Slashdot Mirror

OEM versions are only for new machines that will be resold. You cannot build your own machine this way.

http://www.microsoft.com/oem/en/licensing/sblicensing/pages/licensing_for_hobbyists.aspx

OEM System Builder Software
Must be preinstalled on a PC and sold to another unrelated party.

You are "pirating" the software if you do that.

OEM versions are only for new machines that will be resold. You cannot build your own machine this way.

http://www.microsoft.com/oem/en/licensing/sblicensing/pages/licensing_for_hobbyists.aspx

OEM System Builder Software
Must be preinstalled on a PC and sold to another unrelated party.

Speaking of creating jobs, what's taking them so long?

I'm not really sure who you're referring to when you say "them", but Amazon is actively hiring, and so is Microsoft...

If you are using hand-rolled SQL, most MySQL queries will execute on Postgres without much modification. However, MSSQL will be vastly different.

For example, look at these ugly MSSQL queries with explicit locking, which you will probably have to use as developers and DBAs can't seem to agree on a standard isolation mechanism:

SELECT COUNT(UserID) FROM Users WITH (NOLOCK) WHERE Username LIKE 'foobar'

and

UPDATE Users WITH (ROWLOCK) SET Username = 'fred' WHERE Username = 'foobar'

Also, there is no LIMIT / OFFSET keywords in MSSQL, you have to do crazy shit like:

WITH results AS (
        SELECT
                rowNo = ROW_NUMBER() OVER( ORDER BY columnName ASC )
                , *
        FROM tableName
)
SELECT *
FROM results
WHERE rowNo between (@pageNumber-1)*@pageSize+1 and @pageNumber*@pageSize

Source: http://stackoverflow.com/questions/187998/row-offset-in-ms-sql-server

You will soon realize that the Express version is super-limited (4GB max size, 1 GB ram, 1 core, no replication, etc.)
Source: http://www.microsoft.com/sqlserver/2005/en/us/compare-features.aspx

Postgres is highly tunable, but the defaults (that ship with many OSes) are for small footprints. This is an older document, but still relevant with explanations and the annotated config guide (bottom of page). Throw 8 cores and 16GB ram at Postgres, tweak the conf a tiny bit, and the feature set and performance will surprise you.

Tune Postgres: http://www.varlena.com/GeneralBits/Tidbits/perf.html

There's no reason to use MSSQL unless all of your development and applications are on Windows, and your development team can't use anything other than their IDEs in a limited way. Once you start using Postgres, and realize the power behind it, you'll never want to use anything else.

If, for some strange reason, your company wants to spend money and buy DB support, go for a commercial vendor of postgres. Enterprise DB has some nice management features: http://www.enterprisedb.com/products/index.do

Combine the built in firewall with Microsoft Security Essentials and keep with Windows updates and you'll generally have a secure system.

some kind of programming language feature where all buffer accesses were automatically checked by the machine.

God, yes! Visual BASIC could save us all, if we'd only repent and believe.

http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx ;)

Just to be clear, you're talking about OSX, right? http://www.microsoft.com/whdc/system/platform/server/default.mspx

You can get a patch here.

Actually the reporting process on Microsoft Connect is relatively active and you do participate with the developers and others in discussion. I have submitted other product feedback for the Windows Live suite which are just submitted via web and you are only contacted if the developers need to get ahold of you...but the issues always get fixed in the next version which is fine for me.

OSS projects needs to understand that the end user doesn't give a shit about participating in developer discussion or following it every step of the way...they just want their problem fixed.

As for the speed of Mozilla bugfixes, FireFox 3.x still can crash and lose your bookmarks and profile data which is an age old bug which has greatly frusterated many FireFox users for as long as I can remember. I don't care about the bug reporting experience when I'm rebuilding my lost shit, and it's never made me less pissed off when it happens.

Needless to say, I've never trusted microsoft security ever since :P

Windows Server never trusts the client to do any validation because the client could be running Windows 95, MS-DOS or even OS/2 which aren't even aware of NT security ACL's. If you're logged into a domain, even opening a local folder on your system causes the client to validate the permissions with the domain controller. Windows Server will straight out deny access at the file system level if those permissions are set correctly.

The problem is that Windows permissions are not well understood by many people. Check out this article for some examples of how ACE/ACL read order affects the end interpretation of an object's permissions.

I'd guess your issue was caused by a mismatch between the share level permissions and the actual file/folder permissions, which is actually a pretty common issue. You can set the access permissions for a share to deny a user but forget to set file/folder permissions and allow him full access. The result being that the share won't open for him but he can still open the folder if he accesses it locally or navigates to it from another share which contains the folder. There are some policies which set object access and they actually do depend on the client for security validation (I've seen systems where "C:\Windows" was denied by policy settings when double clicking the icon in explorer, but you could access the folder by opening it with "explorer.exe /n,".

Windows security is complex and can be a hell of a mess sometimes but it is solid when it's done right. It's no different than the issues people have with UGO style permissions on Linux servers. Many people will just chmod 777 and set the owner/group of a file to something from a forum to avoid an error message in WS_FTP or whatever PHP page gives them errors.

Mind you [CodeWeavers' support period is] not as long as Microsoft's but each upgrade does not have to be paid for.

The claim that upgrades have to be paid for is a direct consequence of these facts: 1. people desire continued support after the 12-month support period, and 2. "it's not as long as Microsoft's". So assuming one upgrades Windows every three years and CrossOver every 12 months, CrossOver isn't noticeably cheaper.

True but many people who play games have a dedicated game console, like Xbox, Playstation, or Nintendo.

There are plenty of Windows-exclusive games. They haven't been ported to Nintendo or Sony platforms due to these companies' blanket barriers to micro-ISVs' entry, they haven't been ported to XNA on Xbox 360 due to the lack of automated tools to translate standard C++ into a verifiably type-safe .NET assembly, and they haven't been ported to Mac OS X or Linux due to lack of potential ROI estimated from lack of market share.

in December 1998 I bought a new PC with NT4. I ran Windows Update last in January 2000, just over 2 years later, but when I did it said updates were no longer available.

Microsoft appears to have changed its support policy over the past decade. During the Windows XP era, the expectation was five years of mainstream support, but controversies around the delay of Windows Vista to near the end of this period (citations for which Google is failing to turn up at the moment) led to Microsoft's formulation of its current policy of five years after this version's release or two years after the next, whichever is longer.

1) Mozilla are good at lying about benchmarks (actually, we already knew that, they've been claiming the next big firefox release would be faster than everything for a while now)

Well, the next Firefox beta does include a new Javascript JIT. But I'm sure that couldn't make any kind of difference. Mozilla is clearly just lying.

The current Firefox betas also include hardware acceleration - supposed to be enabled by default now, but I had to do it manually. That makes a huge difference on some jobs that completely blows non-HW accelerated browsers out of the water. Check out this, for example.

Mac OS X: http://www.apple.com/downloads/macosx/games/role_strategy/foxminesweeper.html
Debian GNU/Linux: http://packages.debian.org/lenny/xbomb
FreeBSD: ftp://ftp.internat.freebsd.org/pub/FreeBSD/ports/i386/packages-8-current/games/xdemineur-2.1.1_1.tbz
Windows Vista: http://windows.microsoft.com/en-US/windows-vista/Learn-about-Windows-games

HA!

When it first came out, the .NET 1.0, 1.1, and 2.0 documentation was little more than the output of the Doxygen knock-off Sandcastle. Probably a little souped-up internally. But it was a vague definition of each function, and the parameters.

There was nothing describing when you might want to use each of the 5 or more different ways to accomplish the same thing. There were no instructions on how to properly ensure a database connection was closed. They came out with DAAB http://msdn.microsoft.com/en-us/library/ff649538.aspx to solve that - basically instead of best-practive and education, it's copy and paste this.

It took about 8 years for the documentation to catch up, and now it's fairly decent. But when I'm writing code and have a question, Google gets me to a programming site first, second option is a social.microfot.com website where the question is asked but notsatisfactorily answered, third option is random abandoned blog postings. If I know what I'm looking for, I can use google with "site:microsoft.com" or "site:msdn.microsoft.com" because the MSDN search is terrible (even after having improved, it's still terrible).

Most of the truly useful information that should be in the documentation/reference is posted on the product team blog. It's by design, because they want you to buy the book, published by Microsoft Press.

http://msdn.microsoft.com/en-gb/library/ms123401.aspx/ ... any good?

http://www.microsoft.com/opensource/

Wow. I guess Microsoft is open after all.

The most important date for support is the last-ship date, not the first-ship date. It doesn't matter how long the product has been out, it matters how recently customers bought it.

And guess what? XP is still shipping -- the current end-of-sale date is October 22, 2010. OS X 10.3 stopped shipping years ago. MSFT's official policy is to support XP until 2014. Why doesn't this include IE9?

[I am about to lose a mod point I just spent. But I couldn't let this go. Bah.]

Microsoft sued HTC over the use of MS patents in HTC's mobile phones that were running Android, much the same way that Apple has an ongoing suit against HTC. HTC decided to license the patents from Microsoft so it's likely that Microsoft gets paid for every Android phone that HTC sells. Here is the press release. It's reminiscent of how PC vendors paid Microsoft for every box sold, regardless of whether or not it had Windows installed. Different arrangements, but similar end results.

Some have speculated that depending on the agreements, it could be just as expensive for HTC to ship a phone with Android as it would be for them to ship one with Windows Phone 7. If Android doesn't have a price advantage it may put the two operating systems on more even ground, at least from HTC's perspective.

XP is supported until 2014.

I'm guessing this is in response to the recent criticism of both the Sunspider and V8 benchmarks as not testing realistic workloads. I'd be very curious to see an "acid" test of javascript that's developed with input from all the browser vendors and the community. It looks like maybe Microsoft of all people is moving in this direction with their JSMeter app? In all fairness this is kraken version 1.0, it could change drastically with more feedback from the community.

Also, did anyone verify the numbers in the original post? On my x86_64 linux box I get 28631.6ms with Chrome and 38106.4ms with FF4 nightly. It seems to me that Linux really gets the shaft in JS performance. It significant underperforms the Windows version on the same hardware.

More than 50% of Windows users still has Windows XP, which does not have the feature you mentioned.

Windows Updates, Optional Updates, Windows Search 4.0. Or at least I think that's the correct location, I don't have an XP machine any more*.

Alternately, MS has a separate download for it.

*Except at work, and that one is centrally managed.

Microsoft (at least MS Research) have been doing interesting work in capturing the traces of javascript execution from real websites, with the intention of producing realistic benchmarks. It's a sensible approach though it only captures the type of JS web developers are prepared to use on the web right now (i.e. in an environment which includes substantial IE6 rather than made up of the best JS engines available). A sensible benchmark will also need to take account of the kinds of apps which are now written in flash (or just not deployed in browsers), but would use JS if it were fast enough.

The best link I can find right now is to a recent video presentation: http://research.microsoft.com/apps/video/dl.aspx?id=136780

They do note that Mozilla is also supporting this effort. Hopefully this kind of workload will be part of future benchmarks.

Oh, you mean like the immensely successful Apple Pippin, the Apple Newton and Copland? See, I can cherry pick too.

Go look at Microsoft Research. They've done a lot more than you are probably aware of.

Google wins in their test! (that curiously heavily exploit recursion and other good parts of the V8 engine)

Microsoft wins in their tests! (that curiously heavily test only DirectX acceleration)

... and now, Firefox wins in their test! (which has yet to be disassembled to reveal how they dodge Opera and Chrome from winning, when they use to in all others, including independent tests like Peacekeeper)

Typical /. summary, this is the guy's predictions, nowhere in the interview does he 'promise' anything, these are just his predictions.

In any case, it's basically true, image capture built into an LCD display is a known technology, and the 'essential' components are in a space as thin as a sheet of glass except for the LCD backlight, a problem which Microsoft's Wedge lens development neatly solves. http://www.microsoft.com/appliedsciences/content/projects/wedge.aspx

WinBLOZE.

Yours In Ufa,
K. Trout

American NGOs still have to pay for Microsoft software.

No, not really (well, it depends on the software).

What about here at home in the U.S.?

I honestly don't know why you got modded down, because, regardless of any speculation, your question is perfectly valid. I did some digging around, and turns out that US NGOs are already eligible for some free licenses from MS. Specifically, Win7 and Office Live (i.e. the web version, not the desktop one) Small Business is on the list as free. Some other stuff, including Win2008 Server and Office 2010, is discounted, though I don't know by how much.

The difference with this case is that every organization has to apply for the license individually - it's not blanket. However, the eventual goal is to also move to the same model in Russia (it's all in place already, it's just that many organizations don't even know that they're eligible) - that's why the blanket license is only until 2012, to provide efficient short-term protection in the meantime.

So what is the definition of a "kernel extension" then?

A module that runs in kernel mode, such as a device driver or a filter driver. Windows Vista introduced a user-mode framework for some kinds of device drivers, but it's not complete: input device drivers still must be kernel modules, and the code signing requirement for these on 64-bit versions of the operating system hurts hobbyist or low-volume makers of accessibility tools.

I understood that antivirus apps used to operate by hooking the Windows kernel and post Vista SP2(?) that's not allowed anymore.

I did a Google search for windows antivirus hooks that led me to a question on Stack Overflow whose answer was file system filter drivers.

Here is a Technet video describing EMET and here is the download url.

Crapware, Inc..

Yours In Vladivostok,
K. Trout

ASP.NET uses a hashed message authentication code by default. So not sure what point you are trying to make by talking about them as a solution.
Source: see 'protection' at http://msdn.microsoft.com/en-us/library/1d3t3c61.aspx

Does the testdrive site serve up different code depending on the browser?

The Church of Redmond, WA does.

They kind of already have since WinXP (At the least):

13. SOFTWARE TRANSFER. Internal. You may move the Software to a different Workstation Computer. After the transfer, you must completely remove the Software from the former Workstation Computer. Transfer to Third Party. The initial user of the Software may make a one-time permanent transfer of this EULA and Software to another end user, provided the initial user retains no copies of the Software. This transfer must include all of the Software (including all component parts, the media and printed materials, any upgrades, this EULA, and, if applicable, the Certificate of Authenticity). The transfer may not be an indirect transfer, such as a consignment. Prior to the transfer, the end user receiving the Software must agree to all the EULA terms.

The important part being the "Transfer to Third Party" section. Basically, it says only one resale is allowed, and the purchaser MUST agree to the entire EULA before the purchase can take place.

Only this "new" Visal.B uses the same payload and transmission vectors as Visal.A which was first spotted in the wild six weeks ago:

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm%3AWin32%2FVisal.A

More than enough time for enterprisey-"security" vendors to get the blockware/websense/exchange server A/V up to date. At a minimum, firewall or websense block the 3 URLs Visal uses to transmit the payload.

If you're talking about virtualisation on Windows 7, it comes with a free license for XP

"Free"? The last time I checked, most PCs sold at big-box stores came with Windows 7 Home Premium, and the upgrade to Windows 7 Professional to unlock XP Mode costs $89.95 plus sales tax. Besides: No. XP Mode does not support 3D graphics APIs such as DirectX.

Worm:Win32/Visal.B is a new worm, written in Visual Basic, that is currently propagating in part using social-engineering. We strongly encourage customers to be cautious about clicking suspicious or even simply unexpected links in email, even if it's sent by someone you know. Getting infected by Visal.B is an example of what happens if you aren't careful.

http://blogs.technet.com/b/mmpc/archive/2010/09/09/emerging-malware-issue-visal-b.aspx

Details here:
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Search.aspx?query=Visal.B

And here:
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm%3AWin32%2FVisal.B

Worm:Win32/Visal.B is a new worm, written in Visual Basic, that is currently propagating in part using social-engineering. We strongly encourage customers to be cautious about clicking suspicious or even simply unexpected links in email, even if it's sent by someone you know. Getting infected by Visal.B is an example of what happens if you aren't careful.

http://blogs.technet.com/b/mmpc/archive/2010/09/09/emerging-malware-issue-visal-b.aspx

Details here:
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Search.aspx?query=Visal.B

And here:
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm%3AWin32%2FVisal.B

MS supports their OSes for a minimum of 10 years, and XP is scheduled to be supported until 2014.
   

A minimum of 10 years? Where did you get that from?

• Microsoft Support Lifecycle Policy - "The Microsoft Support Lifecycle policy took effect in October 2002, and applies to most products currently available through retail purchase or volume licensing and most future release products. Through the policy, Microsoft will offer a minimum of:
  • 10 years of support (5 years Mainstream Support and 5 years Extended Support) at the supported service pack level for Business and Developer products
  • 5 years Mainstream Support at the supported service pack level for Consumer/Hardware/Multimedia products"

I didn't do it intentionally. I used Anonymouse because I reached the posting limit. But when you preview a post using it, the website rewrites the URLs in the message body. I forgot to re-edit the link before submitting the post again. Oops! Sorry. Actual link: KB925330.

Not to be cynical here... well yes I am... what do you expect from a COFEE http://www.microsoft.com/industry/government/solutions/cofee/default.aspx drinking and Donuts eating https://www.dunkindonuts.com/ lazy system admins. Some people who work for the DHS cannot be bothered and are still trying to figure out the FBI's Carnivore, swiftly changed to code named Magic Latern.... "You rub it and a Genie pops out with 3 wishes".

More troubling, why does no one ever demand some friggin' accountability from those criminally incompetent "security" vendors. This worm is not some brand-spankin-new, just-released-today threat. The first entry in microsoft's web site for Worm:Win32/Visal.A can be found here http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm%3AWin32%2FVisal.A - It went up on August 4 2010 and was updated on August 19 2010. The full text of the email can be found at that site, as well as a list of infection symptoms, spread vectors, and URL patterns of the payload. My own employer spends millions of dollars per year on websense to keep me safe from gmail and youtube, symantec A/V to keep me safe from 30% of my laptop's performance, and a myriad of other safety and security products.

You'd think that a firm like webNonSense would have the resources to add the payload sites to their list of "naughty" websites. Although it would be a pretty big undertaking for them, after all the worm/trojan does have a huge set of THREE FUCKING URL PATTERNS that it uses to link to the payload. That's a pretty tall order to keep track of 3 whole URL patterns. For example, they start with sharedocuments.com/ and end with Something_BunchOfNumbers.PDF.scr. Like, someone might have to learn how regular expressions work or something - that's time taken away from webNonSenses' primary mission of keeping corporate america safe from boobies. I don't know what WebSenses' slogan or tagline is, but given that it only seems to work on static porn sites that have been around for years, maybe they should think about changing it to "WebSense - Tits or GTFO!"

You'd think that if the idiots at Microsoft Security Essentials had found this in the wild six weeks ago that our friends at McAfee/Intel and Norton/Symantec would have rolled out a definition file that immunized against the infection already.

You'd think that the Microsoft Security Essentials idiots would talk to the Microsoft Exchange retards and maybe block the emails at that level. Or maybe they'd block it at the browser level - fit it into the several terabytes or so that counts for an InternetExploder install these days.

Incidentally, for the fun of it I fired up a Windows VM and logged on to the corporate exchange server this morning after reading about this. I clicked on the link and you'll never guessed what stopped the infection - Good old Firefox threw up the warning. Not the AV software, not websense, not UAC - but firefox caught it on the download/check for virus step.

So the product with the least responsibility for the save actually saved the day. The best description of the performance of websense, symantec, mcaffee, etc can only best be described as: "They shit the bed."

Antivirus and security software doesn't work. It never will work. So long as the mindset of security is default permit or blacklisting, this kind of thing will happen again and again. If any good can come of this, it would be the SEC hauling symantec and mcafee and the rest of them off for perpetrating a massive fraud on nearly eveyone.

Perhaps you should buy a laptop that is compatible with the software, or spend $20 on a good MiniPCI card that works with your OS.

Besides, unless you're selling that PC to a customer, you just put an improperly licensed version of Windows 7 on your system. I know that the biggest difference between OEM and retail is that Microsoft doesn't do tech support for OEM versions. Technically, though, you're supposed to buy retail to use any time you're not actually using Windows as an OEM item on a PC for resale.

To be really legit, you should have paid close to double that much for Win 7 Home, and close to three times as much for Win 7 Pro or Win 7 Ultimate.

If you have questions about the OEM licensing for Windows, check out the Microsoft OEM and Volume Licensing FAQ. There are links from there to the actual licenses and license guides.

Since a truly legit copy of Windows costs as much as a decent mid-range desktop or low-end laptop, I'd recommend specifying the proper hardware from the start or replacing the nonfunctional peripheral hardware with something that works for the software you're planning to use.

Chances are you'll never have problems with your OEM copy, but don't let Microsoft know you have a habit of violating their licenses. Especially don't try to resell your OEM license for use on some other PC by advertising it widely. Microsoft could cause you quite a bit more frustration than swapping out a PCI or MiniPCI card.

No one is saying that device drives will magically start working flawlessly because their source code is open, although it will make it easier to track down bugs (see Linus Torvalds' quote about the number of eyeballs).

Microsoft has something better than "eyeballs": the Static Driver Verifier. This has been under development for a few years, and now, Windows 7 drivers don't get signed unless they pass static verification.

This is real proof of correctness, in actual production use. It doesn't guarantee that the driver will run the device properly, but it does guarantee that the driver won't crash the OS.

No.

Microsoft's SQL-SMO library authors are the worst programmers on the planet.

I'm convinced MS hired retards to write that for Americans With Disabilities Act compliance.

The Evil One.

Yours In Moscow,
K. Trout

In response to the old guard comments, some good supporting evidence of the newcomers understanding the importance of getting away from flat layer/shape/whatever files is SQL Spatial support in SQL Server 2008. If you haven't played with it, well, it is pretty impressive for Microsoft (at a hefty cost, of course).

I also heard rumoring of upcoming Spatial support in Azure (might be already here), so if that goes well, companies dealing with alot of customer map data will have a sweet way to move it all to the cloud, and serve it out via web services, and with many of the different mapping providers, this will provide excellent venues for serving out customer map-data from the cloud, allieviating them them on-site storage head-aches, and makiing things much more scalable and modular.

I know tools like ESRI's line of products have also come a long way in terms of Web 2.0-ish kind of stuff, as well, and they are worth checking out if you want to get into professional GIS work.

Actually, Microsoft has a similar thing. It's called Windows Easy Transfer . I recently upgraded a network of 30 XP computers to new Windows 7 machines in under a day, with all the files moved to their right places after the upgrade. You install this software on the old machine and save files and settings to a network share or external device. Install a new machine or upgrade the old and then use the same software to restore your files and settings. The one failure of this sofware is that it doesn't handle version changes of software very well. The old machines had Office XP while the new ones had Office 2010. Not all of the Office XP settings came through, but I took care of that with a couple of group policies.

Speaking of Microsoft,

Link from TFA regarding password strength. It's where they got that table in the article. At the Microsoft site, they have a link...

They have a Password Checker: is your password strong test?

That's just a mock phishing example waiting to happen.