Slashdot Mirror

Yup. There's also a lot of administrative tasks you simply can't do--the inability to give one user full access to another user's mailbox being a glaring example.

Mailbox sharing and delegation has been available and BPOS for a very long time.

Actually, keys I could stand to see removed:

Caps Lock
Insert
Scroll Lock
Pause/Break (only useful for System Properties shortcut or to read text on bootup)
Right Windows Key
Menu Key

Keys that would be more useful:

Bold
Italics
Cut
Copy
Paste
Print
Save
Select All

That said, F-Lock wasn't a horrible idea, just a bad implementation to remove F-Keys which are useful in Explorer and Programming. And all us programmers have all the Ctrl keys for those memorized anyway.

It's easy to write your own keyboard driver with the Microsoft Keyboard Layout Creator. I made one that allows me to type all the stuff I used to bring up the character map for by giving myself an AltGr key on my right Alt. I can now type copyright symbols, fractions, Greek & math characters, European language characters, etc. with ease.

Um... Microsoft is actually an advertiser (well, ad provider).

I understand that, but it's not their bread and butter. This is the Microsoft breakdown for 2010, in revenue, in billions, by division. Advertising is included in online services:

Windows/Windows Live - 18.4
Server/Tools - 14.8
Online Services - 2.1
Business - 18.6
Devices/Entertainment - 8.0

Out of the 2.1 billion made from online services, 1.9 billion of that was from advertising. So, out of Microsoft's 2010 revenue of 62.4 billion, 1.9 billion, or 3%, came from advertising. Compare that with Google's income from advertising to see why I identified Google, and not Microsoft, as an advertiser. Microsoft sells software, and Google is an advertiser. It doesn't matter that Microsoft does a little advertising and Google sells a little software, I'm talking about core business.

http://www.microsoft.com/investor/reports/ar10/10k_fr_dis.html

Why? This isn't a bug in WiX, it's a bug in Microsoft's unit tests for MSIs, and according to the first hit on their page when I google Vista logo certification you have to use MSI and pass ICE57 if you want to be certified. So it doesn't matter what you use to create your installer: you still come up against the buggy unit test.

Some details about the guy in his hiring announcement:
http://www.microsoft.com/presspass/press/2003/jun03/06-23cullenpr.mspx

His background is in the Canadian banking industry...

"Cullen holds an MBA from Richard Ivey School of Business at the University of Western Ontario. He is a founding member of two networks of chief privacy officers and is an active public speaker. "

Except when the warning or error is wrong. I spent Friday afternoon trying to avoid an error in a WiX compilation and concluded that the only way to do it was to deliberately introduce a bug. ICE57 believes that the DesktopFolder is "per-user", whereas it should be "per-user or per-machine" because it changes according to the installation context.

Except when the warning or error is wrong. I spent Friday afternoon trying to avoid an error in a WiX compilation and concluded that the only way to do it was to deliberately introduce a bug. ICE57 believes that the DesktopFolder is "per-user", whereas it should be "per-user or per-machine" because it changes according to the installation context.

They are likely grateful that people are using their software rather than the superior (and free) Microsoft Security Essentials. (Yes, MS makes a piece of software that is superior in virtually every way to its competition. Hard to believe, but it's true.)

http://www.microsoft.com/security_essentials/

Security Essentials isn't "free" for businesses with more than 10 PC's. The original owner of the Avast licence had 14 PC's so wouldn't qualify for Security Essentials.

As Microsoft Security Essentials is offered for free for personal and small business (up to 10-PCs) use, the only reason I can think of to pirate AV software is because you're also pirating Windows and can't pass the WGA validation test. Even then why bother...just use the free version of Avast that doesn't care about WGA validation.

MSE is free, but it is from Microsoft - you need at least one other AV program on your system to check up on it.

In all seriousness, not sure about Avast, but AVG has taken to making it nearly impossible to locate the free version of their AV software. It might actually be easier just to download it from a warez site (and if you are downloading an AV scanner, even if it comes with a virus it will be able to remove it, right? RIGHT???).

They are likely grateful that people are using their software rather than the superior (and free) Microsoft Security Essentials. (Yes, MS makes a piece of software that is superior in virtually every way to its competition. Hard to believe, but it's true.)

http://www.microsoft.com/security_essentials/

As Microsoft Security Essentials is offered for free for personal and small business (up to 10-PCs) use, the only reason I can think of to pirate AV software is because you're also pirating Windows and can't pass the WGA validation test. Even then why bother...just use the free version of Avast that doesn't care about WGA validation.

so what's great about WP7 is that it will tie the phone to the Windows Desktop PC? Leveraging that desktop worked for desktop products but it has never worked for them otherwise. Seeing how Android is already hear and moving forward fast, WP7 without any compelling reason over the competition is a yawner.

There's nothing which ties the phone to a PC except for loading music and video. That isn't even limited to Windows because there is a Mac sync client in beta. You can set up your Windows Phone, sync all your contacts from Windows Live, Google Contacts or Exchange without even touching a PC. Even photos you take can automatically be synced to Skydrive, Facebook or both.

And what's up with using Sliverlight as the "native" development platform for WP7? I would have figured it would have been MS .Net. Way to go Microsoft for looking pretty schizophrenic on the vision thing. You know, that stuff you seem to say Google has none of when spreading your FUD about other companies instead of taking care of your own house.

You don't seem to understand that Silverlight is the .Net framework. It is simply a specific set of .Net libraries and sub-set of the general API targeted at a smaller footprint (eg browser or phone)

The internet isn't really a place to gain an informed opinion over things.

Yes, you are correct. Opinions should all be tossed out. Pure info is what the Internet is all about. Pick a language and a FOSS project, develop away, it's a great learning process that I've found much more "educational" than formal education.

Teach yourself C++: C++ Annotations, C++ Language Tutorial... ... or Perl: Perl programming documentation, or JavaScript,
or Java.

Just search the web, you'll find everything that any professor will ever be able to teach you online. Need guidance, clarification, or to ask a question? There are free online forums for that too... Yes, the Internet on average, much like the FM band, has more signal than noise, but similarly you can easily tune your into the signal you need.

Consider this: My Java "professor" gave an assignment where we read in rows of data from standard input, and output the table sorted by a certain column's value. He offered extra credit for proper alignment and justification of the table's cells... "WTF? Really?", I thought.

I used the Collections framework along with Swing to provide a GUI w/ sortable & justified JTable columns instead of doing character counting and sending extra spaces with the text to the standard output. He gave me a C. Another student used the Formatter to provide printf style formatting... also got a C, WTF! Go beyond the prof's teachings & expectations to meet a requirement, get a poor grade... That's dumb and counter productive.

In the real world, you try not to re-invent the wheel, this college course was not teaching practical programming; It was so far beneath what I learned already online, on Java's own website, I dropped the course (waste of time). Sure I can write a merge sort, or programatically align console text output, but that was not what the assignment said: "Provide a tabular output sorted by the 'Name' column." We learned merge sort 2 weeks prior, but the "professor" would not move on.

Not having a "degree" myself, I frequently answer questions that "Degree" holding graduates ask in online forums... Why? Because they didn't learn what they needed to know in their courses.

You would be hard pressed to find a programmer that doesn't have some form of documentation open in another window, screen, or context menu while coding. IMO, besides learning about algorithms and complexity, the language specs & online tutorials are all you really need. I find paper books pale in comparison to down-loadable, copy&paste-able free, online resources. Also note: As a programmer you will be expected to keep up to date with the ever changing languages you learn. All of these changes are easily accessible online too.

There's a lot of noise and very little quality signal to use and without having a degree to start with it's pretty much futile in terms of knowing what is and is not reliable information.

I call bullshit. See esp. the Java link above, your arguments are ill-informed, and reek of FUD. Search google for "java tutorial", or "$any_lang tutorial" and you get some pretty damn reliable, pure "signal" information about what you searched for.

Are you really arguing that Language specs & Tutorials from IBM, Microsoft, etc, and docs from a language's main website (such as http://perldoc.perl.org/

Microsoft announced Silverlight 5. Scheduled bata release it 1st half 2011. Announcement here.

You guys do realize that Windows (and other OSs) have had serious vulnerabilities in shared libraries that are used in pretty much every application (including Firefox or Chrome) that parses image data or audio. With the GDI+ vulnerability, all the page had to do was load one malicious JPEG advert and you were pwnt. There are many other examples with audio libraries and such, go ahead and Google it.

Is it even possible to have broadband these days and not have a router or gateway acting as a hardware firewall?

And how would you get a virus by just visiting websites? I use noscript and only unblock it for trusted sites, and I certainly don't have Adobe Reader installed (god forbid).

And what kind of email client gives you viruses by opening email? You'd have to run an executable attachment or open a specially crafted data file. I use webmail anyway (doesn't everyone?).

Yeah, you should be fine, just as long as you don't ever browse any sites that load JPEGS or PNGs.

Is it even possible to have broadband these days and not have a router or gateway acting as a hardware firewall?

And how would you get a virus by just visiting websites? I use noscript and only unblock it for trusted sites, and I certainly don't have Adobe Reader installed (god forbid).

And what kind of email client gives you viruses by opening email? You'd have to run an executable attachment or open a specially crafted data file. I use webmail anyway (doesn't everyone?).

Yeah, you should be fine, just as long as you don't ever browse any sites that load JPEGS or PNGs.

Really?

Find out what you need to know about installing and running Microsoft Security Essentials.
Minimum system requirements for Microsoft Security Essentials

Operating System: Genuine Windows XP (Service Pack 2 or Service Pack 3); Windows Vista (Gold, Service Pack 1, or Service Pack 2); Windows 7

* For Windows XP, a PC with a CPU clock speed of 500 MHz or higher, and 256 MB RAM or higher.

Here's the best free anti-virus I have ever used on the Windows platform. And, it works better than Norton and McAfee.

But does it work on Linux?

Well that's a load of crap. I've used it on several XP installations with no problems whatsoever.

Read the official requirements here:
http://www.microsoft.com/security_essentials/resources.aspx?mkt=en-us&s=1#mainNav

Find out what you need to know about installing and running Microsoft Security Essentials.
Minimum system requirements for Microsoft Security Essentials

Operating System: Genuine Windows XP (Service Pack 2 or Service Pack 3); Windows Vista (Gold, Service Pack 1, or Service Pack 2); Windows 7

        For Windows XP, a PC with a CPU clock speed of 500 MHz or higher, and 256 MB RAM or higher.
        For Windows Vista and Windows 7, a PC with a CPU clock speed of 1.0 GHz or higher, and 1 GB RAM or higher.
        VGA display of 800 × 600 or higher.
        140 MB of available hard disk space.
        An Internet connection is required for installation and to download the latest virus and spyware definitions for Microsoft Security Essentials.
        Internet Browser:
                Windows Internet Explorer 6.0 or later.
                Mozilla Firefox 2.0 or later.
        Microsoft Security Essentials also supports Windows XP Mode in Windows 7. For more information, see the system requirements for Windows XP Mode in Windows 7

That covers pretty much any home installation, with surprisingly low resource requirements to boot. Get out, troll.

Odd that this link says otherwise. Not saying that maybe the 32-bit download for xp doesn't work very well, but it is available.

Here's the best free anti-virus I have ever used on the Windows platform. And, it works better than Norton and McAfee.

Solution: Uninstall AVG and Symantec and try http://www.microsoft.com/security_essentials/ instead.

Maybe it will be free forever? Maybe it will stop all malicious attacks?

If you have Adobe Reader or Flash installed you absolutely DO get them by surfing the web. Go to a site where their ad network has gotten either hacked or just had a bad ad get by their "review" and it is a done deal. Turning on DEP for all processes, installing EMET (video on it here http://technet.microsoft.com/en-us/security/ff859539.aspx) and configuring it to protect acrord32.exe and your browser, installing Adobe Reader 10, keeping Flash up to date and using something like FlashBlock to control when Flash can run, etc. can all help out in this space. But for the average user who doesn't update Flash or Adobe Reader - they absolutely get infections just browsing the web. My boss and my brother in law both got a fake AV from reputable sites recently - the ad networks had served an Acrobat Reader exploit. I'll recommend MS Security Essentials as a free as in beer, low impact AV product. But I'd look into EMET if you haven't already.

"I used to recommend AVG as the free anti-virus solution to people, but Microsoft Security Essentials has a much smaller footprint, it doesn't harass you to upgrade to a paid version, and it has a better detection rate." - by Enderandrew (866215) on Thursday December 02, @04:04PM (#34422856) Homepage

Per my subject-line above - Agreed, 110%... & I used to do the same (recommend AVG Free, for folks that didn't have the "coins/dead-presidents" to afford a paid-for antivirus solution), until I tried MS Security Essentials (good stuff, surprisingly so).

My license for ESET's NOD32 64-bit (a great program in & of itself, but pay for ware) for Windows 7 ran out, & MS had JUST put out Security Essentials (a combined antispyware/antivirus program afaik, no less) & I tried it: Haven't strayed from it since!

APK

P.S.=> They update signatures like crazy too, around 2-4 times a day in fact (I do it manually from here -> http://www.microsoft.com/security/portal/Definitions/ADL.aspx so I get a "pretty good picture" of how often this program can update itself (automatically - which it can do but I choose to do it myself manually is all))... apk

What is the result of that money spent?

This is the result.

http://research.microsoft.com/apps/dp/pu/publications.aspx

You can form your own opinion after you've gone through it. Ofcource .. you should let us know what you've done in your life to make your opinion worth something too. Otherwise your achievement will simply remain at leaving a comment on a website. Hurray !

What /really/ needs them?

Well, unless you want to use UPnP, pretty much everything which wants to act as a server. (P2P, VoIP, HTTP/FTP, [Insert favorite user-hosted game here], etc, etc)

Since a very large percentage of the web surfing population is still using windowsXP or older, we can't use TLS (which has been around for ages).

I'm not sure I follow, what part of XP doesn't support TLS?

For instance, Microsoft researchers built tools that are helpful in testing very large and complex software, essential to try to guarantee that the code does what it's supposed to, he said.

He was most likely referring to things such as Pex. The problem is that it's for managed code, and a lot (probably most) of Microsoft shipping code is native.

When I read that (Office 365) I thought you were joking. The name must come from the number of days you can expect it to work properly each century.

The technology for sequestering detected infected clients has been in use for at least a decade.

Universities (some) have plopped (especially) incoming freshmen into a "click here to download your anti-virus update", with NO access to other (normal) internal NOR external resources until the machine comes up clean. It's not 100% effective, but certainly can reduce the problems.

Basically POP3, IMAP4 and HTTP connections are ALL hijacked for the sequestered "user" (RTP could be handled, as well, and all SIPs hijacked unless encrypted, in which case they fail).

The user gets an "INBOX" with ONE message, and a whereever-requested return HTML (or even text/plain) page that explains the problem, gives a phone number (recording) for "further information and support".

If this is rocket-science, we've long colonized Mars.

The idea is to both protect resources and reputation of the ISP, while minimizing "tech support" costs from the most-needy AKA most-ignorant-and-"entitled" users.

Since it's USUALLY Windows users that need such treatment, let's just point to Microsoft's answer:
[supposedly a PDF] http://go.microsoft.com/?linkid=9746317 by Microsoft Senior Vice President of "Trustworthy Computing" Scott Charney. Now, just why "preventing an infected computer from connecting to the Internet, like keeping a leper in a leper colony and away from society," is seemingly always described as "controversial" is beyond me. Maybe because computing "should be trustworthy, and not liable to continued infections".

Can anyone name one Microsoft Research project that has significantly affected the computer industry?

Yes.

Microsoft's natural language work resulted in the grammar checker in Word, which really is parsing sentences, not just looking for common errors. Microsoft Research used to give out a program you could plug into Word which let you see the sentence diagrams.

Microsoft has for years been doing serious work in automated proof of correctness for programs. "Spec#", the proof system for C#, was a research result. Another effort in that area involved automated verification of Windows drivers to determine if they could crash the rest of the OS. That paid off. In Windows 7, every driver has to pass the static verifier before it gets signed. Verified drivers may not drive the device correctly, but they don't crash the rest of the OS. (Yes, there's a formal undecidability problem. In practice, the system can either provide a proof or a counterexample for 97% of drivers submitted. The remaining 3% are typically flaky anyway; if your kernel driver has formally undecidable semantics, it needs a rewrite.)

There's more, but that's enough for now. Microsoft really does have one of the very few pure research groups left in computer science.

Seriously, you're thinking like a geek. Mind you, I don't mean that in a bad way. But I do mean that someone with your perspective is not someone who would most likely be disadvantaged by someone else hiding the URL bar, as you'd be wary and experienced enough to notice, and wonder what was up.

Yes, but by the same reckoning only a geek would go into the advanced options of the security settings in the first place. Considering that the facility is switched off by default, then you are worried about nothing.

a separate build that saves space would indeed be very much desired

I have used IE in kiosk mode to knock up an info system for customers. At no time was there a need for a cut down build of Internet Explorer. If you are using a system that can run Windows, then you can easily handle the normal browser code being loaded even if it isn't used.

Is there any utility for end users of a full-on desktop browser installation for an option to hide the URL bar? I see plenty of utility for others -- megacorps, phishers, and assorted other ne'er-do-wells -- but I can think of no compelling use for regular old end users.

I once wrote an HTML application (see also HTA) to categorise and sort my travel photos into my journal system. It was quite easy to do, and it didn't require all the heavy coding to do the graphics that was required by other languages at the time. It was quite convenient to make a program that used a completely borderless, full screen window in an interpreted language that required no additional install on a Windows computer.

I have also used pop up windows without an address line on some Intranet applications, although when they started displaying with the URL is wasn't a deal-breaker to be bother reconfiguring everyone's systems to hide it.

IBM really is a good second, but nowhere near MS.

Not quite, MS has a LONG way to go to catch IBM.

Microsoft Lands Milestone 5,000th Patent
source (2006)

IBM's worldwide patent portfolio exceeds 40,000 active patents.
source

Halo 3 also down-samples / up-scales VFX / HDR

Gamefest Unplugged (Europe) 2007: HDR The Bungie Way
http://www.microsoft.com/downloads/en/details.aspx?familyid=995b221d-6bbd-4731-ac82-d9524237d486&displaylang=en

One thing about AD & DNS servers (especially on an "in house LAN"): You, afaik so far from about a yr. of experiments on a LAN on the job, MUST use an AD DNS... or things like Outlook + Exchange tend to "hose up" & NOT work... just the way it goes (unless someone can show/tell me diff. & HOW (thanks, IF you can)).

I tried to direct my Windows rigs on an AD (active directory) to use OpenDNS &/or ScrubIT... didn't work out "too well" due to AD dependencies various apps & servers have working in combination!

(For reasons I noted to others here in posts replies on this subject)

Like I said above? Outlook (FULL, not "express") started "failing out"... so, I had to stick to an "in-house" DNS server.

I.E.-> You can't alter this to an external non AD DNS -> DhcpNameServer from here ( HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters ), yes, even though the entry is DHCPNAMESERVER...

(OR, you can do it "graphically" via GUI, here -> Local Area Connection (or whatever you called it) -> PROPERTIES button -> Internet Protocol Version 4 (TCP/IP) -> PROPERTIES button -> "Use the following DNS Server Addresses" (fill in the blanks - that's where I put in OpenDNS &/or ScrubIT DNS servers, vs. those from my ISP/BSP here @ home).

If any of you knows a way around that "hassle" on DHCP/DNS in an ActiveDirectory (AD setup)? Thanks!

(Yes - it's NOT dealing directly in HOSTS, they don't affect it, the DNS servers you use however, DO)

Thanks for the info., in advance...

APK

P.S.=> However, IF you want to alter the name resolution process? Look no farther than here in Windows:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\ServiceProvider

Lower #'s are higher order of precedence there... MS has a GOOD solid writeup on it here too:

http://support.microsoft.com/kb/139270

(And newer ones than that also).

I.E.-> That's where you can change the order as to what is looked at, first & descending order, for hostname/domainname resolutions in Windows... you can make your DNS take precedence, IF you wish, over a HOSTS file! apk

All this is fine as far as it goes, but it'll only work until our malicious plugin installer patches the browser binary and makes it skip the key check

The real problem is that we can't even trust the OS to behave. Once that trust is broken, there's really not that much you can do. DRM hits the same wall.

Those that would install "evil plugins" fall into two categories: normal companies and malware writers. If the problem you're trying to solve comes from malware writers (and leaving the Windows == malware discussion aside), then I wish you good luck on some sort of digital signature system.

On the other hand, if you're worried about Microsoft, Apple, and Google then the solution could be much simpler: the court system. (But simpler is a relative term...) At what point would a third-party patch (not just a plug-in) be considered a derivative work subject to copyright laws?

Encrypt the list of enabled plugins with a user password

"Encryption" is the wrong word here. What we're talking about is digital signing. The way it would work is that upon installation, the browser would generate a public-private keypair, encrypt the private key with a password of the user's choice, and save the resulting public key and encrypted private key to persistent storage.

At all times, the browser would store the list of enabled plugins and sign it with the encrypted private key. Nobody can generate a valid signature for a list of enabled plugins without the password, and the browser will not use a plugin list unless it comes with a valid signature.

All this is fine as far as it goes, but it'll only work until our malicious plugin installer patches the browser binary and makes it skip the key check; the malware could also replace both the public and the private key with replacements of its choosing. Either way, the user may or may not eventually notice that something is wrong, but if he does, it probably won't be a while, and he probably won't be able to track the malfunction back to the evil installer.

Malware vendors can also wait for the user to type his password when installing a different plugin, then use that password to generate a valid signature for a plugin list that includes anything desired.

The moral is that applications still need to be sandboxed. They're not protected from each other. Without OS-level protection, applications can do horrible things (often without needing elevated privileges at all). Half-measures aren't the answer.

That's been known in the TCP community for decades.

I looked at this back in my RFC 896 days, when TCP was in initial development and I was working on congestion. I introduced the "congestion window" concept and put it in a TCP implementation (3COM's UNET, which predated Berkeley BSD). The question was, what should be the initial size of the congestion window? If it's small, you get "slow start"; if it's large, the sender can blast a big chunk of data at the receiver at start, up to the amount of buffering the receiver is advertising.

I decided back then to start with a big congestion window, because starting with a small one would slow down traffic even when bandwidth was available. One of the big performance issues back then was the time required to FTP a directory across a LAN, where TCP connections were being set up and torn down at a high rate. So startup time mattered. The decision to go with a smaller initial congestion window size came years later, from others. This reflected trends in router design. I wanted routers to have "fair queuing", so that sending lots of packets from one source didn't gain the sender any bandwidth over sending few packets. But routers gained speed faster than RAM costs dropped, and so faster routers couldn't have enough RAM for fair queuing. Today, your "last mile" CISCO router might have fair queuing. Some DOCSIS cable modem termination units have it. But many routers are running Random Early Drop, which is a simple but mediocre approach. (The backbone routers barely queue at all; if they can't forward something fast, they drop it. Network design tries to keep the congestion near the edges, where it can be dealt with.)

Remember, every dropped packet has to be retransmitted. (Too much of that leads to congestion collapse, a term I coined in 1984. That's what the "Nagle algorithm" is about.) In a world with packet-dropping routers, "slow start" makes sense. So that was put into TCP in the late 1980s (by which time I was out of networking.)

However, the RFC-documented slow start algorithm is rather conservative. RFC 2001 says to start at one maximum segment size. Microsoft's implementations in Win95 and later start at two maximum segment sizes. In RFC 3390, from 2002, the limit was raised to 3 or 4 maximum segment sizes. (We used to worry about delaying keystroke echo too much because big FTP packets were tying up the 9600 baud lines too long. We're past that.)

But Google is sending at least 8 segments at start, and Microsoft was observed to be sending 43. Sending 43 packets blind is definitely overdoing it.

I wonder whether they're doing this blindly, or if there's more smarts behind the scenes. If their TCP implementation kept a cache of recent final congestion window sizes by IP address, they could legitimately start off the next connection with the value from the last one. So, having discovered a path that's not dropping big bursts of packets, they could legitimately start fast. If they're just doing it the dumb way, starting fast every time, that's going to choke some part of the net under heavy load.

MS only cares when something affects their bottom line. They, like most corporations, only care about profit.

I addressed that when I pointed out that half their market share was with clueless home users. It would be exceedingly unprofitable to ignore a massive part of their user base. Having people use their software at home also helps their market penetration with the businesses. A large factor in choosing the Windows platform at work is that the training costs are reduced because most people use Windows at home and will be familiar with how it works.

And that feeds back to their market share with home users because people will buy the product that they already know how to use at work. The cycle continues. This is the reason why Microsoft offers the Office 2010 Starter edition for only $2 per licence (for OEMs). They can't make a profit out of that, but it keeps home users familiar with Microsoft's products.

So you can see that while their motives may be profit driven, they certainly care about the user experience of the home user market (clueless or otherwise).

When has anyone, especially Microsoft, ever cared about them?

What a completely uncalled for comment. When did Microsoft care for clueless home users? When half their market share was with clueless home users. When they implemented the UAC (the corporate world already knew to setup limited domain user accounts). When they came out with the free Microsoft Security Essentials, which was designed for home users. When they implemented automatic updates because clueless home users never applied service packs. Or maybe when they did a better job of locking down the default settings in the latest Windows/Internet Explorer.

Sure, they don't do a perfect job, as this case shows. But you will find privilege escalation bugs on most operating systems and Microsoft WILL come out with a patch to fix the bug. All the clueless home users have to do is wait for it to be automatically downloaded and applied.

MS only cares when something affects their bottom line. They, like most corporations, only care about profit.

Wake up and smell reality.

If they stripped it down and provided only core services like OpenBSD it would be even better

You mean, like: Windows Server 2008 R2 Core ?

(I assume you mean "Windows Server", not "Windows Security")

Of course, a lot of admins assume that the "Core" edition is somehow magically more secure. In practice, it has the same default settings as the "full" editions, it just has fewer services and components, so there's less to patch. Real security comes from applying security templates that lock down the machine for a specific purpose, and tools like AppLocker, what restrict what executables are allowed to run.

If they stripped it down and provided only core services like OpenBSD it would be even better

You mean, like: Windows Server 2008 R2 Core ?

(I assume you mean "Windows Server", not "Windows Security")

Of course, a lot of admins assume that the "Core" edition is somehow magically more secure. In practice, it has the same default settings as the "full" editions, it just has fewer services and components, so there's less to patch. Real security comes from applying security templates that lock down the machine for a specific purpose, and tools like AppLocker, what restrict what executables are allowed to run.

If they stripped it down and provided only core services like OpenBSD it would be even better

You mean, like: Windows Server 2008 R2 Core ?

(I assume you mean "Windows Server", not "Windows Security")

Of course, a lot of admins assume that the "Core" edition is somehow magically more secure. In practice, it has the same default settings as the "full" editions, it just has fewer services and components, so there's less to patch. Real security comes from applying security templates that lock down the machine for a specific purpose, and tools like AppLocker, what restrict what executables are allowed to run.

When has anyone, especially Microsoft, ever cared about them?

What a completely uncalled for comment. When did Microsoft care for clueless home users? When half their market share was with clueless home users. When they implemented the UAC (the corporate world already knew to setup limited domain user accounts). When they came out with the free Microsoft Security Essentials, which was designed for home users. When they implemented automatic updates because clueless home users never applied service packs. Or maybe when they did a better job of locking down the default settings in the latest Windows/Internet Explorer.

Sure, they don't do a perfect job, as this case shows. But you will find privilege escalation bugs on most operating systems and Microsoft WILL come out with a patch to fix the bug. All the clueless home users have to do is wait for it to be automatically downloaded and applied.

or reverse engineering the ActiveSync protocol

Why? It is already documented.

Windows 7 will require the last know controller mode in BIOS that it was installed under. For example, if you switch it to AHCI or SATA from whatever mode it was installed under will cause a BSOD. That's because the service isn't flagged to be started.

You can change this post install via registry setting. Here's the KB on how to do that. http://support.microsoft.com/kb/922976

FYI I ran into this before when a Dell tech replaced the motherboard for a laptop. He had no idea what was going on and left the building saying it was a "software" error and to call back. Well, he was right. Be he should have documented the BIOS settings and re-applied them to the replacement board, or at least contacted internal support for further help on behalf of the client.

He explained how to compress an entire NTFS drive. I explained that this is often a bad idea. Which was hardly incidental.

Windows doesn't cache all IO. Read this and ask yourself why this functionality exists and why SQL Server uses it.

I'm well aware that databases run their own caches. I'm also aware that high-end databases bypass the OS cache. And I know that an UPDATE will most likely be accessing an in-memory page. I also know that reading 4K from a disk is faster than reading 64K or 128K. And that IO bandwidth isn't infinite.

I know that a filesystem is a database. And I've already given an example of a database in which compression is useful. But that doesn't mean that compression is always a good idea for all workloads.

If, as you claim, compression was a guaranteed win then IBM would surely make that very clear in their DB2 literature. But it's all "can improve performance", "may improve performance". Why do you think that is?

Anyway, I don't know why I'm bothering. It's completely obvious (and my experience) that for some databases and workloads compression will increase the amount of IO and that will slow the system down. I assume compression works for you but it's not a panacea.

The only thing the "trusted authorites" confirm is that the person who has the cert paid for it.

Some trust.

Wow! I had no idea! You should pay for a certificate for CN=www.bankofamerica.com, then MITM patrons at a nearby public WiFi hotspot, get rich, and move to Argentina.

But they don't authenticate the remote site. They just check that the remote site has a certificate signed by one of those super trustworthy people like Verisign or the government of China.

CAs can made mistakes. Good thing none of the people designing cryptosystems rely on infallibility -- that's why the PKI includes a thing called "revocation lists".

Also, turns out that in order to get your root trusted by vendors, you have to provide assurances. Policies from organizations such as Mozilla, Microsoft, and Apple are readily available. Feel free to make your own root, get it accepted everywhere, and take over Internet commerce.

In conclusion: put up or shut up. In-browser SSL offers strong assurances. If you believe otherwise, then by all means, exploit it.

Yeah AD group policy can do this very easily, no scripts required. http://technet.microsoft.com/en-us/library/cc772491.aspx

The documentation is still there. And as for me, I like the documentation of .Net much more than Java's. For example have a look at the documentation of .Net's List<T>.Add() method, that includes detailed explanation of the method, its time complexity, example usage and links to the same method in other versions of .Net. Compare that to the documentation of ArrayList<E>.add(), which is little more than one line.