Slashdot Mirror

I normally take the middle path and only use generic and robust techniques for the core of an application.

For my commercial, professional applications that means Windows, C#, and .NET (WPF.) Why?

1. Locally executed applications are faster.
2. I can naturally support all kinds of workflow, from a gaming scenario to a form-based input. To do that in browser I'd need more JavaScript code.
3. I can do all kinds of data validation in real time (when you press a key on the keyboard) that would be a pain to do in JS over the net on a remote server.
4. There is no dependency on the browser. The only dependencies of the software are .NET itself, and they are versioned.
5. The presentation is consistent.
6. There is no web server to install and maintain, and there are no web applications either. Deployment of my software is done with ClickOnce.
7. There are no scalability issues; in my case, the only limit is the SQL server; it can be scaled up far more than my software would ever need.
8. The Internet link is always optional.
9. I can read and write files without any worry about permissions, outside of what the host OS provides. Settings are stored locally, and users can have several sets, and the settings can be backed up and restored. That is important when there are many settings and when new installations need to be quickly customized for a new employee.

Cross-platform operation is not required in my case. Linux is used by 0% of my audience, and that is not going to change until Mentor Graphics, SolidWorks and Autodesk have their essential software ported to Linux. I'm not holding my breath for that because they use way too many Windows-only technologies.

Let's see, some basic citations for you:
From: http://en.wikipedia.org/wiki/JScript
"JScript was first supported in the Internet Explorer 3.0 browser released in August 1996. Its most recent version is JScript 9.0, included in Internet Explorer 9."
and
http://en.wikipedia.org/wiki/Chakra_(JScript_engine)
http://msdn.microsoft.com/en-us/library/hbxc2t98(VS.85).aspx

As explained by JavaScript guru Douglas Crockford in his talk entitled The JavaScript Programming Language on YUI Theater,

[Microsoft] did not want to deal with Sun about the trademark issue, and so they called their implementation JScript. A lot of people think that JScript and JavaScript are different but similar languages. That's not the case. They are just different names for the same language, and the reason the names are different was to get around trademark issues.[5]

JScript supports conditional compilation, which allows a programmer to selectively execute code within block comments. This is an extension to the ECMAScript standard that is not supported in other JavaScript implementations.

> "They are not working on JScript at all, they are working on JavaScript"
Lol, fail. "JScript" is Microsoft's trade name for their JavaScript implementation (at ECMAScript 3 level). There is no difference. Microsoft do as I did, use the term to denote that their Javascript variant (I did it to distinguish variants, they do it for trademark reasons). Now in IE 10 the tradename "JScript" may or may not be used officially - but it doesn't change anything for the purposes of our discussion. Your point was wrong ... and your apoplexy was again for wrong reasons.

> Nobody does that. The patch is called IE9 and IE10.
I have given a link to IE9's significant compatibility flaws. It needs to be patched. So should IE 8. Yes, vendors do patch older versions of their products - this is industry wide. For developers it is called "working on multiple branches", and I have to do this all the time. I'm sure an experienced fellow like you has come across this, and is aware that is it critical to maintain older stuff in the enterprise space. Suggesting you fix things by just replacing the old with the new (eg. as small outfits can) is not realistic. In fact, back-ports and patching is something Microsoft is exceptionally good at in general - supporting and patching older stuff - just not with their browser. Hence, I see it as a possibility that *if* they focused they could fix their deployed browser base in the near future [without going to an entirely untested version, or resorting to JavaScript extensions]. This was the point I was trying to make.

> IE 10 is up there with Chrome, and on JavaScript, it is better than Chrome.
Great. Shame it is not yet released to the non-MSDN public. Shame it is not in the enterprise and won't be for some time. IE 10 is still not relevant to this discussion *at this point in time*. When it does I'll re-evaluate the compliance. Meanwhile, the only things that matter are the compliance of the deployed IE base and whether or not they get useful patches in the near term. No patches forthcoming means IE will still be despised - this is how my clients perceive IE.

Setting something in a text file is easy.

Setting a previously configured setting back to a given value is also easy... if you know the value that you need to set it back to.

That's where things get difficult. The default value is often just in the original text file, which is now lost -- overwritten by the modified text file. So then, no problem, just archive it! Except then what happens is that when you make two revisions to the file, then suddenly it's no so easy to undo a change from the first revision without breaking changes made in the second revision.

If a text configuration file is completely under the control of a management system, this can be handled, by storing all the deltas along with the unmodified original, and then merging them back as required. However, this then blocks the ability for the users to save their preferences into the same file, because that would break the configuration file management system. The solution is to have a set of fully managed policy configuration files that combines dynamically at run time with separately stored user settings.

At this point, you've re-invented the Microsoft Windows registry and group policy system, but with text files instead of binary containers, which is a minor implementation detail. You may as well just take it to the next level an implement multilingual administrative templates as well, so that your users don't feel like they're getting a giant "fuck you, learn English" message every time they have to use your software.

Some UNIX/Linux applications re-invent this wheel out of necessity, but badly, with many missing features, and of course -- inconsistently with every other application that also had to re-invent the same wheel.

Registry stuff is provided out of the box on command line... Regedit Command Line

And Diskpart provides entirely command line driven disk management.

For managing services you can use SC.

Installing software is kinda at the whim of the developer, some might have quiet installers like "/q" or command line switches, and some might not, depends on them to provide.

Registry stuff is provided out of the box on command line... Regedit Command Line

And Diskpart provides entirely command line driven disk management.

For managing services you can use SC.

Installing software is kinda at the whim of the developer, some might have quiet installers like "/q" or command line switches, and some might not, depends on them to provide.

Microsoft really have no excuse for their hidden, shifting then obsolete data formats.

What are you talking about? Can you name any Microsoft data format not covered in: http://msdn.microsoft.com/en-us/library/dd208104(PROT.10).aspx? Hell, even the DOC, XLS and PPT formats are documented to the last bit: http://msdn.microsoft.com/en-us/library/cc313118.aspx Not to mention Office 2013 opens Office 97 documents... Ups, I forgot, this is Slashdot :)

Microsoft really have no excuse for their hidden, shifting then obsolete data formats.

What are you talking about? Can you name any Microsoft data format not covered in: http://msdn.microsoft.com/en-us/library/dd208104(PROT.10).aspx? Hell, even the DOC, XLS and PPT formats are documented to the last bit: http://msdn.microsoft.com/en-us/library/cc313118.aspx Not to mention Office 2013 opens Office 97 documents... Ups, I forgot, this is Slashdot :)

What rock have you been living under?

Upgrades and installations have been doable as a 100% unattended task for over a decade now, with Microsoft tools only! Not only can you do it remotely, it's possible to power on a machine over the network, have it upgrade itself, and shut itself back down without any human intervention whatsoever.

PXE boot, reliable network broadcasts, image-based installation, pre- and post- installation scripts, driver injection, update merging, various upgrade scenarios, backup and recovery of user data, etc... are all old hat. Most of those don't even require any additional licensed software such as SCCM, which just provides a GUI and a database for tracking progress.

Tada: Windows Deployment Services and Microsoft Deployment Toolkit. Just because you aren't aware of it, doesn't mean it doesn't exist.

On top of that, Group Policy shits all over the desktop fleet management systems available in Linux, because it's based on a hierarchical policy engine instead of flat text files, which have poor support for things like rollback.

For example, I bet every Linux admin here can tell me a dozen ways they can set arbitrary values in configuration files across 10,000 machines, but not one of them can give me a good solution for undoing various random subsets of those settings years later! For example, you may want a site-specific setting to revert to defaults when the computer is moved out of the site, without undoing other settings in the same file that are relevant to all sites.

Good luck implementing a general-case solution for that problem in Linux, because the text-file configuration paradigm just doesn't work that way! You'd have to convince the entire Linux community to switch to some other paradigm first, and that's just not going to happen.

What rock have you been living under?

Upgrades and installations have been doable as a 100% unattended task for over a decade now, with Microsoft tools only! Not only can you do it remotely, it's possible to power on a machine over the network, have it upgrade itself, and shut itself back down without any human intervention whatsoever.

PXE boot, reliable network broadcasts, image-based installation, pre- and post- installation scripts, driver injection, update merging, various upgrade scenarios, backup and recovery of user data, etc... are all old hat. Most of those don't even require any additional licensed software such as SCCM, which just provides a GUI and a database for tracking progress.

Tada: Windows Deployment Services and Microsoft Deployment Toolkit. Just because you aren't aware of it, doesn't mean it doesn't exist.

On top of that, Group Policy shits all over the desktop fleet management systems available in Linux, because it's based on a hierarchical policy engine instead of flat text files, which have poor support for things like rollback.

For example, I bet every Linux admin here can tell me a dozen ways they can set arbitrary values in configuration files across 10,000 machines, but not one of them can give me a good solution for undoing various random subsets of those settings years later! For example, you may want a site-specific setting to revert to defaults when the computer is moved out of the site, without undoing other settings in the same file that are relevant to all sites.

Good luck implementing a general-case solution for that problem in Linux, because the text-file configuration paradigm just doesn't work that way! You'd have to convince the entire Linux community to switch to some other paradigm first, and that's just not going to happen.

IE8 was the one designed for CSS 2.1; the newer versions are meant to be chasing full CSS3 compliance, so it's perfectly reasonable to complain when they don't.

I've tried to google up support for various features in this table in IE10. Apparently CSS3 flexbox, columns, animations, transforms (incl. 3D), transitions, shadows and gradients are all there now, as is text-shadow. On JS side of things you get IndexedDB, workers, sockets, and file API. On HTML side, progress (but not meter), and a good chunk of HTML5 forms. Here is the full list in case I missed anything.

Generally speaking, I'd expect this trend to continue, if only because a lot of that stuff is needed to write full-fledged web apps, and HTML5/JS is now advertised as a prime platform for Win8 app development. So all that stuff like file API or IndexedDB had to be done if only to enable that (and their general guideline is to use standardized APIs where they are available - to the point that they actually block you from accessing WinRT APIs that duplicate that functionality).

Also, with respect to codecs, that table is not entirely correct - IE doesn't support WebM out of the box, but it will use WebM codec if one is available (it's explicitly whitelisted, along with H.264) - so this works once installed. I suspect that this arrangement is a play-it-safe attempt to dodge any potential legal issues by not distributing the codec. That said, I haven't tried it with IE10.

ummary Exploit:AndroidOS/GingerBreak is a trojan that affects mobile devices running the Android operating system. It drops and executes another trojan detected as Exploit:AndroidOS/CVE-2011-1823, which, if run successfully, gains administrator privileges on the device. http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit%3AAndroidOS%2FGingerBreak

Websites are actually the least of the problems - a single IP usually covers them. In Windows, you have them laid out like http://www.microsoft.com/office, whereas in the unixes, you have virtual hosts laid out like http://qt.digia.com/ that easily share a single IP. This shortage hits offices - like when they use VoIP phones, those addresses cannot be put behind NAT, even though the laptops can be. That's where these IPs would get eaten faster than one can produce them as far as IPv4 goes, and that's where they're running into problems. Not an issue w/ IPv6, but would have remained a problem even if they had grown it simply to 48 bits or less. Websites just have to be dual stacked i.e. accessible from both IPv4 and IPv6 hosts. Virtual hosting would guarantee that every virtual host on a website gets accessed, and for IPv6, the admin has the choice of either using virtual hosts, thereby keeping the practice unchanged to avoid any learing curve issues, or else assigning different IPv6 IPs to each virtual host, making each of them a separate real host in its own right.

Your explanation that it's software and should be easy to replace just ignores the scope of what has to be changed, and in how many places. No matter what change they had made to that firmware, they'd have had to do it everywhere - make sure that every router supports it, every OS supports it, every server supports it.... No different from what's been and is being done w/ IPv6 right now. Right now, in IPv6, the main stumbling block is the core routers, which do have to be modified to do a maximum transfer of 128 bits as opposed to 32. And the edge routers need to handle the simplified routing protocols as well. Those are the new parts.

On the landfills, the router manufacturers would have to assess their policies on which of their routers are remotely or field upgradable, and which ones absolutely have to be replaced. While they may love to sell as many routers as they produced in the past, I can see them quickly getting into an allocation situation if they tried that. So the only routers that would make it to the landfills would be the ones that can NOT be upgraded, maybe b'cos they were made in the 90s. Otherwise, most routers that have adequate memory would just need to have their OSs updated and include IPv6 support in it.

There are actually ways to sideload apps on Win8, they're just not as straightforward and prominent as "Allow other app sources" checkbox on Android.

See, Win8 is somewhat different from iOS/Android in that to write apps for it, you have to run your developer tools on it - at least for the time being. Which in turn means that there has to be a way to deploy and run a freshly compiled app when you're developing one. And sure it is - the OS will let you do just that when you have a developer license activated on that machine.

The good part is that Win8 developer licenses are free (there is also license to publish to the Store which isn't free, but it's separate). Furthermore, you don't need any developer tools to obtain one - the command line tool that does it ships with the OS.

The bad part is that it's an online activation scheme, so it phones home when you ask for it. The worse part is that it expires after a while (seems to be a month for most people), at which point you have to renew it to re-enable the ability to run all those apps. It's still free, but it's certainly not very convenient.

This font makes me wonder if some of the Sixties and Seventies poster designers were dyslexic.

hey, last time i checked you can "sideload" in win8

Last time I checked, you could do it only in Enterprise.

https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=7&jid=89023&jlang=EN
https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=8&jid=86473&jlang=EN
https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=5&jid=77083&jlang=EN
https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=3&jid=85919&jlang=EN

Some of those positions are more specialized than others. For example, for working on compiler technology, there is a requirement for deep experience in compilers. The others are more flexible.

https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=7&jid=89023&jlang=EN
https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=8&jid=86473&jlang=EN
https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=5&jid=77083&jlang=EN
https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=3&jid=85919&jlang=EN

Some of those positions are more specialized than others. For example, for working on compiler technology, there is a requirement for deep experience in compilers. The others are more flexible.

https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=7&jid=89023&jlang=EN
https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=8&jid=86473&jlang=EN
https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=5&jid=77083&jlang=EN
https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=3&jid=85919&jlang=EN

Some of those positions are more specialized than others. For example, for working on compiler technology, there is a requirement for deep experience in compilers. The others are more flexible.

https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=7&jid=89023&jlang=EN
https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=8&jid=86473&jlang=EN
https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=5&jid=77083&jlang=EN
https://careers.microsoft.com/jobdetails.aspx?ss=&pg=0&so=&rw=3&jid=85919&jlang=EN

Some of those positions are more specialized than others. For example, for working on compiler technology, there is a requirement for deep experience in compilers. The others are more flexible.

http://windows.microsoft.com/en-US/windows/products/lifecycle

Seems extremely unlikely as it would cause lawyers and governments everywhere to get interested in their behavior.

How do you design Win32 applications to support vastly different PPI?
How do you design Win32 applications to support vastly different scalings?

Same as you always did for the last 20 years if you knew what you were doing. Either use a UI framework that transparently handles it for you (e.g. WPF), or use the Win32 API calls that provide you the relevant information and recompute UI layout and widget sizes based on that.

How do you design Win32 applications to support menus that change size and style based on device?

Same as you do it in Win8 - alter your UI based on OS-provided info.

So.. give it a shot.

By all means, and in the interim you can use the free office converter in 2003 to view the new formats, which you should have done about 5 years ago when Office 2007 was launched.

The best part is, you can use Microsoft's FREE office document converter to view the new formats seamlessly in Office 2003/XP.

It is pretty easy on the eyes, I just wish VS2012 was.

This might help.

Every version of MS Office from 2000 onward supports the new XML formats if the Compatibility Pack is installed

Customers send doc files and expect you to read them since almost everyone else uses Office. Sending a reply back to your clients or people at other companies saying, "Hey, install this addon and send it back in DOCX format" will only make *you* seem to be incompetent and a waster of time compared to your competition using MS Office.

You can convert the doc and xls files locally, but isn't the whole point of using Google Apps to avoid having to have a copy of Microsoft Office? If you need to purchase a copy of Office to read the old formats anyway, you might as well not go the Google Apps route at all.

We used it at work because so many of our customers could read what we created. By requiring the strange .XML.ZIP format from Microsoft that isn't widely supported, we, like most people, will have to switch to another product if we want other people to be able to open our documents.

Are you or your customers still running Office 97?

Every version of MS Office from 2000 onward supports the new XML formats if the Compatibility Pack is installed. And if you've been interacting with anyone who uses Office 2007 or above, you will probably already have been receiving documents in these formats, since that is what newer versions of Office default to when you save.

I know right? It's not like there is a free compatibility pack or anything

Microsoft has refused to implement essential features from C99 that exist in nearly every other C compiler. Don't try to claim that Visual Studio is advanced software.

Example: http://msdn.microsoft.com/en-us/library/zb1574zs(v=VS.100).aspx

Perhaps you didn't notice the link I posted to Alex Poole's site, where one of the first paragraphs says "In 2003 as part of my master’s degree I reviewed over 50 empirical studies in typography and found a definitive answer" [emphasis added]? It then goes on to describe that work in a lot more detail, complete with numerous citations. I've read some of Alex's work, and I've read quite a few of the other pieces of works he cites. You obviously haven't, but hey, if you prefer to trust in "another huge swath of scary subjective human experience" rather than empirical data collected across a broad set of scientific experiments, knock yourself out.

However, I suggest that you would be more convincing to others if, instead of attempting exactly the kind of unsourced pseudo-science you seem to be accusing me of and then throwing in a strawman or two at the end, you actually bothered to read the work I pointed to before. We don't have to guess at how these effects work or appeal to old wives' tales from the 1800s. We have detailed, properly conducted experiments using techniques like eye tracking and even updating text on a screen as fast as someone is actually reading it to determine what we really do see and how much our brain is filling in for us. Here's another page that describes some more experiments on related topics, which provide further examples of how the people researching this field reach the kinds of conclusions they do.

Word 2003 compare-and-merge
Word 2007/2010 compare-and-merge multiple docs

Word 2003 compare-and-merge
Word 2007/2010 compare-and-merge multiple docs

MSE is not free: it is free for home users. Business may use only up to ten free licenses before they are required to upgrade to Forefront. If you're a business and using more than ten copies of MSE, you're breaching the license agreement.

Source: the MSE download page

I read it:

------
http://windows.microsoft.com/en-US/windows/products/security-essentials

Microsoft Security Essentials is available for small businesses with up to 10 PCs. If your business has more than 10 PCs, you can protect them with Microsoft System Center 2012 Endpoint Protection.
------

And that latter product is very expensive.

Add to the items you list EMET - http://www.microsoft.com/en-us/download/details.aspx?id=29851. This is a free download from Microsoft that allows you to protect processes (such as IE and Java) from well known exploit techniques (such as heap spray, etc.). As an example, it protected against this latest IE zero day "execCommand Use After Free Vulnerability - CVE-2012-4969". We (large enterprise) had no worries at all about that vulnerability since we have EMET deployed and configured. Here's the MS02-063 bulletin - http://technet.microsoft.com/en-us/security/bulletin/ms12-063. If you expand the execCommand node and look at the mitigations you'll see you would have been protected. Often times Adobe Flash bulletins mention that EMET was a mitigation for the plethora of vulnerabilities that Adobe Flash code contains.

Add to the items you list EMET - http://www.microsoft.com/en-us/download/details.aspx?id=29851. This is a free download from Microsoft that allows you to protect processes (such as IE and Java) from well known exploit techniques (such as heap spray, etc.). As an example, it protected against this latest IE zero day "execCommand Use After Free Vulnerability - CVE-2012-4969". We (large enterprise) had no worries at all about that vulnerability since we have EMET deployed and configured. Here's the MS02-063 bulletin - http://technet.microsoft.com/en-us/security/bulletin/ms12-063. If you expand the execCommand node and look at the mitigations you'll see you would have been protected. Often times Adobe Flash bulletins mention that EMET was a mitigation for the plethora of vulnerabilities that Adobe Flash code contains.

Here's a link to Virus Bulletin for a comparison of free and paid packages. I'd also recommend a multi-tiered strategy of OpenDNS and and a hosts file to block bad sites, MalwareBytes to scan and check for malware (paid version provides real-time protection), and I also use Tracking Protection Lists. Takes all the joy out of it, doesn't it.

I'm a big fan of Microsoft Security Essentials. I know it's cool to dislike Microsoft products, but MSE does its job pretty well without being annoying.

I've used AVG in the past, but it has a history of deciding things like iTunes or Windows dlls are viruses and screwing things up, so I avoid it. I used Avira in the past as well, but I think it had ads suggesting I upgrade often.

In the end, I settled on MSE and have had a perfectly cromulent experience with it; no complaints.

True, but when there's other Distros out there offering a similar or better experience without ads, why stay? I don't want to see Linux Distro's go down the same path as most of the Microsoft PC vendors have gone down

I don't use Linux, I use Windows, but it irritates me that I can't buy a Windows Laptop today without first uninstalling half of the useless AdWare/TrialWare/CrapWare/ETC that vendors stick on it. It's gotten so bad on the windows side that Microsoft had to make a clean PC A Certified Brand! as a selling point just to try to get it under control.

this has also been happening to Technet & MSDN logins for a while now

trying to access https://msdn.microsoft.com/en-us/subscriptions/securedownloads/default.aspx (or the equivalent technet downloads page) you get redirected to a login page that starts with https://login.live.com/login.srf and that form only alows 16 chars

i went bonkers when it started to happen, a few months ago, but then i got used to it... this is the regular crap that's pulled by MS these days. :(

http://support.microsoft.com/kb/2744842

* And, there you go... done!

APK

P.S.=> MS fixed this issue, & 4 others along with it... bonus!

... apk

As much as it irks us...: http://www.microsoft.com/en-us/news/press/2012/jan12/01-19fy12Q2earnings.aspx

What will those people do when Microsoft ends support in less than 2 years.

http://windows.microsoft.com/

VS 2012 is not a Metro app. It's a desktop app that tries to look like Office 2013, and doesn't even do that quite right. None of the things that you're complaining about is Metro-related, anyway.

Some kind people *ahem* have snucked in a registry key to let you turn all caps in menu off. But please also vote here.

You can get VS 2012 colors back (or roll your own theme) with this extension.

Unfortunately, there's no workaround for icons.

Look at revenue and OI by segment here - while profit from Windows (i.e. client) is somewhat less than Server & Tools, note that Windows also includes Windows Live, which is a net drain. Also note how most profit is actually from Business division - that's where Office is.

Windows XP 64 _is_ Server 2003 x64, uses the same security patches, and is most definitely supported.
Example: http://www.microsoft.com/en-us/download/details.aspx?id=30605

They include that free with Windows 7:

http://windows.microsoft.com/en-us/windows7/products/features/windows-xp-mode

Microsoft did release this to get people off Windows 9x: http://en.wikipedia.org/wiki/Windows_Fundamentals_for_Legacy_PCs They could do it with Windows 7, perhaps an OS a step above the current 7 Starter that supports Active Directory logins.

And oops, they did it again: Windows Thin PC, a similarly cut-down Windows 7 SKU. The catch? Only available as an upgrade to an existing Windows license, and only to customers with an active Software Assurance subscription.

Correct link: http://msdn.microsoft.com/en-us/library/windows/desktop/ms738518(v=vs.85).aspx