CGoban 3 Offline Installation / Discussion

xela: I haven't used Vista yet, but does it really have to be this complicated? Isn't it enough to download cgoban.jar and then double-click on the downloaded file to start the application? I'm pretty sure it works that way for earlier versions of windows and for macintosh. (On linux you need to use the command line -- java -jar cgoban.jar -- to start the application.)

RobertJasiek: Simply double-clicking the jar file (even if it is in the system32 directory) under Vista opens the program due to the jar file association but leads to errors for every internet connection attempt. Maybe there are settings for Windows or in JRE so that execution by double-clicking the jar file becomes possible under Vista, but I could not find any so far. - Of course, it is possible to simplify method 3 a bit if one does not care for one's outbound security in a firewall, e.g., if one uses Windows' own firewall with its default settings to allow all programs (i.e., also each trojan) outbound access. However, such carelessness would be stupid; these days no one should be so naive any longer when connecting to the internet. Similarly one could disable Windows' UAC, but this is actually one of Vista's best features. If one does not care for security, then why already use Vista instead of XP? - I strongly suspect though for method 3 that there must be a way to use the jar file in one's program directory instead of putting it into the system32 directory, but I could not find out how yet. Does any Vista expert know it? - You could further simplify the procedure by not coldstarting Windows, but such simplification is risky because Windows wants to know what has been happening to its system directories and Windows' preferred method to become aware of it is still contained in the processes run during the Windows start procedure. Not coldstarting after some installation of an application increases the risk that Windows will suck some time sooner rather than later. - You might also always login to Vista as administrator and thus ignore the method's advice to login as administrator, but why use a pretty secure operating system at all if one does not take advantage of its security features, i.e., does not create any user for ordinary Vista usage that is not the administrator account?

Anonymous: Note that it is completely pointless to install CGoban3 offline and that no benefit whatsoever is to be derived from doing so. It is highly recommended to install it normally from the download page at http://www.gokgs.com/download.jsp

RobertJasiek: The benefits of the highly recommended offline installation are:

• Installation can be repeated at any time even when the files.gokgs.com server is down.
• Security is increased because the complexity of numbers of involved files and executables during the installation is reduced to just one new file. (Security experts generally agree that greater complexity means a greater security risk.)
• Security is increased because the number of extra processes during the installation is reduced to zero. As a consequence, in particular the number of additional online processes during the installation is reduced to zero. (Any extra process is a potential extra aim for an attack.)
• Security is increased because verification of file integrity, software restriction policies / AppLocker, personal firewall / HIPS rules, and integrity levels can be updated without unnecessary side effects related to being online.
• Security is increased because separation of user accounts on one's PC and user access rights can be applied much more securely when (under Windows) downloading is done with a standard user and installation is done with an administrator user.
• Installation fits into a strong security concept.

The security and availability advantages are so great that it is irresponsible by Anonymous to speak of "completely pointless" and "no benefit whatsoever".

Phelan: That may be true, but why not leave the note about the official installation and not contacting the admins at the top? It would at least make people think about what they're doing, and stop newbies from messing up an offline installation.

RobertJasiek: The absolute minimum for a wiki webpage is to be on-topic according to the page title. That is about offline. The official method is an online method and therefore off-topic. Nobody stops you from creating yet another page comparing advantages and disadvantages of either basic installation context.

Ian: Actually that is just not true at all, it is yet more rubbish peddled by Robert, even more ridiculous than his theories on tiebreak statistics.

RobertJasiek: Ian, if you make statements and want them to be accepted, then provide reasons, stay on-topic, and remain factual.

Ian: Why bother on a page that is a waste of time? I think the security risk entered into by using vista as an operating system is far greater than any theoretical exploit that you might fear.

RobertJasiek: My experience with Vista tells me the opposite. (If you do not bother about the page, then why do you waste time on it?)

o_0: i use the cgoban.jar under vista. ... and i got no problems to start it with double-click. online or offline.