Domain: microsoft.com
Stories and comments across the archive that link to microsoft.com.
Comments · 34,132
-
Re:Copyright is viral
I think MS applies some no-reverse-engineering restrictions, and there are probably others as well. I don't know if Apple does the same. Look at the license agreement to your developer tools for details.
Just for the hell of it, I downloaded the SDK for Vista and
.NET 3.5 to have a look at the EULA. From a quick read through it doesn't appear to impose any of the licensing restrictions on code written to use it that you are talking about.Nearly all commercial software libraries place some sort of restrictions. For example, some require that you pay per-user royalties, which effectively means that you can't license the derived work for free distribution.
Why ? Surely it's the end-user's job to ensure they have and are fully licensed to use, those shared libraries ?
Others attach clauses regarding reverse engineering, use in competitive products, etc., and require that the developer of the derived work enforce those restrictions on the end-user. This is typically done by simply including similar clauses in the license of the derived work.
What "others" ? What common-use shared components impose these sorts of restrictions on code that uses them ?
First -- and note that this hasn't been argued out in court, but it's the opinion of a copyright attorney I respect -- if the code is originally written to link against a non-GPL library, and if it does not include any GPL code (no headers, for example), then the fact that it can also run when dynamically linked against a GPL library would not seem to make it a derived work. This presumes that there's a non-GPL library with the same interface that the code can be written against.
Now there's a corner-case scenario if ever I've heard one. On the other hand, it does a good job of exposing the stupidity behind the idea that linking a program to GPLed code somehow makes it a "derivative work".
More realistically, code that is written against GPL libraries typically incorporates GPL code directly (from headers) and by dynamically linking, and cannot be used without the supporting GPL code. That clearly makes it a derived work that can only be released under the terms of the GPL -- unless all of the reliance on GPL code is removed. If you take the GPL stuff out, your code is yours and you can release it under any license you like, in source or binary form, whatever you want, whether you have already released it under the GPL or not.
Whether or not it can be "used" without the supporting GPLed code is utterly irrelevant. That would imply, for example, that any Linux-only binary is "derivative" because it cannot be run without (GPLed) Linux.
Further, calling a piece of code "derived" because it references *header files* is the kind of thing I'd expect from a GPL zealot but, frankly, it's ridiculous. Someone writes 100k LOC, and you call their hard work "derived" because it includes some header files ? Madness.
I never denied that the purpose of the GPL was to encourage the development of more GPL software.
No. Not "encourage". Require. "Encourage" is what the LGPL does.
I do, however, deny that the GPL itself is somehow "viral" in any way that copyright itself is not. In fact, the GPL *cannot* be more "viral" than copyright law, because that's where it gets all of its power.
It most certainly is, at least if you listen to the likes of you, RMS and the FSF. Take the your examples above - that's like saying a book review is a derivative work of the book because it quotes a few passages and wouldn't "work" if the book didn't exist.
Developers are wary of the GPL because the whole point of it is to make it as difficult as possible to use GPLed code without also GPLing their own code. Since GPLing a codebase *severely* restricts the options for making money from it, lots of developers prefer to take the safe way out of simply avoiding any GPLed code altogether.
-
System RequirementsFrom: http://www.microsoft.com/downloads/details.aspx?F
a milyId=8BA187E5-3630-437D-AFDF-59AB699A483D&displa ylang=en
Supported Operating Systems: Linux; Windows Vista; Windows XP
How's the wheather in hell these days? -
Yes. They Are :)-Diversions.
-
Microsoft Office Compatibility PackWe will spend $100,000 to upgrade from Office 2003 to 2007 just because one decent sized customer has switched and we can't open their documents. That would be a bit of a waste of $100,000...
-
Yes. They Are :)
Linux?
Let's assume the kiosk distro has hotplugging enabled. Flash drive mounts, But the files.... Are not executable! So, the hostile doesn't have the opportunity to change permissions much less execute something on a flash drive.
OSX?
Flashdrive mounts. Hmmm can't install anything without su/sudo.
Windows?
Hmm... Sure, there is an enourmously complicated policy system. But none of which sets noexec on everything on a flash drive... http://support.microsoft.com/default.aspx?scid=kb; en-us;555324&sd=rss&spid=3198 And then there's the very permeable "user mode" security that isn't what it claims to be. -
Re:This may be a "grey" area ...Windows Media Player, which is quite capable of playing DVDs. Not necessarily.
Posting AC because this shit is getting redundant. -
Re:This may be a "grey" area ...Define 'clean install'. When you install it yourself from a retail or volume license disc, something you've apparently never done. Media player is perfectly capable of playing DVDs Only if you have the proper codec, which you probably got from your OEM. Otherwise, no, it can't. And PLEASE don't start to tell me how capable Linux is out of the box with NO additional items I didn't say anything about Linux. We're talking about Windows XP.
-
Re:Very true....
MS will ship you a disk for a small shipping price also and I just recently did it to get a 64bit version of Vista for future use and also to have a nice pressed clean disc with a case.
Order the Vista discs here and all you have to do is type in your CD-key with a small shipping fee.
http://www.microsoft.com/windowsvista/1033/orderme dia/default.mspx -
A microsoft education for end users
> Microsoft is working to educate users and developers about these security issues
Yep. We know all about Microsoft's education*:
In no event shall microsoft or its suppliers be liable for any special, incidental, punitive, indirect, or consequential damages whatsoever (including, but not limited to, damages for loss of profits or confidential or other information, for business interruption, for personal injury, for loss of privacy, for failure to meet any duty including of good faith or of reasonable care, for negligence, and for any other pecuniary or other loss whatsoever)
[*] - http://www.microsoft.com/windowsxp/home/eula.mspx -
Re:Very true....
It's sad that Gateway provides no cheap media replacement procedure - *against* MS recommended policy. Were Gateway to go out of business, MS would replace the disk for $30: http://support.microsoft.com/kb/326246#OEM
-
Re:Very true....
I'm going to post this anonymously for obvious reasons.
Yeah, 'cause you just know that the Microserfs and lawyers are trolling Slashdot, lurking for confessions of copyright infringement by 15 year olds, so they can sue slashdot to get your IP address, and then do legal discovery to your ISP to get your real name.
Right. (Did your phone just ring? OMG! It could be them right now!!!)
I have a few Windows XP licenses, but they are all OEM XP Home/Media Center licences that came with the computers. Those systems were so crapified by the OEMs and/or in such a bad state (my wifes computer was a mess when I took control over it) that even reinstalling the OEM version would have been a major headache.
What this tells me is that you have no particular idea what you are talking about. The differences between XP Home and XP Professional is little more than the license verification, and a few features that would be useful in a corporate setting.
How is installing a (pirate) Professional any easier than installing a legitimate Home version? I've installed both Professional and Home editions - not much different, except for when your pirate Professional CD key gets invalidated and you have to dicker with the license key in the registry to try to get it to recognize a legitimate key, or re-install the one you legally own.
So go legal! It's easier, and the license is already stuck to the bottom of your laptop! -
Re:Very true....
You can still set up Asian input with a OEM installation of Windows, I did it with my old American HP laptop. http://office.microsoft.com/en-us/help/HA01034736
1 033.aspx is the first thing that came up on Google, maybe it even helps! The way I had it set up worked fine, except that you couldn't use Asian fonts for file names. Or maybe you could, I didn't really worry about it, everything worked fine. I wrote PRC Chinese and also occasionally Japanese. -
Re:Adds to Perception of GPL as Viral
Considering that the developer is one of the copyright holders on the kernel's code, I think your post makes no sense.
I'm not hyperbolizing anything (killing babies or the like): I merely stated the facts of the license in question. The GPL does come with limitations, but they are much less stringent than standard licenses. If VMWare had taken the same liberties with a piece of Microsoft's software under the Microsoft Community License (Ms-CL), VMWare would be in the same boat. GPL is not the only license with reciprocal terms. VMWare has been working with Linux for long enough to know the terms of its licensing. They knew what they were getting into. -
Who is actually building these prototypes?
Does anyone who is actually building these devices for the White Spaces Coalition? Is it in-house? A university? Telecom-equipment manufacturer? Is it based on Microsoft's KNOWS? I never thought I'd be rooting for MS but on this fight I've got my fingers crossed for them.
-
Virtual PC; When Security Doesn't Matter
Mod the parent up. Clearly Microsoft Virtual PC is superior than VMWare in that it allows for significantly greater functionality such as allowing a 'guest' to execute arbitrary code on the 'host' or other 'guests'. Clearly VMWare is inferior in this aspect and we're all fools for not using another manifestation of 'Trustworthy Computing' from Microsoft. Hey, not to mention, VMWare doesn't run on Linux either...er...yes it does.
MS07-049:
http://www.microsoft.com/technet/security/Bulletin /MS07-049.mspx
From the advisory:
"An elevation of privilege vulnerability exists in Microsoft Virtual PC and Microsoft Virtual Server that could allow a user with administrator permissions to the guest operating system to run code on the host operating system or other guest operating systems. An attacker with administrator permissions to the guest operating system, could exploit the vulnerability by running specially crafted code on the guest operating system. This could result in a heap overflow on the host or other guest operating systems. An attacker who successfully exploited this vulnerability could take complete control of an affected system." -
Re:File synchronization... If you must...
- Use bootcfg to edit boot.ini to add in the safe mode switch - msconfig is your friend to find the switch
- Add a registry entry to run your script on startup, probably HKLM\SOFTWARE\Microsoft\ Windows\CurrentVersion\RunOnce. You need something special in the entry name (maybe "*"? don't remember) to make it run in safe mode.
- Modify your script to undo the boot.ini change and the registry change
- Modify your script as per step 7-9
- Reboot
- Your script will run
- Your script will run another command that spawns a child process then exits
- The child process will wait for the window that says "you're booting into safe mode, click ok to contiune"
- The child process will click the OK button, wait a minute to let everything settle down, then reboot.
-
Re:File synchronization... If you must...
- Use bootcfg to edit boot.ini to add in the safe mode switch - msconfig is your friend to find the switch
- Add a registry entry to run your script on startup, probably HKLM\SOFTWARE\Microsoft\ Windows\CurrentVersion\RunOnce. You need something special in the entry name (maybe "*"? don't remember) to make it run in safe mode.
- Modify your script to undo the boot.ini change and the registry change
- Modify your script as per step 7-9
- Reboot
- Your script will run
- Your script will run another command that spawns a child process then exits
- The child process will wait for the window that says "you're booting into safe mode, click ok to contiune"
- The child process will click the OK button, wait a minute to let everything settle down, then reboot.
-
Re:File synchronization... If you must...
- Use bootcfg to edit boot.ini to add in the safe mode switch - msconfig is your friend to find the switch
- Add a registry entry to run your script on startup, probably HKLM\SOFTWARE\Microsoft\ Windows\CurrentVersion\RunOnce. You need something special in the entry name (maybe "*"? don't remember) to make it run in safe mode.
- Modify your script to undo the boot.ini change and the registry change
- Modify your script as per step 7-9
- Reboot
- Your script will run
- Your script will run another command that spawns a child process then exits
- The child process will wait for the window that says "you're booting into safe mode, click ok to contiune"
- The child process will click the OK button, wait a minute to let everything settle down, then reboot.
-
Re:article
The blog only talks about the IT Challenge category, which is about maintaining and using Windows. The Thai students won the Software Design category. The complete list of winners is here.
-
Do you know any scripting?
Start here:
http://support.microsoft.com/kb/241397
here:
http://support.microsoft.com/kb/325003
and here:
http://msdn2.microsoft.com/en-us/library/ms170207. aspx
Run the backup to local drive as often as you feel necessary. Having the information on a second place of the disk improves your recovery chances _when_ you have to send that bad boy out to a service for recovery.
Copy backups to the network upon login. Copy backups to the network upon login. Copy backups to the network upon login. And finally, make it impossible, or at least very irritating, for the user to interrupt this step.
Personally, I would advocate working off of the professionally(?) managed servers. -
Do you know any scripting?
Start here:
http://support.microsoft.com/kb/241397
here:
http://support.microsoft.com/kb/325003
and here:
http://msdn2.microsoft.com/en-us/library/ms170207. aspx
Run the backup to local drive as often as you feel necessary. Having the information on a second place of the disk improves your recovery chances _when_ you have to send that bad boy out to a service for recovery.
Copy backups to the network upon login. Copy backups to the network upon login. Copy backups to the network upon login. And finally, make it impossible, or at least very irritating, for the user to interrupt this step.
Personally, I would advocate working off of the professionally(?) managed servers. -
Do you know any scripting?
Start here:
http://support.microsoft.com/kb/241397
here:
http://support.microsoft.com/kb/325003
and here:
http://msdn2.microsoft.com/en-us/library/ms170207. aspx
Run the backup to local drive as often as you feel necessary. Having the information on a second place of the disk improves your recovery chances _when_ you have to send that bad boy out to a service for recovery.
Copy backups to the network upon login. Copy backups to the network upon login. Copy backups to the network upon login. And finally, make it impossible, or at least very irritating, for the user to interrupt this step.
Personally, I would advocate working off of the professionally(?) managed servers. -
Re:You mean...Oh, you mean like THIS. Sorry, boy but Apple seems to be starting their photocopyers a little too late. This feature has been included in XP since forever.
Back on topic: the problem is not reinventing the wheel. I'm sure those kids wrote a hell of an algorithm ot one or two great ideas. Nobody gives money for free, and I'm sure they deserved it.
-
More useful links...Not that the absence of any information in the linked blog about the winning project has kept people from idiotic disparagement of it, but for those who like to know a little about what they're idiotically disparaging:
Press release about the winners
-
Re:The problem with VC++
Orcas supports _InterlockedCompareExchange128 (CMPXCHG128). It should be in the Beta:
http://msdn2.microsoft.com/en-us/vstudio/aa700831. aspx -
Re:issue with benchmark
FYI: Windows creates swap based on the amount of physical memory in the computer (1.5 times memory for min, 3.0 times max)
linky:
http://support.microsoft.com/kb/308417/ -
XP SP3 Might have been news, this isn't
Just thought I'd add a bit of sanity here for the 1 or 2 people that think before posting. Microsoft has already released service pack 2 a and b to OEM's and OEM's (and their new customers) are the only people getting this version. End users aren't going to be getting this as from windows update it simply adds more license keys, OK? That said Microsoft HAS confirmed Service Pack 3 for XP which will be the roll-up of all security issues thus far and a few more. See here: http://www.microsoft.com/windows/lifecycle/servic
e packs.mspx Where it states: SP3 for Windows XP Professional is currently planned for 1H CY2008. This date is preliminary. -
Re:The problem with VC++
This discussion came up again with Visual Studio 2008 "Orcas" and plans seemingly a bit lacking once again for an improved C++ feature set and general love for IntelliSense, etc.
Microsoft had the following to say:
http://forums.microsoft.com/MSDN/ShowPost.aspx?Pos tID=970938&SiteID=1
See bdunlap's response. -
Re:Not interesting... Yeah right.
"When Microsoft writes an application for Linux, I've Won." - Linus Torvalds
Well, seems that Linus can declare himself a winner and retire.
Front Page Extensions for Linux
Triple DES encryption algorithm (source code)
SQL JDBC driver (runs on Linux) .NET (Unix-like compatible source code)Not to mention the technical help Microsoft has provided to Mono (.NET clone for Linux) and Firefox.
Congratulations.
-
Re:Not interesting... Yeah right.
"When Microsoft writes an application for Linux, I've Won." - Linus Torvalds
Well, seems that Linus can declare himself a winner and retire.
Front Page Extensions for Linux
Triple DES encryption algorithm (source code)
SQL JDBC driver (runs on Linux) .NET (Unix-like compatible source code)Not to mention the technical help Microsoft has provided to Mono (.NET clone for Linux) and Firefox.
Congratulations.
-
Re:Not interesting... Yeah right.
"When Microsoft writes an application for Linux, I've Won." - Linus Torvalds
Well, seems that Linus can declare himself a winner and retire.
Front Page Extensions for Linux
Triple DES encryption algorithm (source code)
SQL JDBC driver (runs on Linux) .NET (Unix-like compatible source code)Not to mention the technical help Microsoft has provided to Mono (.NET clone for Linux) and Firefox.
Congratulations.
-
Re:Not interesting... Yeah right.
"When Microsoft writes an application for Linux, I've Won." - Linus Torvalds
Well, seems that Linus can declare himself a winner and retire.
Front Page Extensions for Linux
Triple DES encryption algorithm (source code)
SQL JDBC driver (runs on Linux) .NET (Unix-like compatible source code)Not to mention the technical help Microsoft has provided to Mono (.NET clone for Linux) and Firefox.
Congratulations.
-
Don't jump to conclusionsYou should do your research. Microsoft has a translater to go BOTH WAYS between OOXML and ODF:
http://www.microsoft.com/Presspass/press/2007/feb
0 7/02-01OpenXMLPR.mspx ...Translator enables conversion of documents from one format to the other and is available for anyone to download and use at no cost. When plugged into Microsoft® Office Word, for example, the Translator provides customers with the choice to open and save documents in ODF rather than the native Open XML format. The Translator may also be plugged into competing word processing programs that use ODF as the default format to open and save documents in Open XML. Microsoft Corp. announced its support for the open source project to build a technical bridge between Open XML and ODF in July 2006 to provide interoperability between formats. Since inception, it has remained among the 30 most active projects on SourceForge.net and has been downloaded more than 50,000 times... -
Re:could someone clarify
The driver is split in two parts, one that runs in user mode and one that runs in kernel mode. See http://msdn2.microsoft.com/en-us/library/ms797619
. aspx -
It's amazing people can still believe this stuff.
Microsoft doesn't implement other people's standards for their bread and butter.
I'll quote here from "Microsoft Windows 2000 TCP/IP Implementation details" because it's an important and convenient example:
Windows Sockets specifies a programming interface based on the familiar socket interface from the University of California at Berkeley.
This is only one example out of a great many. Microsoft implements (embraces), extends, and to the extent possible extinguishes other people's standards for their bread and butter. Some people feel it's the only business model they have.
They have the luxury of controlling the largest hoard of software engineers, product planners, marketers, testers, and customers in the desktop application market.
I'm sure in those groups are some individuals who would object to your characterization of them as controlled by Microsoft. No doubt some of them think they're choosing the best platform and that they can change their choice when they find a better one. To the extent they suffer from Microsoft's control many of them resent it. A rebellion is brewing. Regardless, it is amazing how little quality they achieve with so much talent isn't it?
The XML representation of that data sheds a lot of light on it.
The XML representation of a document does indeed shed some light. Have a look at the most trivial letter as an OOXML Word document for an example of why Microsoft programmers should sit quietly in a darkened room until their minds achieve clarity.
One downmod and you're back to trolling at 1.
-
Re:I don't mind it being a standard if....I don't mind this becoming a standard if it is truly "standard", which means that in the implementation documentation, EVERYTHING about it is disclosed, with no NDA, or proprietary "features". If that happens, I support OOXML for standardization. Already foiled before you even started.
http://www.microsoft.com/interop/osp/default.mspx
Search for the key word "enabling".
Everything that the OOXML standard calls up (external to the standard itself) is not open, not covered by Microsoft's promise.
It turns out that OOXML calls up a whole raft of "enabling technologies" that are Windows-only. -
Re:Makes good sense to me
Well, more importantly, like this...
Open Source At Microsoft
But it's just a bunch of marketing and lip service at this point. There are no major open source products at MS, MS's pundits are still ridiculing FOSS as "open sourcery," and you can bet Microsoft's intent is to produce yet more restricted license software. You'll notice that they've concentrated exclusively on the "openness" of the source code, yet ignore the entire concept of GPL and free software in their stance on intellectual property. It's playing both ends against the middle right now, largely through innuendo, something MS is very good at.
In fact, Microsoft has killed entire markets by simply pretending to have a product. It's something to watch out for, as this is a bread-and-butter tactic in Redmond.
--
Toro -
Re:Server & desktop - different levels of ridi
"However, it is completely ridiculous to ever run Windows on a server." - by pyite69 (463042) on Saturday August 11, @01:37PM (#20196457)
http://www.microsoft.com/sql/bigdata/default.mspx
There are HOW MANY COMPANIES running Microsoft Windows (of modern NT-based varieties today (2000/XP/Server 2003/VISTA) + SQLServer 2003 on that page, & doing so successfully mind you, that will tend to disagree with you?
Quite a lot!
Guys, I KNOW you guys "love your LINUX" here @ /., but - don't underestimate Windows used in servers, OR for security either!
Windows of modern builds based on NT (2000/XP/Server2003/VISTA)? They're VERY securable as well, above & beyond their default configuration "out-of-the-box/oem stock"...
Really easily as well, via 12 basic simple steps anyone can use (inclusive of Windows admins, & at the DESKTOP CLIENT NODE LEVELS as well as on the server), per this guide:
http://forums.techpowerup.com/showthread.php?s=731 6c98c36e75835f964972f246c3eaf&p=375355#post375355
SCORE ON THE MULTIPLATFORM CIS TOOL (by the CENTER FOR INTERNET SECURITY) PHOTO:
http://img.techpowerup.org/070618/APK14SecurityPoi ntsCISToolResult84735.jpg
This multiplatform test runs on SOLARIS, BSD variants (sorry, no OpenBSD or MacOS X versions are available yet, but for example: FreeBSD has a version), Linux, & yes, Windows & has been noted by SANS & other notables/respectable sources, such as these:
COMPUTERWORLD:
http://www.computerworld.com/action/article.do?com mand=viewArticleBasic&articleId=9018362&intsrc=hm_ list
SANS: CIS to Release Windows Configuration Assessment Tool (May 1, 2007)
http://www.sans.org/newsletters/newsbites/newsbite s.php?vol=9&issue=36#sID302
(That's there for folks that have tried to "object to this program" because they did not know who "THE CENTER FOR INTERNET SECURITY" is, & attempted to say this program is "rogueware" etc. such as in the URL below):
http://slashdot.org/comments.pl?sid=264303&thresho ld=-1&commentsort=0&mode=thread&pid=20176577#20185 057
The sad part is this - I have posted the challenge to take this test (especially from SeLINUX bearing distros & users of them, & BSD variant users like FreeBSD) here @ /., around 25 times now - NO TAKERS, but plenty of evaders & spinmasters trying to avoid taking it, for b.s. reasons (saying in others, vs. the URL above's reason, that "there is no registry in LINUX"... & so what? There are other areas in the *NIX family tree that DO (such as the /etc & its subnodes)).
APK
P.S.=> And, don't get me wrong: I like Linux, especially on KUbuntu 7.1, because I LIKE KDE!
(AND, with SeLinux in place + configured on it ontop of the usual methods for helping to secure Linux (chmod/chroot/chown legwork + IPTables (perhaps Packet Filtering built into Linux as well via IPChains oldschool methods (but they BOTH offer things over one another), & even NetConfig to create a "NAT" system too - plus more things I am learning about for security in LINUX that are pretty neat)!
I did that CIS Tool multiplatform test in the URL above -
Racist comment
"Basically they have little natural talent"
Despite the fact this is a blatently racist comment, I think it should be obvious to anyone familiar with research in the U.S. that a great percentage is done by Chinese graduate students/professors. Just look at recent citations in bio-tech/physics/semiconductors/chemistry/nano-tec hnology. The number of high-tech companies run by or with high level technology officers who are of Chinese descent is huge. Needless to say, if the Chinese are kept out/were kept out of this country, the industries that depend on talented individuals would collapse. Perhaps that is why Microsoft has built one of their largest (the largest?) research labs there: http://research.microsoft.com/aboutmsr/presskit/ba ckgrounders/asia_bg.aspx
Fortunately I think most slashdotters understand this so I won't bother to elaborate further. (I remember similar comments made about the Japanese and Koreans before they started kicking our butts in consumer electronics, semiconductors, automobiles, etc.). I'm even curious to know how many Chinese slashdotters there are out there. (I'm not one). -
Re:That's still a lot
Rarely if ever needed anymore.
The Vista Hardware Compatibility List claims to need IE6 or later; apart from some minor rendering issues, it worked fine with spoofed Firefox. (What kind of moron would make a list IE-only, anyway??) -
Re:Let's blame Microsoft
Then they shouldn't state directly in their literature that the point of the signed driver is to ensure quality:It is when they've been espousing this whole "we check signed drivers to make sure they're good!" thing.
The driver IS SIGNED. Therefore, as far as the OS is concerned, its good. Just because a driver is signed doesn't mean it doesn't have a flaw. The OS cannot do a code audit and ensure that there are no exploitable holes!For device drivers and other kernel-mode software, drivers signed as part of the Windows Logo program increase end-user confidence in the quality of the software and improve the user experience, because a Windows Logo belonging to a driver indicates that the driver was tested and the digital signature that accompanies the Windows Logo confirms has not been altered since testing.
Maybe your definition of quality doesn't include potential security flaws, but I would argue that is one of the most important things to check for in a driver audit. -
Re:That's why microkernels are useful
Mod Parent Up.
Even Microsoft Research is looking into making microkernel operating systems with their Singularity project.
Of course, the Minix 3 Project has been doing this for awhile, supposedly even having a fully POSIX compliant product at this point.
The major design factor of Microkernels is that it's bad practice to have a trusted path from any driver or system service in kernelspace to any other driver or system service in kernelspace. Just because you're "in" doesn't mean that anything else that's "in" should trust you.
The largest hurdle microkernels have to overcome, however, is the problem of DMA. As long as a malicious ATI video card (nevermind the driver) has direct access to all memory locations via DMA, it could easily just patch the driver's memory at runtime every time via hardware. That's why microkernel development is going to have to go hand-in-hand with tools like IOMMU, for controlling access to critical areas of memory.
Of course, critics often complain about Inter-process Communication (IPC) as being another limitation to microkernels, but at this point, it's really just an implementation hurdle as there are several ways to get processes that are in different memory spaces to communicate with high performance, especially as Moore's Law brings CPUs faster and faster. -
Re:That's why microkernels are useful
Mod Parent Up.
Even Microsoft Research is looking into making microkernel operating systems with their Singularity project.
Of course, the Minix 3 Project has been doing this for awhile, supposedly even having a fully POSIX compliant product at this point.
The major design factor of Microkernels is that it's bad practice to have a trusted path from any driver or system service in kernelspace to any other driver or system service in kernelspace. Just because you're "in" doesn't mean that anything else that's "in" should trust you.
The largest hurdle microkernels have to overcome, however, is the problem of DMA. As long as a malicious ATI video card (nevermind the driver) has direct access to all memory locations via DMA, it could easily just patch the driver's memory at runtime every time via hardware. That's why microkernel development is going to have to go hand-in-hand with tools like IOMMU, for controlling access to critical areas of memory.
Of course, critics often complain about Inter-process Communication (IPC) as being another limitation to microkernels, but at this point, it's really just an implementation hurdle as there are several ways to get processes that are in different memory spaces to communicate with high performance, especially as Moore's Law brings CPUs faster and faster. -
Re:Rules of the Road
A driver does not need to be signed by MSFT or tested by MSFT. It just needs to be signed.
Read: http://www.microsoft.com/whdc/winlogo/drvsign/kmsi gning.mspx -
Re:Let's blame Microsoft
Please cite a source for this FUD.
Or read this: http://www.microsoft.com/whdc/winlogo/drvsign/kmsi gning.mspx
You *can* buy a software publishing certificate from VeriSign and you *can* use it to sign a driver which you *can* load in Vista. -
Re:Why not just fix the filesystem instead?
Seems like NTFS does something similar. Excerpt from http://technet2.microsoft.com/windowsserver/en/li
b rary/9fcf44c8-68f4-4204-b403-0282273bc7b31033.mspx ?mfr=true :
--- BEGIN QUOTE ---
Using disablelastaccess {1 | 0}
The disablelastaccess parameter is designed to reduce the logging impact of updating the last access timestamp on folders and directories. Disabling the Last Access Time improves the speed of folder and file access.
Each file and folder on an NTFS volume contains an attribute called Last Access Time. This attribute defines when the file or folder was last accessed, such as when a user lists folders, adds files to a folder, reads a file, or makes changes to a file. The most up-to-date Last Access Time is stored in memory and is eventually written to the disk in two different locations. One is within the file's attribute, which is part of its MFT record. The second is in the index of the directory that contains the file.
The Last Access Time on disk is not always current. This lag occurs because NTFS delays writing the Last Access Time to disk when users or programs perform read-only operations on a file or folder, such as listing the folder's contents or reading (but not changing) a file in the folder. If the Last Access Time is kept current on disk for read operations, all read operations become write operations, which impacts NTFS performance.
Note that file-based queries of Last Access Time are accurate even if all on-disk values are not current. NTFS returns the correct value on queries because the accurate value is stored in memory.
NTFS typically updates a file's attribute on disk if the current Last Access Time in memory differs by more than an hour from the Last Access Time stored on disk, or when all in-memory references to that file are gone, whichever is more recent. For example, if a file's current Last Access Time is 1:00 P.M., and you read the file at 1:30 P.M., NTFS does not update the Last Access Time. If you read the file again at 2:00 P.M., NTFS updates the Last Access Time in the file's attribute to reflect 2:00 P.M. because the file's attribute shows 1:00 P.M. and the in-memory Last Access Time shows 2:00 P.M.
NTFS updates the index of the directory that contains the file when NTFS updates the file's Last Access Time and detects that the Last Access Time for the file differs by more than an hour from the Last Access Time stored in the directory's index. This update typically occurs after a program closes the handle used to access a file within the directory. If the user holds the handle open for an extended time, a lag occurs before the change appears in the index entry of the directory.
Note that one hour is the maximum time that NTFS defers updating the Last Access Time on disk. If NTFS updates other file attributes such as Last Modify Time, and a Last Access Time update is pending, NTFS updates the Last Access Time along with the other updates without additional performance impact.
Note that using the disablelastaccess parameter can affect programs such as backup and Remote Storage that rely on this feature.
This parameter updates the HKLM\SYSTEM\CurrentControlSet\Control\FileSystem\N tfsDisableLastAccessUpdate registry key.
--- END QUOTE ---
And it looks like it does it well, disabling it on my AMD 1.8 GHz/1GB XP system it gives no noticeable improvement with normal usage. Maybe i should try some "extreme" file operations to see some improvements with "disablelastaccess" set :)
Anyway... maybe we can learn a thing or two from NTFS... -
Re:Rules of the Road
For the first part of your question, you can install debug versions of Windows. These are known as checked builds. They don't have any compiler optimization and add a lot of internal checks to help identify issues when writing drivers. In particular they do extra parameter validation. The retail builds (known as free builds) basically trust kernel-mode code to be written properly, so each function doesn't check all of its parameters for validity.
I assume it's easy to boot checked builds into a mode that accepts unsigned drivers, since that is what the build is designed to test. -
Frontpage? Try Microsoft Expression
You think Dreamweaver is good? Wait until you try Microsoft Expression: http://www.microsoft.com/expression/
-
Re:Multiplatform Flash?
In this case 'cross-platform' means Windows and Mac OS X. In addition, since the platform is really your web browser, it supports IE, Firefox, and Safari. See the download page for details.
-
Re:Wow
You're right about NTFS because I remember doing some simple forensics to figure out when/how a Windows machine was compromised. The access times were quite helpful. I remember thinking at the time that while it was useful, the performance cost of saving all that stuff must be significant if files were being accessed frequently.
Anyway, I googled and you're right that there is an equivalent to "noatime" for the access time feature in NTFS. It's number 8 in the list on that page ("Disable Last Access Time"). The command is apparently:
fsutil behavior set disablelastaccess 1
So, it is setting disable to true (double-negatives are confusing!).
I haven't tried using fsutil before. Make sure you know what you're doing, YMMV, etc. (the Microsoft page says that some backup software uses the last access times, so be careful). The relevant registry key is "NtfsDisableLastAccessUpdate", but I don't know when it is used or when it it is safe to change it.
Apparently something like this is available in Vista as well, but storing the last access time is disabled by default for better performance (so, disablelastaccess is already 1, I guess).