CowboyTeal writes:
"Windows 8 is still being disputed as either the product of a genius or a nerdy sadist but that doesn't mean Windows 9 isn't in the works. That said, how would you guys improve Windows if you could change anything about it? Has windows 8 improved or degraded your overall experience of the Windows platform? If you're not a Windows user, what features would you like to see in Windows for possible assimilation?"
(Score: 5, Interesting) by Anonymous Coward on Sunday March 02 2014, @11:06AM
There should be a single checkbox in a control panel that disables all server features, stops all network services, and terminates all processes with listening ports. In workstation mode, a firewall should be completely unnecessary, because there would be no open ports and no incoming connections would be possible. A machine in workstation mode is a pure workstation and cannot be a server.
(Score: 0) by crutchy on Sunday March 02 2014, @11:27AM
nice idea but it wouldn't be enough
i'm working on a http relay that simply polls a public server with a conventional outbound request on port 80... no port forwarding or listening required
not sure exactly how malware like conficker works, but you can be pretty sure that it wouldn't be as obvious as a listening socket
(Score: 0) by Anonymous Coward on Sunday March 02 2014, @11:49AM
Workstation Mode wouldn't eliminate the need for Windows Defender. It would eliminate the need for Windows Firewall. The basic idea is instead of turning Windows Firewall ON, you turn OFF everything Firewall is protecting in the first place. Just like on any average Linux box, Netfilter doesn't even have to be loaded into the kernel if there simply aren't any listening daemons.
(Score: 1) by Aighearach on Sunday March 02 2014, @12:01PM
How about, Workstation Mode turns off everything except a VM runnig GNU/Linux.
(Score: 2) by VLM on Sunday March 02 2014, @01:22PM
You're confusing upper level management goals "client server architecture" etc with lower level implementation like packet filters.
I've worked at plenty of places where "workstations" not attempting to be "servers" at the architectural level none the less run all manner of VNC, SSHd, and some weird proprietary push administration apps that force out anti-virus updates and all manner of things. Don't just say "pull not push" because that can be very inefficient especially week days 9am eastern time, even if the pull response is nothing but "try again in $random_minutes"
Also how would you ensure a kernel exploit level malware equivalent doesn't directly talk to drivers or directly to hardware, or tell lies to your shutdown service...
(Score: 0) by HyperQuantum on Monday March 03 2014, @12:07PM
A nice idea but...
wouldn't this also break peer-to-peer applications as a side-effect?