Slashdot Mirror

I can well believe there are differences in battery performance between the OSes but we need someone to sit down with programs performing exactly the same operations on base configurations of all the OSes and then report the results. Saying they vary is one thing but far more interesting is to know why. Is it the drivers, is it the scheduler, is it the kernel, is it a better userspace or is it some combination of all of them?

My understanding is that both Linux and Windows supported timer coalescing before OS X. Linux had a tickless kernel. OS X's XNU kernel is allegedly tickless but I can't find out when this change actually took place. As for Windows it's not clear - my understanding is that Windows 8 is tickless but I can't find a clear reference only one that says Windows 8 idles more than Windows 7 so perhaps it has dynamic ticks and hence can be tickless. That last link seems to suggest that Microsoft have put a large amount of effort into trying to make Windows more battery friendly...

In addition to the above, Windows has a huge number of energy saving features: Idle detection that can control things like what processes are allowed to start, Windows 8 store apps use a "only focussed app runs" model unless it's a background task, USB suspend (Windows 7), adjustable tick rate (Windows 2000) (Windows seems to suffer from programs that push for higher resolution ticks though). It would be nice to know whether all these things are having an impact.

One of the things I noticed on OS X 10.8 though is that when the battery is near to depletion it seems to force the CPU to run at a slower rate until the machine power goes out completely. I don't know the other OSes do this or whether it's a positive impact but it could impact on results that purely go on time rather than amount of work done.

Again, someone ran into the halting problem and thought they could say something profound about it. Worse, they got tangled up with "free will", which is theology, not physics or compute science.

A deterministic machine with finite memory must either repeat a state or halt. The halting problem applies only to infinite-memory machines. A halting problem for a finite program can be made very hard, even arbitrarily hard, but not infinitely hard.

As a practical matter, there's a widely used program that tries to solve the halting problem by formal means - the Microsoft Static Driver Verifier. Every signed driver for Windows 7 and later has been through that verifier, which attempts to formally prove that the driver will not infinitely loop, break the system memory model with a bad pointer, or incorrectly call a driver-level API. In other words, it is trying to prove that the driver won't screw up the rest of the OS kernel. This is a real proof of correctness system in widespread use.

The verifier reports Pass, Fail, or Inconclusive. Inconclusive is reported if the verifier runs out of time or memory space. That's usually an indication that the driver's logic is a mess. If you're getting close to undecidability in a device driver, it's not a good thing.

Try using something like Process Explorer, which lists CPU usage much more thoroughly than the default task manager.

A lot of processes (especially Microsoft software) launched under SVCHOST.EXE never show up in the Windows Task Manager, so you see oddities such as 100% CPU usage but if you add up individual process use, it only comes to 5-10%. Process Explorer gives you a much more accurate picture of what is using your CPU.

Various Windows Update related processes seem to be the biggest culprit. The MS Security Essentials updater can hit the CPU pretty hard too.

Yeah, that's great, except that in the real world apps like Gmail have to support all kinds of wacky browsers, including old ones that get kicked to "legacy" UIs, mobile browsers, browsers that are technically standards compliant but are much faster or slower than other browsers and so on.

I used to work on a server that vended browser specific code based on the user-agent (for a variety of reasons it had to be browser specific choices on the server side). It was a server that vended some self contained code that got embedded into lots of different web sites and properties. Anyway, the most painful browser to support was by far Internet Explorer. It blew my mind how badly they managed to screw this up. It's not that modern IE's are bad browsers, you see, they aren't really - after letting the web rot for years they finally reacted to their retreating market share by staffing up the IE team again, and nowadays it can render things nice and fast. The problem is their totally broken compatibility architecture.

Modern Internet Explorers are not a single browser. They're actually a wrapper around multiple different versions of the IE rendering engine, along with a horrific pile of heuristics, hacks and magical downloaded lists to try and select the right one. There's actually a giant flow chart that tries to describe what combination of bugs IE will try to emulate in any given situation, although that dates from 2010. Undoubtably it's now even more complicated. This is a total disaster. Firstly, IE isn't capable of always doing the right thing - a notorious example being the case where a top level document requests one kind of "document mode" (i.e. Trident version) and then an iframe requests a different kind, well, Trident can't recursively embed old versions of itself, so the iframe'd document just doesn't get the docmode it requested. If your code is run inside an iframe the only way to find out what docmode you're actually running in is to test it on the client side using JavaScript! If you then discover you have the wrong version of your JS loaded because IE lied to you, well, tough luck. Time to go reload it.

Combine this with trying to run code iframed into sites like Blogger where users are allowed to control their own toplevel HTML, and you can just forget about anything sane happening. But it gets even more confusing, because new versions of the rendering engine still have "quirks mode". You pretty quickly find yourself having to draw up giant matrices of how IE might behave in any given scenario.

What's worse, there are lots of different ways to ask IE for a specific mode. There are META tags, magic HTTP headers, DOCTYPE tags, and this Microsoft compatibility list which can override those in various situations, except that it works on a per domain basis and sites like google.com have tons of different apps hanging off different endpoints, some of which might no longer be really maintained, requiring a "flag day" where everyone co-ordinates to prepare for changes in the compatibility list. Oh yes, and users can and do modify their browser settings (as we see in this story), resulting in yet another column in the compatibility matrix.

Chrome, Firefox, Safari, Opera ... none of these browsers were such a nightmarish acid trip. Microsoft managed a seemingly impossible feat - dramatically improving the quality of their core rendering engine and yet STILL being the most horrible browser for web devs in existence! They snatched defeat from the claws of victory!

According to the KB article, all one has to do is...

Press F10 to display the menu bar, go to the Tools menu, and then click Compatibility View settings. Add the OWA site to the list of sites to be viewed in compatibility view.

Afterward, the setting will be remembered. Not such a big deal. As far back as IE 8, I've come across the odd site that requires compatibility view to work properly. So you set it, forget it, and move on.

before you think it, i'm no MS shill, i use Linux and only Linux. that said, the MSIE team is doing it right this time with IE11.

while many people here are slamming on the basis of standards compliance, there is something you should know: it's broken because they are striving standards compliance.

as we all know, there are plenty of MSIE exclusive ways of doing things in the DOM and render hacks that have had to be done so you end up with code that has "browser detection" to apply browser specific hacks. MSIE is making a clean break from all of that. so all those IE only apps like Outlook Web App will now fail because all the IE specific stuff has been removed. they went so far as to remove "MSIE" from their user agent string to prevent any old code from detecting it as Internet Explorer.

IE10 user agent string: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
IE11 user agent string: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv 11.0) like Gecko

so while it seems to have growing pains, as far as IE goes, IE11 is a step in the right direction.

some nice differences:

Deprecation of file:// based Proxy configuration scripts
Deprecation of document modes
Deprecated VBScript in IE11 mode pages
navigator.plugins -- now a supported extensibility point <-- ironically chrome is removing this support
ActiveX now behaves like a navigator plugin.
Silverlight plugin is not installed by default (they got Netflix to support HTML5 via Encrypted Media Extensions aka DRM in the HTML5 spec)

more info:
http://www.nczonline.net/blog/2013/07/02/internet-explorer-11-dont-call-me-ie/
http://blogs.msdn.com/b/ieinternals/archive/2013/09/24/internet-explorer-11-changelist-change-log.asp

Linux is already widely used on networking gear, especially fully pre-emptive variants like RT-Linux and Monta-Vista.

And if we follow the trend, pretty soon we'll be running Windows on those routers!

Don't laugh too hard, we already have Windows for Workgroups to replace Netware, Windows Web Server to replace Apache/Linux, and even Windows for Warships to replace, uh, sanity... Windows for Routers isn't too steep a slope.

I just upgraded my PC (non-RT obviously). Because I use UEFI and my install is on GPT, AND I have SecureBoot disabled to be able to easily boot linux, I must now suffer a permanent "Windows 8.1 Pro\nSecureBoot isn't configured correctly\nBuild 9600" watermark in the lower right corner on my desktop. There does not seem to be a way to just disable this message, short of using a resource editor (or disabling other security measures, such as UAC).

Q: Does Secure Boot prevent me from dual-booting or running other operating systems on my PC?

A: No. UEFI's Secure Boot feature prevents the computer from starting unsigned and unauthorized operating systems. This can prevent certain types of malware (e.g., Boot Kits) from starting on your computer. If you want to single- or dual-boot a Windows 8 certified PC with an operating system that does not support Secure Boot (e.g., Windows 7 or Linux), you can disable Secure Boot."

Sure, you can disable it, but then we'll punish you. Essentially Microsoft are saying, enable SecureBoot or else...

Where is the real link to the final release of .Net 4.5.1 ???

Here. At a labour rate of $100/h, that would be a charge of $0.01.

I basically just want C/C++ libraries, compilers and build tools. But not the GUI of Visual Studio.

It used to be possible to Download the Windows SDK/Platform SDK for no charge, and it contained all the command line tools and libraries need to build applications. Now: directly from the download page: "The Windows SDK no longer ships with a complete command-line build environment. You must install a compiler and build environment separately. If you require a complete development environment that includes compilers and a build environment, you can download Visual Studio 2012 Express, which includes the appropriate components of the Windows SDK."

Years ago, Visual Studio C++ Express was 32-bit only, and the Window SDK made more sense for me.

Anyone knows if Visual Studio Express 2013 for Windows Desktop now comes with the 64-bit compiler too? In that case I can forget about the Windows SDK for now. Otherwise I will need to rely on old Windows SDK that came with the compiler. Or install professional version of Visual Studio of course.

I basically just want C/C++ libraries, compilers and build tools. But not the GUI of Visual Studio.

It used to be possible to Download the Windows SDK/Platform SDK for no charge, and it contained all the command line tools and libraries need to build applications. Now: directly from the download page: "The Windows SDK no longer ships with a complete command-line build environment. You must install a compiler and build environment separately. If you require a complete development environment that includes compilers and a build environment, you can download Visual Studio 2012 Express, which includes the appropriate components of the Windows SDK."

Years ago, Visual Studio C++ Express was 32-bit only, and the Window SDK made more sense for me.

Anyone knows if Visual Studio Express 2013 for Windows Desktop now comes with the 64-bit compiler too? In that case I can forget about the Windows SDK for now. Otherwise I will need to rely on old Windows SDK that came with the compiler. Or install professional version of Visual Studio of course.

Writing a program in Visual Studio requires mandatory registration, or the program will refuse to start up. This also gives Microsoft to arbitrarily deny specific programmers the ability to publish a program.

Oh, and this, from the VS 2010 Privacy Policy, suggests that Microsoft can remotely target your computer after it does error reporting:

In rare cases, such as problems that are especially difficult to solve, Microsoft may request additional data, including sections of memory (which may include memory shared by any or all applications running at the time the problem occurred), some registry settings, and one or more files from your computer. Your current documents may also be included. When additional data is requested, you can review the data and choose whether or not to send it.

It's somewhat disappointing that Slashdot is used to advertise software like this. Fuck that, I'll stick with free (as in freedom) compilers like GCC, MinGW, LLVM etc. and free IDEs.

There's a free plugin for VS2010 and on that replaces the editor with a vim-style one. It's not quite as nice as using gvim itself but really is fantastic. I don't know how developers can live with the standard editor's find tool.

The author orginally wrote it to teach himself F# - http://visualstudiogallery.msdn.microsoft.com/59ca71b3-a4a3-46ca-8fe1-0e90e3f79329

It's not open source.

Not open source? The source is available for download here [truecrypt.org].

I see. So Microsoft Windows is also open source you say?
After all, the source is available for download here: http://www.microsoft.com/en-us/sharedsource/default.aspx

In both cases, you can see the code, and compile it.
In both cases, the license does NOT grant you permission to copy the compiled binary anywhere, or to distribute it.

Seeing the source does not make it Open Source, which has nothing to do with the source, but is ALL about the license.

"JIT is generic in a sense that each program (and even different parts of a single program) is different and you cannot base them all on a common framework."

What does this have to do anything? That describes just about every language ever or are you under the impression that the JCL doesn't exist?

"I wouldn't say that "Java performs as well as C++", unless you are speaking about UI-heavy programs where bottleneck is user input - or, alternatively, C++ programs written by people who don't know how CPUs implement a virtual method call and why it's slower than a non-virtual one."

No, I'm saying it performs as well as C++ in most cases. Virtual method handling is one example as to why, the JIT has a better view at execution time as to what can and can't be inlined, so it can inline much more than a statically compiled C++ program possibly can.

"Yeah, with native languages you are bound to a specific architecture (and even variations of it, e.g. AVX, SSE), but is it better to be a jack of all trades and master of none?"

Well that's precisely the problem you face if you don't have an explosion of optimised binaries, unless you want to accept that the JVM is going to optimise more efficiently. It's not just about compiling for different architectures, it's about the JIT automatically being able to optimise to take advantage of extensions, and other hardware that may be present too. It can optimise dependent on amount of RAM, cache sizes etc. - something that just isn't known when you compile a plain old generic C++ binary for, say, the generic x86 platform.

But there are a number of other things it can do better too - better loop vectorisation (as a result of better inlining of virtual functions) and more efficient heap allocations for example.

"Server software does not [need to] have single-thread performance because it's more often I/O bound - that means that CPU vendors can get away with CPUs like Bulldozer or SPARCs that suck at IPC (instruction per clock) performance."

This is nonsense. It depends entirely on the application. A heavy load web server for example may not really be I/O bound in the slightest depending on the size and what it does. Bulldozer is designed for optimisation of performance per watt, you're again confusing cause and effect as to why some things are the way they are.

"That's not a problem of Java, though, but all managed languages - .NET also sucks."

Really, the problem is simply that you don't understand managed languages. Your understanding of the optimisations performed by JIT compilers is clearly woefully inadequate to being making this sort of comment. Your comments on server applications just don't even make sense for the most part to the point I'm not even sure you have the slightest grasp of what sort of things servers commonly serve.

"Microsoft tried to build an OS which would be .NET based - they wasted like 6 years on that and ultimately had to abandon the idea. Now they are going native :)"

This is just further nonsense. There was a Microsoft research project to try and build such a thing, and they did, and open sourced it. I don't know what you mean by "Now they are going native :)", they've always been native with their operating systems. If you were expecting their managed OS to cause them to throw out 3 decades of legacy code then you have a disturbing view of how software is developed.

It was a research project and nothing more, and even then it wasn't purely managed, they still had to bootstrap natively because no one ever pretended that managed languages are designed to do such low level operations. You can find out more about it here:

http://research.microsoft.com/en-us/projects/singularity/

It's worth noting though that some of the things learnt from this research project have already made their way into Windows, but that's kind of the point of r

They were. Microsoft published the format specifications in a physical book years ago. You can download the latest version here:

http://download.microsoft.com/download/0/B/E/0BE8BDD7-E5E8-422A-ABFD-4342ED7AD886/Word97-2007BinaryFileFormat(doc)Specification.pdf

You mean Office Fast Start?

http://smallbusiness.support.microsoft.com/en-us/kb/132755

That was just a little app that Office put in the startup folder that called made a dummy OLE call and exited. Calling OLE pulled the OLE dlls into memory where they stayed. Since Office depended very heavily on OLE it made Office apps launch faster. There's nothing uncompetitive about that - Office Fast Start was something that came with Office, not with Windows and OLE was documented on MSDN.

Microsoft Windows NT-based OS settings vs. DDoS/DoS:

Protect Against SYN Attacks

FROM -> http://msdn.microsoft.com/en-us/library/ff648853.aspx

A SYN attack exploits a vulnerability in the TCP/IP connection establishment mechanism. To mount a SYN flood attack, an attacker uses a program to send a flood of TCP SYN requests to fill the pending connection queue on the server. This prevents other users from establishing network connections.

To protect the network against SYN attacks, follow these generalized steps, explained later in this document:

Enable SYN attack protection
Set SYN protection thresholds
Set additional protections

Enable SYN Attack Protection

---

The named value to enable SYN attack protection is located beneath the registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters.

Value name: SynAttackProtect

Recommended value: 2

Valid values: 0, 1, 2

Description: Causes TCP to adjust retransmission of SYN-ACKS. When you configure this value the connection responses timeout more quickly in the event of a SYN attack. A SYN attack is triggered when the values of TcpMaxHalfOpen or TcpMaxHalfOpenRetried are exceeded.

---

Set SYN Protection Thresholds

The following values determine the thresholds for which SYN protection is triggered. All of the keys and values in this section are under the registry key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters

These keys and values are:

Value name: TcpMaxPortsExhausted

Recommended value: 5

Valid values: 0?65535

Description: Specifies the threshold of TCP connection requests that must be exceeded before SYN flood protection is triggered.

Value name: TcpMaxHalfOpen

Recommended value data: 500

Valid values: 100?65535

Description: When SynAttackProtect is enabled, this value specifies the threshold of TCP connections in the SYN_RCVD state. When SynAttackProtect is exceeded, SYN flood protection is triggered.

Value name: TcpMaxHalfOpenRetried

Recommended value data: 400

Valid values: 80?65535

Description: When SynAttackProtect is enabled, this value specifies the threshold of TCP connections in the SYN_RCVD state for which at least one retransmission has been sent. When SynAttackProtect is exceeded, SYN flood protection is triggered.

---

Set Additional Protections

All the keys and values in this section are located under the registry key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters. These keys and values are:

Value name: TcpMaxConnectResponseRetransmissions

Recommended value data: 2

Valid values: 0?255

Description: Controls how many times a SYN-ACK is retransmitted before canceling the attempt when responding to a SYN request.

Value name: TcpMaxDataRetransmissions

Recommended value data: 2

Valid values: 0?65535

Description: Specifies the number of times that TCP retransmits an individual data segment (not connection request segments) before aborting the connection.

Value name: EnablePMTUDiscovery

Recommended value data: 0

Valid values: 0, 1

Description: Setting this value to 1 (the default) forces TCP to discover the maximum transmission unit or largest packet size over the path to a remote host. An attacker can force packet fragmentation, which overworks the stack.

Specifying 0 forces the MTU of 576 bytes for connections from hosts not on the local subnet.

Value name: KeepAliveTime

Recommended value data: 300000

Valid values: 80?4294967295

Description: Specifies how often TCP attempts to verify that an idle connection is still intact by sending a keep-alive packet.

---

You are very optimistic. Right now even C++ compilers (which, believe me, are very much performance-oriented and rather are not memory-constrained) have problems with producing a good vectorized code, but thanks God we have assembly intrinsics and use them a lot. For JVM, that is even harder for multiple reasons (and unfortunate - historical - choice of Java bytecode is one of them). Sure, there's a broad class of software where performance does not matter, but as I said again, that is a boring software I don't want to work on. Writing such software is better to be outsourced somewhere where people crave for money more than I do.

As for HFT, I don't think that using Java is a good decision. If you can optimize for certain (best in its class) hardware, why do you need to hop through all the extra abstraction layers of Java? Sure you probably can, but it's like artificially limiting yourself.

'"Bing ads" is still misleading '

No, it's the literal truth. The ad network is Bing Ads: http://advertise.bingads.microsoft.com/en-us/sign-up?s_cid=us_smb_a_web_bing_footer

...ad hosting network (that happens to be used by major search providers)

...like Bing and Yahoo (whose search results come from Bing).

"Bing ads" is still misleading in the usual headline sensationalism way...

Yeah, it's not like the service itself is named Bing Ads, or anything.

"When Samsung packaged a solar-powered classroom for Africa’s remote communities, it shipped a GNU/Linux solution but M$ intervened"

"Working together with Reza Bardien, our Education Lead, we managed to turn this into an end to end Windows solution by the end of the week"

- quote -
Solar Powered Schools – Linux Win

In the week of 16 January, Samsung Africa launched its first Solar Powered Internet Schools. These 40 ft solar powered containers are designed for use in remote rural education communities with limited, or no access to electricity. This is a world first and shows great innovation from our partners.

However, this solution with little education relevance (all 20 student laptops as well as the teacher one) was a complete Linex solution at the time of launch. Working together with Reza Bardien, our Education Lead, we managed to turn this into an end to end Windows solution by the end of the week, including the PIL Learning Suite and the Windows-based NETOP Classroom Management solution.

By Friday morning, when Samsung demonstrated its solution to press and stakeholders, the solution was based on a Microsoft platform. This container (and the next 10 containers going into Africa and South Africa) will include devices running on a Microsoft platform only, so the students learning on these devices will be running and learning on Windows.

Some great cross group collaboration between the Windows BG, the Education Public Sector, NETOP and Jacques from OEM who assisted.

Thank you all!
- unquote -

If my $10 mil company can't afford Office 2013 and is switching to Libre, how the hell can an African school system afford it?

Office 365 plans and pricing for education [South Africa]

Plan A3

Students:
R 23,30 user/month

Faculty and staff:
R 42,00 user/month

1 South African Rand = 10 cents US.

Includes:

Hosted e-mail. 25 GB/user.
Web conferencing, supports HD video, etc.
3,000 SharePoint team sites.
Active directory integration
24/7 phone support
Anti-spam and anti-malware
Office Web Apps
MS Office "Pro" Suite for 5 PCs or Macs/user
Advanced e-mail, advanced voice mail.

May include "MS Office Anywhere" --- stream full Office apps to any PC.

So what are your monthly costs per user for an equivalent bundle of applications and services? How well does Libre Office integrate with third party applications and resources?

I think WHQL certification is mostly MS' way of pressuring component vendors to implement new features they want. For example; UEFI secure boot / OS signing, and preventing OSes such as Linux for booting, or providing TCPA / TCPM (Trusted Computing Platform Modules).

But that's not all. there are plenty of features. Whatever MS requires or forbids will be extremely influential, as computer manufacturers Want to be able to advertise their product using the Windows Logo; and they are required to use only Windows logo certified components in their systems, so a hardware vendor not getting the stamp of approval on their product can be harmful to their business.

MS will use their leverage to do what they think will improve the number of people buying their product --- that includes improving their user experience, or diminishing the user experience of old operating systems, or competing vendors' OS.

For example: making new hardware no longer compatible with XP or Windows 7 would be a win for them, because it encourages more sales of Windows 8.

The WHQL requirements are full of lists of features that must be supported and features that must not be supported by hardware.

In the former category; they list supposed business justifications, and it's all about user experience.

For the latter category; these are limitations of Windows, and the hardware is not allowed to have support for features outside of Windows' limitations.

In the middle category; there are features hardware vendors must ask for permission to implement; that is probably the safest category for MS to use to pressure vendors --- just withhold permission, until they agree to 'off the record' conditions.

This is not a quote. It is an implication; that behind closed doors, between vendors, there is an "arrangement" MS requires, and if they refuse to comply --- MS has the stick of refusing logo certification to their product ---- if nVidia doesn't get the Windows Logo; then neither do any of the hardware builders or OEMs using nVidia components; therefore, they are likely to ship someone else's hardware instead, so they can get the logo.

Some of the Logo certification requirements

As for multiple monitors with SLI Mosaic.... remember what that is?

Multiple real GPUs responsible for all the various monitors, presented to the operating system as one Logical GPU; so, the OS interacts with one GPU, but the responsibility for the display changes between GPUs.....

What do the WHQL requirements say? Well, nVidia needs an exception. How likely is MS to grant the exception to their requirements to their business partner, if/when they learn nVidia has provided better Linux support than Windows support, when the feature is used?

Target Feature: System.Fundamentals.Graphics
Title: If a Windows 8 system has Multiple GPU's, the graphics and system test must pass in every "Operating Mode"

3. Not-allowed Features. These are features that create unavoidable scenarios that do not meet Windows experience expectations,
do not meet certification requirements, and prevent the system from getting certification.

Switchable Graphics Not Allowed Not Allowed

Switchable Graphics: Two or more GPUs from either the same vendor or different vendors where the responsibility for display output to any monitor changes from one processor to the other, typically through a MUX. Starting with Windows 8 systems, this feature is not allowed.

I'm hoping that, while they allow anyone to use SteamOS for their system, they create a "branded" system by which to easily measure system specs for quick eyeballing of whether a particular Steam Machine can run a particular game. The way I see it, they have yearly specifications and a ranking system per year. It can be simple numbers 1-5, or tier like Start, Mid, Pro. Then it's a rolling designation, with the idea being that this year's Pro should be roughly equivalent to next year's Mid, then the following year's Start. It also means that games can target only that year's specs on their box; instead of having to say something like "Supports Windows 8, 7, Vista, XP", a game released in 2016 can list SteamOS support as "Supports 2016 Pro and beyond", so gamers that pick it up later will know it also works for 2017 Mid, 2018 Simple, and then everything after that. Maybe have it simplify it and have just a High and Low tier, or go even further and have a minimum hardware requirements to be "Certified SteamOS-Compatible 2015."

This is a lot like the Windows Experience Index, but easier to understand IMHO (their system is an addition one, in that they'll increase the max score over time as newer hardware becomes available; right now it's still 7.9 for Win8, which was the same max for Win7).

With this kind of system in place, they can have the best of both worlds: Those who want more esoteric hardware options or roll their own can do so (SteamOS would include a utility to give your system a rating, though it wouldn't be "certified"), and the major hardware manufacturers can target one or a few of a set of hardware specs in order to improve the price point through mass production. Depending on how high the "minimum" specs are, they could even make a cheap-o or super-small model by targeting a prior year that can still run the biggest AAA games.

Disclaimer: I've been a Microsoft employee since 2000.

I can tell you that this is demonstrably false. I personally worked on an MSR technology transfer effort.

I won't go too much into the details, but a group at MSR had developed some tools that did some interesting binary instrumentation, and did some very interesting analysis on data you captured from using these instrumented binaries.

This toolchain needed to be integrated into the build process and test process for your codebase, but once you did that work, you could answer some highly interesting questions.

MSR had a team from their side that worked with all of the major product groups at Microsoft to educate us on what the tools did, how to use them, how to integrate them, etc. We found bugs in their code; we made suggestions based on production use of the tools; they fixed them for us during validation and deployment.

I helped integrate the tools into the process for how Visual Studio was built and tested, back in the 2001-2003 era. I know for a fact Windows and Office underwent similar efforts for their products.

This effort didn't immediately translate into a feature in a product; instead, it helped us build and test _all_ our products more effectively.

Much later, VS did ship some tooling to our customers that was superficially similar to what this stuff did, but I wasn't part of that effort, so I don't know if there was technology re-use or not.

The above account is what I had direct experience with.

Additionally, every year MSR holds an event called "tech fest" where researchers setup booths talking about what they've been working on. MS engineers are the target audience. The different research topics are in various different stages of the pipeline -- sometimes you'll see a booth where they show you the "research project" next to a real shipping product that is using it. Other times they'll show you something that Microsoft is probably never going to ship or make money from.

I've seen people run their research and demos from Linux boxes -- and not just because they were doing something Linux specific. The researchers in question appear to have a wide latitude to investigate what they want to investigate, and use the tools they feel most comfortable with (as it should be).

Obviously, not everything done at MSR directly translates into a tangible product. There is certainly a lot of stuff they do that I feel like SHOULD see the light of day but hasn't yet. For instance, of particular interest to me was some research on distributed file systems done by the SNR group. It's public, so you can look up the "Farsite" project.

http://research.microsoft.com/en-us/projects/farsite/

Look how old those papers are. It's very aggravating to me that we don't just take this stuff for granted now, given how far along the research and demos were 10 years ago.

generating a new type of market?

is not something a research organization does. Microsoft Research is not a business. They aim to do pure research. If you want to see what they've done, you're free to see all their published data.

http://research.microsoft.com/apps/catalog/default.aspx?t=publications

I'm sure all of those are beyond your mental capacity. Its OK.

If you could lure a top CS researcher to MS Research and then pay him craploads of $$$ to spin stuff that would never see the light of day

http://research.microsoft.com/apps/catalog/default.aspx?t=publications

Wow.. they are pretty stupid since they let them publish all their research. lol.. oh well.. an anti-ms troll like you is not concerned with facts anyway.

... as part of Rick Rashid's Festschrift. http://research.microsoft.com/pubs/183790/Rick%20Rashid's%20Festschrift%207.5.12.pdf starting at page 131.

Seriously, timothy thinks the future of Microsoft is "now in question?" That would be an accurate thing to say about Research In Motion, but Microsoft isn't in bankruptcy or anything. It's not even operating at a loss.

It's certainly true that Microsoft is past its halcyon days, and lacks either a coherent vision or any real popularity, but that doesn't mean it's on the brink of collapse.

Microsoft research is doing some amazing things. Also there is a lot of content from the research group on Channel 9. Microsoft's problem is that their userbase is conservative. But as a result of their research they could at will turn on the tap and have tremendous innovations pouring out.

For example Microsoft people (its open source but the contributors are mainly Microsoft) developed C-- which is a portable assembly language which has tail recursion, accurate garbage collection or efficient exception handling. I don't think anyone could follow how much this group does but from innovations in compilers, new systems for concurrency, new algorithms, computation biology.... it is frankly amazing. I only wish Microsoft was more aggressive in pushing their products to adopt more from their research team. Much as the slides talk about the problem Xerox had with Parc, Microsoft has the same problem.

I saw a talk this past summer about Microsoft's security architecture for Azure. The devil is in the details, of course. I am only really familiar with AWS but Microsoft's approach is quite different. In AWS, security is really up to you when you deploy an application to Amazon's cloud. Azure is tilting the other way -- they are providing an environment where security services are part of the platform.

For those who are interested in a technical discussion instead of Microsoft-bashing and snarky remarks about the NSA (how original!), I found a PDF that explains what they're doing. This is quite similar to the talk I attended. Some of it is over my head and some of it is not really spelled out in detail, but I can tell it is quite divergent from AWS's approach of saying "here's your cloud, now security is your problem."

Given how hard it is to securely configure a server on the Internet, I can see value in the cloud provider doing {some,most} of the work for you. My exposure to other cloud providers is limited -- is there another company out there who is trying to provide security as a ready-made feature of their platform offerings?

As a former BlackBerry user and a current Android user - I can say with certainity that ActiveSync on Android works. BlackBerry touts it's security but Androd ( especially after ICS ) supports a lot of those 'enterprise' features like remote wipe as well. I recently switched to an Andriod phone. At work we've moved to office365.com for our email needs. As you might be aware the email is offered via outlook.office365.com - which is basically a hosted Exchange server Since we're BYOD, when I setup my Android phone for Exchange ( http://office.microsoft.com/en-in/office365-suite-help/set-up-email-on-an-android-phone-or-tablet-HA102823196.aspx ) - the Mail app ( your standard Android "Email" application ) - asked me for permissions - whether I would allow it to remotely wipe my phone the Exchange server wanted it to These features were available only on Blackberry before ActiveSync came to Android ( and I believe the same goes for iOS as well ) - I think this is why BYOD works these days and provides some security for corporate data on privately-owned handsets - a win-win for all - other than BlackBerry, of course.

Not every site does. For instance, I vaguely remembered that Microsoft EULAs have jurisdiction based on the country where you live, with the "you consent to jurisdiction in Washington" bit only applying to Americans. I checked the Terms of Service for Bing, and I was right. (For instance, for Europeans, it uses Luxembourg law for breaches of the ToS specifically, and the local jurisdiction for other claims.) Microsoft seems to have local companies set up for the purpose of sorting out contracts with people in countries other than the US. Many other sites don't seem to consider jurisdictional issues in their TOS at all. I suspect that that might lead to complications if they ever have to sue someone, but it's nicer for their users. Incidentally, local jurisdiction clauses in a ToS are actually one reason that causes me to avoid agreeing to them, unless they're set up in such a way that they only apply if I invoke them, they can't be invoked against me. (I end up avoiding a large number of major websites because of this.)

http://msdn.microsoft.com/en-us/library/5hsw66as.aspx

This is wrong. The density of twin primes has basically nothing to do with RSA or factoring. The vast majority of primes aren't twin primes, and the vast majority of primes don't have a prime near them (that is within o(log p)), and actual RSA keys avoid very close primes anyhow. That's before we get to the fact that work like Zhang's is basically non-constructive. There are possible serious issues with factoring, and some people like Henry Cohn have expressed skepticism about claims that factoring is genuinely hard http://research.microsoft.com/en-us/um/people/cohn/Thoughts/factoring.html, but none of this has anything to do with Yitang Zhang's work.

The same still applies. Sure, you're circumventing the eavesdropping of your employer. You still have a long list of trusted signing authorities in your browser.

Firefox list

Microsoft/MSIE

Chrome

There's no good reason to believe your encryption is end-to-end safe. It's end-to-whoever-runs-the-proxy-server encrypted. Someone in your house won't eavesdrop on it, but ye olde MITM by a large enough organization can. There are some telecom providers included.

So your employer can't sniff your traffic, and you've compromised their internal security. You're safe from your desk to your home machine and that's it. I'd say you're totally safe on your computer, but as your employer could use keystroke loggers, watch your screen, and even access your files (via \\yourdesktop\C$\), the only thing you're protecting is the easy logging of the URLs you've browsed. If they're already doing deep packet inspection, either the VPN connection won't be established because VPN won't traverse the content inspector, or they'll notice massive amounts of encrypted traffic always going to the same place. So it won't work, or you'll raise red flags.

What if a government agency got in on this game? They could sign and eavesdrop without you knowing. Oh wait. They are already there.

Firefox: France, Hong Kong, Japan, The Netherlands, Spain, Taiwan, Turkey

Microsoft/MSIE: Austria, Brazil, Finland, France, Hong Kong, India, Japan, Korea, Latvia, Macao, Mexico, Portugal, Serbia, Slovenia, South Africa, Spain, Sweden, Switzerland, The Netherlands, United States, Tunisia,Turkey, Uruguay, Venezuela,

Chrome uses the underlying OS root CA list.

Any one of them can sign valid certs. For MSIE and Chrome users, the US Gov't can sign for *.google.com, and intercept all the traffic, without the need of adding any extra CAs to your browser/computer.

What, so they're going to hard-code the acceptable root CAs into the JVM? So entities like the Federal Reserve Bank who run their own CAs (including folks using Microsoft Certificate Services) won't be able to use Java to connect to their secure resources? Providers like zScaler that offer cloud-based security whose entire model is MITMing all SSL/TLS (with the device owner's permission) won't be able to provide 0-day protection against hostile Java code?

Don't forget that the CAs whose keys are trusted by Java today have agreed to stop issuing "internal server name" certificates -- so usage of technology like Microsoft Certificate Services will only increase! In the next few years, the only reasonable way to make https/SSL/TLS work within internal networks will be to roll your own CA and certs.

I wish I could say that I thought there was no way that Oracle would be so stupid as to make it impossible to operate an internal CA. I mean, self-signed is not the same as signed-by-a-CA-not-vetted-by-Oracle. Self-signed traditionally means signed-by-a-CA-not-in-the-OS/runtime-list-of-trusted-root-CAs. But I wouldn't put any bets on this, since the historical data suggests that Oracle is one of the two stupidest, least trustworthy software vendors in the world.

Touch screens have no easy way to right-click so I tend to use that one a lot.

If they're Windows-based systems, that's patently untrue.

From http://windows.microsoft.com/en-us/windows7/using-touch-gestures :

Press and hold does the same thing as right-clicking an item.

Also applies to XP and 8.

I actually use that one quite often since I work in the POS industry

I presume most of your work involves non-Windows based systems? God, I hope so.

Oracle's Enterprise database costs $47,500 per processor core. There is no way in heck that I'd choose AMD over Intel when I have to run more cores to get the same performance.

Microsoft SQL Server Enterprise costs $6,874 per processor core.

AMD has a heavy investment in the server space. They should negotiate lower per-core license costs in these cases; license parity with Intel is throwing them out of the data center.

As the developers of x86-64, they should have a patent portfolio to do serious damage to 64-bit x86 systems vendors. Use it.

I know this isn't a valid argument for why the Surface didn't take off, but it really is the customer's fault for not wanting it.

I know what you mean here, but usually gargantuan investments in a product like this are protected from the "customer's fault" through focus groups. Proper market research can determine whether a certain set of capabilities are going to sell at price points above per-unit production costs.

Ballmer has been ignoring these tools since before he laughed at the iPhone as being the most expensive phone on the market. He continued to ignore competitive market research when he doubted developers would write apps for the iPhone while Apple took a 30% cut of app sales.

The Ballmer-led Microsoft has been hardheaded about what customers should want and believes it can dictate what customers should buy as it could do where Microsoft was able to leverage its OS monopoly. Those days are over.

MS Quarterly and Annual Report of course. I like how gamers get tricked by the reports highlight of 6 Billion in profit that has more to do with Windows, Office, and SQL Server, but they're sure that the gaming division has something to do with the sky high profits. Here you can look them all up yourself here. If you sum up all the quarters since the inception of their entertainment division you'll see that it barely accounts for anythings. Not to mention that there is a loss line that all the divisions share, but you'd be hard pressed to figure out what percentage the Entertainment Division is responsible for.

Windows source code is available though:

http://www.microsoft.com/en-us/sharedsource/default.aspx

Windows Embedded Standard (2009) is the last version of WindowsXP embedded. It will be supported until 1/8/2019

So someone will still be slaving away on XP updates, if needed they can pop them over the the customer channel.

Windows isn't a very friendly development platform for Open Source, starting with the licensing requirements for tools and distribution restrictions on binaries derived from those tools when using header files containing substantial code, or runtime libraries.

Well, the tools are free and there isn't a redistribution problem, never has been.

Not according to this document; the runtime components are not redistributable. This is an Anti-WINE license measure:

http://msdn.microsoft.com/en-us/library/ms235299(v=vs.90).aspx

Now, you could argue that ZFS and Windows won't work unless MS does it because ZFS is the whole disk I/O stack rolled into one, and no driver is going to work with the kernel to allow the ZFS system to work in windows, but thats another story entirely. Theres no way to bypass the disk cache for instance, not in a way ZFS would be compatible with. ZFS must use its own cache, and directly access the raw devices, and provide the filesystem driver all rolled into one ... but spread all across the kernel, in order to get proper performance.

Could get pretty close with some good hacks though, such as FUSE.

This is actually reverse-engineerable. FUSE isn't an option, since pages which get memory mapped and dirtied are not propagated up via invalidation events. This is the same problem the Heidemann stacking framework has if you stack FS A on top of FS B, and then expose both of them as visible in the mount hierarchy namespace. You can do some things, but you can't do really complicated things.

Q. Can I install OEM on a virtual machine (VMware)?
A. You may install OEM in a virtual environment as long as you have a separate license for each instance of the software. It is fine to use the OEM version as long as it is properly licensed. To be clear, a separate version of software must be installed for both the “standard” and “virtual” installations.

(from http://www.microsoft.com/OEM/en/Pages/support-faq.aspx ) So you can't use the same OEM license for both the host and the guest (which makes sense), but it appears that you can use the OEM license on the guest only. I have no idea whether once installed on physical hardware if you can transfer that license to a VM. Why do they make this so confusing?

For Windows operating system software licenses acquired through the OEM channel, the Windows use rights are outlined in the Software License Terms that accompany the software. These license terms provide use rights to run Windows locally on the licensed device in a virtual operating system environment (OSE).

(from page 1 of the document http://download.microsoft.com/download/9/8/D/98D6A56C-4D79-40F4-8462-DA3ECBA2DC2C/Licensing_Windows_Desktop_OS_for_Virtual_Machines.pdf ).

1.) Blocking rogue DNS servers malware makers use
2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up malicious scripts
3.) Speeding up your FAVORITE SITES that hosts can speed up via hardcoded line item entries properly resolved by a reverse DNS ping
4.) AdBlock works on Mozilla products (browser & email), hosts work on ANY webbound app AND are multiplatform.
5.) AdBlock can't protect external to FireFox email programs, hosts can (think OUTLOOK, Eudora, & others)
6.) AdBlock can't help you blow past DNSBL's (DNS block lists)
7.) AdBlock can't help you avoid DNS request logs (hosts can via hardcoded favorites)
8.) AdBlock can't protect you vs. TRACKERS (hosts can)
9.) AdBlock can't protect you vs. DOWNED or "DNS-poisoned" redirected DNS servers (hosts can by hardcodes)
10.) Protection vs. "FastFlux" botnets (where the IP address of a particular hostname/domainname & URL link correspond to changing IP addresses in a botnet)
11.) Hosts are EASIER to manage, they're just a text file (adblock means you had BEST know your javascript, perl, & python + regular expressions (iirc as to what languages are used to make it from source)).

Adblock Plus To Offer 'Acceptable Ads' Option

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

Since hosts (via tcpip.sys, a driver in ring 0/rpl 0/kernelmode) load first, from a far, Far, FAR FASTER MODE OF OPERATION (vs. usermode plus layering in over the top of browsers, slowing them down more (firefox addons are KNOWN for doing that mind you)) & know what is blocked out already?

Hosts are referenced BEFORE ANYTHING ELSE IS for IP address resolution from host-domain names for ANY & ALL processes that are webbound -> http://support.microsoft.com/kb/172218 ??

Hosts Files make ADBLOCK REDUNDANT (& adblock doesn't block all ads anymore by default either)...

APK

Neat feature, but it is synthesized:
http://msdn.microsoft.com/en-us/library/vstudio/hh873197.aspx

That said, there's no reason why other special purpose debuggers couldn't do the same with enough effort.