Domain: microsoft.com
Stories and comments across the archive that link to microsoft.com.
Comments · 34,132
-
Re:Psht...always both
You cant write an operating system in an interpretted language
These people would beg to differ: http://research.microsoft.com/os/singularity/ -
Re:Why punish legit users?
Some peolpe are forced to use Windows in the workplace. That's just the kind of location where spurious piracy messages on a copy of Windows you know is legal, but might've been installed from an image.
And it's also the one place where users should not be updating their computers. That's what admins are for. That's what WSUS, and a dozen other software packages are for.
Besides, they're not paying you to like or dislike the operating system they use, they're paying you to do your job.
-
Re:Yes it is news
It won't run under Rosetta according to MS, nor is a universal build that close http://www.microsoft.com/mac/default.aspx?pid=mac
I ntelQA -
Virtual PC 7.0.2 PPC - Network, Sound working?
I have been tweaking with getting Vista Beta 2 (5384) working since it was released out in the wild. I have been able to install without a glitch, although slow. It works great. I have poked around and found that by installing Virtual Server 2005 R2 and extracting the files and installing the virtual machine additions that come packed with that, that you can get a significance performance increase (ppc virtual pc 7.0.2), although I have yet to get networking and sound working. anyone here been able to get these two devices working?
you can download Virtual Server 2005 R2 @ http://www.microsoft.com/windowsserversystem/virtu alserver/software/default.mspx for FREE. As a mac user, I booted into a WinXP virtual machine and performed the following commands to extract the new virtual machine additions to be installed in Vista.
Command Prompt type:
-------------------
setup /c /t c:\temp
If you then run the following command, you can unpack the MSI file. And you then you have access to the VS2005 R2 additions ISO, which you can install into your VPC (just use the CD -> Capture ISO Image... option)
msiexec /a "c:\temp\Virtual Server 2005 Install.msi" targetdir=c:\temp\extract /qn
after doing this, I have been able to install Office 2007 beta on vista's virtual machine with acutally not too bad performance, considering the emulation. -
Re:spreading themselves thin
Which part of the Microsoft Office EULA gives them the ability to remotely index and serve you ads based on the documents you create with their software?
-
Re:Why?
VirtualPC for Mac is an existing product that I'm assuming has the requisite number of customers who think it's worth doing.
From a personal standpoint, some of the reasons for wanting to do this are:
1. I like working on Macs but it's a Windows world out there. I need to be able to run some Windows software but don't want to buy and maintain a separate machine just to do that.
2. Running VirtualPC makes it easer for me to share the data between my Mac and the Windows machine I occasionally need to use. -
Re:Filesystem Filter Driver
Writing a FS filter requires the IFSKit, which is expensive and does not come with an MSDN license.
It looks like development of installable file systems has been merged into the device driver kit for Windows Vista, which is now called the Windows Driver Kit, so it's no longer necessary to buy the IFS kit. -
Also affects Office 2007 beta
After installing Office 2007 beta, I couldn't get it to activate. I did some tracing with Ethereal and found that an https connection was made to Microsoft servers and a blob of data sent. Microsoft servers don't respond and 60 seconds later the connection is closed. After installing WGA, the Office 2007 activation worked fine.
In case anyone is curious, these are the benefits Microsoft claims if you use WGA: http://go.microsoft.com/fwlink/?linkid=39157
What is really funny is that if you click Validate Now on that page and you are using Firefox, it wants to install a plugin for Firefox. Yes, Microsoft has written a plugin for Firefox! -
Re:MS's defines spyware
Link to their glossary: http://www.microsoft.com/security/glossary.mspx#s
-
Plus it does not work correctly...
Non-admins may get the euphemistic warning of possessing pilferred software,
http://forums.microsoft.com/Genuine/ShowPost.aspx? PostID=370244&SiteID=25/
Notice the MS solution, delete this, open up all permissions on that (good idea?), read, write, execute, delete for everyone! Or pay-up to get your copy of MS Winders to shut up.
Nothing like family (non-admins) and employees (non-admins) thinking they have purloined software. Isn't an unfounded accusation called, "Libel" http://dictionary.reference.com/search?q=Libel/?
(My SuSE never accuses me with false accusations.) -
Re:Nah, LSM is nothing like that
At the source level, technically NT's security subsystem is just one module among many. There is an opaque SECURITY_DESCRIPTOR structure that describes access control on all securable objects, and an opaque token system to confer identities and privileges to a process or thread. Modifying these and making access checks with them are done through opaque functions. If one had the source code for Windows available, it probably would be possible to change the security system quite a bit and recompile; then the only issue would be compatibility and cleanup of code that incorrectly depends on the current implementation. Unfortunately, with only the binaries available, it'd be really hard to make more than small changes since a lot of code depends on at least the size of those structures. However, I would think that patching the standard functions for token management and access checks would make some modest changes feasible. As others have said, if file access is your main focus for security, a filesystem filter is the right choice. It won't work for any other type of object, though.
That said, NT's security model since 2000 is actually quite flexible-- much moreso than Microsoft takes advantage of itself (although this is beginning to change in Vista). With restricted tokens, you can give a process an intersection of authority, like between a person's authority and an application's. For example, you could give your e-mail client only the access that you have personally AND that e-mail applications have (such as mailbox directories).
Software restriction policies can be used to create a white or blacklist of allowed binaries, either by path, hash or signature. One thing I've done for clients in the past is to prevent execution for any binaries (regardless of permissions assigned to the files) in their own profile and possibly any location they can write to. This cuts down on virus attachments a lot, since your own profile is where the files download to by default.
If you're really ambitious, you could create your own environment subsystem whose processes have no security identity (and so are unable to open objects directly), using your own server process to proxy all authorization requests however you want, thus avoiding the kernel's security mechanisms.
In closing, I'm afraid NT was never designed to have a pluggable authorization system. LSA does support pluggable authentication packages, though. -
Re:Nah, LSM is nothing like that
At the source level, technically NT's security subsystem is just one module among many. There is an opaque SECURITY_DESCRIPTOR structure that describes access control on all securable objects, and an opaque token system to confer identities and privileges to a process or thread. Modifying these and making access checks with them are done through opaque functions. If one had the source code for Windows available, it probably would be possible to change the security system quite a bit and recompile; then the only issue would be compatibility and cleanup of code that incorrectly depends on the current implementation. Unfortunately, with only the binaries available, it'd be really hard to make more than small changes since a lot of code depends on at least the size of those structures. However, I would think that patching the standard functions for token management and access checks would make some modest changes feasible. As others have said, if file access is your main focus for security, a filesystem filter is the right choice. It won't work for any other type of object, though.
That said, NT's security model since 2000 is actually quite flexible-- much moreso than Microsoft takes advantage of itself (although this is beginning to change in Vista). With restricted tokens, you can give a process an intersection of authority, like between a person's authority and an application's. For example, you could give your e-mail client only the access that you have personally AND that e-mail applications have (such as mailbox directories).
Software restriction policies can be used to create a white or blacklist of allowed binaries, either by path, hash or signature. One thing I've done for clients in the past is to prevent execution for any binaries (regardless of permissions assigned to the files) in their own profile and possibly any location they can write to. This cuts down on virus attachments a lot, since your own profile is where the files download to by default.
If you're really ambitious, you could create your own environment subsystem whose processes have no security identity (and so are unable to open objects directly), using your own server process to proxy all authorization requests however you want, thus avoiding the kernel's security mechanisms.
In closing, I'm afraid NT was never designed to have a pluggable authorization system. LSA does support pluggable authentication packages, though. -
Re:Nah, LSM is nothing like that
At the source level, technically NT's security subsystem is just one module among many. There is an opaque SECURITY_DESCRIPTOR structure that describes access control on all securable objects, and an opaque token system to confer identities and privileges to a process or thread. Modifying these and making access checks with them are done through opaque functions. If one had the source code for Windows available, it probably would be possible to change the security system quite a bit and recompile; then the only issue would be compatibility and cleanup of code that incorrectly depends on the current implementation. Unfortunately, with only the binaries available, it'd be really hard to make more than small changes since a lot of code depends on at least the size of those structures. However, I would think that patching the standard functions for token management and access checks would make some modest changes feasible. As others have said, if file access is your main focus for security, a filesystem filter is the right choice. It won't work for any other type of object, though.
That said, NT's security model since 2000 is actually quite flexible-- much moreso than Microsoft takes advantage of itself (although this is beginning to change in Vista). With restricted tokens, you can give a process an intersection of authority, like between a person's authority and an application's. For example, you could give your e-mail client only the access that you have personally AND that e-mail applications have (such as mailbox directories).
Software restriction policies can be used to create a white or blacklist of allowed binaries, either by path, hash or signature. One thing I've done for clients in the past is to prevent execution for any binaries (regardless of permissions assigned to the files) in their own profile and possibly any location they can write to. This cuts down on virus attachments a lot, since your own profile is where the files download to by default.
If you're really ambitious, you could create your own environment subsystem whose processes have no security identity (and so are unable to open objects directly), using your own server process to proxy all authorization requests however you want, thus avoiding the kernel's security mechanisms.
In closing, I'm afraid NT was never designed to have a pluggable authorization system. LSA does support pluggable authentication packages, though. -
Re:Nah, LSM is nothing like that
At the source level, technically NT's security subsystem is just one module among many. There is an opaque SECURITY_DESCRIPTOR structure that describes access control on all securable objects, and an opaque token system to confer identities and privileges to a process or thread. Modifying these and making access checks with them are done through opaque functions. If one had the source code for Windows available, it probably would be possible to change the security system quite a bit and recompile; then the only issue would be compatibility and cleanup of code that incorrectly depends on the current implementation. Unfortunately, with only the binaries available, it'd be really hard to make more than small changes since a lot of code depends on at least the size of those structures. However, I would think that patching the standard functions for token management and access checks would make some modest changes feasible. As others have said, if file access is your main focus for security, a filesystem filter is the right choice. It won't work for any other type of object, though.
That said, NT's security model since 2000 is actually quite flexible-- much moreso than Microsoft takes advantage of itself (although this is beginning to change in Vista). With restricted tokens, you can give a process an intersection of authority, like between a person's authority and an application's. For example, you could give your e-mail client only the access that you have personally AND that e-mail applications have (such as mailbox directories).
Software restriction policies can be used to create a white or blacklist of allowed binaries, either by path, hash or signature. One thing I've done for clients in the past is to prevent execution for any binaries (regardless of permissions assigned to the files) in their own profile and possibly any location they can write to. This cuts down on virus attachments a lot, since your own profile is where the files download to by default.
If you're really ambitious, you could create your own environment subsystem whose processes have no security identity (and so are unable to open objects directly), using your own server process to proxy all authorization requests however you want, thus avoiding the kernel's security mechanisms.
In closing, I'm afraid NT was never designed to have a pluggable authorization system. LSA does support pluggable authentication packages, though. -
Re:compliance to standards?
Not quite right. Actually Services for UNIX is incompatible with the x64 versions of Windows Server 2003, which is the required operating system family for the Compute Cluster.
Server 2003 R2 (http://www.microsoft.com/windowsserver2003/r2/wha tsnewinr2.mspx) adds the "Subsystem for Unix-based Applications" (SUA: http://www.microsoft.com/windowsserver2003/r2/unix interop/default.mspx) . You can either install R2 on one machine and recompile your app to make a win32 version, or you can install R2 on all your compute nodes to get the SUA environment everywhere. (the first option would probably be better) -
Re:MS and serious engineers
From http://www.microsoft.com/presspass/press/2005/dec
0 5/12-09SmithBurtonPR.mspx
REDMOND, Wash. -- Dec. 9, 2005 -- Microsoft Corp. today announced that Burton J. Smith is joining the company as a technical fellow. Smith joins Microsoft as a proven leader in the computer industry, serving most recently as chief scientist and member of the board of directors for Cray Inc. Smith will focus on working with existing groups within Microsoft to help expand the company's efforts in the areas of parallel and high-performance computing. He will report directly to Craig Mundie, chief technical officer and senior vice president for Advanced Strategies and Policy. -
Re:now is the .NET 3.0 MS was working on become 4.
You're referring to LINQ, right? LINQ is part of the 3.5 stack (previously called WinFX 3.5, and now, I assume,
.NET FX 3.5), as described in this chat on MSDN.Mads Torgersen[MSFT] (Expert): Q: This is a repeat in case it got lost: Can you give us a sense of the timing on working with C# 3 vs WinFX? If I were writing a book on each, which shoudl come first, and to what degree is one dependent on the other?
A: WinFX 3.0 is a Windows Vista timeframe release. We then release WinFX 3.5 which contains the LINQ libraries in the VS Orcas timeframe with C# 3.0. -
Re:Microsoft just seems to be kind of flailing.
Hey Spry - XP should automatically ungroup those buttons when you do close other windows and make more room. I can't speak for your exact scenario, and why exactly it wouldn't be ungrouping them when sufficient room exists. I was able to find this feedback link for Windows Vista; you should put forth your thoughts there. No guarantees of a response, but it's certainly better than not submitting feedback at all. Conversely, you may want to send your thoughts on through the Email link on the Windows Ux blog. I see they have no blog posts registered there at all (a pity), but the email link is pretty much guaranteed to be good.
Anyway, back on topic
:-). I agree that this is somewhat confusing. We (everyone working in the Developer Division, and all of the people working on the rest of the next-gen Windows stack: WPF, CardSpaces, Workflow Foundation, etc.) live and breathe this stuff every hour of every day, but I can imagine that keeping on top of it under any other circumstances can be tricky. Russ, the Product Unit Manager for the DDCPX team, commented earlier on exactly this point, but I'll reiterate his high-level comments for posterity's sake. Essentially, .NET FX 3.0 is the .NET FX 2.0 (the Whidbey release, and likely what you already have on your computer today), along with a bunch of new frameworks and technologies, including the Workflow Foundation, the Communications Foundation (formerly Indigo), CardSpaces (formerly InfoCard), and Presentation Foundation (formerly Avalon).In theory, an application written to target v2.0 of the Framework should work 100% as well on 3.0 as it did on 2.0. Of course, in reality it never hurts to double-check, but you shouldn't see any functional differences. It should run just as well.
With regard to Winforms, the technology is still very much alive and kicking. A few of our Product Managers have commented on this far more eloquently than I can, but essentially, we believe that the Windows Forms functionality in
.NET will be critical for us and for ISVs for many years to come. Visual Studio uses 7.5 million lines of managed, CLR-using code, virtually all of which uses Windows Forms for its UI today. We'll be using Winforms in our product for quite a while yet. It certainly has not been abandoned. The new stuff (I am a huge fan of WPF) is incredibly cool, and the functionality and power it provides is truly remarkable. However, no one can move over to it overnight, and we totally recognize this fact. Please let me know if you have further questions, and I will be sure to answer them to the best of my ability. -
Re:Companies vs Their Products; The Nature of Flam
"Mac" is the brand name of a product line (of computers) made by Apple. Products do not troll.
C'mon. You and everybody else knew what mfh meant. This isn't English class.Apple's OS X v. Windows XP ads are hardly trolling. It is not trolling when a company compares their product line against their competitor's in a non-subjective way.
I would agree that it's hardly trolling (depending on one's definition of "trolling"), but to say Apple is comparing "Mac" to "PC" in a "non-subjective way" is laughable.When I pull up the terminal window and type 'uptime' my Mac will return a date figure which is in months (and for a while there in years + months!) I have owned a PC running Windows XP and this was never the case.
In this case, you're comparing your Mac (hardware and software) to your Windows XP PC. Uptime depends on much more than just the OS. Bad hardware and drivers will kill the uptime of both OS X and WinXP. Running unpatched WinXP in administrator mode with the firewall turned off will also kill uptime. Sure, there are a lot more crappy PCs out there than crappy Macs (which do exist). But there are plenty of non-crappy PCs with Service Pack 2 that don't freeze or need to be rebooted regularly. I'm surprised yours isn't one of them.The iLife suite of applications, like iPhoto, iTunes, iEtc, is far better integrated, reliable and functional than any of the lifestyle applications that Microsoft bundles with Windows. So again, the point that Apple is making is legitimate.
Not legitimate, IMO. iLife is not bundled with OS X, it is bundled with new Macs and costs $79 seperately. You compared a $79 suite to whatever is included with Windows, not whatever is bundled with a new PC. Some PC companies bundle comparable software with their new PCs or make it an option. You should compare iLife (which is not free) to software bundled with a new PC, not with whatever is free with Windows.Many PC makers bundle (or offer as a cheap option) Microsoft Works Suite, which includes Word 2002, Works (basic spreadsheet, database, calendar), Digital Image Standard (iPhoto), Encarta, Money, and Streets & Trips Essentials. Every PC sold with a DVD burner is bundled with DVD creation software (iDVD) and the vast majority are also bundled with movie-making software (iMovie). Whether or not the software bundled with a particular PC is comparable to iLife (or is better) depends on the PC.
I think I agree with the rest of your comment. I just think the new Apple ads are almost as misleading as Bill O'Reilly or Michael Moore.
-
Re:Filesystem filter driver
Writing a FS filter requires the IFSKit, which is expensive and does not come with an MSDN license.
Just so you know, Microsoft dropped the price for the IFS kit from over $1000 to less than $150 including shipping ($25 for shipping a CD... wowza!) a few months ago. You can purchase it online at the IFS kit page. That's a much easier pill to swallow for a PhD investment.
-
Filesystem filter driver
A AC posted this earlier and it deserves a repost since it's the best answer I've heard so far.
To properly restrict access to files, you'll need to write a filesystem filter driver. This is how most antivirus programs work. More information here:
http://www.microsoft.com/whdc/driver/filterdrv/def ault.mspx
Writing a FS filter requires the IFSKit, which is expensive and does not come with an MSDN license. To filter network access, you would use a TDI filter driver. I don't know of any way of filtering calls to DeviceIoControl other than by hooking CreateFile and doing filtering there, unless there is a facility in the ifskit to fiter those "fake" filesystems. -
Filesystem Filter Driver
To properly restrict access to files, you'll need to write a filesystem filter driver. This is how most antivirus programs work. More information here:
http://www.microsoft.com/whdc/driver/filterdrv/def ault.mspx
Writing a FS filter requires the IFSKit, which is expensive and does not come with an MSDN license. To filter network access, you would use a TDI filter driver. I don't know of any way of filtering calls to DeviceIoControl other than by hooking CreateFile and doing filtering there, unless there is a facility in the ifskit to fiter those "fake" filesystems. -
Re:Microsoft just seems to be kind of flailing.
Have you logged bugs against the problems you've run into? If you have found migration issues between ASP.NET 1.1 and ASP.NET 2.0 that are not reflected in any of our docs, we'd like to know about it. Please let us know through our feedback portal at http://connect.microsoft.com/site/sitehome.aspx?S
i teID=210, or by posting a message on one of our ASP.NET forums -
Re:Voila
Supposedly in Vista. I can't find any real technical info, but here's the marketing blurb:
http://www.microsoft.com/technet/windowsvista/eval uate/feat/secfeat.mspx#EHF -
DropMyRights
I don't know much at all about the subject, but check out DropMyRights, by Michael Howard, a security guy at Microsoft.
DropMyRights is a very simple application to help users who must run as an administrator run applications in a much-safer context -- that of a non-administrator. It does this by taking the current user's token, removing various privileges and SIDs from the token, and then using that token to start another process...
It's basically sample code, rather than a full solution, but it might give you a starting point.
Also ask Google about the
.Net Framework's security model - in particular "code access security." From here:Code access security uses the location from which executable code is obtained and other information about the identity of code as a primary factor in determining what resources the code should have access to. This information about the identity of an assembly is called evidence... It is the responsibility of the code access security system in the runtime to map this evidence into a set of permissions, which will determine what access this code has to a number of resources such as the registry or the file system.
Cheers.
-
DropMyRights
I don't know much at all about the subject, but check out DropMyRights, by Michael Howard, a security guy at Microsoft.
DropMyRights is a very simple application to help users who must run as an administrator run applications in a much-safer context -- that of a non-administrator. It does this by taking the current user's token, removing various privileges and SIDs from the token, and then using that token to start another process...
It's basically sample code, rather than a full solution, but it might give you a starting point.
Also ask Google about the
.Net Framework's security model - in particular "code access security." From here:Code access security uses the location from which executable code is obtained and other information about the identity of code as a primary factor in determining what resources the code should have access to. This information about the identity of an assembly is called evidence... It is the responsibility of the code access security system in the runtime to map this evidence into a set of permissions, which will determine what access this code has to a number of resources such as the registry or the file system.
Cheers.
-
VoilaHere are some that my help you get started:
SANS Top 20 (worth reading)
Windows Server 2003 Security Guide
Overview of the Windows 2003 Server
You can migrate some of the administrative tools under Windows 2003 SMB server over to XP. But I'm under the assumption you're looking at things from a server perspective. As for firewalls, etc., you have to define if you want a true firewall as opposed to relying on Windows' shabby firewall. If so then I suggest you take a look at Juniper's Netscreen Elite 5X if you're a small business. I mention this instead of Checkpoint or others since I have used many and my best recommendation would be the Netscreen. This comes via way of having to migrate a slew of Checkpoint's along with Rainwall for management to Netscreen. Things were so shoddy with Checkpoint's IPSO, even Checkpoint wouldn't support the financial institute I was doing work for. This forced us to rethink our tools and after months worth of tiger team testing, we went with Juniper. -
VoilaHere are some that my help you get started:
SANS Top 20 (worth reading)
Windows Server 2003 Security Guide
Overview of the Windows 2003 Server
You can migrate some of the administrative tools under Windows 2003 SMB server over to XP. But I'm under the assumption you're looking at things from a server perspective. As for firewalls, etc., you have to define if you want a true firewall as opposed to relying on Windows' shabby firewall. If so then I suggest you take a look at Juniper's Netscreen Elite 5X if you're a small business. I mention this instead of Checkpoint or others since I have used many and my best recommendation would be the Netscreen. This comes via way of having to migrate a slew of Checkpoint's along with Rainwall for management to Netscreen. Things were so shoddy with Checkpoint's IPSO, even Checkpoint wouldn't support the financial institute I was doing work for. This forced us to rethink our tools and after months worth of tiger team testing, we went with Juniper. -
VoilaHere are some that my help you get started:
SANS Top 20 (worth reading)
Windows Server 2003 Security Guide
Overview of the Windows 2003 Server
You can migrate some of the administrative tools under Windows 2003 SMB server over to XP. But I'm under the assumption you're looking at things from a server perspective. As for firewalls, etc., you have to define if you want a true firewall as opposed to relying on Windows' shabby firewall. If so then I suggest you take a look at Juniper's Netscreen Elite 5X if you're a small business. I mention this instead of Checkpoint or others since I have used many and my best recommendation would be the Netscreen. This comes via way of having to migrate a slew of Checkpoint's along with Rainwall for management to Netscreen. Things were so shoddy with Checkpoint's IPSO, even Checkpoint wouldn't support the financial institute I was doing work for. This forced us to rethink our tools and after months worth of tiger team testing, we went with Juniper. -
Re:This could represent a step forward
The search at the MSDN is nearly useless.
Not just the search, even if you know where on MSDN to find the information you are looking for, it is next to impossible to navigate. Clicking on "Platform SDK" in this list of topics takes you to some legal bullshit page in the preface for that manual, with no interesting child nodes and seemingly no way out other than the back button. Until one day you figure out by accident that clicking the "Up One Level" link takes you not back to the main list of topics, but to the table of contents for the Platform SDK manual.
-
Re:This could represent a step forward
It's pretty much acknowledged that MSDN's search is awful, hence them changing it. You can test drive the new version and feed back comments onto the search blog (even if they can't get the ratings on blog posts done correctly!).
-
Re:Cool Aid
Soma is not a random blogger, he is the VP of developer division. How did this get modded insightful?
-
Re:Microsoft just seems to be kind of flailing.
I think you mean version 1.1 of the
.NET Framework, not 1.3. Also, we published a very detailed list of breaking changes from 1.1 to 2.0 on MSDN. We never take a breaking change lightly, every single one of these would have been reviewed with a great deal of scrutiny to ensure that we really were doing the right thing under the circumstances.With regard to
.NET 3.0 (no longer WinFX 3.0), it's the next version of the .NET Framework. As a result, it includes new features, like WPF (Avalon), WCF (Indigo), and a ton of other cool, new things. This is merely a marketing change, no more. -
Re:Ooops, Antitrust
This looks like it would be a royal pain to read and write, or to write software capable of reading or writing it. In fact, I seem to remember a simple PDF is quite a bit easier, but perhaps that's just because I didn't use any of the complex features it has.
I would argue that XPS is easier since I can manually modify it by unzipping, modifying the constituent files (XML, images, fonts), then rezipping. Please correct me if I'm wrong, but with PDF I believe at least a reader/writer program is required; the format is not human readable.
The one complex feature I see with your Glyphs example is Indices, which describes the individual glyphs required to render the string, as well as spacing between glyphs. Indices and StyleSimulations are optional, so the remaining attributes are quite simple. FontUri may look scary but remember that XPS is really a ZIP file in disquise; you could have a FontUri of "myfont.ttf" if you were so inclined. Thus, Glyphs can be as simple as:
<Glyphs Fill="#ff000000" FontUri="myfont.ttf" FontRenderingEmSize="10.7" OriginX="144" OriginY="123.84" UnicodeString="centers. A stroke with a width of 0 is treated in the same manner."/>
Furthermore, Windows Presentation Foundation provides all the necessary APIs to generate XPS documents. You never have to deal with the XML or ZIP file. And hopefully as you can see from my example, writing your own code to handle all this won't be as difficult as you make it sound.
I notice that it's unusual XML in that the parameters and text are all within the angle brackets. That means normal XML readers are going to have a hard time with it, which I suspect was the idea. This is not in the open standard spirit, is it?
Your comment is simply bizarre. XML allows 0 or more attributes in an element, so any XML reader that can't read that is non-standard. Plus the XML format is XAML; you could move all the attributes to elements if you wanted:
<Glyphs>
<Glyphs.Fill>#ff000000</Glyphs.Fill>
<Glyphs.FontUri>/Documents/1/Resources/Fonts/CA78F 0B5-
3077-43A2-8AC0-53671B1EB57C.odttf</Glyphs.Fo ntUri>
<Glyphs.FontRenderingEmSize>10.6997</Glyphs.FontRe nderingEmSize>
<Glyphs.StyleSimulations>None</Glyphs.StyleSimulat ions>
<Glyphs.OriginX>144</Glyphs.OriginX>
<Glyphs.OriginY>123.84</Glyphs.OriginY>
<Glyphs.Indices>70;72;81;87;72,59;85;86,53;17;3 ,34;36;3,34;86,53;87;85,41;82;78,60;72,59;3;90,83; 76,26;87;75;3;68,58;3,36;90;76 ;71,63;87,38;75,62;3,36;82,59;73,36;3;19;3,36;76;8 6,50;3,36;87;85;72;68;87;72,58 ;71,63;3;76;81,61;3,36;87;75,62;72;3,36;86;68;80,9 6;72,59;3,36;80,96;68;81,62;81 ;72;85;17;3,34</Glyphs.Indices>
<Glyphs.UnicodeString>centers. A stroke with a width of 0 is treated in
the same manner. "</Glyphs.UnicodeString>
</Glyphs> -
Re:Quick Question
Perhaps this could help you.
How To Enable Application Compatibility-Mode Technology in Windows 2000 SP2 and SP3 -
Installation Blues for VISTA - Error 80070017
After great difficulty I downloaded Vista from microsoft site. This is my first mistake. Then I tried to install over my XP machine. Always it got stuck at 95% of copying files. Read the msdn forums AFTER numerous tries, got answer I am not alone. My suggestion to novice users like me to wait for stable version. It is waste of times and source of frustation. http://forums.microsoft.com/MSDN/ShowPost.aspx?Po
s tID=458904&SiteID=1 -
Firefox gives longer support than Microsoft
Does anybody else find it ironic that Firefox is going to be offering longer support for Windows 98 than Microsoft? In case you missed it
/. had a story Thursday about how Firefox was going to drop pre-2000 Windows support in version 3.0, and the earliest possible date for that is at least a year from now. The Microsoft lifecycle info says that support for Win 98 is gone as of June 11, 2006, but online self-help will be available at least until July 10, 2007. You do the math. -
Re:Ooops, Antitrust
The specification is available here. Keep in mind that I am very much not a lawyer. I can't (and shouldn't) answer any questions about what the license means.
-
Re:do they count my server?
Most bussinesses get the no OS or the freedos and just wipe and install linux or windows. A good IT department has a blanket license anyway to prevent an audit by the BSA.
Windows volume licenses are not full licenses. I.e. you must already possess a full version of Windows, be it retail or OEM. The applicable text from the link:Note: It's important to understand that Volume License Agreements do not cover the full windows operating system; Volume Licensing provides for Windows OS upgrades only. Customers must first have a qualifying underlying operating system license before installing Volume License software on their computers.
Synopsis: if you buy a PC with no OS and install a Microsoft volume license on it, you are in violation of the license and can be sued by Microsoft/BSA and/or automagically be deactivated in the next few iterations of WGA. (in general; there's a small chance that your legal department wrangled a special license I have no way of knowing about and this isn't applicable to you)
-
Re:What we do, and how it scales...
I concur with the parent as far as building unattended installs goes:
a few resources (some of which were mentioned earlier):
MSFN.org
nlite
BartPE
Technet XP Deployment ref
Disclaimer: Scan anything you download thoroughly for viruses. The worst thing you could do is inject a vulnerability in your image framework.
If you are in the position to need to reload your systems for any reason remotely I would suggest using a PXE deployment solution of some kind. Ghost/Altiris both provide good PXE and post-install config utilities. We use altiris and deploy our images through PXE. This allows for imaging in place after the fact, something that we try do semi-anually.
Every major vendor provides UNDI-Driver capable on-board nics now-a-days, so the headache of PXE (nic specific) boot images is pretty much a thing of the past (unless you were one of the saps who bought the Gateway E-4300s.)
There's something about booting to your nic, loading an image on a station in 8 minutes and monitoring the unattended install from a remote TS console miles away from the station you're reloading. -
Re:Quick Question
IE 6 doesn't run on Win98.
Not according to this:
http://www.microsoft.com/downloads/ -
NVIDIA?
Pardon my ignorance, but could someone enlighten me as to why an NVIDIA graphics driver would require the use of netbios port 139?
For customers who have already applied the update and are experiencing the problem related to the older Hewlett Packard Share-to-Web software, or older NVIDIA drivers prior to or including version 61.94, the revised update will be available through Windows Update and Microsoft Update. The targeted re-release will be automatically delivered to affected computers through Automatic Update if it has been enabled. The re-release will not be distributed to non-affected computers. huh?
HP Share-to-Web I can understand, but graphics card drivers? -
Re:not feasible?> What? Microsoft can't write a simple packetfilter for windows98? I'm quite sure others have.
Funny part is that the exploit isn't as critical as it sounds.
From TFBulletin, "An attacker would need to convince a user to visit a Web site that could force a connection to a remote file server." It also looks like the way to make the exploit work would require Javashit and/or ActiveX being enabled on the victim's machine, and the web browser in question being IE. Filtering TCP port 139 is listed as a workaround.
In other words, it's like most other exploits: It requires the user to do Something Stupid first. A Win9x user running Firefox, and doing so from behind a firewall, can rest easy.
-
Re:So...
-
Re:My thoughts...
Mainly, it does not work in my WPA2-Enterprise (WPA2 + AES + RADIUS) wireless network running at my home. Vista would send the proper authentication information and the Microsoft IAS RADIUS server (running on Win2k3) would grant access (confirmed via logs) but Vista would not grab an IP address. Statically setting an IP also failed to provide network access. I had to pull out an old WEP access point and finally Vista worked wirelessly. Due to WEP's insecurity, I have resorted to having to use the built in gigabit ethernet. Albeit that most of the public doesn't have as an elaborate of a set up at home, but I'm surprised that this is borked in Beta 2.
Try posting to the beta newsgroups for assistance or check out this Web chat on June 19:
Using Internet Authentication Service in a wireless or/and VPN deployment -
Microsoft offers discounted licensing for virtual
Actually Microsoft does offer breaks on licensing. Specifically, run Virtual Server on Windows 2003 Enterprise, and you can run 4 virtual instances of Windows 2003 Enterprise with no additional licensing fees.
Paul
From http://www.microsoft.com/presspass/features/2005/o ct05/10-10virtualizationlicensing.mspx
First, we are licensing by running instance, which is to say the number of images, installations and/or copies of the original software stored on a local or storage network. Instead of licensing every inactive or stored virtual instance of a Windows Server System product, customers can now create and store an unlimited number of instances, including those for back-up and recovery, and only pay for the maximum number of running instances at any given time. Second, we are providing easier deployment across servers. Customers can now move active instances from one licensed server to another licensed server without limitation, as long as the physical server is licensed for that same product. So, customers will now be able to store a set of instances on a storage network and deploy any instance to a rack server or blade server that has an available license for that server software. Third, we are providing customers with greater flexibility with Windows Server System products that are currently licensed by processor, such as Microsoft SQL Server, BizTalk Server, Internet Security Accelerator Server and others. Customers can now stack multiple virtual instances on a machine by licensing for the number of virtual processors being used, rather than for all of the physical processors on the server. Lastly, we recognize customers are using virtualization to consolidate servers. Therefore, we now have a policy for Windows Server 2003 R2 Enterprise Edition that allows customers to run up to four running virtual instances on one server at no additional cost. And we'll go further with the Datacenter Edition of Windows Server "Longhorn," the code name for the next version of Windows Server, by allowing customers to run unlimited virtual instances on one server at no additional charge -
Re:This happened to my moms computer yesterdayWell, then, it's a good thing you can still get critical updates without WGA.
Excerpt:
Note The Automatic Updates feature is not affected by the WGA validation check. Therefore, you can use the Automatic Updates feature to make sure that you receive critical Windows updates.
Note that this does mean you can't go to the Windows Update site, but must use the automatic updates. There are a couple of 3rd party tools which can get these critical updates as well.
Don't get me wrong, I still think WGA is a PITA and a bad idea.
-
Re:Nothing Can Beat a Good Editor
offtopic=100%
it sucks that windows doesn't use symlinks though
It comes with vista:
http://msdn.microsoft.com/library/default.asp?url= /library/en-us/fileio/fs/symbolic_links.asp
http://blogs.msdn.com/junfeng/archive/2006/04/15/5 76568.aspx
just another small tiny step towards compatability. or just another argument that unix is superior. -
Re:The word from Microsoft on autorun for nerdsticAccording to this webpage you can get USB Flashdrives to autorun. In fact, the program to make it happen is called Microsoft USB Flash Drive Manager.
You can configure USB Flash Drive Manager to copy files to and from flash drives; create images of the flash drives for backup purposes (by default, the images are placed in your My Documents folder in a USB Flash Drive Backup subfolder); configure autorun capabilities on a flash drive; and enable wireless configuration settings to be stored on a flash drive.
Microsoft posted an article on how to disable the autorun feature from removable drives. The problem however is that it requires the drive to be installed first. Kinda pointless as it would be too late once you've connected the device for the first time. -
Re:The word from Microsoft on autorun for nerdsticAccording to this webpage you can get USB Flashdrives to autorun. In fact, the program to make it happen is called Microsoft USB Flash Drive Manager.
You can configure USB Flash Drive Manager to copy files to and from flash drives; create images of the flash drives for backup purposes (by default, the images are placed in your My Documents folder in a USB Flash Drive Backup subfolder); configure autorun capabilities on a flash drive; and enable wireless configuration settings to be stored on a flash drive.
Microsoft posted an article on how to disable the autorun feature from removable drives. The problem however is that it requires the drive to be installed first. Kinda pointless as it would be too late once you've connected the device for the first time.