[dba-SQLServer]Is it just me?

Francisco H Tapia fhtapia at hotmail.com
Mon Sep 22 15:41:04 CDT 2003 

John Colby wrote:

>>http://www.w2knews.com/index.cfm?id=434&search=sp4

<snip>

> So there you have it.  HUNDREDS of important security fixes which you are
> not installing.

John I am notoriously always making sure my system is secure, I run 
Sygate Personal Firewall (which is probably "THE" best firewall around) 
and run TrendMicro PcCillin, as well as spybot for searching for 
possible missed trojans.

Recently I've stopped surfing the web with IE, now I use Mozilla 
Firebird which does not suffer from the same security exploits as IE. 
I've restricted IE's access to and from the internet so I'm now prompted 
by my firewall if I wish to allow particular software to call home. 
Also SP3 and 4 both contain services that like to call home to 
Microsoft.  in SP4's agreement screen they are clearly outlined so that 
you can turn them off if you so wish... the problem is not it calling 
home heck my Anti-virus and Firewall software already do that, but the 
fact that I don't need anything else timing out and causing slowdowns on 
my pc.  I like it running as fast as bleeding possible.


> And no, I don't have the time to TEST, TEST, TEST.  The man is talking to
> professional system admins, not the lonely developer sitting at his home
> office trying to get some work done.  And any relevant problems aren't
> likely to just jump out and grab me by the throat in any case.

Yes the article and specifically the eZine's target audience are System 
administrators of Windows 2000 systems.  However you're missing the 
point, they are responsible for making sure that the enterprise is 
always up and running.  Thus following partical advices from system 
administrators that choose stability and security over bleeding edge 
patching, you can maintain a reliable OS.


> So you are sitting at SP2, refusing to install the HUNDREDS of important
> security fixes that SP3 provided, never mind SP4.

Yes, I'm also refusing all the other bugs that can cause my virus 
scanner and other software from crashing or running unreliably.  Not to 
mention that Sql Server 2000 Developer "IS" running on my home machine 
at SP2, and well not at all on your machine w/ SP4.  hmmm I choose a 
running system... you?

> Again, I don't care whether you do, just knock it off with the "Mr. Windows
> update" crap.  I respect you opinions very highly, but that stuff annoys the
> hell out of me.

Thanks John, c'mon you know I'm needeling you at the ribs... it's not 
like I'm saying "Unbound Forms are easier to program than bound forms" ;o)


> John W. Colby
> www.colbyconsulting.com
> 
> -----Original Message-----
> From: dba-sqlserver-bounces at databaseadvisors.com
> [mailto:dba-sqlserver-bounces at databaseadvisors.com]On Behalf Of
> Francisco H Tapia
> Sent: Monday, September 22, 2003 1:50 PM
> To: dba-sqlserver at databaseadvisors.com
> Subject: Re: [dba-SQLServer]Is it just me?
> 
> 
> John Colby wrote:
> 
> 
>>Hmmmm...
>>
>>I will be running IIS, just haven't gotten around to re-installing it.
> 
> 
> Seems like a perfectly good reason to install SP4, but only after going
> through Sql Server install, and I'd even look at installing IIS before
> the SP
> 
> 
> 
>>AFAIK I can't "roll it back" though.
> 
> 
> When you Install SP4 you are asked if you would like to backup the
> critical files so you can roll back the installation.  You simply visit
> Add/Remove programs and run the Roll back from there.
> 
> 
> 
>>I can just do a reinstall of Windows.  This is a clean install from last
>>weekend, nothing else but SQL Server installed yet.  I install the latest
> 
> SP
> 
>>just to avoid all the bajillions of files the Windows update wants to
>>install if you don't apply the service packs.  So is SP5 on the way to fix
>>the SP4 issues?  ;-)
> 
> 
> Not an SP5 per se, but I've heard rumors that an SP4a or 4b will be
> making rounds to fix the Sql Server connectivity problems, (AFAIK).
> 
> 
>><rant mode on>
>>
>>>MR WindowsUpdate ;o)
>>
>>
>>I have never made any claim that SPs don't cause new problems, only that
> 
> it
> 
>>isn't generally worth my time to spend the weeks required to understand
> 
> the
> 
>>issues re what the fixes are, what gets broken, what gets fixed, whether
> 
> the
> 
>>fixed outweighs the broken etc.  My job is to write databases, not spend
> 
> my
> 
>>life researching SPs.
> 
> 
> I never implied otherwise... I don't like to spend time researching SP's
> and whether they or any other critical update file is going to fix or
> break my pc.  I like a stable OS... which is why I run Win2k Pro on SP2
> 
> 
>>It seems ludicrous to me that a company the size of Microsoft would spend
>>their time fixing bugs, tell me that I should install the SPs so that
>>whatever bugs they have found and fixed are taken care of, then I either
>>refuse (and don't get the bugs fixed) or spend my life researching whether
>>or not to trust them.  Of course they screw up, so do I (VERY
> 
> occasionally).
> 
> oh c'mon John ;o)
> 
> 
> 
>>But I can't spend my time being paranoid that they have screwed something
> 
> up
> 
>>in fixing their original bugs or spend my life being paranoid that because
> 
> I
> 
>>haven't applied the bug fixes something nasty is going to happen.  With
> 
> all
> 
>>the nasty viruses floating around, it seems that applying service packs
> 
> just
> 
>>makes sense.  And I haven't seen ANY dire warnings not to apply any given
>>Win2K SP in all of the MANY EZines that I scan over the average week!
> 
> 
> 
> sure there has.. win2kNews.com
> http://www.w2knews.com/index.cfm?id=434&search=sp4
> 
> 
> 
> 
>>I really don't much care whether you apply the SPs, but having been in
> 
> this
> 
>>business as long as I have, I certainly expect MY customers to apply MY
>>service packs!  And if they refuse... it's on their heads.  Your head is
>>your business.  I'm applying the damned service packs!
>>
>>And I truly get annoyed when it's implied that I'm being silly (or stupid)
>>in doing so.
> 
> 
> Not implying your are silly or stupid in doing so, I did question your
> loyalty before, for trusting Windows Updates so dearly.  And you are
> talking about 2 diffrent types of updates... first, your sp to YOUR
> customer is much more customized and YOU will respond much quicker than
> a large organization like MS.  Please bear in mind I dont' HATE
> microsoft, I just beleive that they have reached a point where they are
> soooo big that your request is lost in the midst of MILLIONS of emails.
>       Ceratain errors that you see and someone else does not, is not
> easly addreasable by the company because there are either more pressing
> problems or they are willing to accept that x% of the pie is having
> problems and that's just the way it's gonna go.  MS's OSes support about
> the widest range of hardware than any other OS out there (I realize
> linux supports most hardware too but if that hardware hasn't been
> written for it'll probably be hard to find).
> 
> So SHOULD you blindly install an SP given to you by MS w/o TESTING it
> first?  NOOOOOOooo, test it on another system, or join a newsgroup and
> find out if they are having any issues w/ that SP... if so then you'll
> know before you install, should you do this? YES, because SP's DO cause
> problems.  Some are more worth it than others is all.
> 
> 
>><rant mode off>
>>
>>John W. Colby
>>www.colbyconsulting.com
>>



-- 
-Francisco
Firebird the browser that blows the competition away. Can you feel the 
fire?

More information about the dba-SQLServer mailing list