XP SP2 Can Slow Down Business Apps 359
An anonymous reader submits "Mobile PC magazine installed XP SP2 on a bunch of notebooks and benchmarked them, finding that SP2 caused a 9-percent performance reduction in business productivity apps. While a couple of notebooks performed better, the majority took a 3- to 22-percent performance hit." For now, the story is just at the top of the Mobile PC website, but they promise more details in an upcoming issue.
Buffer checks (Score:5, Interesting)
It definitely has proven its worth so far - I may be wrong, but I'm pretty sure the reason SP2 isn't vulnerable to that GDI+ JPEG exploit is that they recompiled GDI+ with buffer checks.
Re:Buffer checks (Score:2)
Re:Buffer checks (Score:5, Insightful)
Correct me if I'm wrong, but shouldn't this have been done right in the beginning itself?
If I were writing any commercial grade code, especially stuff that I know that people would take advantage of, I would sure as hell make sure that I had all my buffer checks in place.
I've heard so much about the programming practices at Microsoft and what not - and yet, ironically, these things keep cropping up so damn bloody often while some operating systems [openbsd.org] coded by a bunch of loosely connected hackers are way more robust and stable.
Hmm, makes one wonder.
(Heh, funnily OpenBSD site says - Only one remote hole in the default install, in more than 8 years! - I guess it does say a lot).
I do not understand, I would have thought that despite all the shit that MS gets for writing bad code, they would make sure that their code is largely buffer checked. Now, when you have to release stuff from outside to patch up for those, you would obviously be wasting a lot more cycles than if you had done so in the beginning, and well.
Sheesh. They do not do a good job of making software and cause you inconvenience, then they release something to make up for it, and that causes you even more inconvenience.
Hah.
Re:Buffer checks (Score:5, Insightful)
That's what their compiler modifications are intended to help with, and from my experience, they help. I do agree that it should have been done sooner, though.
Re:Buffer checks (Score:5, Interesting)
(Funnily, systems wasn't even my area, but still they interviewed me, but that's another story...)
They were of the opinion that since MS is a favourite target of hackers and the like, any MS programmer ought to go to extraordinary lengths to patch any and all buffer checks and foo bar. I was asked to write some piece of code for compiler design and memory management, and the guy kept harping on buffer checks.
I would imagine that with ALL those checks, such things would not be common - but lo! and behold, there they are.
Either they are not doing a good job of doing the whole buffer check thing that the guy harped to me about and it was all hogwash to impress upon you how "important" and "hard" coding in MS is, or there is something seriously wrong with the codebase that SO many exploits turn out everyday.
I can only guess which one it is.
Re:Buffer checks (Score:2, Insightful)
There probably is, and it's same problem found with virtually all C/C++ code of a certain vintage, Microsoft or not.
Do you think Dennis Ritchie ever gave a shit about checking buffers? How about the millions of coders that copied his style? How about the people that wrote most of UNIX? How about the people that wrote most of Linux distros? Go check the Linux security sites, and you'll get the picture that this wa
Re:Buffer checks (Score:5, Insightful)
And comparing Dennis Ritchie's code with today's code is again flawed - hell, why, given my today's knowledge of Physics and Mathematics that I learn by my twelfth grade, I would have been the most intelligent man alive 400 years ago.
You do not compare with what Dennis did or might have done, you make a reality check with how things are today - there is a fair section of crackers who want to exploit systems, and if you are in the business of writing commercial code, you'd better be darned good at making sure your code is good because customers are *paying* you for it.
I have another issue with MS - they concentrate more on releasing things early than checking the code full before releasing. If this were an isolated issue, I would not have a problem - it is not. And MS has had so many years in the market, so many top-notch programmers AND the resources. If you want to compare, look at OpenBSD - that's an example of OpenSource code done right - with one remote exploit in 8 years.
Linux is still in it's infancy, and for all that it's capable of it, it's quite unfair to compare it with the products of a 20 year old behemoth. If you ask me, Linux is doing a fantastic job of being a top notch enterprise systems in such a short time, when compared to Microsoft. And very few of the people behind it actually make any money of it. Does that not say a lot?
Re:Buffer checks (Score:3, Insightful)
Second, you're right that (in retrospect) MS probably should have hired those guys instead of the C/UNIX crowd that the unis were producing. Fact is that they didn't though, and irrespective of their monopoly status they got all the same kinds of people and kinds of problems as everyone else.
Finally, it's true they were slower to fi
Re:Buffer checks (Score:5, Insightful)
I do agree that both Win2k and WinXP are a lot more stable than their predecessors. However, you would think that when you are doing something the second time, you would double-check to make sure that you do not make the same mistakes as you did the first time.
I just feel that this is not happening - and any number of factors could be contributing to it (market, economics, manpower, complexity what not) - but that does not mean you do not take the pains to not do it well. I'm sure Microsoft's trying to take as much care as they can to ensure that this does not happen.
However, despite that, these still seem to be happening. Which is what I find quite baffling - there seems to be a fundamental flaw somewhere in there, and that needs to be taken care of. Which is what I mentioned in my initial posting, too.
Re:Buffer checks (Score:3, Interesting)
Yeah unix had some silly bugs, but that partly cos it was written by a really small team in spare time and became uber-popular despite it never really being intended to , and in an age where hackers where guys who logged in and FIXED your shit.
Re:Buffer checks (Score:5, Insightful)
Fundamentally, yes, you are right in saying that complexity brings such mistakes. However, that's not an excuse to use it as a crutch to release buggy software.
Re:Buffer checks (Score:3, Informative)
Re:Buffer checks (Score:5, Interesting)
Either they are not doing a good job of doing the whole buffer check thing that the guy harped to me about and it was all hogwash to impress upon you how "important" and "hard" coding in MS is, or there is something seriously wrong with the codebase that SO many exploits turn out everyday.
I was an intern at Microsoft this past summer, and I believe it's the shear quantity and perhaps complexity of software being written that's resulting in these bugs. They really do emphasize writing secure code now (I don't know how it was like before). I shared an office with two other interns, and during several code reviews another intern was involved with, there would be "did you check parameters here? potential buffer overflow? what if this is NULL?" And it wasn't even important code he was working on.
Re:Buffer checks (Score:2)
Well, what if it was a potential buffer overflow? In such a piecemeal appraoch to programming, can the intern realistically be expected to know if there's a potential buffer overflow? How should he know how a NULL is handled? Isn't there an operating system that's supposed to do that stuff?
Where's that damn garbage collector???
Disclaimer: I am
Re:Buffer checks (Score:3, Informative)
Well, if he wrote the code that needs to handle the null, then he need to know how it should be handled. If he's inexperienced/junior enough to not be able to decide himself, he should speak to someone who can make that decision for him.
Re:Buffer checks (Score:4, Funny)
"did you check parameters here? potential buffer overflow? what if this is NULL?" And it wasn't even important code he was working on.
Clippy can still be dangerous if he goes unchecked.
Not a code change.. a compiler flag change.. (Score:5, Informative)
The compiler was modified to support automatic stack overflow checking (i.e. canaries). Server 2003 was compiled with this (and as a result, MANY things that are shared-code problems resulting in exploits on other NT based OSes are either ineffective or DoS attacks on Server 2003).
The idea is that
So, its a defense in depth tactic. Ideally, there'd be no BO's in code. But there are. Terminating the program with an explanation as to why is better than letting people run code on your box.
Re:Not a code change.. a compiler flag change.. (Score:2)
So would they be recompiling all their stuff that shows up an exploit with the new compiler, to ensure that BOs don't happen?
Given the frequency of exploits that turn up, if MS kept releasing such patches ever so often, that would quite terribly slow down the whole system. On the other hand, like you rightly pointed out, better a slower running program that terminates by popping an explanation than an exploit.
Oh well, the price of slavery
Re:Buffer checks (Score:2, Insightful)
Depends on which question you're asking.
"I want Windows to run faster, should we be performing buffer checks?"
"I want Windows to be more secure, should we be performing buffer checks?"
This is not a rebuttal to your post, simply pointing out that it's not as black and white as that. Security is important, but usability is what made Microsoft a success.
Re:Buffer checks (Score:2)
(this may not always be the case, but it is often the case)
So, all that I meant was that while I do want Windows to run faster, it should not be at the expense of security - if it had been taken care of in the beginning, it would have been faster than taking c
The answer to this is simple.... (Score:2)
Unless you have a CPU that needs multithreading, there is no reason - besides ..... - that you need XP. And ESPECIALLY if you are reading slashdot, you should be able to work win2k.
Re:Buffer checks (Score:3, Insightful)
When Windows 95 came out the days of setting individual apps to use your hardware (like sound cards) were over. You didn't have to memorize a bunch of stupid dos commands. Installation of apps was as simple as putting in the CD and hitting 'ok' a couple of times. All this, and you could build your own machine to boot.
And since when did filtering out automatic-MS-hate make my ideas 'fucked up'? You can't tell me that the surge of computer
Buy a Mac. (Score:3, Insightful)
Maybe for you. But Apple had already solved that problem.
"You can't tell me that the surge of computer purchases starting around the mid-90's wasn't because of the launch of Windows 95."
You seem to be confusing the marketing push that Microsoft did with some form of technical excellence. The people bought the new PC's because they thought they needed them. That's marketing.
People lined up in
Re:Buffer checks (Score:5, Interesting)
Hmm, makes one wonder.
the openbsd people are united by an ideology. Microsoft employees are largely, though not exclusively, united simply by the desire for a paycheck.
I work in a Microsoft facility and let me tell ya, they aren't all smoking what Steve Ballmer is.
Is it any wonder that quality suffers when compared to a project that is a labor of love?
Or maybe my bad attitude is why I am a contractor and not full time there.
Re:Buffer checks (Score:4, Informative)
--
Re:Buffer checks (Score:2, Insightful)
Another, non intrusive way of doing it is to include kernel level memory protection. On top of that you could add Users, Groups and privileges and not allow every program to have the run of the system.
Buffer Overruns are as old as C and UNIX has built mechanisism to cope with it that do not put the onus on the programmer, since the memory monitoring is done in the kernel, this is also safer in the long run because it means that a program must break memory p
Re:Buffer checks (Score:4, Insightful)
Windows XP has users, groups and privileges, and not every program has the run of the system.
And UNIX is just as vulnerable to buffer overflows as Windows XP. They both are programmed in languages that are prone to such problems.
Re:Buffer checks (Score:2, Interesting)
Windows XP has users, groups and privileges, and not every program has the run of the system.
Uh, what are you talking about?
As a Windows NT programmer for 10 years I, and many others are fully aware that the Windows security model is more comprehensive and flexible than the POSIX model. This is due to the power of NTFS and the uniform interface of the NT object manager.
However, while this is all dandy, the Windows environment is architected, and third party apps are deli
Re:Buffer checks (Score:3, Interesting)
Regards,
Do you even know what you're talking about?! (Score:2)
It's not like buffer overruns on NT are happening in random unpriviledged code an then magically running ring 0.
There are two big issues that make BO's problematic on windows:
1) traditionally, many system processes have run as something equivalent of unix root (Local System, etc). These already have root privs, so any exploit against these that allows code execution is code r
Re:Buffer checks (Score:2)
Re:Buffer checks (Score:3, Insightful)
It was to be expected... (Score:5, Insightful)
It has been always this way
Correct Fixes usually means faster (Score:2)
Just as my subject line is treated as a rock-steady axiom of Computer Science, particularly of Software Quality and Software Engineering electives, fixes that results in slower codes usually a BIG sign that range checking h
Re:Correct Fixes usually means faster (Score:2)
Real Reason for range checking in public APIs (Score:2)
That is, the 2nd programmer's module calling the 1st programmer's function without consulting the 1st programmers documentation, be that it may: verbal, written, guesture or even smoke signals.
Tight cohesive teamwork is the key... Get it together.
A Better Example (Score:2)
Maybe not faster, but more of the same apps! (Score:5, Funny)
I found one instance where a fix actually allows you to pirate OTHER software (or at the very least violate otherwise restrictive "one machine at a time" clauses in the EULA).
I installed SP2 and didn't notice any problems at all. Then, I fired up Fireworks which has a little util that sees if other copies using the same license are running on the network (who, me?) and was prompted by Windows telling me that the service had been blocked and did I want to Continue Blocking, Unblock or should it Ask Me Later.
Well, so far, choosing Ask Me Later has enabled (for testing, of course) running multiple copies of single license software when we would not have been able to previously.
Neat! Thanx Bill!
Re:It was to be expected... (Score:3, Insightful)
Of course MS is making users pay each upgrade - with their exploit ridden code, poor programming decisions, and heavy handed activation tactics, inconsistent UI, predatory business practices, FUD-filled marketing and the push to DRM lock in - every user of Windows pays. Through the nose.
I will happily move up to 10.4 when it comes out, and pay for it too. I like supporting a company that fixes exploits before they've been in the wild for months,
Re:It was to be expected... (Score:3, Interesting)
with their exploit ridden code
I've been running various versions of Windows for 7 years now, and have not been exploited once. Sure, there are exploits in there, but they only catch the incautious and foolish. Avoiding them is *easy*, with a little computer literacy.
poor programming decisions
I can't comment on that, and nor can you, unless you've been privvy to some of those decisions. I'll agree that some of the *design* decisions are curious to say the least, but that may well have been m
This has to do with... (Score:2, Interesting)
That Explains A Lot (Score:3, Insightful)
Anyway, I could have sworn the laptop ran faster before I put SP2 on there. I never bothered to benchmark it, but it seems slugish now. And it's not a weak machine (as far as laptops go). 2.4GHz with 1GB Ram.
I'm not about to undo everything I've done. I've installed way too much, and don't want to worry about breaking those apps by removing the patch.
Oh well. I'll just live with it. It's not my main machine anyway, just something to do some DB work with.
Re:That Explains A Lot (Score:2, Insightful)
Another benchmark test (Score:5, Informative)
They should compare a PC with SP2 and one with SP1 with a third party firewall.
Re:Another benchmark test (Score:2)
Why- (Score:5, Interesting)
This wasn't even a readable story - just a small synopsis of a story that will be featured in Mobile PC mag next month. There could have been plenty more info, but instead we got two paragraphs.....
OTOH, is an average 9% drop in performance even an issue? I mean, 9% in office apps is nothing....Who needs high performance when typing, making spreadsheets, or even a PowerPoint presentation?
This (once again) illustrates the MS push towards security over performance/compatibility
-thewldisntenuff
Re:Why- (Score:3, Insightful)
I agree. Who gives a shit? When was the last time someone actually upgraded their computer because Word was too slow? Please!
Unless you're playing new games there's no reason to be running anything newer than a Pentium II.
Re:Why- (Score:3, Interesting)
OTOH, is an average 9% drop in performance even an issue? I mean, 9% in office apps is nothing....Who needs high performance when typing, making spreadsheets, or even a PowerPoint presentation?
Hmmm, I guess you've never been in a corporate business office, where excel sheets running into hundreds of pages are opened. Or business plans and product specs that run into hundreds of pages are opened.
Why go that far, you've ap
Re:Why- (Score:2)
What are your system specs?
How much RAM have you got in your system?
Re:Why- (Score:2)
I just meant that slowing down of office applications by 9% is not something insignificant, and it sure as hell hurts some of us.
Re:Why- (Score:2)
A latency compared to what? Like "oh no, my ethernet latency is now 330us rather than 300us. Better call the network guys so they can fix it"?
Coral Cache Link (Score:3, Informative)
Positives and negatives (Score:5, Insightful)
However, in my experience it's harder now for sites to push ActiveX controls and executables to your PC now, unless you do a bit of tweaking or visit a deliberately malicious site.
Considering the system drag that occurs when the average user installs spyware inadvertently, I'd say the SP2 drag ought to be cancelled out for the time being, as it's a bit harder for spyware to propogate under it.
Putty and SP2 (It's a business app, really! ;) ) (Score:3, Interesting)
Re:Putty and SP2 (It's a business app, really! ;) (Score:2)
Welcome to Windows upgrades (Score:5, Interesting)
Period.
I wonder (Score:2)
Poll question! (Score:4, Funny)
I'll even conclude in the article that running linux will solve world hunger and even do my laundry.
Re:Poll question! (Score:4, Funny)
Nothing to see here; move along.
Re:Poll question! (Score:2)
http://msnbc.msn.com/id/4638886/
Note that Linux can actually only inform you when your laundy is done or when there is availability for you yo do your own laundry. Also note that I have no evidence that CMUs system is Linux based.
So yea....
Re:Poll question! (Score:3, Informative)
Reality check (Score:3, Interesting)
Games are a different beast, but does the user even care if loading a spreadsheet takes an extra second or two?
2 things (Score:3, Insightful)
The slowdown could mean that MS cut some corners and traded speed for security in XPs' pre SP2 version. While fixing security problems they had to perform some extra checks and that dragged performance down. Or, they could've discovered some serious architectural issues with fixing new holes, so they had to do it in a slow and inefficient way due to the fact that their architecture wasn't designed with those checks in mind.
On a side note, I experienced a significant slowdown when running Norton AV that supposedly does a bunch of extra security checks. File and network performance became unbearable at times. It got so bad that I had to ditch NAV so now I am reverting my Windows system every day (I run it under VMWare, Linux is a host system). I found this setup + Zone Alarm to be a better answer to endless Windows security issues.
I think the problem stems from the testing itself (Score:3, Insightful)
Hello morons, turn off DEP (Score:3, Informative)
Note the
Well known cause for much of the slow down some people find with SP2. Of course, this opens you up to morphic/purposefully overwritten code exploits, but such is life.
Re:Hello morons, turn off DEP (Score:3, Informative)
Currently, the only x86 processors that support No-Execute functionality are the AMD 32/64-bit Opteron and Athlon-64.
Since this doesn't affect Intel, this can't account for all the slow-downs people are expieriencing.
(Not that I bothered to read the article in Mobile PC.)
Re:Hello morons, turn off DEP (Score:3, Informative)
so its come to this. (Score:5, Funny)
Isn't that how it always is (Score:5, Funny)
hmm only 9% performance hit? (Score:3, Interesting)
The second attempted install got about 2/3rds of the way done and then crashed resulting in an unstable system. The partial install could not be completely removed, and the machine would crash often, another reinstall from scratch.
the third attempted install died in the early stages repeatedly (about 15 seconds after starting the install) and never got past that point.
These were three completely different systems with different software installed, but all ended up with the same result, no SP2 without a complete clean installation of XP first. I'm so disgusted with MSs QA right now, I never plan to install SP2 again, because my time is too valuable to spend entire days rebuilding systems just because they can't write updates to their software.
Hell in Gentoo and Debian I update the entire system with a single command and download hundreds of software packages equalling hundreds of MBs and it all goes smooth as silk, can't MS figure out how to copy files from an update package into the system without blowing it all to hell?
Re:hmm only 9% performance hit? (Score:2)
but whatever
Re:hmm only 9% performance hit? (Score:2)
News Flash! (Score:5, Funny)
Similar problems have been found with XP SP I, the original XP, along with Windows 2000, 98, ME, CE, 95, and 3.1.
It really sounds like this is the DEP feature. (Score:3, Insightful)
Sheesh, slowdown! That's nothing... (Score:5, Funny)
For the sake of Fairness: (Score:4, Insightful)
Defragment C:! (Score:4, Interesting)
XP SP2 can give you a serious headache (Score:4, Interesting)
Does anyone have a weirder SP2 effect?
Re:XP SP2 can give you a serious headache (Score:3, Funny)
Hang on, remind me again why people use Windows?
Re:Of course. (Score:5, Interesting)
Bollocks. Reinstall XP? Did you atleast try removing SP2 to begin with? You could atleast set a system restore point before you do any major upgrade that contains patches and/or including third party drivers.
I am no Windows fan but just trying to make it sensational that you had to reinstall XP from scratch doesn't really do anything. I have installed SP2 pretty much after it was released and have had no problems. (Well, of course some people are going to see glitches considering the size of that damn thing).
And maybe, just maybe, did you think of the possibility that your *P2P* app might be the bugger. Just a thought.
Re:Of course. (Score:2)
Re:Of course. (Score:2)
Re:Of course. (Score:2)
Re:Of course. (Score:2)
Heaven help you... (Score:2)
Re:Of course. (Score:2)
Do XP's restore install--it reinstalls the base operating systems (ie, c:\windows) entirely from scratch, but keeps all your apps and doesnt touch c:\documents and settings. This mean you get your desktop and HKEY_CURRENT_USER reg keys...basically everything you want (c:\documents and settings\USER is the same as ~USER on lunix)
You might be hitting the socket limit.. (Score:5, Insightful)
In other words, suppose you have an app which tries to open 30 tcp sockets simultaneously. Some of them will get delayed by the OS.
This is to try and thwart the speed of worms or DDoS programs - which very often try and create a zillion tcp connections that never end up connecting.
Unfortuneately, it has the side effect of hurting some p2p apps (like bittorrent) and some web browsing configurations...especially if you've changed the registry value that sets the # of simultaneous socket connections IE will make to the same site. The default is like 3 or 4, but if you upped it to say, 20, and then hit a site that had 30 images all on the same server... it is likely that some of your http requests will get queued until other connect() attempts complete the handshake.
Does it suck that this is affecting some browser and other scenarios ? Yes. The topic is under discussion internally at microsoft.
The _intent_ was to try and slow down the spread of worms/ddos attacks in the event a machine got compromised....a good goal to have i think anyone would agree..
The implementation, however, does have disadvantages
If you decide to try SP2 again, anytime the connecting socket limit is reached, an very specific/obvious event will be logged in the eventlog. If you are experiencing slower network interactive speeds, try looking in the logs to see if you're hitting it.
One mitigation, by the way, is to have a proxy (i.e. squid) on another machine.. that way your handshakes from IE resolve _Very_ fast and your sockets rapidly go from handshake to connected...thus reducing the likelihood of you hitting the queing behavior.
Re:You might be hitting the socket limit.. (Score:2)
Hey. 1998 called. They want HTTP 1.0 back.
chuckle :) (Score:2)
Get to work, proper-way-guy! (Score:2)
The world is waiting. Get to work, mr. hot stuff. Please show Microsoft and the whole world how an OS _should_ be written.
The world will continue waiting because no completely secure operating system exists, much less a completely secure operating system that has the features and behaviors that cu
Re:Get to work, proper-way-guy! (Score:2)
I
What configuration of outlook (Score:2)
I would say i get at least 1 word attachment per day in my work email box.
When i double click on the attachment, a dialog box asks me if im sure i want to open it, given me the option to open, save, or cancel
Now, i haven't opened any word docs with macros lately, but when i open an excel document with macros, i get asked if i want to enable them or not.
This is with Office 2003.
So, what configuration of outlook do you have where trying to open a word document fa
Re:What configuration of outlook (Score:2)
Outlook XP, and 2000 by default disable access to all
According to this.. (Score:2)
As far as needing VB programmability in excel - billions of dollars every year are managed by embedded VBA inside of excel spreadsheets. And thats just what i know about one small part of one company.
Re:You might be hitting the socket limit.. (Score:3, Informative)
That's not what it's doing at all, you can still have as many simultaneous connections as you want. What you can't have is more than 20 connections waiting to completely open; any more than 20 get queued until some of those 20 have completed (or failed).
Sure, sucks if you run apps that regularly open up a whole bunch of connections to hosts that may or may not be answering right now, but having checked my logs it's only happened to me a h
Re:Of course. (Score:3, Funny)
Thankyou for displaying your unbelievable lack of technical competency. The rest of us would've uninstalled SP2.
Re:Intentional bloat? (Score:2)
No, Windows beat OS/2 because... (Score:2)
Also, I seem to remember some backstabbing on Microsoft's part, but I don't remember the details. I think it involved snatching all the good parts of OS/2 and dropping them in NT, then abandoning OS/2. That said, why anyone would run NT 3/4 if OS/2 was an option is beyo
WINDOWS (Score:5, Funny)
Re:WINDOWS (Score:2)