Not secure enough for me :P Fingerprint scanners, like everything else, are flawed.
The Lenovo notebooks that we deploy in our company typically have them built-in, and a few users partake in the scanning. Heard nothing but complaints, though.
Either way, Myth Busted on the security of those
I just keep an uber-long and annoying password.
Yeah yeah, I saw that episode. However I doubt anybody is going to be motivated enough to break into my house, lift a fingerprint, make a replica and use it. It raises the effort required to bypass to a high enough level that I feel quite comfortable with it. And what kind of complaints were you hearing about the fingerprint readers?
Mostly just sporadic reliability. They tend to not always work, and end up locking the account out.
GPIA7R on
0
Mr_Rose83 Blue Ridge Protects the HolyRegistered Userregular
edited August 2009
Anecdote time; one of my devs has a lenovo tablet w/thumbprint and he uses it all the time. However, he is using it in Win7 (RC), where the alternate login methods seem to be more integrated into the OS and don't require replacing the default Windows login screen.
For Win7, are there any steps you would recommend to make the initial installation more secure, or just run smoother? I keep hearing people talking about UAC for Vista, and that it should be disabled, but I admit I am severely undereducated on the issue.
Run IE8 to clear the first-run wizard, or you'll have to do it when some application calls IE and you're busy doing something else. Same with Windows Media Player.
I've heard good things about totally disabling Windows Media Center and Media Sharing, but I'm not sure how best to do it.
Win7 comes with a Cleartype tweak wizard, so you may as well just use it (you could get it as a powertoy for XP and Vista).
For Win7, are there any steps you would recommend to make the initial installation more secure, or just run smoother? I keep hearing people talking about UAC for Vista, and that it should be disabled, but I admit I am severely undereducated on the issue.
Run IE8 to clear the first-run wizard, or you'll have to do it when some application calls IE and you're busy doing something else. Same with Windows Media Player.
I've heard good things about totally disabling Windows Media Center and Media Sharing, but I'm not sure how best to do it.
Win7 comes with a Cleartype tweak wizard, so you may as well just use it (you could get it as a powertoy for XP and Vista).
"RecentPlaces" and Windows has done that since at least 95.. all 7/Vista adds is that it knows which programs opened them.
Yeah, I know. XP keeps a fascinating ROT-13 list of entries in the registry. I learnt this the hard way after finding a registry key full of apparent gibberish and deleting it to see what would happen (I had a backup, but it was still surprising).
[strike]Apparently Windows 7 has switched to a Vigenère cipher of the entries. No lie.[/strike] (it just uses Vigenère in the beta, the RTM and RC should be using rot13 again). But that's just the UserAssist key for the start menu; where does it store data as to which program opened them?
And what kind of complaints were you hearing about the fingerprint readers?
Mostly just sporadic reliability. They tend to not always work, and end up locking the account out.
Sounds like a problem with that specific model of reader. Mine works 100% of the time, first try. Like I have literally not had any failed attempt at scanning my fingerprint.
RandomEngy on
Profile -> Signature Settings -> Hide signatures always. Then you don't have to read this worthless text anymore.
We just enforced a new policy: No more duplicate letters (meaning, "kitten" would not be a proper password because of the "tt", whereas "kitetn" is fine.) This really screwed up one of my uber-secure passswords, which happened to have a couple instances of duplicate letters... but I think the multiple numerical and special characters should have offset that -_-
No password you've used in the past 5 cycles, and no part of your username. At least one capital and one number
wouldn't a rule like this actually weaken password security, because you'd have a clear information about passwords? You could rule out every password with duplicate letters from a brute force attempt, for example
We just enforced a new policy: No more duplicate letters (meaning, "kitten" would not be a proper password because of the "tt", whereas "kitetn" is fine.) This really screwed up one of my uber-secure passswords, which happened to have a couple instances of duplicate letters... but I think the multiple numerical and special characters should have offset that -_-
No password you've used in the past 5 cycles, and no part of your username. At least one capital and one number
wouldn't a rule like this actually weaken password security, because you'd have a clear information about passwords? You could rule out every password with duplicate letters from a brute force attempt, for example
Yeah, I didn't say I liked it. I don't know what the point of it was... =/
We just enforced a new policy: No more duplicate letters (meaning, "kitten" would not be a proper password because of the "tt", whereas "kitetn" is fine.) This really screwed up one of my uber-secure passswords, which happened to have a couple instances of duplicate letters... but I think the multiple numerical and special characters should have offset that -_-
No password you've used in the past 5 cycles, and no part of your username. At least one capital and one number
wouldn't a rule like this actually weaken password security, because you'd have a clear information about passwords? You could rule out every password with duplicate letters from a brute force attempt, for example
Yeah, I didn't say I liked it. I don't know what the point of it was... =/
duplicate letters? or consecutive duplicate letters?
As in "banana" is allowed but "kitten" is not.
I can see the case for disallowing consecutive duplicate letters, but not just duplicate letters in general.
For Win7, are there any steps you would recommend to make the initial installation more secure, or just run smoother? I keep hearing people talking about UAC for Vista, and that it should be disabled, but I admit I am severely undereducated on the issue.
Thankfully, UAC is less in-your-face in Windows 7, and it's a security feature, so it's best to keep it on. You can change the strictness of it, though, by going to "Change User Account Control Settings" in the Action Center (in the Control Panel or the little flag icon in the system tray). I've got it on the third-from-top level because I'm lazy, but the second level's probably best; I imagine the top level would get irritating quite quickly.
Also, does anyone have any advice on running A/V software in Win7? I have a subscription to NOD32, but I'm unable to find much compatibility info.
Not really advice, but I've been using Avast and I'm quite happy with it, and my mother's got Sophos (uni subscription) with the RC, and she's had no problems.
I've actually had some pretty serious issues concerning the UAC and Windows 7. It'd be set to the default, and I'd go to change something or install some drivers or just trigger it messing around like I normally do, except it wouldn't give me the prompt allowing me to give it the okay. It just sat there. Had to go in and disable it through Safe Mode, because it wouldn't give me the UAC prompt to allow the changing of the UAC level. Might've been an issue with Aero and my video card drivers at the time, which is what I'm leaning towards as the culprit.
For Win7, are there any steps you would recommend to make the initial installation more secure, or just run smoother? I keep hearing people talking about UAC for Vista, and that it should be disabled, but I admit I am severely undereducated on the issue.
Thankfully, UAC is less in-your-face in Windows 7, and it's a security feature, so it's best to keep it on. You can change the strictness of it, though, by going to "Change User Account Control Settings" in the Action Center (in the Control Panel or the little flag icon in the system tray). I've got it on the third-from-top level because I'm lazy, but the second level's probably best; I imagine the top level would get irritating quite quickly.
I actually set it to the top level :P prefer it that way... more information about what something I'm doing will do. I can see why I'm in a minority though :rotate:
I just killed it entirely and haven't looked back. I've got my AV and my software/hardware firewalls. Intrusive OS responses when I futz about with stuff on a regular basis can take a pass. It's a lot better than Vista, but I have confidence in control over what I'm doing.
I had it turned off, but for some reason, a few things needed it on to run properly, they gave me a "need admin rights" error, despite being Admin, using Run as Administrator option, and it still refused to work. I turn UAC back to default settings, and it works fine
I had it turned off, but for some reason, a few things needed it on to run properly, they gave me a "need admin rights" error, despite being Admin, using Run as Administrator option, and it still refused to work. I turn UAC back to default settings, and it works fine
That's just incredibly annoying. Mostly because I wouldn't've even thought to turn UAC on, and instead would've wasted my time dicking about with permissions and ownership.
The thing about UAC, is that while it's an extra click 99.9% of the time, that .1% of the time, when it's actually something malicious, it does it's job.
It's waaaay less invasive than it was in Vista. Pretty much the only time I see it now is when I'm installing things, which is fine. Everyone really should leave it on.
TetraNitroCubaneThe DjinneratorAt the bottom of a bottleRegistered Userregular
edited August 2009
Thanks for the tips, guys. I really do appreciate it.
Lately, I admit I've been in a bit of a tiff over a potential rootkit on my old XP machine. Don't know how it got there, don't know if it actually is there at all, but goddamnit I'm gonna Nuke `n Pave that bastard. If I burn a Win7 RC DVD from the iso I downloaded from Microsoft's site, will I have the option to completely reformat my HDD before install? I know that was an option with XP, but I don't know if it's in the RC iso.
Also, would I have any problem with an RC iso I burnt to DVD on OS X? I don't really have access to trusted windows machines at the moment, as I suspect infection of the machine I'm trying to overhaul. Thanks!
Awesome. Thanks. I burned the ISO and got the installation of the RC going on my old XP machine.
Unfortunately, dunce that I am, I can't really figure out how to do a proper format of the drive before installing Win7. I had XP on this drive before, and I want to clear it out completely, in a 'slow' format akin to what XP used to do. When I selected 'Format' from the Win7 installer, it took about 5 seconds to do something, and then that was it. Am I missing something? Sorry for all the questions...
the "Slow" format went away, because what the slow format was was only checking the disk for errors. the actual formatting of the disk was no different whether you did the slow or quick method.
It's doing a quick format, which is yes very quick.
The XP installation disc gives you a choice between a quick and a regular format. The difference is described in this KB article. To quote:
When you choose to run a regular format on a volume, files are removed from the volume that you are formatting and the hard disk is scanned for bad sectors. The scan for bad sectors is responsible for the majority of the time that it takes to format a volume.
If you choose the Quick format option, format removes files from the partition, but does not scan the disk for bad sectors. Only use this option if your hard disk has been previously formatted and you are sure that your hard disk is not damaged.
And that's it. The Seven disc just uses a quick by default, and doesn't ask.
So if you're nervous about bad sectors, just do chkdsk /r C: and reboot. Then go out for a walk, because a large HDD can easily take a couple hours to scan the disk.
edit: beat'd.
ronya on
0
TetraNitroCubaneThe DjinneratorAt the bottom of a bottleRegistered Userregular
edited August 2009
Ah, my inexperience shows through. Thanks for the quick answers, guys! I'm not terribly concerned about the health of the HDD - I did regular checks while it was in operation under XP with good results. I'm more concerned about 'Nuking from Orbit'. There was a possibility of a nasty rootkit on the old XP install, and I didn't want to have any questions lingering. So long as all the old data is gone and can't interfere with the new Win7 install, I'll be happy.
I bought Vista Ultimate Retail (yay :?) when Vista was first released. I feel pretty jerked around by MS at this point.
As far as I can tell, I'm not eligible for any sort of discounted upgrade. (Bought Vista well before the discount window)
It doesn't look like I need the Windows 7 Ultimate extra features.
I'm fine with doing a clean install.
What do you guys suggest for the cheapest upgrade path?
(I haven't looked through the entire thread, but will eventually)
unless you need domain connection, or want to be able to connect to your PC to remote desktop, grab the Home Premium upgrade, all while shaking your fist at Microsoft for bending you over.
It bugs me that the Now Playing window for WMP12 doesn't stay where I put it when I switch between the Now Playing and regular modes. It recenters itself based on where the regular window is.
So I can't get flash installed on MSN Internet Explorer. Adobe's page says it doesn't support flash for 64 bit operating systems. I was able to get it working fine on Vista, though. What gives?
So I can't get flash installed on MSN Internet Explorer. Adobe's page says it doesn't support flash for 64 bit operating systems. I was able to get it working fine on Vista, though. What gives?
You need to use the 32-bit browser (should be a separate link, or even the default link). Also MSN IE as opposed to Windows IE? Where did that come from?
You're using Windows 7 x64 RC? Or what? Is that IE 8? What version of Firefox? What version of Flash are you using in Firefox? 10.0.32.18 is the latest version.
I've never been able to get Flash or Youtube or any streaming video to work properly in Firefox. It's too much of a damn hassle, and IE8 works just great right out of the perverbial box.
I've never been able to get Flash or Youtube or any streaming video to work properly in Firefox. It's too much of a damn hassle, and IE8 works just great right out of the perverbial box.
What? Really? This sounds really wrong, because I've never seen a problem like this before. Is this also prevalent in Opera and Chrome?
I've never been able to get Flash or Youtube or any streaming video to work properly in Firefox. It's too much of a damn hassle, and IE8 works just great right out of the perverbial box.
What? Really? This sounds really wrong, because I've never seen a problem like this before. Is this also prevalent in Opera and Chrome?
Nope. Firefox, both on Linux and Windows, has never played YouTube videos right after installation, or installation of Flash/plug-ins for me. It's far too much trouble for what it's worth (much worse on Linux, though)
Posts
Mostly just sporadic reliability. They tend to not always work, and end up locking the account out.
Nintendo Network ID: AzraelRose
DropBox invite link - get 500MB extra free.
Anyway...
Run IE8 to clear the first-run wizard, or you'll have to do it when some application calls IE and you're busy doing something else. Same with Windows Media Player.
I've heard good things about totally disabling Windows Media Center and Media Sharing, but I'm not sure how best to do it.
Win7 comes with a Cleartype tweak wizard, so you may as well just use it (you could get it as a powertoy for XP and Vista).
"RecentPlaces" and Windows has done that since at least 95.. all 7/Vista adds is that it knows which programs opened them.
[strike]Apparently Windows 7 has switched to a Vigenère cipher of the entries. No lie.[/strike] (it just uses Vigenère in the beta, the RTM and RC should be using rot13 again). But that's just the UserAssist key for the start menu; where does it store data as to which program opened them?
Sounds like a problem with that specific model of reader. Mine works 100% of the time, first try. Like I have literally not had any failed attempt at scanning my fingerprint.
wouldn't a rule like this actually weaken password security, because you'd have a clear information about passwords? You could rule out every password with duplicate letters from a brute force attempt, for example
Yeah, I didn't say I liked it. I don't know what the point of it was... =/
duplicate letters? or consecutive duplicate letters?
As in "banana" is allowed but "kitten" is not.
I can see the case for disallowing consecutive duplicate letters, but not just duplicate letters in general.
Not really advice, but I've been using Avast and I'm quite happy with it, and my mother's got Sophos (uni subscription) with the RC, and she's had no problems.
I actually set it to the top level :P prefer it that way... more information about what something I'm doing will do. I can see why I'm in a minority though :rotate:
That's just incredibly annoying. Mostly because I wouldn't've even thought to turn UAC on, and instead would've wasted my time dicking about with permissions and ownership.
It's waaaay less invasive than it was in Vista. Pretty much the only time I see it now is when I'm installing things, which is fine. Everyone really should leave it on.
Lately, I admit I've been in a bit of a tiff over a potential rootkit on my old XP machine. Don't know how it got there, don't know if it actually is there at all, but goddamnit I'm gonna Nuke `n Pave that bastard. If I burn a Win7 RC DVD from the iso I downloaded from Microsoft's site, will I have the option to completely reformat my HDD before install? I know that was an option with XP, but I don't know if it's in the RC iso.
Also, would I have any problem with an RC iso I burnt to DVD on OS X? I don't really have access to trusted windows machines at the moment, as I suspect infection of the machine I'm trying to overhaul. Thanks!
Awesome. Thanks. I burned the ISO and got the installation of the RC going on my old XP machine.
Unfortunately, dunce that I am, I can't really figure out how to do a proper format of the drive before installing Win7. I had XP on this drive before, and I want to clear it out completely, in a 'slow' format akin to what XP used to do. When I selected 'Format' from the Win7 installer, it took about 5 seconds to do something, and then that was it. Am I missing something? Sorry for all the questions...
The XP installation disc gives you a choice between a quick and a regular format. The difference is described in this KB article. To quote:
And that's it. The Seven disc just uses a quick by default, and doesn't ask.
So if you're nervous about bad sectors, just do chkdsk /r C: and reboot. Then go out for a walk, because a large HDD can easily take a couple hours to scan the disk.
edit: beat'd.
I bought Vista Ultimate Retail (yay :?) when Vista was first released. I feel pretty jerked around by MS at this point.
As far as I can tell, I'm not eligible for any sort of discounted upgrade. (Bought Vista well before the discount window)
It doesn't look like I need the Windows 7 Ultimate extra features.
I'm fine with doing a clean install.
What do you guys suggest for the cheapest upgrade path?
(I haven't looked through the entire thread, but will eventually)
Blog||Tumblr|Steam|Twitter|FFXIV|Twitch|YouTube|Podcast|PSN|XBL|DarkZero
You need to use the 32-bit browser (should be a separate link, or even the default link). Also MSN IE as opposed to Windows IE? Where did that come from?
SC2 NA: exoplasm.519 | PA SC2 Mumble Server | My Website | My Stream
I would really love a solution for that, but I haven't had any luck.
Can I get a link to the 32 bit browser? Browsing MSN sites make me ill.
Blog||Tumblr|Steam|Twitter|FFXIV|Twitch|YouTube|Podcast|PSN|XBL|DarkZero
I meant that it should be in your start menu. Also, Flash really shouldn't perform differently between FF and IE. That sounds suspect to me...
If your video drivers are up to date Flash should be pretty smooth in any browser.
SC2 NA: exoplasm.519 | PA SC2 Mumble Server | My Website | My Stream
Blog||Tumblr|Steam|Twitter|FFXIV|Twitch|YouTube|Podcast|PSN|XBL|DarkZero
What? Really? This sounds really wrong, because I've never seen a problem like this before. Is this also prevalent in Opera and Chrome?
SC2 NA: exoplasm.519 | PA SC2 Mumble Server | My Website | My Stream
Nope. Firefox, both on Linux and Windows, has never played YouTube videos right after installation, or installation of Flash/plug-ins for me. It's far too much trouble for what it's worth (much worse on Linux, though)
Protip: There are two Flash installers--one for Internet Explore and one for everything else. Why Adobe does this I have no idea.