Domain: microsoft.com
Stories and comments across the archive that link to microsoft.com.
Comments · 34,132
-
Re:The 70's called. They want their I/O methods ba
From TFA:
There is no method to provide hints about file usage; for example, you might want to have a hint that says the file will be read sequentially, or a hint that a file might be over written. There are lots of possible hints, but there is no standard way of providing file hints...
Ya, we had that back in the stone-age and Multics would have been poster-child for this type of thinking, but it was a *bitch* and made portability problematic.
No, Multics would have been the poster child for "there's no I/O, there's just paging" - file system I/O was done in Multics by mapping the file into your address space and referring to it as if it were memory. ("Multi-segment files" were just directories with a bunch of real files in them, each no larger than the maximum size of a segment. I/O was done through read/write calls, but those were implemented by mapping the file, or the segments of a multi-segment file, into the address space and copying to/from the mapped segment.)
I think VMS has some of this type of capability with their Files 11 support - any VMS people care to comment. Unix (and most current OS) sees everything as a stream of bytes, in most cases, and this is much simpler.
"Seeing everything as a stream of bytes" is orthogonal to "a hint that the file will be read sequentially". See, for example, fadvise() in Linux, or some of the FILE_FLAG_ options in CreateFile() in Windows (Windows being another OS that shows a file as a seekable stream of bytes).
-
what type of admin rights?
Windows has a variety of rights and privileges (see: http://technet.microsoft.com/en-us/library/bb457125.aspx ) Developers should have debug privileges but should not be full administrators. It always surprises me that administrators do not use the fine grained control of privileges that is available to them when creating groups. When developers are given full administrator rights the users often find that the program will not run propperly under a normal (non-admin) user account. The test group must use accounts that have exactly the same rights & privileges as the eventual users.
-
Heck, with Visual Studio, its nearly required!
Who here, at some point in developing with Visual Studio, NOT seen it pop up that stupid message saying you have to run the IDE with administrator privileges for something or another?
Here's a quick link with just a few of the examples:
msdn.microsoft.com -
Re:Patch is only for redistributers
If you read TFA, it says "Now it appears that the patch is available on Microsoft's OEM Partner Center Website". If you go to the OEM Partner Center Website, you will find it is intended for system builders who preinstall the Office Ready image on new PCs and sell Office Ready PCs to customers.
Now why would I do that? I'm reading Slashdot, after all...
-
Re:well...
You can also use psexec to run VBS scripts, or VBS scripts with user escalation (your users are running as users and not local admins, right?
:P) compiled into an exe via Visual Studio Express.
Alternatively OP could ask for an agent based system such as Kaseya, Altiris, etc.
I really don't understand why a company would ban GPOs, however. That just reeks of incompetent management. -
Patch is only for redistributers
If you read TFA, it says "Now it appears that the patch is available on Microsoft's OEM Partner Center Website". If you go to the OEM Partner Center Website, you will find it is intended for system builders who preinstall the Office Ready image on new PCs and sell Office Ready PCs to customers.
-
Re:Open Office is there
Would you like me to send you a DOCX document?
;-)
I think after the third time my dad phoned me and said other people were having trouble opening his documents he installed OO.o. (He's retired, but does some charity work -- which means people opening the documents have a huge range of old to new software, and often very little technical ability.)There's the converter available from Microsoft, that allows older versions of Word to open
.docx documents... And you can always save as the older formats in the first place... Most of my clients still use 97-2003 .doc format documents... Very few are actually using .docx format documents.My comment was less about random issues because you forgot to save as the right filetype, and more about how good of a job OO.o does (or doesn't) do in opening the filetypes it claims to support. It has been a while since I last used OO.o - so, to be honest, I don't know how big a problem this is anymore. But it used to be fairly common to see differences in the same document when it was opened in OO.o instead of Word. Sometimes truly minor differences that absolutely nobody cared about... Sometimes differences big enough that they had to be corrected... Which then looked weird when you opened it in Word again...
-
Re:From TOFA ( O == other)
Have you tried XP Mode for Windows 7? I've not had any problems, and your XP just has to deal with the image file. No direct access to the drive means the drive's characteristics are moot.
If you're dual booting because you've had problems, please let us know what to watch out for. If you just haven't tried XP Mode, you might want to try it if you have the virtualization support necessary.
-
This may be off topic
But I also learned at Groklaw today that Microsoft is looking for somebody to reach out to the open source community...
The whole thing is quite amusing. Somebody should probably cache that - I'm sure it will be gone by morning.
-
Re:Open Office is there
Since Open Office is there, why would anyone go for this?
The legit copy of MS Office for home use is free to many who use MS Office at work. Microsoft Software Assurance Home Use Program
The MS Office "Ultimate Steal" for a full or part time student with an
.edu e-mail address is $60. Win 7 Pro $30. the ultimate stealSince Word 97 or theabouts Microsoft has offered a Home office bundle for around $100-$150 list. Currently with a three-seat license. That's the price of a serviceable multifunction printer or four ink jet cartridges.
MS Office skills are marketable at any age.
The senior volunteer, the disabled, the kid just out of school knows this. It beats flipping burgers, pays better than Wal-Mart, and there is always someone who needs you.
-
Re:Open Office is there
Since Open Office is there, why would anyone go for this?
The legit copy of MS Office for home use is free to many who use MS Office at work. Microsoft Software Assurance Home Use Program
The MS Office "Ultimate Steal" for a full or part time student with an
.edu e-mail address is $60. Win 7 Pro $30. the ultimate stealSince Word 97 or theabouts Microsoft has offered a Home office bundle for around $100-$150 list. Currently with a three-seat license. That's the price of a serviceable multifunction printer or four ink jet cartridges.
MS Office skills are marketable at any age.
The senior volunteer, the disabled, the kid just out of school knows this. It beats flipping burgers, pays better than Wal-Mart, and there is always someone who needs you.
-
Patch was available to OEMs in October
This isn't really news - Microsoft started making the patch available to OEMs in October in anticipation of a losing legal battle. Is it any surprise they could make it available to end-users so "quickly"?
-
Re:Gates and Seinfeld?
I think you would be even more distressed if you saw the even more cringeworthy Science is Cool video.
-
Re:Silverlight couldn't be a Flash rival,thanks to
their V2 dropped support for PowerPC macs which several people
So Silverlight can't possibly compete with flash because it doesn't support a hardware platform that hasn't been produced in 5 years now and already has negligible market share?
In Silverlight V3, things getting even more complex as the Win32/64 Silverlight V3 has more features than OS X 32/64 one
The only differences I'm aware of between mac and windows silverlight 3 are quite trivial
While mentioned, where is the iPhone/Symbian and even Windows Mobile support?
In the works . Admittedly, MSFT is dissapointingly behind schedule on this front.
Some of your complaints with Silverlight have merit. It isn't perfect yet, but it has made remarkable progress in the 2 years it has been out and most certailnly is a rival to flash. Flash had an 11 year head start and Silverlight already does just about everything it does and a few things better. Silverlight lags behind flash in market penetration and platform support, but at the rate it is going, it will catch up quite soon.
-
small basic
I started off with GW-Basic.
I know we slash-dotters to some extent dislike M$. But they have something just to address this issue. They call it the "Small Basic"
http://msdn.microsoft.com/en-us/devlabs/cc950524.aspx
Syntaxes are pretty similar to C# style. Overall, not bad. Good documentation too. I managed to get my little sister hands on with programming using Small Basic.
-
Re:ProgrammingMicrosoft has a project "small basic" which is of a similar niche. I enjoyed the environment. http://msdn.microsoft.com/en-us/devlabs/cc950524.aspx
Storm
-
Me 2!
I started programming at a very young age. Similar to you, I started with BASIC (Atari 800 for me) and moved to Turbo Basic, Turbo Pascal, C++, JAVA, C#... and somewhere along the way I picked up FORTRAN. For a young man around 12 years old, I would suggest an interpreted language that would quick show the cause and effect of what has happened.
I know how much Slashdot love MS, but there's this:
http://msdn.microsoft.com/en-us/devlabs/cc950524.aspx
The Mono project is also very awesome:
http://www.mono-project.com/VisualBasic.NET_support
Last but not least, jump right into JAVA with NetBeans. The IDE (although bloated) holds your hand through a lot of things.
If there's a struggle with understanding, then good ol' HTML is a quick way to see results. After all, the 'Hello World' and making your name appear on the screen in different colors and blinking is very exciting when you're young! -
The Rules of Security
Why am I the one posting this... (sighs) anyway this is all 20-20 hindsight but let it be a lesson to always follow the rules of security (Yes it's on technet, yes MS should follow their own rules). Failure to do so will result in this in this case you failed on.
- Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore
- Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.
Regardless, you should get your own hardware in a co-lo you've background checked and have references for. Once you've done that you should do what every respectable admin has been doing for years, turn off direct root access, Set up Public Key Authentication, and for the love of all that is secure turn off password auth for SSH. If you do that then any unauthorized access to your box is in violation of 18 U.S.C. 1030 and is punishable under the law.
-
Re:makes windows marginally bearable
They did for a while.. "unix services for windows". Seems to still be around:
-
Trivially Preventable
The registry tweaks to prevent any Windows operating system from broadcasting for NB queries has been around for a very long time. (as in, since at least Windows 95)
It is entirely possible to change the behavior to WINS/Unicast only, or turn it off entirely.
Enlightenment is only a click away: http://support.microsoft.com/kb/160177
What you want is to make your host a "P Node".
If you don't want to do that, you can always go here: http://support.microsoft.com/kb/314053
Go to the NBT section. Note the entry for BcastNameQueryCount , change it to zero.
If you do this as part of your corporate build strategy, you could even isolate rogue "Windows" hosts by noting -any- nbquery broadcasts and shutting down those ports a rogues on your client VLANs.
-
Trivially Preventable
The registry tweaks to prevent any Windows operating system from broadcasting for NB queries has been around for a very long time. (as in, since at least Windows 95)
It is entirely possible to change the behavior to WINS/Unicast only, or turn it off entirely.
Enlightenment is only a click away: http://support.microsoft.com/kb/160177
What you want is to make your host a "P Node".
If you don't want to do that, you can always go here: http://support.microsoft.com/kb/314053
Go to the NBT section. Note the entry for BcastNameQueryCount , change it to zero.
If you do this as part of your corporate build strategy, you could even isolate rogue "Windows" hosts by noting -any- nbquery broadcasts and shutting down those ports a rogues on your client VLANs.
-
Re:Tit for tat
http://www.microsoft.com/hyper-v-server/en/us/default.aspx
Well Hyper-V Server is free, and supports clustering and subsequently, high-availability when images are stored on a SAN, live migration likewise, and all that.
The only difference with Windows Server editions, that is, Standard, Enterprise, and Datacenter, is that they give you additional guest licenses.
The way I understand it, from this resource:
http://www.microsoft.com/windowsserver2008/en/us/licensing-faq.aspx
The ideal way to set up Hyper-V and Windows Server licensing wise is to have all your management stuff (System Center, third party management consoles, whatever you need to manage VMs and guest OSes) on the physical OS instance. Then you have one to many VMs that do "work", that is, runs your application, provides remote desktop, etc.
Now, I don't know how loosely Microsoft defines management. Is running the physical instance as an Active Directory Domain Controller considered "work" or is it necessary to manage the guest operating systems? I think they leave this intentionally vague and I doubt you'd ever get in trouble if they audited you and found that your server farm used physical instances for stuff like that. And with Hyper-V, in order to provide DHCP, DNS, etc to a private virtual network, you'd have to run those services on your physical instance or another VM.
So, to play it safe, pretend that with Server Standard and Server Enterprise you get 1 or 4 instances to play with on a server, and then each install counts as one. That's the absolutely safe way to do it. If you really want to play it safe and you're consolidating a lot of VMs, Datacenter gives you unlimited VMs and is more cost effective than Enterprise when you use more than 4 Windows Server VMs per processor.
Hope this helps. I am an IT/developer at a small business in Iowa and we use Linux for some services, firewalls and VPNs to branch offices (one in Iowa, two in Minnesota.)
-
Re:Tit for tat
http://www.microsoft.com/hyper-v-server/en/us/default.aspx
Well Hyper-V Server is free, and supports clustering and subsequently, high-availability when images are stored on a SAN, live migration likewise, and all that.
The only difference with Windows Server editions, that is, Standard, Enterprise, and Datacenter, is that they give you additional guest licenses.
The way I understand it, from this resource:
http://www.microsoft.com/windowsserver2008/en/us/licensing-faq.aspx
The ideal way to set up Hyper-V and Windows Server licensing wise is to have all your management stuff (System Center, third party management consoles, whatever you need to manage VMs and guest OSes) on the physical OS instance. Then you have one to many VMs that do "work", that is, runs your application, provides remote desktop, etc.
Now, I don't know how loosely Microsoft defines management. Is running the physical instance as an Active Directory Domain Controller considered "work" or is it necessary to manage the guest operating systems? I think they leave this intentionally vague and I doubt you'd ever get in trouble if they audited you and found that your server farm used physical instances for stuff like that. And with Hyper-V, in order to provide DHCP, DNS, etc to a private virtual network, you'd have to run those services on your physical instance or another VM.
So, to play it safe, pretend that with Server Standard and Server Enterprise you get 1 or 4 instances to play with on a server, and then each install counts as one. That's the absolutely safe way to do it. If you really want to play it safe and you're consolidating a lot of VMs, Datacenter gives you unlimited VMs and is more cost effective than Enterprise when you use more than 4 Windows Server VMs per processor.
Hope this helps. I am an IT/developer at a small business in Iowa and we use Linux for some services, firewalls and VPNs to branch offices (one in Iowa, two in Minnesota.)
-
Re:Does anyone really use it?
WPF still has some really crummy font rendering at small sizes tho. Compare Visual Studio 2008 which uses winforms, to the beta of Visual Studio 2010 which uses WPF. The difference is immediately obvious.
I know about WPF font rendering problems, I'm the one who created the Connect ticket for it. It literally hurts my eyes to look at a WPF 3.x app with dark text on bright background (the other way around it's more or less tolerable, which is exploited by Expression Blend).
Now, though, WPF 4 has a reworked engine that improves things a lot. It didn't make it in VS2010 beta1, but it is present in beta 2 (though there had been a few more tweaks since because of some known problems).
By the way, V2008 doesn't use WinForms. Or rather it does, but only for certain parts (e.g. the TFS bits), and they definitely don't make the majority. Most of it is actually hand-coded native Win32 UI.
-
Re:Hyper-V supports only SuSE 1PLicensing costs (.doc format, sorry.) That was old information for Server 2003 and before.
Licensing Windows Server: Each copy of Microsoft Windows Server, whether used as the OS for a virtual machine ("guest OS") or as the OS for the server ("host OS"), must be separately licensed. For example, if a user is running Windows Server 2003 Enterprise Edition as a host OS on a server and creates two virtual machines, each with its own copy of Windows 2000 Server (each a guest OS), the user would require one Windows Server 2003 Enterprise Edition license and two Windows 2000 Server licenses.
The new information: 2008 Enterprise (.docx) gives you four guests. Standard gives you one. Datacenter doesn't give you any if your guest operating systems need to be authenticated and managed through AD, but unlimited if they don't. I'm not sure why they would do that, but there it is.
As you can see from the documents the licensing messaging of virtual guests on Windows Hyper-V has been neither consistent nor clear. I would think if Microsoft could do one thing well it would be to explain what you need to buy to achieve what you want to do, but apparently they forgot the need for that.
Limiting a modern server to four guests is quite silly. A normal dual socket Nehalem server can support more than 50 typical VMs. I'm trying to imagine a scenario where I would want to run Windows servers in a VM but then not authenticate and manage them with AD and coming up blank. Maybe you could help me out with that one.
-
Re:Hyper-V supports only SuSE 1PLicensing costs (.doc format, sorry.) That was old information for Server 2003 and before.
Licensing Windows Server: Each copy of Microsoft Windows Server, whether used as the OS for a virtual machine ("guest OS") or as the OS for the server ("host OS"), must be separately licensed. For example, if a user is running Windows Server 2003 Enterprise Edition as a host OS on a server and creates two virtual machines, each with its own copy of Windows 2000 Server (each a guest OS), the user would require one Windows Server 2003 Enterprise Edition license and two Windows 2000 Server licenses.
The new information: 2008 Enterprise (.docx) gives you four guests. Standard gives you one. Datacenter doesn't give you any if your guest operating systems need to be authenticated and managed through AD, but unlimited if they don't. I'm not sure why they would do that, but there it is.
As you can see from the documents the licensing messaging of virtual guests on Windows Hyper-V has been neither consistent nor clear. I would think if Microsoft could do one thing well it would be to explain what you need to buy to achieve what you want to do, but apparently they forgot the need for that.
Limiting a modern server to four guests is quite silly. A normal dual socket Nehalem server can support more than 50 typical VMs. I'm trying to imagine a scenario where I would want to run Windows servers in a VM but then not authenticate and manage them with AD and coming up blank. Maybe you could help me out with that one.
-
Re:Say goodbye for XML
I've also found this to be a fascinating debate, full of lack of information and misinformation. It's been surprisingly hard to find a "satisfying level of truth". Most reports of the case seem to imply that the issue is simply Word's use of XML as a whole and that i4i is claiming to own the XML format. So, I actually read TFA. Then the actual TFA in the TFA. Then the actual Complaint in the TFA. Which includes the actual patent.
Now, after reading that, I felt I couldn't possibly be fully informed still, since the patent seems to be for the storing and processing of structure seperate from its content. A map of the structure points to the locations of the content. XML certainly doesn't work that way. There were hints about the little-used feature affected referred to as custom XML. I knew that couldn't truly be a generic sense of custom XML. All XML is custom. That's the whole point of XML.
So the feature in question is the attaching of XML Schema to a document. Now, to me that sounds suspiciously like XSLT, but I have to assume it's different in implementation. I assume the issue i4i has is with the implementation of the mapping of the "custom" XML schema elements to the content elements in the document.
Which I have to admit, might almost be valid. This does feel like a fairly broad patent to me, but IANAPL. I also wonder if there is truly prior art on this. While an obvious concept in retrospect, how many document format did seperate their formatting from their structure? The issue seems to clearly not be a simple matter of editing XML or other formats.
-
Re:SMTP/POP/IMAP
He is referring to Microsoft's Exchange ActiveSync protocol, which runs over https and provides push mail, calendaring, contacts, and has more management features than using IMAP(S) alone. There's no need to use any Microsoft software at all to use the protocol: it's implemented by open source products and by Google.
No need to use any Microsoft software ? Yes. But you need to first licence ActiveSync, see here the companies who did it (and probably paid a lot of money to Microsoft). No open source software there.
Using a (proprietary) protocol such as ActiveSync is better than relying on a single point of failure, but using a standards-based protocol would be better.
-
Hyper-V supports only SuSE 1P
Link.
Only one Linux, and that their pet from Novell - and only with one processor per guest. Yeah, that's cross-platform. And for client operating systems there's five versions of Windows and nothing else.
And then there's the licensing. If you're using more than one Windows guest you had better be running Windows Datacenter (and the required SA) on the host or you're a filthy pirate and the BSA will be along presently to audit your books. Even if you keep that straight, if you fail over you have to wait 30 days to fail back because of the licensing.
No thanks.
-
Re:Office "open" XML
Or you can just use Word Viewer.... http://support.microsoft.com/kb/891090
-
Re:Are you serious?
Do their products distribute freely with uptodate malware and virus prevention and thwarting? No.
-
Re:It used to be...
Keep telling your users that. Tell them that QuickTime is just fine. (along with Acrobat reader, while they are at it).. And no 3rd party media players have ever had buffer overflow problems...
then there was the whole Image thing.. http://www.microsoft.com/technet/security/bulletin/ms06-039.mspx makes it sound a little more serious than just murking with the file-name.
-
Re:IE6? Really?
Indeed - obviously your market will determine whether there is sufficient ROI in doing so, 5-10% of the user base of a website with 2 million users per month is a substantial demographic and probably justifies the additional expense of developing/testing across various browsers,while 5-10% of a site with only a few thousand users may not (although this may still not be so black and white for e-commerce sites with large ticket value items where a few additional sales more than cover the costs).
To make this a little easier on developers, MS offer a dev version of XP/IE6 with a timed license which can be run in their Virtual PC software.
I'll still be glad when it's finally dead though!
-
Microsoft's FAT patent fetish
Maybe the folk at Microsoft feel that they're not getting enough licensing revenue of their existing FAT patents...
http://www.microsoft.com/iplicensing/productDetail.aspx?productTitle=FAT%20File%20System -
Re:.Not
The CLI is, of course, both multi-platform and multi-language, even thought it was designed around the Windows platform. So is the JVM, even though it was designed around the Java language.
Fixed that for you.
Before you argue the part I added, please see System.IO.DriveInfo.
-
Re:Java too complex
you mean like the where clause? It's been around since 2.0.
-
Re:Java too complex
you mean like the where clause? It's been around since 2.0.
-
Re:Java too complex
And you may not want to use the
.net framework for enterprise applications. The large object heap of the .net framework fragments and does not get cleaned up. This can cause any long-running application to fail with "out of memory" exceptions, although little memory is actually allocated.There's a nicely detailed article describing the problem. My colleage has already provided this feedback. As you can see, he's quite pissed. And reasonably so.
-
How they choose
"For each of the usage share sources listed in Annex D, web browser usage share will be determined semi-annually by averaging monthly usage share data for the previous six months for which such data is available, with shares for different released versions of the same vendor’s browsers added together to determine a browser’s total usage share (e.g., Firefox 2.0, 3.0, 3.5, etc. all count towards the total share for “Mozilla Firefox”). No more than one browser will be listed per vendor. Other than Internet Explorer, the Choice Screen may not contain any web browser which is based on Internet Explorer’s rendering engine and the development or distribution of which is funded in whole or in substantial part by Microsoft." so IE-engine based browsers are not an option. (+1 Microsoft) See: http://www.microsoft.com/presspass/presskits/eu-msft/docs/Microsoft%20Commitments.doc
-
Re:Java too complex
According to this page it's supported in C# 2.0, unless I'm misunderstanding what you're after.
public void SomeFunction(T someValue) where T : ISomeInterface { } (or class) works fine.
-
Re:Sod Off Microsoft
I'm certainly not interested in using it on non-Windows platforms because said media stuff doesn't work regardless.
Yep. I was mildly interested in trying moonlight, because MS has put the famous Feynman lectures on physics online for free, in silverlight format. So when I saw the slashdot article today, I thought, OK, I'll try installing moonlight on my ubuntu box and see if it lets me watch the lectures. First off, I do an apt-get install moonlight-plugin-mozilla. Go to the MS web site. "Sorry, Silverlight for your browser is not officially supported. The full list of compatible browsers you [sic] can be found at http://www.microsoft.com/silverlight/get-started/install/default.aspx. Click on the link. "If you are using a Linux, FreeBSD or SolarisOS operating system, please press the Click to Install button to get the appropriate installation package for Silverlight." Okay, I click on the button and it sends me to go-mono.com. Download and install it. Restart my browser. Go back to the site for the Feynman lectures. "Sorry, Silverlight for your browser is not officially supported."
So here's this thing that almost no web site actually uses, and it doesn't actually work. And it's proprietary. And they promise not to sue me for using it. Woo hoo.
-
Re:Sod Off Microsoft
I'm certainly not interested in using it on non-Windows platforms because said media stuff doesn't work regardless.
Yep. I was mildly interested in trying moonlight, because MS has put the famous Feynman lectures on physics online for free, in silverlight format. So when I saw the slashdot article today, I thought, OK, I'll try installing moonlight on my ubuntu box and see if it lets me watch the lectures. First off, I do an apt-get install moonlight-plugin-mozilla. Go to the MS web site. "Sorry, Silverlight for your browser is not officially supported. The full list of compatible browsers you [sic] can be found at http://www.microsoft.com/silverlight/get-started/install/default.aspx. Click on the link. "If you are using a Linux, FreeBSD or SolarisOS operating system, please press the Click to Install button to get the appropriate installation package for Silverlight." Okay, I click on the button and it sends me to go-mono.com. Download and install it. Restart my browser. Go back to the site for the Feynman lectures. "Sorry, Silverlight for your browser is not officially supported."
So here's this thing that almost no web site actually uses, and it doesn't actually work. And it's proprietary. And they promise not to sue me for using it. Woo hoo.
-
Re:What OS?OK, sorry for the mix up, I meant the article I had linked. The article I linked does in fact mention all those things. It does mention that new installs by default have the Administrator account disabled. It mentions that User Account Control is on by default. It mentions that even if you are running as a built-in Administrator, the security token used for applications is a filtered one. The point is, they don't even need to know about them, they are on by default. As for whether or not I am lying about what you said let's look at your initial assertion:
It wouldn't be such a problem if MS would have something like Linux where you have to jump through a hoop to run the box as 'root' AKA 'Admin' and if the OEMs would put a user account on their machines by default.
This seems like you are saying that Microsoft should have some sort of User Account Control to limit access to the Administrator account. Conjunctively, you seemed to hope that OEMs would not leave the Administrator on as the only user. The first part seems to be a complaint about the lack of existence of such User Account Controls. The second part seems to be a complaint about the default behavior of New Installations. I hope that the relevant sections of the article that I linked and mentioned ("Built-in Administrator Account is Disabled by Default on New Installations", "All Subsequent User Accounts are Created as Standard Users", "UAC is Enabled by Default", "Access Token Changes") can illustrate to you how your initial assertion was in fact incorrect, particularly the last section which details how even if you are running as a built-in Administrator, the security token used for applications is a filtered, i.e. less privileged one.
In short: I did not lie. I am not messing with you. I was hoping to inform you that your initial assertion was incorrect. I do hope you mind, however, that you were so completely incorrect about something about which you seem to have a strong opinion. Having a strong and wrong opinion may rhyme nicely, it's just not very helpful. -
Re:What OS?OK, sorry for the mix up, I meant the article I had linked. The article I linked does in fact mention all those things. It does mention that new installs by default have the Administrator account disabled. It mentions that User Account Control is on by default. It mentions that even if you are running as a built-in Administrator, the security token used for applications is a filtered one. The point is, they don't even need to know about them, they are on by default. As for whether or not I am lying about what you said let's look at your initial assertion:
It wouldn't be such a problem if MS would have something like Linux where you have to jump through a hoop to run the box as 'root' AKA 'Admin' and if the OEMs would put a user account on their machines by default.
This seems like you are saying that Microsoft should have some sort of User Account Control to limit access to the Administrator account. Conjunctively, you seemed to hope that OEMs would not leave the Administrator on as the only user. The first part seems to be a complaint about the lack of existence of such User Account Controls. The second part seems to be a complaint about the default behavior of New Installations. I hope that the relevant sections of the article that I linked and mentioned ("Built-in Administrator Account is Disabled by Default on New Installations", "All Subsequent User Accounts are Created as Standard Users", "UAC is Enabled by Default", "Access Token Changes") can illustrate to you how your initial assertion was in fact incorrect, particularly the last section which details how even if you are running as a built-in Administrator, the security token used for applications is a filtered, i.e. less privileged one.
In short: I did not lie. I am not messing with you. I was hoping to inform you that your initial assertion was incorrect. I do hope you mind, however, that you were so completely incorrect about something about which you seem to have a strong opinion. Having a strong and wrong opinion may rhyme nicely, it's just not very helpful. -
Re:What OS?
Whoa! Microsoft should create something to make people jump through hoops to get Admin privileges? Great idea! Maybe they could call it something like User Account Control. Man, if only those dudes in Redmond read
/.Yeah, good one. But the User account control isn't adequate - obviously. How many typical Windows users who get their machines that start up right with the Admin account even know about the User Account Control? Windows does have plenty of features to protect the machine, but no one is using them because they don't know about them.
With Linux, you must create a user account and if you try to login as root - which isn't an obvious choice put in front of the user, btw, you get warning boxes stating that you will be taking on quite a bit of risk. Or stated another way, with Linux, admin account access isn't as easy or obvious as it is with Windows. Windows is capable of that but it's not being implemented. With most Windows installs the Admin account is the default logon and most users don't know what risks they're taking because of it.
Now, considering that the typical PC owner uses their computer as an appliance and are not interested or (mistakenly) concerned with user rights, I think at the very least, the OEMs should put a default user account in Windows systems with at least one hoop to jump through for admin access.
-
Re:What OS?
Whoa! Microsoft should create something to make people jump through hoops to get Admin privileges? Great idea! Maybe they could call it something like User Account Control. Man, if only those dudes in Redmond read
/. -
Re:What a load of crap
It's not just users. Applications still aren't being written to work properly with non-administrator accounts. I just installed SimplyAccounting 2010 on Windows XP and started getting weird errors poking around in it using a Limited Account, but switching to an Administrator account, no more errors.
Here's a hint.
Have you ever seen those "Certified for XP/Vista/7" labels on software boxes (or websites selling software)? Ever wondered if they actually mean anything?
Well, they do. One thing that software labeled as "Certified for Vista" (or higher) cannot do is assume administrative privileges during normal operation, with very few exceptions (e.g. disk partitioning software, or anti-virus). It is explicitly forbidden for any certified software to store any configuration settings or other volatile data under Program Files, or any other place where the normal user running it may not have access.
So, if you buy any kind of software, look out for that logo. If you free stuff, then it's likely that they didn't shell out money for certification (it isn't free), so then you're on your own.
Also note that there is a separate label "Works with Windows Vista". The requirements for that are much less stringent than for "Certified" one, and in particular such software may require elevation for day-to-day work - basically, if it can properly launch and function on Vista, it will get the "Works" logo.
I find it unfortunate that there is some confusion created between those two, but I also understand why a separate "Works" logo was needed for the XP->Vista transition period - its whole point was to get existing XP software being marked as Vista-compatible, and make a pressure on ISVs to officially support their existing apps on Vista. Gladly, this was a Vista-only thing, and it's gone in 7 - now there's a single label, "Compatible with Windows 7", which has the more stringent requirements.
Here are the requirements for various logos:
Certified for Windows Vista [doc]
Works with Windows Vista [doc]
Compatible with Windows 7 [pdf]Specifically (from "Certified for Windows Vista"):
To meet this requirement, every executable file (with a
.EXE extension) included with an application must have an embedded manifest that defines its execution level:If only a small number of features in an application will require administrative privileges (For example, an application needs to configure a firewall), the main process of the application must still be run as a standard user. The administrative features must be moved into a separate process that runs with administrative privileges.
Applications that run their main process with elevated privileges (requireAdministrator or highestAvailable) must receive a waiver from Microsoft to obtain certification. Only system tools should apply for this waiver. Games, office productivity applications, messaging clients, etc. will not be considered.
Applications that need to drive input to the UI of another window may set uiAccess=true, but will also need to apply for a waiver. Only accessibility applications will be considered for this waiver.
-
Re:What a load of crap
It's not just users. Applications still aren't being written to work properly with non-administrator accounts. I just installed SimplyAccounting 2010 on Windows XP and started getting weird errors poking around in it using a Limited Account, but switching to an Administrator account, no more errors.
Here's a hint.
Have you ever seen those "Certified for XP/Vista/7" labels on software boxes (or websites selling software)? Ever wondered if they actually mean anything?
Well, they do. One thing that software labeled as "Certified for Vista" (or higher) cannot do is assume administrative privileges during normal operation, with very few exceptions (e.g. disk partitioning software, or anti-virus). It is explicitly forbidden for any certified software to store any configuration settings or other volatile data under Program Files, or any other place where the normal user running it may not have access.
So, if you buy any kind of software, look out for that logo. If you free stuff, then it's likely that they didn't shell out money for certification (it isn't free), so then you're on your own.
Also note that there is a separate label "Works with Windows Vista". The requirements for that are much less stringent than for "Certified" one, and in particular such software may require elevation for day-to-day work - basically, if it can properly launch and function on Vista, it will get the "Works" logo.
I find it unfortunate that there is some confusion created between those two, but I also understand why a separate "Works" logo was needed for the XP->Vista transition period - its whole point was to get existing XP software being marked as Vista-compatible, and make a pressure on ISVs to officially support their existing apps on Vista. Gladly, this was a Vista-only thing, and it's gone in 7 - now there's a single label, "Compatible with Windows 7", which has the more stringent requirements.
Here are the requirements for various logos:
Certified for Windows Vista [doc]
Works with Windows Vista [doc]
Compatible with Windows 7 [pdf]Specifically (from "Certified for Windows Vista"):
To meet this requirement, every executable file (with a
.EXE extension) included with an application must have an embedded manifest that defines its execution level:If only a small number of features in an application will require administrative privileges (For example, an application needs to configure a firewall), the main process of the application must still be run as a standard user. The administrative features must be moved into a separate process that runs with administrative privileges.
Applications that run their main process with elevated privileges (requireAdministrator or highestAvailable) must receive a waiver from Microsoft to obtain certification. Only system tools should apply for this waiver. Games, office productivity applications, messaging clients, etc. will not be considered.
Applications that need to drive input to the UI of another window may set uiAccess=true, but will also need to apply for a waiver. Only accessibility applications will be considered for this waiver.
-
Re:What a load of crap
It's not just users. Applications still aren't being written to work properly with non-administrator accounts. I just installed SimplyAccounting 2010 on Windows XP and started getting weird errors poking around in it using a Limited Account, but switching to an Administrator account, no more errors.
Here's a hint.
Have you ever seen those "Certified for XP/Vista/7" labels on software boxes (or websites selling software)? Ever wondered if they actually mean anything?
Well, they do. One thing that software labeled as "Certified for Vista" (or higher) cannot do is assume administrative privileges during normal operation, with very few exceptions (e.g. disk partitioning software, or anti-virus). It is explicitly forbidden for any certified software to store any configuration settings or other volatile data under Program Files, or any other place where the normal user running it may not have access.
So, if you buy any kind of software, look out for that logo. If you free stuff, then it's likely that they didn't shell out money for certification (it isn't free), so then you're on your own.
Also note that there is a separate label "Works with Windows Vista". The requirements for that are much less stringent than for "Certified" one, and in particular such software may require elevation for day-to-day work - basically, if it can properly launch and function on Vista, it will get the "Works" logo.
I find it unfortunate that there is some confusion created between those two, but I also understand why a separate "Works" logo was needed for the XP->Vista transition period - its whole point was to get existing XP software being marked as Vista-compatible, and make a pressure on ISVs to officially support their existing apps on Vista. Gladly, this was a Vista-only thing, and it's gone in 7 - now there's a single label, "Compatible with Windows 7", which has the more stringent requirements.
Here are the requirements for various logos:
Certified for Windows Vista [doc]
Works with Windows Vista [doc]
Compatible with Windows 7 [pdf]Specifically (from "Certified for Windows Vista"):
To meet this requirement, every executable file (with a
.EXE extension) included with an application must have an embedded manifest that defines its execution level:If only a small number of features in an application will require administrative privileges (For example, an application needs to configure a firewall), the main process of the application must still be run as a standard user. The administrative features must be moved into a separate process that runs with administrative privileges.
Applications that run their main process with elevated privileges (requireAdministrator or highestAvailable) must receive a waiver from Microsoft to obtain certification. Only system tools should apply for this waiver. Games, office productivity applications, messaging clients, etc. will not be considered.
Applications that need to drive input to the UI of another window may set uiAccess=true, but will also need to apply for a waiver. Only accessibility applications will be considered for this waiver.
-
Re:Just for fun