", is interpreted by most technically knowledgeable people to mean that basically there is no penalty for Microsoft, because all of Microsoft's abusive behavior is allowed. For a list of all the official U.S. government documents of United States of Ame
From: TheBeat999 on 15 Feb 2005 13:00 "cjw3" <cjw3(a)yahoo.com> wrote in message news:8r8311t4c1i805j89u60tek1elh96qbvlf(a)4ax.com... > The newly built system boots off of the CD and the XP Pro installation > begins loading the files and then when the blue (installation) screen > shows: "Setup is starting Windows" - nothing else happens; the > system just sits there. I'm stumped as this has never happened to me > before. > > Any suggestions to try? Do you have a SATA hard-drive? If so, press F6 when asked and install the SATA mini-driver provided with the motherboard or SATA expansion card. Note that after pressing F6 you have to wait for the pre-install process to complete before you can install the mini-driver. But once the driver is in place, setup will continue as normal. Consult your manual to ensure the correct driver is installed (motherboard driver discs aren't exactly self-explanatory in this regard -- usually supplying an entire range of drivers).
|
Pages: 1 Prev: looking for font Next: win-dh |