A few things don't work as they should in XP and I can't seem to fix the problems. Specifically I can't enable USB 2.0 support which I know is fixed in SP1. But I don't whether to slipstream SP1 or SP2 because I'm not sure which introduces the least bugs and flaws. I don't install hotfixes from Microsoft at all - ever - so am I best going for SP1 or SP2?

SP2, definately.

I don't install hotfixes from Microsoft at all I'd compare that with sleeping with a prostitute without a condom.. it's dangerous (actually I'd use another term but you could take that as a rule6 infraction).
No firewall and virus scanner can protect you from critical flaws, and especially not starting from the day somebody starts to exploit those flaws. So unless you have an isolated computer with no network and where you never put any data you got from third parties, there's a reason patches are classified as critical.

I'd compare that with sleeping with a prostitute without a condom.. it's dangerous (actually I'd use another term but you could take that as a rule6 infraction).
No firewall and virus scanner can protect you from critical flaws, and especially not starting from the day somebody starts to exploit those flaws. So unless you have an isolated computer with no network and where you never put any data you got from third parties, there's a reason patches are classified as critical.

Despite the number of your posts clueless n00b would seem to be quite appropriate. It never suprises me how people overeact without any proper forthought. It is not compatable to "sleeping with a prostitute without a condom" at all. And besides which I make my own security pack anyway compiled from Microsft's security hotfixes. What I mean is I don't apply every single single hotfix at the drop of a hat the day it is released - I let people like you do the testing for me. All other hotfixes are selective and mostly superfluous anyway and the main reason why I've held of slipstreaming an SP until now.

Dump xp and go for win2k sp4 or better still go Linux

Despite the number of your posts clueless n00b would seem to be quite appropriate. Please remember rule 4. Ad hominems are no substitute for reasoned argument. Thank you.

This article http://www.times-standard.com/business/ci_3828429
may illustrate that blindly trusting the Microsoft updates is not always a good idea. They officially and shamelessly suppose you to fix the issues resulting from their updates yourself (see http://support.microsoft.com/kb/918165) by "hacking the registry code and installing a new shell extension". Compared to this, Linux isn't perhaps that difficult after all.

Don't ask questions if you can't take the answer... and above all things, know whom you are speaking to. Your tone with me will ensure that your time here will be short lived.
Your initial message didn't say anything about installing hotfixes on your own, and an unpatched Windows will become infected within minutes of being connected to the Internet.. I've personally experienced this a couple times over at a friend's place who didn't have SP2 slipstreamed and who didn't have the proper setup to prevent incoming traffic.

Dump xp and go for win2k sp4That's a rather bad suggestion. W2K support is about to run out and it's slower.. but if you like waiting a long time before your computer boots up and live with halfway appropriate DCOM and execution protection security. I've never quite understood why some people keep W2K over XP.. you can strip XP of the fancy things that eat CPU cycles and the profit from the improvements that came with XP without the drawbacks.

Even a Linux box requires regular patching.. the main advantage there is that fixes generally are available much faster but if you run a LAMP box (like the one this forum runs on), regular patching is still a must or we'll find this site defaced and the database gone one day.

Keys is a good pattern of people considering themselves as smartest of the universe.

keys: you do know that SPs are basically a compilation of fixes, right? By using SP, you are basically installing old hotfixes.

...
(actually I'd use another term but you could take that as a rule6 infraction)
...

Come on, has this forum become so paranoid and prone to witch hunts that even you can't jest or use euphemisms because it might tangentially touch the rules, however detached from actual rules infringement it might be?

Compared to this, Linux isn't perhaps that difficult after all.well.. if your packet manager db breaks.. you're going to throw yourself off a cliff. And most people are nowhere near capable of compiling a program, especially if it has gazillion dependencies and the compile script needs adapting.

And fixes gone bad isn't an MS only problem ;)

{snip} and an unpatched Windows will become infected within minutes of being connected to the Internet.. I've personally experienced this a couple times over at a friend's place who didn't have SP2 slipstreamed and who didn't have the proper setup to prevent incoming traffic.

{snip}
I've had a DSL connected computer with Windows XP for a year and a half. No service packs. Using the free Zone Alarm and free AVG. Only virus I've noticed seemed to come as part of MS messenger which installed automatically with the DSL software. (I removed MS Messenger and since no problems). I do turn the computer off when not using it. Have I just been extraordinarily lucky or does it also have a lot to do with a person's browsing habits?

All these tests refer to a windows machine with no router and no software firewall. If you have a router or a modem that does NAT you're pretty safe from automated threads, it's the user interaction ones (email, web browsing) that are still the biggest offenders (and once inside the router, proceed to infect the network). Every machine, and every program, has to be a little security fortress now if it has to trusingly interact with other machines.

Everything's turning to spyware and phishing rootkits anyway, so if they do their job right you don't even know until your accounts are drained. =\

Jeez you ask simple question and you receive a derogatory remark by way of a reply and when you respond in kind you're told that "my brother is bigger than yours". I appreciate wisdom from anyone which is why I asked the question because I wanted some good advice. I didn't ask the question for people to have a go at me and question how smart I am or threaten me. Thanks - but on this occasion no thanks - and please delete this thread.

Have I just been extraordinarily lucky or does it also have a lot to do with a person's browsing habits?It has to do with how you connect to the Internet. You can take an unpatched installation, if you slap a firewall on it before you go online for the first time, you'll be safe.. same thing if you have a router properly set up (in the instance I'm refering to it was a router but the machine was configured as exposed host and the router owner had forgotten the password).. and the only software around was a CD with XP SP1. I ended up having to visit again with a slipstreamed CD.. then finally we managed to get the whole thing up and running again.
But if you have neither firewall nor nat and you first have to download patches.. then chances are not too shabby that you'll get infected before having finished the download of the patches.
Of course, we also swapped out the router (I had a spare) so now the machine is no longer exposed.

DSL and Cable Providers around these parts still mostly give customers simple modems that directly expose your machine to the Internet - and most people don't know that they're exposed and should never go online with a firewall. That's why SP2 is a huge improvement for Joe Average..

Keys is a good pattern of people considering themselves as smartest of the universe. Gosh, right after I remind you all of rule 4, you post this!? Rule 16 strike issued.

I'd always visited Doom9 with great respect for the website because I think it's such a valuable point of reference and I can't think of another site that's comparable to this - maybe CD Freaks but this website has always stood out to me.

But I won't put up with being spoken to like crap by anyone - whether it be the person who runs/owns this website - or whether it's a close member of my family or somebody I work with. There is absolutely no need for rudeness and I was not rude first. I'm absolutely disgusted to receive two warnings because I've responded to somebody's rudeness.

I run a security website myself and I don't need second guessing as to my competence with regards to making my computer secure &/or safe.

I expect to be given a third warning and banned for 30 days but let me say once again - I wasn't rude first and I'm absolutely disgusted to receive two warnings because I've responded to somebody's rudeness.

I run a security website myself and I don't need second guessing as to my competence with regards to making my computer secure &/or safe.I'm sorry but you invited that with your first statement.. it is not apparent to anyone that you're actually not being careless when you write that you don't install hotfixes *at all*. What is a person to think other than you being careless when reading such a statement? So, to the unknowing observer your question comes off as "Okay, I don't give a crap about security, I just want my USB2 so should I go with SP1 and then live with that system with no patches.. and probably no NAT and firewall either for a year +, or should I do the same with SP2". Answers can only be as good as the question.. if you had detailed that you install pertinent security updates manually, that would have changed the whole context of your question (still doesn't change the fact that SP2 improves considerably as far as security is concerned.. even though it's nowhere near enough).
In fact, you later did a 180 degree flip on the whole patching statement... may I suggest that next time you ask your question in a way that doesn't invite colorful statements about taking unnecessary risks?

What would you say to me if I tell you I'm going 200km/h on the highway and am working on my laptop at the same time.. it's suicidal behavior.. not patching your computer isn't suicidal but still very dangerous. You can't blame somebody with firsthand experience with how not patching can screw you big time to paint you a picture.

And if you're so knowledgeable as you know claim.. why the need to ask in the first place? SP2 has only been out for how long again?

If you know what you're doing, AutoPatcher is a great way to make sure your Windoze is up to speed. http://www.autopatcher.com/

I've moved from Win2K to XP on all my systems. Why? They run faster, it's more secure, LBA48 support (ever rebuild a fragmented 200G C: drive with Win2K?...), tray organization, ASIO, etc. XP is also more robust than Win2K when the shell crashes, no small issue.

AutoPatcher includes a registry patch so the search function works like Win2K. Turn off most of the eye candy stuff and it's almost like the Win98/2K interface you're probably familiar with.

I've never quite understood why some people keep W2K over XP

- it doesn't have this nasty habit of phoning home
- it works, and there are better ways to squander your money than to buy a xp license
- xp home lacks some important functionality
- never change a running system
- technically, 2k and xp are the same, apart from some minor api changes
- xp needs beefier systems, i'm also willing to doubt your claim about xp running faster than 2k ...

... however, this is becoming way offtopic :-)

with kind regards,
thoralf.

edit: even microsoft themselves found that benchmarks yield similar results on 2k and xp: http://www.microsoft.com/windowsxp/pro/evaluation/whyupgrade/performance.mspx .

Personally, I slipstream sp2. But I am too lazy to investigate exactly what's in it. What annoys me in the service packs is that they incorporate more than just security fixes that should not be bundled together IMHO:

- patches to the core OS
- security fixes to the core OS
- new features
- additions to the ever mutating EULA

It would be nice if they at least separated the new features from the rest, giving you the option to keep your system secure without changing the basic functionality and breaking other apps in the process.

Both SP1 and SP2 are still supported for security fixes (XP gold isn't), so to answer the question you would need to inventory which new features have been added in sp2. Like I said above, I'm to lazy to do that :-)


Off topic about the last point:it seems that nowadays the oem licence is linked to your motherboard. Have it replaced other than as a repair by the vendor, and your licence is invalid....

Look I don't want to get into a slanging match with you Doom. Whether I gave partial information or not - and let's not forget my initial post did not mention anything to do with security at all and you brought it up - I asked which SP was the least buggy. Now if you'd much prefer to get into a discussion about security solely then I'm more than happy to do that tomorrow when I have more time. But you brought up the issue of security and you were the first person to take it upon yourself and be rude to me and I don't think quite frankly I did anything to bring that upon myself. Maybe you are a rude person in real life - I don't know. Maybe I'm just too easily offended - again I don't know. But the fact is you were rude and I was offended and I received two warnings thank you very much.

I won't post anymore now because this thread is just getting a little bit off-topic to be quite honest. I'm not going to respond tonight to your bait as to if I'm so knowledgeable as I now claim then why do I need to ask in the first place. But I'm more than happy to discuss it tomorrow if you wish after I've had a good nights sleep.

Again I reiterate - I was talking about how buggy the SPs are - not security. That's a different issue for me.


EDIT:
Actually I think it's fair to say that my initial post was somewhat incorrect and possibly misleading. What I think I meant tosay is that I have reasons for not using an SP thusfar. I've purposely not installed an SP because I'm not going to install an SP purely for the security hotfixes because that's not all that comes with an SP. That's why I came up with the idea for a security pack containing security hotfixes.

However even with that being the case and even with my giving only partial or misleading info - I never asked anyone to slag me off. Now you might have your own opinion and you obviously do - but you offended me. The difference is you offended me but I can't give you any warnings and what's burned me up is that I have to suck it in and accept the warnings when I feel hard done by.

Whatever - it's really not that important I suppose because at the end of the day - no one's died so it's not that important.

Have it replaced other than as a repair by the vendor, and your licence is invalid.... Microsoft has a process for transferring your license to new hardware.

Microsoft has a process for transferring your license to new hardware.Yes, but only for the retail version. The OEM version has always been linked to your computer, but in the past M$ has been easy on what constitutes a computer and a motherboard change would be allowed, though most of the times you would have to re-activate.

This has now been changed. Change the mortherboard, and your OEM licence is no longer valid. The only exception is a repair by the original vendor. I don't know in how far this is enforced if you actually call M$, but it is in the new EULA. See

http://www.michaelstevenstech.com/oemeula.htm and the links therein.

Shiver me timbers! Thank you for the clarification.

- xp needs beefier systems, i'm also willing to doubt your claim about xp running faster than 2k ...Take two machines with the same hardware, install W2K on one, XP on the other, press the power button at the same time.. see for yourself ;) Then do the same shutting down. That's time that matters to me.. a lot. Once it's up I haven't noticed anything either.. but the improved start/stop time alone would be more than enough for me to make the switch.. I can't stand to wait.

- xp home lacks some important functionality You can get that back with a little trickery ;) But I've never used home.

As far as the license goes.. EULAs like that are illegal in a bunch of not so unimportant countries..

I'd compare that [not installing OS hotfixes] with sleeping with a prostitute without a condomCase in point, we had a worm sweep through the network of a company I used to work for, which brought down four of our branch locations. Computers that were up to date on their service packs and critical updates were impervious to the worm. It took us over a week, & long days, to get that mess cleaned up.

I think my situation could be what Doom9 has said somewhere (http://forum.doom9.org/showthread.php?p=829647#post829647) above:

...an unpatched Windows will become infected within minutes of being connected to the Internet.. I've personally experienced this a couple times over at a friend's place who didn't have SP2 slipstreamed and who didn't have the proper setup to prevent incoming traffic.

I was running Genuine Windows XP in a machine that wasn't connected to the net ever, for a long time. (I think it was from before SP1). Nonetheless I ran AVG-free antivirus and kept it updated manually.

Trouble (http://forum.doom9.org/showthread.php?t=112325) started (I think) when I went online.

Now I am in a bad (but fortunately not a dangerous) fix. I think there definitely can't be any question about ignoring security warnings related to a product I am using issued by the manufacturer of the product.

Regards.

WOW, I just read this thread for the first time. Thanks for the good laugh. Why have I wasted all my time watching T.V. when threads are the way of the future. The new commedy network! Anyway my preference is full update to SP2 then selective updates then on. I have found it the only way to keep maggot internet scum to a minimum. I still run Adaware, Spybot, Windows Defender, Mcafee Virus Scan & Firewall, plus have a built in hub firewall and extra security through my ISP. You can't keep the stuff away. At this moment I having flashing advertisment in my toolbar, it's unreal. The only real cure is perodic system re-format and I'm talking MINIMUM 4 a year. Easily in 8-10 range.

Reinstalls should be limited to dead hard drives, new systems, and accidentally killing your registry; otherwise, you live way too dangerously and need to cut down on the random downloads (and use a semi-limited account). >.> 10 a year to one machine is a frightful waste of time though; you really need to image your system and just reimage it in 5 minutes, instead of days of reinstalling OS and programs.

For the record, having SP2 installed here. A firewall, anti-virus and no hotfixes. So far, no infection. In fact, no stupid infection for as long as I've used the computer. I've also used it with SP1 with no infections. And no service pack at all... no infections.

Hotfixes are evil and messes up the OS. However... service packs are nice. If you do it right. You'll want to slipstream them into your Windows installation and install them right along with Windows. Then it works fine. If you install it manually, then it will most likely bork up the system. That's my experience.

[I]I agree with foxyshadis, I image my system every 1-2 weeks. As far as sevice pack v. hot fixes, service packs are merely a compilation of hot fixes. Why wait till your system is FUBARed, maintain as you go.
/I]