Slashdot Mirror

Since there seems to be so much crappily-written Windows software like this, it seems like MS should have put a compatibility mode into Vista/7 wherein it fakes out the application, making it think it's being installed on an XP machine with admin rights, but in reality it's in its own little sandbox.

What, like XP Mode?

Here's what's keeping me from upgrading my XP machines to Windows 7: Upgrading from Windows XP to Windows 7

That's the top (unsponsored) Google link for the query "how to upgrade windows xp to windows 7."

Note the bullet items under "what you need:"

• An external hard disk
• The original installation discs or setup files for the programs that you want to use

Sorry, they want me to pay for the privilege and blow a whole weekend to update my four XP machines at home? What do I get out of this? My XP machines do what they need to do just fine.

Mojo

How cheap are we talking? I just built my parents a computer for about $160 .... Works just fine running Windows 7 Ultimate.

Oops, it looks like you forgot to add $319.99 for Windows 7 Ultimate, bringing it to $479.99.

1. Driver bugs. The worst of the bunch for me, so far, is this wonderful nVidia driver bug that rears its ugly head only when using Firefox or Internet Explorer (even with "hardware acceleration" turned off). The only workaround known at this time is to use any driver package earlier than 270.55. The latest beta driver (290.53) does not fix it. And to those considering responding to this point with "technical tips" -- read the thread, don't skim it, actually read it. Note that it's 35 pages.

2. Activation bullshit. Specifically: lack of a Volume Licensed Edition. Let me clarify what I'm talking about: Windows Vista and beyond did away with the concept of a VLK (Volume License Key), which is nothing more than a serial number that's associated with Windows XP Professional Volume Licensed Edition. (Meaning, you can't use a Retail key on a VLE install, an OEM key on a Retail install, etc. -- following so far?) VLE/VLKs mean no activation (no WPA), and they Just Work(tm). No activation. Instead, with Vista and Windows 7, each PC is required to have its own serial number, or you're forced to use a MAK or KMS. MAKs authenticate directly with Microsoft (so they have control over your license); a KMS is some piece of software running probably on a Windows 2008 Server box on your LAN which you have to purchase from Microsoft (and I have no idea what the licensing/stipulations are for getting one -- I'm sure you pay for licenses "in bulk" and the KMS probably talks to Microsoft somewhere along the lines too).

Why do I care about this? Simple: it's purely an anti-piracy effort that does nothing other than fuck tech-savvy users like myself (UNIX system administrator here, hi!) who often purchase hardware upgrades. I own legitimate copies of Windows XP Professional Retail (one for each system in my home), but I choose to use VLE simply to make my life easier and not have to deal with activation. The last time I used Retail, I happened to upgrade my RAM in my system from 2GB to 4GB, and was forced to call a telephone number + speak to someone in India and "justify" what I had done. Three months later I upgraded my video card; again, a phone call was needed. I am NOT going to do this every time I change something in my system; what if I don't like the hardware I just upgraded to, thus remove it? Oh, now I get to call Microsoft twice in one day! No thanks. Remember: Microsoft said this kind of behaviour would only happen if you changed more than 2 pieces of hardware at the same time, but that's obviously a lie. The proof is in the pudding.

Bottom line is: I paid for your OS, I therefore paid for a serial, and I should be able to run it on whatever hardware I wish. Otherwise, if you want to impose "one copy per PC" limitations to try and curb piracy, then please, PLEASE do it like how the folks at Alcohol Software do with their Alcohol 120% product (customers have a web page they can log in to and change which PC the license is associated with). If I had control over the situation (vs. making stupid phone calls and "justifying" what I'm doing with my own hardware/systems) then I'd be content with that.

3. Removal of "Windows Classic" themes such as Rainy Day. Sure, there's "Windows Basic" which does its best to "emulate" the look of 2K/XP, but they stripped out all of the themes which made it worthwhile. And yes, I have tried two Internet users' "Rainy Day" themes, both of which were horrendous.

4. Stupid UI design choices. For example, even in the most "basic" or "slim" of themes (Aero turned off, etc.), there is still an excessive amount of space wasted around application windows/borders. You can set the border size to 0 in Appearance, but you'll find 3-4 pixels of space still being used by who-the-fuck-knows-what. This combined with #3 effectively has removed a users' abi

Windows XP Mode.

You're welcome.

lack of a clear upgrade path

What lack? You can upgrade directly from XP to 7. You just have to do a clean install, which honestly for best results you really should do anyway when upgrading an OS.

BizSpark
DreamSpark
WebsiteSpark
SQL 180-day trial
SQL Express
Azure free trial

BizSpark
DreamSpark
WebsiteSpark
SQL 180-day trial
SQL Express
Azure free trial

BizSpark
DreamSpark
WebsiteSpark
SQL 180-day trial
SQL Express
Azure free trial

BizSpark
DreamSpark
WebsiteSpark
SQL 180-day trial
SQL Express
Azure free trial

Probably using metrics which measure how long test subjects spend looking at certain elements. Being hard to read slows down the user and makes the element seem more important to analysts.

I doubt it, aesthetic bullshit seems the most likely explanation. I, at least, tend to skim over things that are hard to read instead of lingering on them for longer.

Microsoft has done something similar to MSDN: Example. Grey on White side bar, the current selected page is designated by using black font instead of highlighting the background of the column's row.
It "looks nice" but is unnecessarily difficult to use (+eye strain).

I badly hate you for forcing me to post this link supporting Microsoft. If you are a troll or a Microsoft shill, I bow down to your powers; we are not worthy of you (your posting history shows remarkable re. Anyway; here goes;

Windows Mobile is still supported; Microsoft's lifecycle page gives its end of mainstream support as August 2013 which means that if a serious security bug becomes widespread they will still "have to" fix it. According to Microsoft's support policy you even have a minimum of a further year where their self help stays up which will help migrate off the no longer supported product.

The simple thing is, that if your business has somehow committed to Windows Mobile, you now know that during 2012 you gently suggest everyone move over to something else and you make an allocation in your 2013 budget to migrate those people that are still using it. This compares with Android lifecycle which seems to be more a matter of speculation than an existing plan in Google's mind. This would would be okay if Android were continually upgraded like Gmail but it isn't. I have no idea how to check when security fixes will stop for my Android phone.

How can I make up for this post? Could I point out that RedHat provides production support for two years longer than Microsoft provide mainline support? Maybe I could point out that if it was Free software, you could buy outside support forever and ever because you have the source code? I should definitely point out that if you collaborate with known felons like Microsoft you shouldn't be surprised and definitely shouldn't complain when they stab you in the back as they have done to most of their important partners in history. I really don't think any of it helps. I still feel dirty inside.

If Microsoft is releasing their Superphone in 4Q12, will they announce its end-of-life the quarter before or the quarter after? Remember the Kin's April announcement and June retirement?

April and June are in the same quarter.

If Microsoft is releasing their Superphone in 4Q12, will they announce its end-of-life the quarter before or the quarter after? Remember the Kin's April announcement and June retirement?

I've never seen an x86-64 used in an embedded system; they're too power-hungry and expensive for anything other than things like >$100k test instruments.

Well, Windows Embedded runs on x86, MIPS, and ARM in the Compact edition, and the Standard edition runs only on x86 and x64. Are you suggesting there are no customers for these products?

I strongly suspect all of the new color Bank of America ATM machines are running on x86 processors.

You know, rather than making Windows users jump through stupid convoluted hoops just to get your program to run, why not take a few minutes to implement the same solution you do on *nix and just ask the OS for your entropy at runtime? Why do open source developers insist on half-assing it on Windows so much?

UAC is not useless at all. Without UAC, there are many types of installer that simply would not work on Windows 7 due to missing permissions; UAC allows those programs, instead of silently failing, to request permissions to do so.

And turning off UAC basically says "yes, please abandon the principle of least privilege!"

I have seen a number of computers running 7 that Ive seen get viruses, but the user did not have the admin password for the UAC prompt that appeared. This meant that the virus couldnt do jack, and was removed in about 3 minutes with a autorun cleanup tool like Autoruns. UAC is like the old runas, but far far more capable, compatible, and useful.

MS patched it yesterday -> http://technet.microsoft.com/en-us/security/bulletin/ms11-100.mspx

* Other vendors with the SAME issue released some fixes, you can read about them here:

http://www.nruns.com/_downloads/advisory28122011.pdf

---

PERTINENT QUOTES/EXCERPTS:

Fixes:

The Ruby Security Team was very helpful in addressing this issue and both CRuby and JRuby provide updates for this issue with a randomized hash function (CRuby 1.8.7-p357, JRuby 1.6.5.1, CVE-2011-4815).

Oracle has decided there is nothing that needs to be fixed within Java itself, but will release an updated version of Glassfish in a future CPU (Oracle Security ticket S0104869).

Tomcat has released updates (7.0.23, 6.0.35) for this issue which limit the number of request parameters using a configuration parameter. The default value of 10.000 should provide sufficient protection.

Workarounds:

For languages were no fixes have been issued (yet?), there are a number of workarounds.

= Limiting CPU time =

The easiest way to reduce the impact of such an attack is to reduce the CPU time that a request is allowed to take. For PHP, this can be configured using the max_input_time parameter. On IIS (for ASP.NET), this can be configured using the âoeshutdown time limit for processesâ
parameter.

= Limiting maximal POST size =

If you can live with the fact that users can not put megabytes of data into your forms, limiting the form size to a small value (in the 10s of kilobytes rather than the usual megabytes) can drastically reduce the impact of the attack as well.

= Limiting maximal number of parameters =

The updated Tomcat versions offer an option to reduce the amount of parameters accepted independent from the maximal POST size. Configuring this is also possible using the Suhosin version of PHP using the suhosin.{post|request}.max_vars parameters.

---

* Think that about "covers it"...

APK

P.S.=> Downmod my initial post http://developers.slashdot.org/comments.pl?sid=2596014&cid=38527098 all you like but it doesn't look good downmodding something that's pure fact (which my 1st post was, & nothing but fact (yet it was down moderated? Please, lol!))...

... apk

http://technet.microsoft.com/en-us/security/bulletin/ms11-100.mspx

What the GP is talking about is Windows 7 Starter's 2GB RAM limit. You can stuff more RAM into a machine running Starter (which is most netbooks) but it will only actually use 2GB. To be able to use more than 2GB with your netbook you need to upgrade to Windows 7 Home Premium which is about $80, in addition to the cost to upgrade the RAM. This means the average $200 netbook ends up costing $400 to have a decent amount of RAM available.

I've seen very few netbooks that ship with Home Basic or Home Premium out of the box, most I've ever seen have Starter. Not only is the RAM limit a problem but it also gimps a lot of basic OS features like the ability to use multiple monitors, DVD playback, and fast user switching. Microsoft has put a lot of work into making sure the average netbook is just a crippled web terminal.

Microsoft somehow has the power to make everyone cripple their implementation of Atom to 2GB or less RAM supported

Can you cite an article showing how Microsoft is responsible? Google 2 gb atom limit microsoft failed me.

The following table specifies the limits on physical memory for Windows 7.
...
Windows 7 Starter 2 GB N/A

http://msdn.microsoft.com/en-us/library/windows/desktop/aa366778(v=vs.85).aspx

So because I only linked one source, it must be the ONLY one?

How about this one from 2008? https://msevents.microsoft.com/CUI/EventDetail.aspx?culture=en-US&EventID=1032393979&CountryCode=US

Or this one from last year? http://blogs.technet.com/b/msrc/archive/2010/09/30/q-amp-a-from-the-september-2010-out-of-band-security-release-webcast.aspx

Or this one from waaay back in 2006? http://blogs.technet.com/b/msrc/archive/2006/09/26/459194.aspx

And someone other than Microsoft: http://isc.sans.edu/diary.html?storyid=8062

And someone else: http://my.opera.com/wikipedian/blog/2011/09/28/for-reasons-unknown-microsoft-has-released

And someone else: http://www.dataprotectioncenter.com/antivirus/sunbelt/microsoft-will-do-out-of-band-patch-for-lnk-vulnerability/

Need I go on?

"Mitigating Factors:

By default, IIS is not enabled on any supported Windows operating system.

Sites that disallow application/x-www-form-urlencoded or multipart/form-data HTTP content types are not vulnerable" FROM -> http://technet.microsoft.com/en-us/security/advisory/2659883

---

* It's NOT just Microsoft products affected either as you noted - AND, MS is out there "beating this to the punch" BEFORE it can go outta control, by putting out an "out-of-band" patch fix!

APK

P.S.=> And, there you are...

... apk

No. WinPhone 7 has no extra abilities to be managed by an Exchange Server. You'd think it would have been a slam dunk to design the phone and release free software for Corporate world to be able to administrate them the way they do Blackberries. Sadly, no. Here's a microsoft page here describing all of the Exchange Activesync functions not supported on WP7 RTM: http://social.technet.microsoft.com/wiki/contents/articles/exchange-activesync-considerations-when-using-windows-phone-7-clients.aspx Windows Mobile 6.1 and 6.5 had WAY more support.

For programmers best suggestion would be XNA and C# as it is really powerful while still being to program with, and you get support to all Windows, Xbox360 and Windows Phone 7. However, you noted that even XNA is probably a bit much.

However, MS Research also has come up with Kodu which is basically XNA and C# in even more suited package for kids. It's really easy to use and you can actually modify your game a lot. It's fully interface based, so there is no need for coding, but it is still fairly powerful and the best of all, you see

The entire basis for this slashdot article is a Y-Combinator blog post from a poster with 3 Karma with 4 comments from 7 hours ago lamenting that there's no full package for developing for phones produced by the OS vendors. The "Boot to BASIC" thing is a retrocon issue more appropriately stated "and we wore onions on our belts" (a sin of which I am also guilty). While I applaud the /. rapid response on this critical issue the underlying assumption that these things don't exist is simply untrue. You'll find the Android SDK here. If you prefer an easier install - especially if developing for nVidia Tegra (but not exclusively) you will find that here. The equivalent iOS version is here. If you must have it, the Windows Phone SDK can be found here.

And yes, all of these things are for developing the app on a PC and deploying and testing on a phone or tablet. Much like the designers of landing gear for the 787 don't machine their prototypes out on the tarmac at Boeing field like their progenitors did, mobile app designers now prefer sitting in a comfortable workstation with a comfortable chair with decent compile times, multiple monitors, a reasonable keyboard and mouse, printing and debugging support rather than developing software on the device itself.

Booting to BASIC (or as was the case on the IBM 5100, APL) was very useful at that time because there were no apps - in some cases no media reader to store or load apps if you could get them on media. We got our apps by buying magazines or such, and manually typing the code in and debugging the typos. That day is long gone, and that's a good thing. Even Windows Phone has thousands of apps and a publicly available SDK - though for me the cyanogen and Android route would be more fun.

Now how did this manage to hit the front page of /.? I smell a rat.

But you have to pay for it.

No... no you don't.
http://www.microsoft.com/visualstudio/en-us/products/2010-editions/visual-basic-express
AFAIK most of the Visual Studio tools have had free versions for over 5 years. Obviously the professional versions have more features, ect, but they are editor features. The compiler/linker shouldn't be limited at all.

It's available here. Of course, it's only for Windows Phone, and it's a compiled language instead of an interpreted one. I'm pretty sure that Mono is trying the same thing.

Funnily, Microsoft is the only one providing stuff like TouchDevelop for their phones. It even says on their page "bringing the excitement of the first programmable personal computers to the phone", so it's particularly well suited for what this whole story is about. It's better than Python too, as it's specifically targeted at touch phones (and Python is horrible with its indents for code blocks like if and for - seriously?). Yet Slashdot crowd likes to discredit MS everywhere they can and hope that Windows Phone 7 never catches on, while MS is the only one providing what the same crowd wants on phones.

Actually, C# is as proprietary as C - it isn't. Check http://msdn.microsoft.com/en-us/netframework/aa569283 for the ISO standard details regarding C#.

If cared to read it, you would have realized that Microsoft only cared to standardize until version 2.0. Since then, no more updates have been provided. C# is proprietary.

The Win8 VS preview is actually one of the "Express" versions (like the existing C# and VB Express versions). In other words, it will be a free download for anybody who wants to build Win8 apps for the Win8 store. You can get the full version of VS 11 here: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=27543.

Actually, C# is as proprietary as C - it isn't. Check http://msdn.microsoft.com/en-us/netframework/aa569283 for the ISO standard details regarding C#.
Microsoft .NET implementation is proprietary, but there is an early open source release of the .NET CLI implementation codenamed "Rotor", for XP, FreeBSD and MacOS X. Additionally, the Mono project is an opensource clean-room implementation, but it may not be feature-complete.

Microsoft Research has an interesting project called Singularity - an operating system running (mostly) in managed code. Some initialization routines are done in Assembly/C/C++, but the kernel itself and respective drivers are written entirely in managed code. Check http://en.wikipedia.org/wiki/Singularity_(operating_system).

"This behavior may be inconsistent with other vendor's versions of Nslookup" - FROM http://support.microsoft.com/kb/200525 and MORE nslookup issues exist here too -> http://www.c3.hu/docs/oreilly/tcpip/dnsbind/ch11_07.htm

In other words?

NSLOOKUP PROGRAMS can vary on how they work between vendors of said programs' versions (think *NIX &/or Windows), AND, there are DIFF. KINDS OF SERVERS & INFORMATION offered by said lookup servers too!

* That last part (diff. servers offering diff. info. for NSLOOKUP)? Yes, much I am SURE of because of my having also written an NSLOOKUP GUI program (& there's many kinds of lookup information & servers for nslookups)... as well as a GUI ping, & tracert program too!

SO, my suggestion of using REVERSE DNS LOOKUPS to do what the OP wanted, though I do NOT recommend it (dump dns worldwide records for IP-to-HOSTS/DOMAIN names translated accurately into a hosts file)?

THIS IS DOABLE -> http://tech.slashdot.org/comments.pl?sid=2584140&cid=38476492 & will/should work... & more accurately than the screwups I've SEEN in nslookup before (due to DNS used, & more).

APK

P.S.=> This about "finishes you off", despite your screwup in NOT NOTING I used "reverse dns lookup" as a suggestion for the OP to try... apk

embedded operating system wouldn't have helped.. when network was never meant to be attached to public internet in the first place.

A custom embedded OS, one they could maintain themselves, would have helped tremendously in preserving the longevity of the investment. If the controllers back then had 8MB of RAM, they simply would not have added crap to their OS patches making them require machines larger than 8MB. They had full control of the hardware (they were building it, after all.) An embedded OS could have been maintained for many decades while remaining within the 8MB constraint of their oldest systems. Windows, on the other hand, set the standard for needing ever increasing amounts of RAM on a very short cycle, which no hardware available in 1995 could currently contain.

Building a factory is a giant company-risking investment. It's an all-in bet with the expectation of many years of future sales paying off the mortgage. As such, many of the systems they're built with don't change over a long period of time. I know of a machine shop that is still running equipment originally built to make parts for the second world war. Over the last 15 years the owner has slowly been converting the cam driven equipment to CNC control, but that's a very expensive investment for a small business. When you're creating a system that you know could last 60 years, making a choice of OS that has had no example of support lasting more than a decade is irresponsible. Companies like Siemens are why Microsoft has offered extended XP support all the way until 2014, but that's little consolation to anyone who expects their Siemens equipment to last until 2050.

"Secure Boot" is nothing new. They had that over ten years ago in their xbox game consoles. Its a simple chain of trust where the OS is loaded in a modular approach starting with the BIOS/UEFI handing off control to the next link only after cryptographically verifying their signatures. It has nothing to do with "locking" you out. Its a method to be reasonably sure that the OS is not compromised w/o hardware access (disabling secure boot is a bios option IIRC). If they wanted to lock you out from admin, they would simply not ship the OS with any way to allow you to create an admin account. Secure boot is irrelevant here.

Without resorting to paranoid delusions and conspiracies I don't see how Microsoft benefits if you don't have admin access. As it stands on windows you require admin access for dozens of important things like installing drivers, applications, system maintenance, debugging applications and many such tasks. Besides Windows would never change the existing user & process privilege model if they want to continue to be backwards compatible with previous versions. Hell they include a copy of the heap mnager from w95 just so broken programs continue to work. http://technet.microsoft.com/en-us/magazine/ff625273.aspx

Why wait for Firefox to be good again when you can join the IE6 master race.

No where on that page does it say you can take a phone call, and switch to one of the other apps will still on the call.

From page 34 of the user guide for instance: "You can get to the Mobile Office screen from any screen by touching [icon]" There is no restriction prohibiting this function from the In-Call screen.

User guide (PDF) http://research.microsoft.com/en-us/um/people/bibuxton/buxtoncollection/a/pdf/Simon%20User%20Manuals.pdf

Interestingly the user guide page 20 states: "The ln-Call screen will appear as the Phone feature places the call. For example, this can be useful if someone sends you a phone number in an electronic mail message. Just mark it and dial." Which is also clearly prior art in relation to the Apple lawsuit against HTC.

People who truly have an accurate vision of the future don't make silly public predictions or videos about where they think technology will be in 5 years. They work in secret in labs at places like Google or Apple making said future actually happen so that in 5 years they can sell it to you.

What exactly is "Funny" in that post?

People who truly have an accurate vision of the future don't make silly public predictions or videos about where they think technology will be in 5 years. They work in secret in labs at places like Google or Apple making said future actually happen so that in 5 years they can sell it to you.

Well we used to do signaturing (digital signatures) emails in Outlook, however it's a problem for people using smart phones. Or, at least Android phones. People could not forward the mails as the phones lacked these features. So we had to end signing.

It's about time the Exchange client gets upgraded on Android. It really sucks for more advanced features. You can't even search your appointments.

If MS pushed hard on IE 9

They are. It is in Windows Update

Not if you still use a PC that came with Windows XP. "Pushing hard on IE 9" can't happen until XP's end of life in 2014, so Microsoft is pushing hard on IE 8. Yes, I understand that by 2014, web developers will be clamoring for Microsoft to push hard on IE 10. But IE 10 will require Windows 7, so that can't happen until Windows Vista is EOL'd in 2017. (Source: Windows lifecycle fact sheet)

Your joke ignores the fact that some already have a Mac

What percentage already have a Mac from the Intel era? I'm willing to reduce the expected cost of Xcode by the percentage of people who already have such a Mac. But I would be surprised if you could show that more developers who don't already develop applications for Mac OS X or iOS have a Mac than don't have a Mac. Please show me what surprises me.

It also ignores the fact that a Mac can make a good Windows system so the effective cost may often be

...little different than buying a Mac and a budget PC separately. A PC including OEM Windows can cost as little as $300, but the retail copy of Windows Home Premium needed for use with a Mac costs $200 by itself. And using OEM Windows on a Mac is just as EULA-violating (and just as illegal in jurisdictions where EULAs are enforceable) as a hackintosh.

For that reason it is much better to use a server sent header than the meta tag.

And then we can finally stop the H264 vs WebM battle, because IE9 will only support H264.

Internet Explorer 9 supports both H.264 and WebM. No other video codecs are supported by IE9. WebM support is added by installing the media foundation components:

http://tools.google.com/dlpage/webmmf/

You can test WebM support in IE9 with Microsoft's IE9 test drive video support demo:

http://ie.microsoft.com/testdrive/graphics/videoformatsupport/default.html

I did a quick bit of googling and it seems IE9 handles it as defined by the W3C standard, it's the other browsers that are broken. http://msdn.microsoft.com/en-us/library/dd573303(v=vs.85).aspx

Granted I'm not a web dev so I could be way off on this.

Oh god that was so hard. Upgrade already. XP is old-n-busted. Windows isn't my favorite, but 7 gets a lot of things right.

Link for the opt-out tool: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=179

In fairness, VC++ does have some baked-in COM magic - that's probably what DrYak was referring to.

Yup indeed.
- Under VC++ you just #import a COM, and then have an object behaving automagically just like a regular C++ object.
- Under GCC you have to rely on stuff like disphelper to call COM objects easily with run-time bindings.

Also, you don't understand what COM is.

In fairness, VC++ does have some baked-in COM magic - that's probably what DrYak was referring to.

It's insane that a compiler, any compiler, needs 3+GB to "just" link [wikipedia.org] a whatever big number of object files into an executable.

Linkers haven't been "just linking" for a long time now. Please read about link-time code generation and profile-guided optimization - both are involved in this case.