Slashdot Mirror

http://www.microsoft.com/en-gb...

You might want to cite some reference for you position.

Make sure to include references where they're also operating in separate countries.

http://www.microsoft.com/en-gb...

docx
doc

If they're laying off mostly non-programmers (i.e. "overhead"), but are still hiring for programming positions, then this would make sense. If not, then it's pretty inexcusable. In either case, someone should have known that at the very least, this would end up looking really bad for them.

Regardless, the fact that the e-mail describing the layoffs actually used the word "synergies" three times told me all I needed to know about the new CEO. Someone in touch with today's culture would never have used that word unless he was mocking another company for using it. Even when using business buzzwords, Microsoft is still about five years behind the times.

That's kind of like the Microsoft Windows Experience Index that is provided by Windows Vista / Windows 7 which gives a score based on CPU, RAM, GPU, and hard disk speed. Not entirely useful but gives beta-level nerds something to talk about at the water cooler.
http://windows.microsoft.com/e...

At work my desktop computer is a Pentium E6300 with a 6.3 rating on the CPU and an overall 4.8 rating due to the crappy graphics chipset.
At work my laptop computer is an i3-2010M with a 6.4 rating on the CPU and an overall 4.6 rating due to the crappy graphics chipset.

A compression algorithm rated by speed and compression ability would have to weight the speed vs. the compression, right?

>"I can take my Office Lens App, use the camera on the phone, take a picture of anything, and have it automatically OCR recognized and into OneNote in searchable fashion."

Ha, let him try that with a Surface Pro 3!
see answers.microsoft.com for more info on how the SP3 has a fixed focus lens that can't take a readable picture of a page of text.

Though I do recognize that he specifically said "phone".

Actually Visual Studio has Makefile support. :)

Well, I found Server Core, but it looks like it has all the disadvantages of a GUI, and doesn't even support all Windows Server features:
http://msdn.microsoft.com/en-u...

It still requires RDP, still requires running a graphical server (though not full desktop), and won't run Powershell since it won't run .NET.

Well, we tried!

They have this compatibility pack which proclaims it gives the ability to open newer format files in older versions of office; not sure as to its success level: Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint File Formats.

I haven't used it for Office 2000, but did have it deployed for years for Office 2003. In general it works, but those new features and changes that require a new year version have their toll. The newer files will open up in compatible versions and the original can't be edited and saved in the new format. Sometimes formatting might change or bigger problems. Typically if you are reading or dealing with occasional later version files , it will get you through in most cases. Sometimes, you might have to ask for a saved back version from the original sender to get all information. However between two groups collaborating, it would typically be a constant pain only resolved by upgrading or saving everything at a lower version.

There were some significant changes to the kernel between NT 3.51 and 4.0. One major one that comes to mind is the moving of graphics drivers into kernel mode to aid GDI performance (See this TechNet article).

They have this compatibility pack which proclaims it gives the ability to open newer format files in older versions of office; not sure as to its success level: Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint File Formats.

in MS you don't have a compiler

Compiler command line info
Linker command line info
Makefile info

Similar info is available for managed code as well, and continuous build systems work just fine with Microsoft products using the command line.

in MS you don't have a compiler

Compiler command line info
Linker command line info
Makefile info

Similar info is available for managed code as well, and continuous build systems work just fine with Microsoft products using the command line.

in MS you don't have a compiler

Compiler command line info
Linker command line info
Makefile info

Similar info is available for managed code as well, and continuous build systems work just fine with Microsoft products using the command line.

I went here: http://www.microsoft.com/inves...

They have a nice little drop-down to select year/quarter and links to financial statements...it's all right there

My problem is I don't know how to read this MBA/budget speak...

I looked at 2009, their xls "financials" info...Q4...

Saw the breakout by sector tab, but the categories were type of services (servers, 'client', etc) but couldn't see where there was a "Public Sector" or anything similar...couldn't find a category for type of client.

Also, I"m a bit miffed that my GP post was labeled "troll"...seriously...not trolling...trying to find out info here that we all, in our industry, should have some idea of...

If I convert my application and CV to .doc or .docx the formatting will be all wrong ...

Did you actually try that? On windows you can use free .doc viewer to verify how will word render your document. I believe that the mess will be comparable to mess created just by using a different version of MS office. I.e. not significant.

That might be true if the application is using the OS provided network stack, e.g. with DnsQuery. However AFAIK nothing prevents an application to bring its own DNS stack which queries external DNS, ignoring the host file. Does the OS block outgoing requests on port 53?
And, as I've said before, the DNS in TOR doesn't use the OS provided DNS. It uses its own one.
Blocking the C&C perhaps stops communication to the hq, but that doesn't help when the virus is written to first encrypt the HDD and then wait for further commands from C&C.

Microsoft's Virtual Address Space (Windows) page claims that it is 8 terabytes (with a special feature to allocate just a full 2 gigabyte chunk).

These tablets are trying to get into the same market that netbooks once occupied. We all know what happened to those...

Yeah, they were gone in 2013, but in 2014, Microsoft's OEM partners brought them back when it wanted to paint Chromebook users as having been Scroogled.

It seems to me that anyone who says this, I synthesized our strategic direction..., is utterly incompetent at coordinating a large group. That is unthinking corporate-speak. It communicates non-verbally that he has no understanding of what is needed.

More:

"... realign our workforce..."

"... work toward synergies and strategic alignment..."

"... drive greater accountability..."

"... become more agile and move faster."

"... fewer layers of management, both top down and sideways, ..."

"... flattening organizations..."

"... increasing the span of control of people managers."

"... our business processes and support models will be more lean and efficient with greater trust between teams."
Comment: Corporate-speak does not build trust, it destroys trust.

"... more productive, impactful teams..."

"Each organization is starting at different points and moving at different paces."
Comment: That is utterly obvious.

"We will realize the synergies..."

"... align to Microsoft's strategic direction."

"... we will focus on breakthrough innovation that expresses and enlivens..."

"... builds on our success in the affordable smartphone space..."

"... aligns with our focus..."

I'm very interested in the sociology of this. My understanding is that the Microsoft board of directors is utterly incompetent, has little understanding of technology, and merely chose the person to be CEO who was consistently most pleasant and ingratiating.

A competent CEO would not announce a huge advancement until it was already accomplished.

The sweeping changes Satya Nadella is announcing require huge amounts of research and understanding. It is simply not possible to accomplish successfully a re-organization of a huge company as though it were one action.

A competent top coordinator would announce a little at a time and provide meaningful and detailed explanation about why each change was necessary, and how decisions were made.

A competent top coordinator would make it clear that much of the wisdom of ideas about changes came from other people inside the company.

My opinions.

The reason why I don't have one is because of the processor. I'm still clinging to my 5 year old x200T despite the fact that it runs hot, is heavy, and has a 35w TDP processor (more than modern mobile GPU/CPU/APUs use combined) because when push comes to shove, content creation on an atom processor is a joke.

They could have been the cheap alternative to a cintaq, or the road-warrior-note-taker's dream, but I wouldn't try to run any scripts or plugins. I wonder if it'll even run the latest version of onenote smoothly. (not that you would want to use the current version's tragedy of an interface)

That's not even getting into the fact that windows 8 officially dropped digitizer/pen support (I tried to find the press release to this, but I think they pulled it when they announced the surface, this is the best I could find) microsoft.com

A gimped device, with half-assed pen support, of course they don't sell.

In the meantime, USB was everywhere on PCs. It just wasn't forced down everyone's throats.

USB CONNECTORS were everywhere on PC MOTHERBOARDS and even though the Windows OS theoretically had USB support since Windows 95 R2 ("OSR2") Service Release 2.1 came out in 8/96, virtually NOTHING was available to use it, and when someone named Bill Gates stood up at COMDEX in 1998 and tried to actually USE the USB support in Windows 98... well, we all know how THAT turned out...

While it is true that Apple didn't "invent" USB (that prize goes mostly to Intel, which is why the CONNECTORS appeared on Wintel mobos for nearly FOUR years before Windows users could actually do anything with them), but the instantaneous and huge popularity of the iMac certainly catapulted USB into the mainstream in a helluva hurry!

US DOJ subpoena the US parent bank for "contents of safety deposit boxes 1 through 2000 from your London branch"
- Bank says "our UK subsidiary is not permitted in law to do that just on our instruction"

I agree your analogy is better. And I'm going to say that under USA law the US parent company is obligated to compel the UK subsidiary to search the 2000 safety deposit boxes. If the US company can get to X, even if the UK subsidiary would prefer not get to X, they must.

US DOJ can serve the UK subsidiary in the correct jurisdiction

Can is not the issue. The issue is whether they have to or they can just interact with the parent company.

MS can't actually just change the policies because they are written into contracts

The contract is pretty clear, "We will not disclose Customer Data to a third party (including law enforcement, other government entity, or civil litigant; excluding our subcontractors) except as you direct or unless required by law. Should a third party contact us with a demand for Customer Data, we will attempt to redirect the third party to request it directly from you. As part of that, we may provide your basic contact information to the third party. If compelled to disclose Customer Data to a third party, we will use commercially reasonable efforts to notify you in advance of a disclosure unless legally prohibited." They couldn't be more clear that they intend to comply with laws. They have an entire set of pages where they track these disclosures: http://www.microsoft.com/about...

If you read the contract (too long) about non-tranference of data Azure is crystal clear that the regulatory authority is the U.S. Department of Commerce. They have the final say on what data can and should move where. Microsoft is ultimately a Washington State corporation. The laws governing Azure are whatever the State of Washington wants the laws governing Azure to be. You cannot have contractual provisions to commit crimes or refuse to comply with valid orders under American law.

Even if Microsoft had ever signed a contract that they wouldn't comply with a US court that clause would legally be null. They don't have to rewrite the contracts they those (hypothetical clauses) don't legally exist. Any contract with Microsoft (global) is under USA law. USA law doesn't consider complying with a court order to be a breach of contract ever. Companies have tried to claim that it still is a breach and have gotten their heads handed to them for it. If Microsoft were sued for breach of contract for obeying a court order the person suing would likely end up paying damages to Microsoft for daring to bring such a suit.

What you want to achieve regarding EU privacy cannot be achieved with a USA company under US law. The USA will never consider laws of foreign powers to be coequal to USA laws. You may not like that, but that is USA law. You want a data center provider that is not subject to USA law you are going to have to go with someone like Interxion, Microsoft is not an option.

You asked WHY it's allowed & my post on DCOM using it maliciously (via RPC for exploits to marshall lib code into action remotely) appears "spot on" per my last post http://yro.slashdot.org/commen... per -> Metasploit Framework, Part 2 http://www.symantec.com/connec...

PERTINENT QUOTE/EXCERPT:

"Now we will describe the procedure to select a specific exploit and then run it. The command use exploit_name activates the exploit environment for the exploit exploit_name. If you select the Microsoft RPC DCOM MSO3-026 exploit using the name msrpc_dcom_ms03_026, you may have noticed the prompt changes from msf> to msf msrpc_dcom_ms03_026 >. This notifies that we are working in the temporary environment of that exploit."

See this http://support.microsoft.com/k... & THIS excerpt from it (which Metasploit above IS using):

"Microsoft originally released this bulletin and patch on July 16, 2003, to correct a security vulnerability in a Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface. The patch was and still is effective in eliminating the security vulnerability. However, the "mitigating factors" and "workarounds" discussions in the original security bulletin did not clearly identify all the ports by which the vulnerability could potentially be exploited. Microsoft has updated this bulletin to more clearly enumerate the ports over which RPC services can be invoked and to make sure that customers who choose to implement a workaround before installing the patch have the information that they must have to protect their systems. Customers who have already installed the patch are protected from attempts to exploit this vulnerability and do not have to take further action. Remote Procedure Call (RPC) is a protocol that is used by the Windows operating system. RPC provides an inter-process communication mechanism that allows a program that is running on one computer to seamlessly run code on a remote computer. The protocol itself is derived from the Open Software Foundation (OSF) RPC protocol. The RPC protocol that is used by Windows includes some additional Microsoft-specific extensions. There is a vulnerability in the part of RPC that deals with message exchange over TCP/IP. The failure results because of incorrect handling of malformed messages. This particular vulnerability affects a Distributed Component Object Model (DCOM) interface with RPC, which listens on RPC-enabled ports. This interface handles DCOM object activation requests that are sent by client machines (for example, Universal Naming Convention [UNC] path requests) to the server. An attacker who successfully exploited this vulnerability would be able to run code with Local System privileges on an affected system. The attacker would be able to take any action on the system, including installing programs, viewing data, changing data, deleting data, or creating new accounts with full privileges.
To exploit this vulnerability, an attacker would have to send a specially formed request to the remote computer on specific RPC ports."

So, even though I was operating on "theory only" I was pretty much "dead on right" as to HOW remote exploits can use it to inject in REMOTED code via RPC (which dcom uses, since it's "lighter weight" than other methods...)

APK

P.S.=> "Pats self on back" - not too shabby, for operating on theory alone here, regarding HOW remote exploits could use it using DCOM to "inject" dll code into a process from another completely REMOTE system no less (minus even having it around locally, which is in & of itself, pretty spooky)... apk

You're forgetting that mobile devices need a complement to be useful: mobile services. Many of the services that we know and love-- and the many more coming down the pipeline-- all need massive amounts of computation. And the trend right now is toward more and more computation. For example, Skype (not exactly a failure) requires massive cloud resources, and the forthcoming Skype Translator will require a neural net behind the scenes.

I don't think your feelings about Windows Server contradict my point: Microsoft is moving into a software-as-a-service model. It shouldn't be surprising that you want to ditch the old model. In many ways, it doesn't matter if you don't use Microsoft handheld devices; if you do things on the Internet, you almost certainly use their cloud services. And if anything can be learned from Apple's example, it's that rapid innovation can happen when you have the capability to vertically integrate. There are really only three players out there right now that can do that: Apple, Google, and Microsoft. I think it would be silly to call any one of those companies irrelevant.

I keep the following quote pinned in Google Keep to remind myself of what happens when corporate communications becomes completely divorced from reality:

In other words, better execution and innovation through strategy and goal and discipline and engineering coherence.

From the previous Microsoft CEO. Nice to see that Ballmer's ghostwriters are still with the company.

Perhaps more to the point,

http://apps.microsoft.com/wind...

tells us to "Get Windows 8.1 to run this app"

There are research papers on the subject of finding the best path, it isn't exactly simple.
Take a look at what Microsoft has done for Bing Maps for example:
http://research.microsoft.com/...

Do you lie a lot? I think you do.

http://msdn.microsoft.com/en-u...

when they had Microsoft TerraServer running on those sweet DEC Alpha's back in 1998. Instead of launching a new and exciting mapping service, they just settled for a minor showcase for SQL Server 7 with a database greater than 1TB.

Talk about a company with zero vision.

Deleting an entry from the auto-complete list in Outlook is very simple. http://office.microsoft.com/en...

A real programmer runs away at the thought of having to parse the Office file format. Have you looked at it? The fact that the document itself is 90 MB (zipped) should tell you something.

Use C++ and CppCMS: http://cppcms.com/

You get the benefits of a real programming language, not just a toy like Ruby, Perl, JS or Go. The code is checked by the compiler, you can compile it to run just about everywhere, and the compiled binaries are FAST. You don't need 10x or 20x the servers just because you're using an interpreted language that's really fucking slow.

And if you aren't a dumbass, you'll use the Modern C++ way. You will reduce your risk of security holes to a minimum, while getting a very efficient language to program with. Unlike Go, you'll get real OO if you need it, and real support for templates.

C++ is for those serious programmers who want to get real work done, and who don't have time to waste with overhyped crap.

I take that you mean gadgets. There's nothing terribly mysterious about it, they were discontinued for not having proper security.

I take that you mean gadgets. There's nothing terribly mysterious about it, they were discontinued for not having proper security.

You do realize that MS Office is pretty much the standard, and that there are alternatives such as OpenOffice or LibreOffice that can read and edit those documents, right? And Microsoft also offers the Microsoft Office Compatibility Pack for holdouts like you with ancient systems. Well, at least the tech savvy ones who can install a free program off the internet and not the ones who expect everyone else to move backwards or stay in the stone age because they refuse to move forward. And as for RTF, WTF? RTF is garbage and there's a reason no one who wants to be taken seriously uses it.

I wonder if FreeDOS can run in virtual machine. Oh Google...

Yes, you can run FreeDOS in a VM! I usually recommend installing FreeDOS in a VM, especially if you don't plan to commit that computer to FreeDOS full-time. For Windows, I think most people prefer QEMU or VMWare or VirtualPC. On my Linux laptop, I run DOSemu.

The end of life for Windows 7 is not until January 14, 2020. Windows 7 is working OK for me.

Linux is working better than OK for me.
Why in the world would I want to give Microsoft money?

.
Why in the world would I want to give Microsoft more money just to stay on the Microsoft Upgrade Treadmill©?

I do, but I learned to code on ultrasparcs in the computer lab, so vim was about all that would run. I probably never gave emacs a fair shake in later days, but I never saw a compelling reason to switch and enjoy the benefits of vim (I'm a minimalist at heart). I almost always have an instance of gvim running for quick data manipulation beside visual studios in my daily grind, in addition to the vsvim plugin for visual studios. Age 33.

Well companies can do much more to improve on that front though.
1. Architect the product, not just build it. All too often the focus is on meeting business objectives and security is added later. An product that was well thought-out and designed handles security as part of the core design as well as the business objectives.

This. Also, be sure to include threat modeling https://www.owasp.org/index.ph... as part of the architecture. Microsoft actually has a pretty good (free) stand-alone tool that you might want to check out: http://www.microsoft.com/en-us....

And here I was hoping Micros would merge with Oft Dynamics.

If you really want to code games, stick to what most people in the industry use - C++.

While I agree with you, because C# is too high-level for game programming, Microsoft just released a native C# compiler:
http://msdn.microsoft.com/en-U...
This should provide performance almost equivalent to C++.

Microsoft has been doing Python for over 3 years now. A lot of people "expected them to take it, then try to claim it, and then when they can't, try to make their own, and drag everyone away from it", but it hasn't materialized yet.

Have you considered that your preconceived notions of Microsoft are a decade old, and it's might be a different company run by different people by now? Or that there's no business purpose in anything beyond "embrace", if you can just use it as a selling point to sell a product to people who don't care about all-MS top-to-bottom stack, as has been increasingly common in the last ten years?

Bizarrely, listed separately, is Internet Explorer 11 for Windows 7. IE11 runs on Win 7, Win 8.1, and Windows Server 2008 R2. That's 56% per the above figures, a far cry from 6%! Also, another 6% can freely upgrade (from 8 to 8.1) to a supported version. Note the 25% of users on Windows XP have no security updates, and the 6% on Windows 8 have until 1 December 2016 to upgrade to 8.1 (or later) to continue receiving security updates.

Left the company? How about you pay attention. He didn't go anywhere. He stepped down as chairman of the board, and is taking a much more hands on approach, his new title (february 8th, 4 days after he 'stepped down') is "Founder and Technology Adviser" (to directly advise the new CEO). In his own words, he will be "substantially increasing time at Microsoft" in his new role. http://www.microsoft.com/en-us...

A list of patents like this? http://www.microsoft.com/en-us...

I think we will see more programs like Microsoft TEALS where an engineer partners with a local school teacher to teach computer science. A lot of companies such as HP allow you to count a certain amount of volunteer hours as working hours i.e. you're getting paid to volunteer!. If the local companies start jumping on board then we will see progress before people start retiring. Google's also offering this program CS4HS to train educators.

If you want to get around BitLocker, you don't bother exploiting BitLocker, you just install a kernel driver that filters ALL read/writes to volumes, this would be just as effective against TrueCrypt as it is against BitLocker.

On Windows you don't even need to do that. Detours gives you the ability to intercept any API call you'd like. Hook the appropriate file I/O calls, and you're done, no compromised drivers needed. Of course, there are ways to determine that the calls have been detoured, but there's practically no software in common use that does this.

Forget about moving Windows off NTFS.

Microsoft haven't. I guess they realized that software actually used alternate data streams, so they had to add them back to ReFS, although only "up to 128K for both Windows 8.1 and Windows Server 2012 R2", so they're more like "big extended attributes" than full alternate data streams.