Domain: microsoft.com
Stories and comments across the archive that link to microsoft.com.
Comments · 34,132
-
Re:Feedback
-
Re:Product Key
You'll need a product key from here. Pull down "select your location" in the Download section. Fill out some stuff and you get a product key.
-
Re:Plays nice with boot loaders?
You just have to click on the "Additional instructions can be found on the Customer Preview Program website" linky on . http://www.microsoft.com/windowsvista/getready/pr
e view.mspxOf course, most people are just going to download it and install it. Their WTF Moment(TM) is next June.
Installation limitations
There are three installation scenarios for Windows Vista RC1:- You can do a clean installation. This process will overwrite any data that you have on your hard disk or on your installation partition. The overwritten data will be lost and unrecoverable.
- You can upgrade an existing installation of Windows XP.
- You can upgrade an existing installation of Windows Vista Beta 2.
No other installation scenarios are supported. Upgrading to this beta from any other edition of Windows requires a clean installation, as described in option 1. In addition, once you install Windows Vista RC1, you cannot roll back to the previous operating system installation--you will either have to acquire and install the final released edition of Windows Vista or reinstall a previous edition of Windows. Before installing Windows Vista RC1 on any computer, please remember to back up all your files.
How many people are going to try to re-install XP
... they have the original w/o the service packs, etc., and can't even get on the net long enough to download them w/o getting p0wn3d ... or they can't find the drivers for their now-not-the-latest video card, or their mobo ... and say "frig it, guess I have to pay the MS tax after all ..." ... or go out and buy a new computer ... -
Re:Any They Missed
Mine is Dont have selection boxes with just yes no and canel on them, make them more informative such as is in linux, ie Save File and Discard, Don't Close and Save.
...which was, I think, recommended by Apple before being popular on other systems. (See "Buttons for addressing the alert".)
Of course, "on Linux" in this context really means "in GNOME" or "in KDE" or
..... The GNOME Human Interface Guidelines make the same suggestion about button labels, which I think they took from the OS X HIG. The KDE HIG also suggests buttons with verbs. I don't know what other DEs or toolkits recommend (if anything) or support.Then again, even one of Microsoft's HIGs suggests that, albeit not as strongly (look for "Dialog Box Commands"). For that matter, so does the Vista HIG (look for "Use positive commit buttons").
-
Re:Any They Missed
Mine is Dont have selection boxes with just yes no and canel on them, make them more informative such as is in linux, ie Save File and Discard, Don't Close and Save.
...which was, I think, recommended by Apple before being popular on other systems. (See "Buttons for addressing the alert".)
Of course, "on Linux" in this context really means "in GNOME" or "in KDE" or
..... The GNOME Human Interface Guidelines make the same suggestion about button labels, which I think they took from the OS X HIG. The KDE HIG also suggests buttons with verbs. I don't know what other DEs or toolkits recommend (if anything) or support.Then again, even one of Microsoft's HIGs suggests that, albeit not as strongly (look for "Dialog Box Commands"). For that matter, so does the Vista HIG (look for "Use positive commit buttons").
-
Yes/No dialogs again
One of the worst misfeatures of Windows (and its developer community) is the retarded design of dialogs. AFAIK the pre-Vista API has a bunch a simple functions to do Yes/No and Ok/Cancel dialogs, but nothing to label buttons sensibly. So it's quite common to have a dialog with "Yes" and "No" buttons, and and huge text explaining what these options mean. Despite the fact that every at least semi-decent article or book about dialog design recommends to use verbs for button labels.
I recently read that Vista finally offers an API to easily change the button labels. Yeah! And guideline 5 (Use task dialogs for new or frequently used dialog boxes and error messages) specifically recommends:
Use positive commit buttons that are specific responses to the main instruction instead of generic labels (such as "OK"). Users should be able to quickly grasp the options by reading the button text alone. Always start commit button labels with a verb.
Yeah again!
However, above this guideline we can see a screenshot of the classic, super retarded Windowesque "Save changes? Yes/No/Cancel" dialog.
I suggest for the final document they just copy this dialog from any random Mac OS application and put a Vista theme on it.
-
Re:Thank You Microsoft!
Parent might also want to check the new "ribbons" Office 2007 UI.
-
Re:In C++
Besides the many very good points you mention there's also the question of documentation - good DbC systems are integrated into the autogenerated documentation elegantly. All that said, you do have more options then Eiffel if you want to use contracts. If you use Java you can use JML which I believe covers all your points, and my point about documentation. If you use Ada you can use SPARK which again, covers your points quite well. Both SPARK and JML also offer (via ESC/Java2 for JML) extended static checking as well as the usual runtime checking of contracts. Finally for C# there's Spec#, but I don't know too much about that one.
Still, Eiffel is actually an extremely elegant language with powerful DbC built into at the core. If DbC is something that's important to you Eiffel probably is your best choice. -
EFS and FileVault: Why aren't they the default?
I was going to stay
1) Use a MacBookPro
2) Turn on FileVault
3) Problem solved.
But it appears as if there's an equally effective solution in Windows:
kb 307877 simply Click Start, point to All Programs, point to Accessories, and then click Windows Explorer, locate the file that you want, right-click the file, and then click Properties, on the General tab, click Advanced, Under Compress or Encrypt attributes, select the Encrypt contents to secure data check box, and then click OK If the file is located in an unencrypted folder, you receive an Encryption Warning dialog box. Use one of the following steps: If you want to encrypt only the file, click Encrypt the file only, and then click OK. If you want to encrypt the file and the folder in which it is located, click Encrypt the file and the parent folder, and then click OK.
(yesyesyes, if you detailed the procedure for enabling FileVault it would be nearly as long).
But, I'm 100% serious about this, why don't both Microsoft and Windows enable file encryption by default?
(Full disclosure. Do I use FileVault? No. Why not? Well, to tell the truth, I'm worried about bugs and glitches. There is safety in numbers. If Macs had FileVault enabled by default, then any bugs in it would cause problems for millions of users, and Apple would find out and fix them quickly. As it is, I suspect about 0.01% of all Mac users use it, and I've felt for a long time that one of the keys to avoiding OS trouble is to stay in the mainstream and avoid using anything that lots of people aren't using--unless I have a good reason). -
Re:Trivial search - and the password is....
better change your password. create strong password to save your account from sombody take over it. just go to this site to see how to create strong password: http://www.microsoft.com/athome/security/privacy/
p assword.mspx -
Re:Zune? WTF?!?
That video is amusing, but you do know that it was made by MS themselves, right? They recognized that they need less cluttered packaging.
The real Zune box is shown here (the bottom of the page):
http://www.microsoft.com/presspass/presskits/zune/ default.mspx
You'll see that the box is decidedly "uncluttered". ;-)
(Actually, it's not surprising since the Xbox guys are doing the Zune, and Xbox 360's box is uncluttered too.) -
Re:Will MS respond? Yes.
http://www.microsoft.com/unix/ie/
It's long since dead, but they used to have a version for it. -
People have rights. Dogs have licenses
From the release notes page: We suggest that you back up your existing data before you install and run the software
Yes, it really says that. ... [but] ... Windows Media Player 11 does not permit you to back up your media usage rights (previously known as licenses). -
Re:Eye Candy Good, Need for super computer bad
People seem to confuse the 'Glass' eye candy and the actual specifications behind the WDDM driver model that 'Glass' requires.
Here is the thing, sure Glass could potentially run on a lot lower hardware, as the effects are not hard to do; however, this is NOT what the specifications or the WDDM are about.
The Glass is the pretty 'examples' of the new graphical engine in Vista, but there is a whole new paradigm in play that offers things no other OS technology currently even comes close to addressing.
A quick reference is things like the WDDM model allow GPU multi-tasking, GPU Memory virtualization, and several other concepts that will even push the next generation of what ATI and NVIDIA are doing.
WDDM and the 'pretty glass' are very much a part of each other in Vista, but also when you see Halo running with great FPS, in a window beside Star Wars Galaxies and in a window beside a new CAD or WPF 3D applicaiton, you realize that moving the 3D model from a 'single' applicaiton concept is more of what vista is about.
Also think about the applications I just mentioned and hit Flip3D, and watch all these games and applications run with full FPS in a slanted window side by side all other applications. This is what WDDM gives the users and developers and Glass is just a pretty example of WDDM being in use. If you want just animation and eye candy, people wrote utilities that did this under WindwosXP using GDI+, that is not what is special about the WDDM changes in Vista, truly.
MS has started posting more on these technologies and what they are and why they are. A good place to read up on the WDDM and some of the graphical changes in the whole Vista OS for semi-laymen can be found at:
http://msdn.microsoft.com/windowsvista/
There are more 'techie' articles on this for people interested, and even just a bit of reading you will see why the WDDM is different and how it can drop several 3D application on a desktop that all want or assume 'exclusive' GPU access and GPU memory and yet run in parallel and not starve for GPU RAM. So 3D tech nerds, some of this is pretty impressive and is a good indication where ATI and NVIdia will be going forward in terms of new ways of offering GPU abilities. -
As far as I can tell, it's a copy of Accelerator... down to the smaller architectural bits & pieces:
ftp://ftp.research.microsoft.com/pub/tr/TR-2005-1
8 4.pdfpublished last year.
-
Re:(shakes head)
http://support.microsoft.com/?kbid=909095 microsoft has an article on the problem here, it only occurs, afaik in XP machines with over 1 gig of ram
-
Re:Bad track records all around
I merely speak from the experience of having shitty Genicom (which were only provided kernel mode) and HP LaserJet print drivers, in both Windows NT4 and 2000 wreak havoc on a SQL database, as well as the local filesystem's integrity. Not fun.
Eew. I don't envy your position. I guess this is one of those cases where you set up a dedicated server just for printing (possibly with a different OS) or use a VM. I don't know about Genicom, but HP's printing software is awful, and it's getting worse.True, but on a workstation, at least the filesystem will be left in a consistent state, and I don't have to waste time rebooting and going through filesystem checks
Autochk.exe is run when the system starts (even before Win32 starts, when no files are open), and it will do a fsck on any volumes with the "dirty bit" set (set because it had an outstanding transaction). You can control this behavior, including excluding volumes from being checked and forcing them to be checked at next start with the chkntfs.exe program. ...If I don't like X, I can just not install it. Or I can be ultra-paranoid and use X on something like SE Linux where everything is ACL'd to hell and back. Or I can write my own, or pay somebody else to write a better window server. Or I can run some other window server, from some vendor (I'm to lazy at the moment to cite examples, I know they exist).
That's all true. I, too, am disappointed about how many things are dependent on Win32 and how Win32 is inseperable from the GUI. Most of the time for a Windows server, the best you can do is to concentrate on software that doesn't use the GUI, allowing it to sit in the background idle and paged out.P.S. What's up with deleting print jobs in Windows? Why do they just refuse to go away with this "printing-error-deleting" madness until you restart the print spooler service!? Even when the printer isn't in an error state, it just seems like it'll delete the job whenever it feels like it (umpteen wasted pages later). In Mac OS X for example, it simply finishes printing what's in the print buffer, and ejects the page.
When a job is canceled, it's supposed to stop printing immediately. The print spooler calls the printer driver's DrvDocumentEvent with a code of DOCUMENTEVENT_ABORTDOC, which the driver is supposed to use to tell the printer to cancel the print job, clearing on board caches as necessary. For some silly reason, the entire DrvDocumentEvent function is optional for the driver to implement. GDI will stop sending data to the print driver in any case, but the printer will continue to spool any driver-created and internal buffers unless the print driver cancels the document properly. It seems like 'extended' abilities like canceling jobs are among the first things for driver writers to skimp on. -
Re:Bad track records all around
I merely speak from the experience of having shitty Genicom (which were only provided kernel mode) and HP LaserJet print drivers, in both Windows NT4 and 2000 wreak havoc on a SQL database, as well as the local filesystem's integrity. Not fun.
Eew. I don't envy your position. I guess this is one of those cases where you set up a dedicated server just for printing (possibly with a different OS) or use a VM. I don't know about Genicom, but HP's printing software is awful, and it's getting worse.True, but on a workstation, at least the filesystem will be left in a consistent state, and I don't have to waste time rebooting and going through filesystem checks
Autochk.exe is run when the system starts (even before Win32 starts, when no files are open), and it will do a fsck on any volumes with the "dirty bit" set (set because it had an outstanding transaction). You can control this behavior, including excluding volumes from being checked and forcing them to be checked at next start with the chkntfs.exe program. ...If I don't like X, I can just not install it. Or I can be ultra-paranoid and use X on something like SE Linux where everything is ACL'd to hell and back. Or I can write my own, or pay somebody else to write a better window server. Or I can run some other window server, from some vendor (I'm to lazy at the moment to cite examples, I know they exist).
That's all true. I, too, am disappointed about how many things are dependent on Win32 and how Win32 is inseperable from the GUI. Most of the time for a Windows server, the best you can do is to concentrate on software that doesn't use the GUI, allowing it to sit in the background idle and paged out.P.S. What's up with deleting print jobs in Windows? Why do they just refuse to go away with this "printing-error-deleting" madness until you restart the print spooler service!? Even when the printer isn't in an error state, it just seems like it'll delete the job whenever it feels like it (umpteen wasted pages later). In Mac OS X for example, it simply finishes printing what's in the print buffer, and ejects the page.
When a job is canceled, it's supposed to stop printing immediately. The print spooler calls the printer driver's DrvDocumentEvent with a code of DOCUMENTEVENT_ABORTDOC, which the driver is supposed to use to tell the printer to cancel the print job, clearing on board caches as necessary. For some silly reason, the entire DrvDocumentEvent function is optional for the driver to implement. GDI will stop sending data to the print driver in any case, but the printer will continue to spool any driver-created and internal buffers unless the print driver cancels the document properly. It seems like 'extended' abilities like canceling jobs are among the first things for driver writers to skimp on. -
Re:It's a shame
Versions of Windows XP bought in the last couple of years include SP2 by default. A fresh install of a current version thus has the firewall switched on by default. You can hardly compain that a version bought in 2001/2 has vulnerabilities that are fixed in the current version; that's why it's a newer version, because (some of) the vulnerabilities are fixed. Incidentally, I believe exactly the same is true for the Mac: versions prior to Tiger did not have the firewall switched on by default.
Incidentally, XP prior to SP2 still had a rudimentary firewall, which whilst it isn't anywhere near as good as the SP2 one, it'll still protect you fine from external attacks whilst you download SP2. And in fact, if you're so worried about it, it only takes half an hour or so to slipstream SP2 into your Windows CD. Or if you don't want to do that, Microsoft will happily send you a service pack 2 disk. -
Re:It's worse than that
Umm.. That's a different problem space. Medical devices and flight control systems don't hae to operate in a hostile environment (at least from a software standpoint). Windows (and Linux and OSX and whatever other OS you're running on the internet) does.
Also flight control systems and medical devices have to be RELIABLE.
Reliable != Secure.
They're different dimensions on a multi-dimension graph of software qualities.
Some of the dimensions on the graph:
Security (the ability of a system to prevent a hostile attacker from compromising the system)
Reliability (the ability of a system to ensure continued functioning, regardless of operating conditions)
Robustness (this one's interesting, because the word "robustness" has situational meaning)
Flexibility (the ability of a system to adopt to new environments).
There are tons of other dimensions.
Software can be evaluated against all of these criteria, depending on the needs of your organization.
One other thing: it's IMPOSSIBLE to have perfect security (well, you might get pretty good security on a black box that accepts no inputs and produces no outputs - a computer that's not powered and has no permanent storage is also moderately secure). Security is about risk analysis and mitigation.
You need to decide what level of risk is appropriate for your data and ensure that you have mitigations in place appropriate for that level of risk. For instance, if the bad guy has physical access to your computer, they own your computer. So if you have critical data on a computer, you need to make sure that the bad guy can't get access to the computer (lock it up in a machine room). The 10 immutable laws of security is worth reading.
Microsoft is actually one of the few companies out there that really DOES get security (yeah, you can laugh, but they really do). But it takes a LONG time to turn a ship around, and it's really hard to mitigate the mistakes ofthe past (every user running as an admin is one of those big ones).
Microsoft has adopted a process they call the Security Development Lifecycle. The SDL involves a bunch of different processes that ensure that over time security defects in the system are reduced. Other organizations (Oracle and Mozilla, for example) are also adopting similar methodologies. Microsoft did this because they recognised that Windows was a train wreck in progress and that if they didn't do SOMETHING they'd be in even worse trouble than they are today.
So far, SDL has paid off. Every release of Windows since 2002 has been progressively more secure than the last, as have each subsequent release of other Microsoft products.For instance, when was the last time you've heard of a new SQL server vulnerability?
It's not saying that Microsoft is perfect. It's not. But it's progressively getting harder and harder for the bad guys to attack Windows - that's why they're going after other easier pieces of the ecosystem. Vista will raise the bar several orders of magnitude higher. -
Re:It's worse than that
Umm.. That's a different problem space. Medical devices and flight control systems don't hae to operate in a hostile environment (at least from a software standpoint). Windows (and Linux and OSX and whatever other OS you're running on the internet) does.
Also flight control systems and medical devices have to be RELIABLE.
Reliable != Secure.
They're different dimensions on a multi-dimension graph of software qualities.
Some of the dimensions on the graph:
Security (the ability of a system to prevent a hostile attacker from compromising the system)
Reliability (the ability of a system to ensure continued functioning, regardless of operating conditions)
Robustness (this one's interesting, because the word "robustness" has situational meaning)
Flexibility (the ability of a system to adopt to new environments).
There are tons of other dimensions.
Software can be evaluated against all of these criteria, depending on the needs of your organization.
One other thing: it's IMPOSSIBLE to have perfect security (well, you might get pretty good security on a black box that accepts no inputs and produces no outputs - a computer that's not powered and has no permanent storage is also moderately secure). Security is about risk analysis and mitigation.
You need to decide what level of risk is appropriate for your data and ensure that you have mitigations in place appropriate for that level of risk. For instance, if the bad guy has physical access to your computer, they own your computer. So if you have critical data on a computer, you need to make sure that the bad guy can't get access to the computer (lock it up in a machine room). The 10 immutable laws of security is worth reading.
Microsoft is actually one of the few companies out there that really DOES get security (yeah, you can laugh, but they really do). But it takes a LONG time to turn a ship around, and it's really hard to mitigate the mistakes ofthe past (every user running as an admin is one of those big ones).
Microsoft has adopted a process they call the Security Development Lifecycle. The SDL involves a bunch of different processes that ensure that over time security defects in the system are reduced. Other organizations (Oracle and Mozilla, for example) are also adopting similar methodologies. Microsoft did this because they recognised that Windows was a train wreck in progress and that if they didn't do SOMETHING they'd be in even worse trouble than they are today.
So far, SDL has paid off. Every release of Windows since 2002 has been progressively more secure than the last, as have each subsequent release of other Microsoft products.For instance, when was the last time you've heard of a new SQL server vulnerability?
It's not saying that Microsoft is perfect. It's not. But it's progressively getting harder and harder for the bad guys to attack Windows - that's why they're going after other easier pieces of the ecosystem. Vista will raise the bar several orders of magnitude higher. -
has any one seen security center...
... obviously not.
The security vendors can already plug into it, as i sit here my security center says i don't have AV installed.
When i click find options it takes me here http://www.microsoft.com/athome/security/update/wi ndowsvistaRC1AV.mspx - i don't see MS forcing any MS security product on me.
In fact when I have CA etrust AV installed the MS ecurity center tells me when the etrust is out of date (encouraging me to re-subscribe) it also alerts me when a virus is found because etrust tells security center that there is an issue.
This is a case of pure FUD, 1) security center doesn't protect you, 2) the vendors can plug into it - expect to see more on the war of FUD from symantec -
Re:"Security Center" is doublespeak
I'm getting a little tired of hearing this FUD everytime a discussion of WGA pops up. WGA does *NOT* prevent a user from updating Windows.
Well, I wouldn't really call it FUD. From the page itself:
Benefits of Genuine Windows:
... Ongoing Improvements ... You will get access to updates, enhancements, and innovations that help you protect and do more with your PC.So...with WGA you get access to Ongoing Improvements, which means access to updates. If the situation is different, then MS is not really painting that picture. So if it's FUD, it's being spread by MS itself.
I can hardly be blamed for reading their page and believing what I see, y'know.
-
Re:support
I don't think the end of support (as in people answering to your doubts) is the issue for most users, but rather the end of security updates
-
Re:Bad track records all around
LOL... The print spooler in NT 4 through 2000 SP4 was moved into Ring0, which allows bad print drivers and malformed jobs to at least, BSOD the system, or worst case, execute arbitrary code... That's secure!
First, the print spooler runs in the Spooler service hosted by the user-mode spoolsv.exe process. I agree that having printer drivers running in kernel mode is ugly, but only NT4 required such an arrangement. It was done because printers are just another type of display device that has to talk to GDI, and as you noted, GDI moved to the kernel mode win32k.sys in NT4. NT3 had the GDI server in user mode, and 2000 supports "version 3" printer drivers that run in user mode.They also moved GDI into the kernel in NT4 which allows crappy video drivers to BSOD the system. Though this provided a good performance improvement, it still does compromise security for performance!
Compare NT3's user mode Win32 server (winsrv.dll in csrss.exe) and NT4+'s kernel mode Win32 server (win32k.sys) to a standard X-Windows on UNIX:- Killing the server ends the life of all client processes in all three cases.
- Since all meaningful processes in Windows are Win32 clients (the Win32 server provides more services than just the GUI), this puts the OS into a fairly useless state in the NT3x case.
- In NT4+, the kernel bugchecks, terminating all current activity.
- With X-Windows, all of the user's GUI apps die. For a workstation, this likely represents everything important.
- The server is highly privileged because it has to access the graphics hardware.
- In NT3, csrss runs with the SYSTEM token, effectively granting total control over the computer; if the Win32 server is compromised, so is the machine.
- Since win32k.sys runs in kernel mode, compromising it also grants full control over the machine.
- X-Windows normally runs as root (without resorting to slow wrappers), and so do many window managers. Compromising these also compromises the entire machine. Even if X doesn't run as root, it's likely that unfixable privilege escilations exist due to the control over the video hardware and memory mapping that the X process has.
X can be somewhat safer with some extra work and overhead.
- Killing the server ends the life of all client processes in all three cases.
-
Re:Bad track records all around
LOL... The print spooler in NT 4 through 2000 SP4 was moved into Ring0, which allows bad print drivers and malformed jobs to at least, BSOD the system, or worst case, execute arbitrary code... That's secure!
First, the print spooler runs in the Spooler service hosted by the user-mode spoolsv.exe process. I agree that having printer drivers running in kernel mode is ugly, but only NT4 required such an arrangement. It was done because printers are just another type of display device that has to talk to GDI, and as you noted, GDI moved to the kernel mode win32k.sys in NT4. NT3 had the GDI server in user mode, and 2000 supports "version 3" printer drivers that run in user mode.They also moved GDI into the kernel in NT4 which allows crappy video drivers to BSOD the system. Though this provided a good performance improvement, it still does compromise security for performance!
Compare NT3's user mode Win32 server (winsrv.dll in csrss.exe) and NT4+'s kernel mode Win32 server (win32k.sys) to a standard X-Windows on UNIX:- Killing the server ends the life of all client processes in all three cases.
- Since all meaningful processes in Windows are Win32 clients (the Win32 server provides more services than just the GUI), this puts the OS into a fairly useless state in the NT3x case.
- In NT4+, the kernel bugchecks, terminating all current activity.
- With X-Windows, all of the user's GUI apps die. For a workstation, this likely represents everything important.
- The server is highly privileged because it has to access the graphics hardware.
- In NT3, csrss runs with the SYSTEM token, effectively granting total control over the computer; if the Win32 server is compromised, so is the machine.
- Since win32k.sys runs in kernel mode, compromising it also grants full control over the machine.
- X-Windows normally runs as root (without resorting to slow wrappers), and so do many window managers. Compromising these also compromises the entire machine. Even if X doesn't run as root, it's likely that unfixable privilege escilations exist due to the control over the video hardware and memory mapping that the X process has.
X can be somewhat safer with some extra work and overhead.
- Killing the server ends the life of all client processes in all three cases.
-
Re:Bad track records all around
LOL... The print spooler in NT 4 through 2000 SP4 was moved into Ring0, which allows bad print drivers and malformed jobs to at least, BSOD the system, or worst case, execute arbitrary code... That's secure!
First, the print spooler runs in the Spooler service hosted by the user-mode spoolsv.exe process. I agree that having printer drivers running in kernel mode is ugly, but only NT4 required such an arrangement. It was done because printers are just another type of display device that has to talk to GDI, and as you noted, GDI moved to the kernel mode win32k.sys in NT4. NT3 had the GDI server in user mode, and 2000 supports "version 3" printer drivers that run in user mode.They also moved GDI into the kernel in NT4 which allows crappy video drivers to BSOD the system. Though this provided a good performance improvement, it still does compromise security for performance!
Compare NT3's user mode Win32 server (winsrv.dll in csrss.exe) and NT4+'s kernel mode Win32 server (win32k.sys) to a standard X-Windows on UNIX:- Killing the server ends the life of all client processes in all three cases.
- Since all meaningful processes in Windows are Win32 clients (the Win32 server provides more services than just the GUI), this puts the OS into a fairly useless state in the NT3x case.
- In NT4+, the kernel bugchecks, terminating all current activity.
- With X-Windows, all of the user's GUI apps die. For a workstation, this likely represents everything important.
- The server is highly privileged because it has to access the graphics hardware.
- In NT3, csrss runs with the SYSTEM token, effectively granting total control over the computer; if the Win32 server is compromised, so is the machine.
- Since win32k.sys runs in kernel mode, compromising it also grants full control over the machine.
- X-Windows normally runs as root (without resorting to slow wrappers), and so do many window managers. Compromising these also compromises the entire machine. Even if X doesn't run as root, it's likely that unfixable privilege escilations exist due to the control over the video hardware and memory mapping that the X process has.
X can be somewhat safer with some extra work and overhead.
- Killing the server ends the life of all client processes in all three cases.
-
Re:Why you shouldn't give a shit.
"...and making the browser responsible for never allowing an untrusted object out of the sandbox, no matter what."
What a novel idea. Microsoft should implement this!
Oh, wait...
http://www.microsoft.com/technet/itsolutions/msit/ security/IE_protected_note.mspx -
trade in some of those machines!
If he is looking at donated computers truly of the Windows 95 era, he may not be doing the students, nor linux any service. Consider the standard requirements for a Windows 95 "era" machine: (from the Microsoft knowledge base article)
System requirements for installing Windows 95:
- Personal computer with a 386DX or higher processor (486 recommended)
- 4 megabytes (MB) of memory (8 MB recommended)
- Typical hard disk space required to upgrade to Windows 95: 35-40 MB The actual requirement varies depending on the features you choose to install.
- Typical hard disk space required to install Windows 95 on a clean system: 50-55 MB The actual requirement varies depending on the features you choose to install.
- One 3.5-inch high-density floppy disk drive
- VGA or higher resolution (256-color SVGA recommended)
Not saying it can't be done with Linux, but this person is choosing Linux to avoid the hassles of Windows? With machines as lean as these, and today's Linux, he may be getting more hassle with Linux than the old Windows.
Even by Linux (assuming 2.4 or higher kernel, with associated standard Gnu distro packages) standards, these are pretty stripped down machines, and would be likely to be balky even running Linux. There may be some instructional "stuff" you could do with Linux and these machines, but I'd be inclined to steer clear... there's a reason a lot of these machines are donated.
An alternative would be to look for some kind of community "donation", or a grant, where half decent computers could be drummed up -- a decent computer today can be obtained for much less than before -- why not order a bunch of components from Newegg, or somewhere similar, and build computers as part of the education exercise?
-
IE on VM
It seems like we're getting to a point where probably the only safe way to be surfing is by using a browser on a sandboxed virtual machine environment.
I'm not trying to point my finger only at Internet Explorer, but with security holes that can allow code execution, that's pretty scary. (And another case of buffer overrun? Maybe they ought to rewrite IE as managed code, but that's another topic all together.)
-
Re:active desktopEwwww.. SuperKaramba? I found it buggy, slow, and took up 15% of my cpu when everything else was idle, WHY would i want it builtin to my desktop?
And secondly...
just a way of putting HTML or Animations on the desktop - they weren't programs per-se, that could tell you useful stuff.
You're kidding right? The same way the web dosn't tell you usefull stuff? Nah.. i couldn't embed a flash/javascript/activex program into HTML and put it into my desktop, that's way too hard.. and they couldn't tell you any USEFULL stuff anyway.. not like all the cool apps here http://www.microsoft.com/windows/ie/ie6/previous/g allery/default.mspx like J-Track Satellite Tracking. That's not usefull to astronomers??
What about being able to embed your favourite ctrl-alt-del into your desktop.. or your corporate intranet site?
Oh and btw, superkaramba widgets are just done in XML anyway(although they can link to external libs).. so really all SuperKaramba provides is just a way of putting XML on the desktop - they aren't programs per-se, that could tell you useful stuff. -
Coming up the Stretch.. (Microsoft... *GASP*
From what i hear and see in Job Postings,
M$ is working on something similar..
http://www.microsoft.com/tv/IPTVImpact.html
Just my 2 cents. -
Re:Ultra fast desktop, same old slow applications
A 64 bit OS on a 64 bit processor runs faster than a 32 bit OS on a 64 bit processor? Hmmm, wonder why that could be? Both Windows and Linux have both 32-bit and 64-bit native editions, if you want to do a comparison. And if the 32 bit Windows is "still in the 32 bit dark ages", then so is 32 bit Linux. Except they're not, since both are for 32 bit processors, and both have 64 bit editions for 64 bit processors.
In conclusion, you're an idiot. -
and MS Open License & MS Open XML!
I guess that means the DoD will no longer buy MS software licenses. After all, Microsoft now calls that the Microsoft Open License:
http://www.microsoft.com/licensing/programs/open/
And I guess there is no way they could use the new MS Office Open XML file formats either:
http://www.microsoft.com/office/preview/itpro/file overview.mspx/ -
and MS Open License & MS Open XML!
I guess that means the DoD will no longer buy MS software licenses. After all, Microsoft now calls that the Microsoft Open License:
http://www.microsoft.com/licensing/programs/open/
And I guess there is no way they could use the new MS Office Open XML file formats either:
http://www.microsoft.com/office/preview/itpro/file overview.mspx/ -
Look for the hologram
Are you telling me I'm not infringing on copyright law if I electronically redistribute copies of software, movies, games, etc.?
Yes, you are reproducing the work, turning the recipient's hard drive into a copy or phonorecord of the work. A&M Records v. Napster.
"Windows Geniune Advange" has never tried to check my physical media.
Has it ever asked you to look for the hologram?
-
September 13, not September 15Since this was dated September 17, make that four days ago, not two.
Check the date on the xsec.org page referred to, daxctle2.c. milw0rm 2358 was a re-publication of this, also posted up on 09/13/2006. Republication happened at other exploit advisory sites as well, such as the SecuriTeam(TM) site, where, for some strange reason, the exploit was published twice, redundantly.
The formal vulnerability advisories SA21910 and FrSIRT/ADV-2006-3593, from Secunia and FrSIRT respectively, posted on 09/14/2006, confirmed and extended this, since both groups developed internal versions of daxctle2.c which were reliably effective in compromising fully patched instances of IE6.0 on WXPSP2.
However, both these advisories made it clear that the root cause flaw was in the ActiveX component that was so successfully and famously attacked by HD Moore in July.
Friday's MS advisory, Microsoft Security Advisory (925444), both clarified matters and proposed two workarounds that might be of more use than shutting down ActiveX or fervent prayer, namely:- Disable just the DirectAnimation Path ActiveX Control in the Registry, or
- Modify the ACL of the actual file Daxctle.ocx to be more restrictive.
-
KPL
-
Re:fool me once...
its no big deal with Apple because they don't put any DRM on any MP3s and never have...
I think people are misunderstanding (or spreading FUD about) Microsoft's plans with DRM and music shared between Zune players. Windows Media Player only adds DRM to ripped tracks if it's set up to do this (you set this up during installation/first run). If you accidently set up WMP to add DRM to ripped files (it used to be the default), then here's the instructions to disable this: How can I rip files to my computer without copy protection?You can rip CDs all day long with iTunes to MP3s or AACs... and not get a bit of DRM on those files.
Heck you can even rip to Apple Loseless mp4 without DRM... but I can share a MP4 with my friends all day long and they can make copies and put it on their iPods if they wanted.
From the articles I've read so far (TFA for this story has been Slashdotted), it sounds like Zune will add DRM to files that are wirelessly shared with other Zune players, not to the DRM-free files you transfer from the Zune software (WMP 11?) to the Zune. Adding DRM to your shared, but intitially DRM-free, files may sound like a crap move, but do you think any player (including the iPod) can get away with allowing direct player-to-player copying without adding DRM? This would be similar to file "sharing" like P2P, but on a smaller scale. In the paranoid RIAA's eyes, people could be adding copyrighted music to their players even if they didn't own the original CD.
but I can share a MP4 with my friends all day long and they can make copies and put it on their iPods if they wanted.
But can you make a direct transfer from iPod to iPod? Can you easily transfer a DRM-free MP4 file from your iPod to all of your friends' computers? I'd be surprised if the RIAA allowed this. -
Re:If a console owner buys 10 full price games
Second point, that 5 billion lost, does that include revenue from games and Live? Care to give a cite somewhere?
Microsoft does not release numbers for individual products, so no the number is not for just the hardware. Here's links to MS's Earnings Statements for Q4 2004 ($1.21B lost, shows 2003 as $1.19B lost)), Q4 2005 ($.39B lost) and Q4 2006 ($1.26B lost). What you're looking for is results for the division called 'Home and Entertainment'. As far as I'm aware the only quarter that division made money for MS was Q2 2005 ($.08B earned). That was the quarter (Oct-Dec 2004) that included both Christmas 2004 and the release of Halo 2. -
Re:If a console owner buys 10 full price games
Second point, that 5 billion lost, does that include revenue from games and Live? Care to give a cite somewhere?
Microsoft does not release numbers for individual products, so no the number is not for just the hardware. Here's links to MS's Earnings Statements for Q4 2004 ($1.21B lost, shows 2003 as $1.19B lost)), Q4 2005 ($.39B lost) and Q4 2006 ($1.26B lost). What you're looking for is results for the division called 'Home and Entertainment'. As far as I'm aware the only quarter that division made money for MS was Q2 2005 ($.08B earned). That was the quarter (Oct-Dec 2004) that included both Christmas 2004 and the release of Halo 2. -
Re:If a console owner buys 10 full price games
Second point, that 5 billion lost, does that include revenue from games and Live? Care to give a cite somewhere?
Microsoft does not release numbers for individual products, so no the number is not for just the hardware. Here's links to MS's Earnings Statements for Q4 2004 ($1.21B lost, shows 2003 as $1.19B lost)), Q4 2005 ($.39B lost) and Q4 2006 ($1.26B lost). What you're looking for is results for the division called 'Home and Entertainment'. As far as I'm aware the only quarter that division made money for MS was Q2 2005 ($.08B earned). That was the quarter (Oct-Dec 2004) that included both Christmas 2004 and the release of Halo 2. -
Re:If a console owner buys 10 full price games
Second point, that 5 billion lost, does that include revenue from games and Live? Care to give a cite somewhere?
Microsoft does not release numbers for individual products, so no the number is not for just the hardware. Here's links to MS's Earnings Statements for Q4 2004 ($1.21B lost, shows 2003 as $1.19B lost)), Q4 2005 ($.39B lost) and Q4 2006 ($1.26B lost). What you're looking for is results for the division called 'Home and Entertainment'. As far as I'm aware the only quarter that division made money for MS was Q2 2005 ($.08B earned). That was the quarter (Oct-Dec 2004) that included both Christmas 2004 and the release of Halo 2. -
Facts are, this is sub-par
Let's face it, this machine is sub-par.
It's like Vista. It has no killer features. It has few, if any compelling features. It does not have a compelling price point. The esthetics are poor-quality rip-off of a previous generation of iPod.
This thing is not beautiful, it's not revolutionary and it has "worse than Apple" DRM written all over it. I mean, this is MS, they could've done something different something better. Instead, they've again decided to clone, and this one is going to cost them. It will be flop, they won't make any money, shareholders will be angry and team members will leave for jobs at Google.
And there will be no wonder (from Slashdot at least) as to why the whole thing failed: Poor execution.
Who remembers the UMPC (Ultra-Mobile PC). These things were supposed to have the power of a small laptop in a kit the size of a paperback and cost less than 1k. At least they get points for revolutionary thinking (size, thumb inputs), but then they suffer from Poor execution. The units cost much more than 1k. The two that lauched had average esthetics and poor design: one of the two had a flimsy stand, both had so-so battery life, ports were poorly laid out and important ones were missing (no video out?). The weren't light or terribly thin, so thumb-typing can be impossible for some. Plus, the size of the thumb buttons doesn't scale, so people with smaller thumbs couldn't ask the system to "make a smaller keyboard".
The Zune has all of the makings of something even worse than the UMPC, and that's pretty bad.
-
Re:Fortunately, MSFT includes a C# compiler with .
Of course, MSFT doesn't advertise this because they don't want you avoiding their horrifically-expensive (but very nice) Visual Studio suite.
Actually, do advertise it, and they even give away a very full-featured development environment, Visual C# Express Edition. It's a free download. -
Re:IE not so important...
I think that is the problem. They are holding to THE standard, not some random de facto standard.
-
Re:Two things I care about with this
... and neither are mentioned, as far as I can see: Price & battery-lifeAnd what about size, specially the thickness? Well, just my opinion, but by the photos looks like they're trying to hide something: http://www.microsoft.com/presspass/presskits/zune
/ default.mspxInstead, check the iPod photos. Apple is always making sure to show how slim it is! http://www.apple.com/ipod/ipod.html
Of course, to power the big screen and the wireless connection long enough, this device needs a big battery, so it highly probable that it will be thick and heavy... about the price, maybe they'll decide to loose money over it, like they did with the first Xbox. They'll wait and see how the people reacts to it, and then decide the pricing strategy.
-
Re:Soo..
Note: I have been working on voting integrity issues in North Carolina for a little while now, and advised the committees that drafted the bill in question.
The state passed a pretty comprehensive election reform bill, which included the provision that all vendors must hand over all code that runs, is installed on, or is otherwised used in the operation of the voting machines. No if, ands, or buts.
Our State Board of Elections did not like this. They want paperless voting machines, and badly. Like a six-year-old that's been told to clean up its room, they're dragging their feet on enforcing these (and other provisions). When writing the Request For Purchase (bid requirements), some staffer added a "clarification" that the vendors only had to hand over "available" software, and simply explain why they couldn't hand over the rest. In other words, "Here's why I'm going to be breaking the law today."
Lawmakers were not happy. The SBOE, however, didn't particularly care. They didn't see a problem with only handing over a portion of the code, and wanted to interpret the law as loosely as possible.
Diebold pointed out that "available" was different than "everything", and actually got a restraining order that prevented the state from suing them for not complying with any of the new provisions of the law. This case essentially overturned that ruling, saying "Uh, no, you actually have to comply with the law." Technically it says, "Ask your lawyers for legal advice, not the court, we're not going to pre-judge the law before there's an actual conflict (i.e., you actually get sued for violating these provisions."
So Diebold is going to take their ball and go home, since they would actually have to play by the rules. Oh well.
On a side note, I didn't see any evidence that Diebold actually tried to get a Shared Source license from Microsoft, which would actually let them escrow the code. Maybe Diebold didn't actually want to escrow, well, anything?
Imagine that.
-jdm
-
the dock connector
-
the dock connector