Anyone running Windows XP - you need to check this out!

[Guest]

Hi,I was just alerted to this:http://grc.com/xpdite/xpdite.htmTerry

[Guest]

Hi Terry,More gibberish from Gibson. The guy styles himself as a security guru, but he's much more of a desperate news hound and guru wannabe than anything else. Sure, some of his advice is good or even great at times... So is advice from thousands of others with much more knowledge and respect in the security field - and no (or far less at the least) hidden agendas.The problem with Gibson is perfectly shown right on that page you pointed out:Overheard in our newsgroups ...Overheard in the Microsoft newsgroups ...etc. Good lord... "Proof" like that is always his domain.Install XP SP1 to solve this (and many more) problem(s). Don't buy into his FUD (Fear, Uncertainty and Doubt) about SP1. Sure, some computers will have problems with it - like any piece of software that exists in the world. The vast majority will not.Not that Microsoft's software isn't some of the buggiest in the world when it comes to security either... I'm definately not defending them. They do, however, look like they're putting better focus on these problems lately after years of pressure getting them to.Just my humble opinion on Gibson and his smoke and mirrors.Take care,Elrond

[Guest KenG]

I have to agree with you on Gibson, Elrond. I know a couple "real" computer secrurity experts and they say that while Gibson is correct some of the times, too often he falls into the pit of sensationalism. I used his site for some things, but I always take what he says with a grain of salt and get my info from those whom I respect (people who've done the actual leg-work to figure out what's a problem and what is not).

[Guest Barney1]

Seems to me you're being blinded by some sort of dislike for a man whose intent is simply to help those of us poor mortals who aren't quite as savvy about PC security as you and your "experts" claim to be.The quotes referred to in the "Overheard in such-and-such" pertain to examples of what others have written and complained about. That is, folks had actually had bad experiences (at the time of the XPedite release) with SP1 fix for XP.On top of that, there was already an existing flaw with XP and Gibson's little program was made available to address this issue until such time as a properly tuned SP1 was available from Microsoft. Nothing malicious about it; just a temporary, but immediate remedy for a recognized flaw.This is not an attempt to disuade you or others from exercising an opinion of someone of Gibson's stature; but rather a plea for other readers to consider more than one person's opinion with respect to PC security including sites other than grc.com.

[Guest]

Hi Barney,On the contrary, I have no bias against the man at all - I don't know him and have never met him. He might be the nicest person in the world with the absolute best intentions: I have no idea and hold no personal opinions of him, beyond the public face he shows on his site.My remarks are simply based on his writings, occasional suspect research and attention grabbing tactics. As Ken points out, Gibson is a sensationalist as countless articles, warnings and boasts clearly show from his site. That doesn't help people deal with serious security issues they face in the least: it simply spreads FUD and muddles the clear answers people need. His intentions may be perfectly wonderful, but with his flawed public style and research (at times), he ruins the believability of much he advocates. Again, some of it is right on the money and he can give great advice (and tools), but with much else of it fear mongering, how do you pick the right advice from the sensational? You can't unless you gather other more accurate sources of information to offset his exuberance - or bypass him altogether. For the average consumer, his site can be dangerous because of this - in my opinion. For those more well informed, his site can be a valuable resource.In regards to the "overheard" portions, that of course means nothing when it comes to facts and statistics. Taking public comments from a newsgroup which are almost always politically motivated (regardless of the direction) isn't research... Its hyperbole. All of the flame wars on this and every forum and usenet system prove that in spades: its not reliable data. In security, definable and provable research is needed that shows something one way or the other. Comments in newsgroups fail that reality test in the extreme - of course. Yet Gibson relies on marginal "research" like that all the time. This isn't, by far, the first time.I truly don't think Gibson does this out of any malicious intent. I don't believe thats his aim at all, but of course have no proof one way or the other. He "seems" to me to simply be what I stated above: someone with an out of control need for publicity. We all have ego's to deal with, I don't judge him on that. I simply point out that there is much more valid security research, news and sites on the net that don't fall into this trap.I fully agree with your last statement:"(this is a) plea for other readers to consider more than one person's opinion with respect to PC security including sites other than grc.com."Including my own opinion stated here. :-)Take care,Elrond

[Guest Barney1]

My reply to your first message were made because I felt you neglected to address the initial poster's link.Despite what folks may think about Gibson's grandstanding, there are indeed facts which do pertain to the XPedite file.1. XP had a security flaw of which MS was well aware.2. MS promised a fix which would be contained within a patch called SP13. Said patch was "forthcoming".4. Gibson was also aware of the flaw and created a program which was an immediate fix; not a "forthcoming" one.5. Users would now be secure without the aid of the MS "forthcoming" program. IMHO, if your copy of the OS were functioning nominally, why would you bother to update unnecessarily? But that's another topic!As for the merit of those comments from folks about the functionality of their OS, I don't place much faith in the conspiracy theory alluded to in your last answer; the reason being that there are too many and in too many places. There are still complaints, even _after_ install of the latest patch/update, call it what you will; though to be fair, these are hardly security related. My point here is that although there may be some collusion for whatever reason, I wouldn't dismiss them all out of hand, and I don't think Gibson does either.BTW, since Gibson had been approached by MS for consultation purposes during the developement phases of the OS, it wouldn't come as a surprise to learn that he might have discovered the flaw earlier than we suspect and that he had already begun preparing his fix knowing from past experience MS' reluctance to take advice even when it is solicited.Merely an opinion.........And you take care as well :)

[Guest]

Elrond,I'm sorry you feel that way about Gibson, but for others, any 'heads-up' on Internet security is certainly an asset, and if further reading is necessary to enhance the individuals knowledge, so be it!Personally, he has previously (with his 'SHIELDS-UP' utility) assisted me in securing my networks against potential invasive software, by identifying back-door portals.... maybe you should check this (Shields-up test) out on your own system(s) before flaming him?Terry