Slashdot Mirror

Out of curiosity, how similar is Vista's ReadyBoost feature to just mounting a USB drive as swap in Linux? Can you hot-unplug the drive in Linux if it's being used for swap? According to a FAQ on ReadyBoost I found, Vista will back up the pagefile to disk so it's not a catastrophe if you yank out the USB stick.

And is there any setting in Linux to tweak to let the system know you've got a fast swap partition, other than simply monkeying with /proc/sys/vm/swappiness ?

Here is a movie that goes into it;

http://channel9.msdn.com/Showpost.aspx?postid=2386 08

This is not a browser bug. The browser is just being used as an attack vector. The exploit bug is in Outlook Express:

http://blogs.msdn.com/ie/archive/2006/10/19/an-ie7 -security-vulnerability.aspx
http://blogs.technet.com/msrc/archive/2006/10/19/i nformation-on-reports-of-ie-7-vulnerability.aspx

Actually, the Information Bar has been replaced by the old IE6-style prompt, according to a more recent IEBlog article:

"Because mixed content is important for some web applications, and straightforward fixes are not always available, we made a hard decision to revert to the warning prompt for mixed content in RC1. That means your banking site, your blog software or other secure site might show a modal prompt for mixed content as they did in IE6."

Actually, the change isn't as major as I thought. According to an IEBlog article:

"In addition, users will no longer see the so-called Mixed-Content prompt, which read: This page contains both secure and nonsecure items. Do you want to see the nonsecure items? IE7 renders only the secure content and offers the user the opportunity to unblock the nonsecure content using the Information Bar. This is an important change because very few users (or web developers) fully understand the security risks of rendering HTTP-delivered content within a HTTPS page."

So basically, if pages previously displayed the Mixed-Content prompt, now they'll act slightly differently. But there's very few serious corporations or online services that display that error message, so I believe the impact on F5's revenues will be minimal. Oh well, I thought I was on to something :).

The only reason I want to upgrade is security patches - god knows till when IE6.0 will be supported.

Fortunately, he's not the only one. IE6 comes standard with Win2k SP, WinXP SP2, and Win2k3 server, so it'll be supported (on those platforms) as long as they are. That means if you're using Windows 2000 SP4, IE6 will be supported until 2010. For WinXP SP2, you'll have to look up the date.

I would like to point out that Adobe didnot actually say anything to M$ at all about PDF in office. (M$ already has plenty of PDF support in the Mac version and why would Adobe have a problem with promotion of its own format?) but rather M$ just came up with a convenient excuse to trash PDF and claimed the possibility of a lawsuit as the reason for pulling PDF off.

This CNet article indicates otherwise:

Adobe wants the software giant to remove the PDF "save as" feature from its beta version of Office 2007 or to charge a fee for it, whereas Microsoft wants to offer that feature for free, said Dave Heiner, the deputy general counsel who oversees Microsoft's antitrust cases.

Adobe's response mentions fears of Microsoft "embracing and extending" PDF:

Microsoft has demonstrated a practice of using its monopoly power to undermine cross platform technologies and constrain innovation that threatens its monopolies. Microsoft's approach has been to "embrace and extend" standards that do not come from Microsoft. Adobe's concern is that Microsoft will fragment and possibly degrade existing and established standards, including PDF, while using its monopoly power to introduce Microsoft-controlled alternatives - such as XPS. The long-term impact of this kind of behavior is that consumers are ultimately left with fewer choices.

Microsoft employee Brian Jones has a blog response which claims that Microsoft works to honor PDF standards, including supporting ISO 19005-1 compliant PDF/A:

Remember we are only a producer of this stuff (not a consumer), and doing anything non-compliant would just mean that our output would be flawed and not look right. That would of course undermine all the work we've done to build this support in the first place... we want people to use it.

What's the truth behind it all? I personally agree with Brian Jones. Writing a half-baked implementation of PDF wouldn't do Microsoft any good; they'd get tons of negative publicity and no one would ever use the feature, even if it improved in the future.

What's interesting is that XPS will be more open for use than PDF once it's approved as an international standard, because MS also has a "Covenant not to sue", something that Adobe doesn't have for PDF. Adobe reserves the right to sue users of PDF, and threatened to do just that against MS's use of PDF in Office 2007.

XPS is better than PDF (has all of PDF's functionality and adds support for some graphical effects that PDF lacks), and is easier to deal with since it's XML. It also produces smaller files. (Note that these advantages aren't because MS is "smarter" than Adobe, it's just that XPS is newer, so it does more things with newer techniques). So, if XPS becomes a standard, and has technical advantages, and has a real "covenant not to sue", why would anyone use PDF besides the inertia of the format itself?

MS was going to strip Office 2007 of XPS support, requiring a separate free downloadable plugin for such support, and they were going to do the same for PDF (both were in response to Adobe's threats). MS was also going to strip Vista of full XPS support, leaving in only that required by the core printer spool, and allowing the OEMs to bundle the full XPS support on their own accord (again, this was in response to Adobe's threats).
See:
http://blogs.msdn.com/andy_simonds/archive/2006/06 /02/XPSAdobe.aspx

But now that XPS will be a recognized standard, MS should feel free to include XPS in both Officw 2007 and Vista, and Adobe can't really do anything about it.

In case anybody missed it:

Re:Standards (Score:2) by DigitlDud (443365) on Monday October 16, @07:43PM (#16461267) I was referring to what this video says about XPS: http://channel9.msdn.com/ShowPost.aspx?PostID=9805 7

MS shows off their prototype XPS printers and mentions that major printer manufacturers are signed on.

In short, it was indeed nothing but Microsoft propaganda being parroted, and I'll believe it when Cairo ships...

I was referring to what this video says about XPS: http://channel9.msdn.com/ShowPost.aspx?PostID=9805 7

MS shows off their prototype XPS printers and mentions that major printer manufacturers are signed on.

Why does Windows setup lay down a new boot sector? http://blogs.msdn.com/oldnewthing/archive/2005/12/ 20/505887.aspx

• Shitty long tables and cubicles at Google
• Or the neat offices at M$.

Shitty long tables and cubicles at Google
Or neat offices at M$.

What really happened during the speech demo.

What really happened during the speech demo.

are they going to continue to put out security updates to IE6

Short answer: yes. Long answer: depends on what version of Windows you're using.

Basically, as long as your version of Windows is supported, the version of IE that came with it will also be supported. Keep in mind that Microsoft considers service packs to be different "versions" for purposes of their lifecycle policy, and older SPs drop out of support before the newer ones do.

So IE6 will get security patches as long as Windows 2000 SP4 and Windows XP SP2 are still supported. Of course, the patches might not work on older versions like Win2k SP3 or WinXP SP1.

On the IE blog they mention having a webchat on the 12th for "one last chat session before we ship IE." This makes me think that it won't be coming out tomorrow.

http://blogs.msdn.com/ie/archive/2006/10/09/Last-E xpert-Zone-Chat-Before-We-Ship-IE.aspx

MS won't be pushing it out to automatc updates until a few weeks after it's been released for download. I'm guessing November's round of patches.

Even then, it looks like even the "automatic" installation will still be interactive. So instead of just installing it, it'll bring up a screen saying "You can get an updated Internet Explorer! Do you want it?"

I would guess not. IIRC, only "critical" updates are available to systems that haven't passed WGA, and this is a "high priority" update. It looks like even the automatic update next month is only going to be semi-automatic (it'll offer the download, but require user confirmation).

On top of that, even after it does become available through automatic updates -- which will most likely be in the November patch cycle, given that it's "a few weeks after" the October release, you can block the update (at least for now).

This is for the masses who seem to do nothing more than follow blindly what they read on /.
http://blogs.msdn.com/ie/archive/2006/06/12/628499 .aspx

I really need to find a way to make money off of you guys.

MSDN blogs is a publicly accessible blogging system.

You can join here

Microsoft should really have a disclaimer in there so people can't be misled into thinking this is actually an official representitive of Microsoft.

It's pretty obvious this guy isn't a microsoft employee and that half of what he's saying is probably bs.

I think the real reason why Vista has taken so long is WinFx is not just a wrapper around old windows code, it's a complete re-write a totally new windows api independent of the old win32....
That's pretty full on... it's basically a re-write on XP + extra features. Think about it XP was the culmination of 15 years of development.

Vista is so big and bloated that Microsoft's own developers don't understand it completely and consider it overly complex. It's so bad that they've already publicly discussed starting over for the next one (codenamed "Vienna") and just running pre-Vienna apps in a virtualized sandbox.

And it shouldn't be limited to PowerPoint. There needs to be a standardized API so that Windows can query each running program to ask it whether it's busy doing something that shouldn't be interrupted. So whether you're giving a PowerPoint presentation or taking a timed test online or playing a time-sensitive game, Windows should know enough to not interrupt you.

This would fall into the we know it's insecure, but we want to do it anyway class of "solutions".

There are a lot of different solutions, most of them wrong. It's a significant challenge.

No, it's a "you can't win and trying will make the problem worse" challenge.

I think you've missed the point.

MS didnt lock anyone out of the interfaces, they simply closed an UNSUPPORTED interface. There is a well-published, fully functional API for companies like these to do what they need to do.

The core issue here is kernel hooking, and modifying kernel tables in memory. This is something that is very explicitly not supported in every windows internals spec and api. Nortons and others were using unsupported APIs that MS has been warning about not using for years.

Now MS did the right thing and finally closed up those holes. You can no longer modify kernel tables in memory by directly manipulating the data in memory. You can no longer insert your own arbitrary code into function calls by manipulating the in-memory tables.

This is 'A Good Thing', and something MS warned about not doing for quite a long time.

This is purely companies like Symantec getting burned for BAD CODING PRACTICES. They did things they were explicitly told not to do, because what they were doing was unsupported, and could change at any time.

Now it changed. And they're whining.

Yet other (more competent) AV companies have no problems with this, because they're using the officially supported APIs.

See this link for some further information:
http://blogs.msdn.com/windowsvistasecurity/archive /2006/08/11/695993.aspx

And if you want more, just google on "kernel patch protection".

The bottom line is that this is something MS should have done 5 years ago, and its the right thing to do. Symantec just needs to hire some quality developers who know how to read an API spec.

There's somewhat more to writing a large-scale AJAX application than "understanding a javascript function call". You have to contend with multiple implementations that work different ways. You have to work around the fact that javascript has little or no support for techniques that are typically used in writing large applications. Modularising a javascript application is hell. The method of defining a class is bizarre. Inheritance is horrible, particularly if the class you're inheriting from is in a different file, because there are no guarantees about the order in which they will be loaded. Multiple inheritance...? The language can do it, sure, but it isn't trivial.

And you've just proven that you don't understand JavaScript. JavaScript != Java (or C++, or C#). It's not designed around functions and classes. Javascript is a functional language, and as such is designed around closures. Closures allow you to define classes and functions, but they also allow you to do quite a bit more (and also let you shoot yourself in the foot if you like).

You're correct in saying that there's more to writing a large-scale AJAX application than just understanding a JavaScript function, but most of the things you mention are irrelevant (well, they're important to understanding JavaScript, but that's a core competency for any type of web design, not just AJAX). Using AJAX is easy, especially with all of the frameworks available that abstract browser compatibility issues for you. Using AJAX well is difficult (dealing with accessibility, server load, concurrency, etc).

There is an interesting video on Channel 9 - http://channel9.msdn.com/ - that gives a tour of MS's new office space for the Patterns and Practices group. It shows some interesting ideas.

For those who might think the parent is a troll, MS developers really do have trouble understanding Windows.

I think we really need a successor to the Linux kernel anyway...

"For me that is a little worse. I tend to configure my editing windows as large as possible, by removing toolbars I don't use frequently and keeping only those buttons I do use, in every mode."

You can double click tab bar to hide ribbon and save space. Also there's a quick access toolbar in upper right corner, where you can put all your frequently used commands.

http://blogs.msdn.com/jensenh/archive/2006/07/24/6 76371.aspx

Please, watch the movie.

Screenshot:
http://img233.imageshack.us/img233/2615/office2007 dh2.png

Like someone suggests here, they really should just buy metoo.com, put everything under the one domain and be done with it.

Symantec has always been in bed with IE

Could be worse. Could be McAfee. You can run, configure, and update Norton Antivirus or even Norton Internet Security without loading a web browser. McAfee actually relies on IE --and IE specifically -- to handle parts of its interface, including the updater. In fact, some of the early IE7 betas actually broke the McAfee updater.

Yes, those posts are old, but a co-worker of mine just installed the latest version of McAfee on his computer last week, and it does still use IE internally.

I don't know about you, but I think relying on one of the most notoriously insecure pieces of software to handle updates for a security program doesn't sound like the greatest idea since sliced bread.

One of the worst misfeatures of Windows (and its developer community) is the retarded design of dialogs. AFAIK the pre-Vista API has a bunch a simple functions to do Yes/No and Ok/Cancel dialogs, but nothing to label buttons sensibly. So it's quite common to have a dialog with "Yes" and "No" buttons, and and huge text explaining what these options mean. Despite the fact that every at least semi-decent article or book about dialog design recommends to use verbs for button labels.

I recently read that Vista finally offers an API to easily change the button labels. Yeah! And guideline 5 (Use task dialogs for new or frequently used dialog boxes and error messages) specifically recommends:

Use positive commit buttons that are specific responses to the main instruction instead of generic labels (such as "OK"). Users should be able to quickly grasp the options by reading the button text alone. Always start commit button labels with a verb.

Yeah again!

However, above this guideline we can see a screenshot of the classic, super retarded Windowesque "Save changes? Yes/No/Cancel" dialog.

I suggest for the final document they just copy this dialog from any random Mac OS application and put a Vista theme on it.

Parent might also want to check the new "ribbons" Office 2007 UI.

An old post of Raymond Chen springs to mind: Why is there no programmatic access to the Start menu pin list?

In Windows 95, we gave programmatic access to the Start menu "Fast items" list - the items that appear at the top of the Start menu above the Programs list. This area was meant for the user to customize with their favorite links, but programs quickly saw the opportunity and spammed themselves into it every chance they got.

In IE, we gave programmatic access to the Favorites menu, and once again, programs spammed themselves into it.

Besides, I'm not at all convinced that Symantec has a technical reason for wanting to replace the Security Center.

Frankly, we'd like to see the Protection Center recognize installed non-Symantec applications--and keep advertising clearly marked as such.

I guess I just not willing to put as much faith in Norton as you are. I'm siding with Raymond Chen on this one: Why is there no programmatic access to the Start menu pin list?

It's with a sly sardonic grin I listen to Symantec lamenting:

Having been pretty happy with their antivirus for the last few generations I updated to NAV2006 end September when my subscription ran out. Buying, downloading and installing went pretty smooth, but after a restart Norton had, much to my surprise and oddly relevant for this thread, disabled the Windows Security Center and replaced it with their own Protection Center. I wasn't aware having asked for it in the first place. Whereas the default security center is rather discreet, the Norton version behaves like a piece of malware: It doesn't just put a small notification icon in the taskbar but grabs a huge chunk of the main pane and tries to grab your attention with big colorful dialogs. You can't uninstall it nor disable it. Nortons support pages won't prove helpful. I uninstalled NAV and did a reinstall, this time making sure that no checkboxes we're ticked - that didn't seem to bother it at all. Figuring out how to get rid of it took the most of an evening. It all brought back sad memories of a Real Player infestation, but having payed for the experience this time really made me feel like an idiot...

I understand why Symantec does this. In order for them to stay in business they need Johnny Consumer to think "Norton" instead of "anti-virus". But, it also makes perfect sense that MS wants to put an end to it. No, Symantec brought this one upon themselves.

Besides, are you really sure that Symantec's desire to replace the SC is for technical reasons?

Frankly, we'd like to see the Protection Center recognize installed non-Symantec applications--and keep advertising clearly marked as such.

What about XNA Game Studio Express?

That allows independent developers to build and share code and executables on the Xbox 360 over Xbox Live. It's in beta right now, but it would certainly make home brewed games a lot easier to create. Not sure about what kind of support they are offering with non-standard input devices though.

Here is the location of the Monad (Windows Power Shell) blog:
http://blogs.msdn.com/powershell/default.aspx

To the parent, MS spends a lot on usability testing; geeks and programmers are the LAST ones I'd ask to comment on UI. I'll take real world testing over what programmers/geeks have to say about UI, thanks.

You know, the Sharepoint team has been blogging for quite some time, and they've got a product that quite usable. Hell, why not use their own blogs.msdn.com? And when it comes down to it, why not use one of the millions of free blogging services or apps already available?

Instead they're running off Community Server. Just look at their prices.

I'm just saying it's interesting that they've got in-house products they're not using, there are free services they're not using, and there are free packages they could run that they're not using. Instead they go for a most-likely limited commercial something.

You know, the Sharepoint team has been blogging for quite some time, and they've got a product that quite usable. Hell, why not use their own blogs.msdn.com? And when it comes down to it, why not use one of the millions of free blogging services or apps already available?

Instead they're running off Community Server. Just look at their prices.

I'm just saying it's interesting that they've got in-house products they're not using, there are free services they're not using, and there are free packages they could run that they're not using. Instead they go for a most-likely limited commercial something.

You don't see the dialog box at http://www.codeproject.com/tips/runas/runas-shot.p ng? The 'Protect my computer and data from unauthorized program activity' is what I'm talking about. You do not need to add an additional account.

More info at http://blogs.msdn.com/aaron_margosis/archive/2004/ 09/10/227727.aspx.

Have you ever done this on a windows machine for an extended period of time? I did it for about a week before I gave up. Some programs don't even run unless you are administrator.

setlocal
set _Admin_=%COMPUTERNAME%\Administrator
set _Group_=Administrators
set _Prog_="C:\Progra~1\Intern~1\iexplore.exe file:///c:/"
set _User_=%USERDOMAIN%\%USERNAME%

if "%1"=="" (
runas /savecred /u:%_Admin_% "%~s0 %_User_%"
if ERRORLEVEL 1 echo. && pause
) else (
echo Adding user %1 to group %_Group_%...
net localgroup %_Group_% %1 /ADD
if ERRORLEVEL 1 echo. && pause
echo.
echo Starting program in new logon session...
runas /savecred /u:%1 %_Prog_%
if ERRORLEVEL 1 echo. && pause
echo.
echo Removing user %1 from group %_Group_%...
net localgroup %_Group_% %1 /DELETE
if ERRORLEVEL 1 echo. && pause
)
endlocal

Have you ever done this on a windows machine for an extended period of time? I did it for about a week before I gave up. Some programs don't even run unless you are administrator.

setlocal
set _Admin_=%COMPUTERNAME%\Administrator
set _Group_=Administrators
set _Prog_="C:\Progra~1\Intern~1\iexplore.exe file:///c:/"
set _User_=%USERDOMAIN%\%USERNAME%

if "%1"=="" (
runas /savecred /u:%_Admin_% "%~s0 %_User_%"
if ERRORLEVEL 1 echo. && pause
) else (
echo Adding user %1 to group %_Group_%...
net localgroup %_Group_% %1 /ADD
if ERRORLEVEL 1 echo. && pause
echo.
echo Starting program in new logon session...
runas /savecred /u:%1 %_Prog_%
if ERRORLEVEL 1 echo. && pause
echo.
echo Removing user %1 from group %_Group_%...
net localgroup %_Group_% %1 /DELETE
if ERRORLEVEL 1 echo. && pause
)
endlocal

This does not affect IE7:
http://blogs.msdn.com/ie/archive/2006/09/15/756736 .aspx

(Just for edification. ;-))

What does learning about the underlying system help with in programming?

Architecting beautiful code? Nope.

Err... yes. Only by understanding the underlying system can you appreciate the reasons why a good architecture is a good architecture. Understanding what you're doing at a low level is a key part of building the aesthetic sense that guides us through high-level design decisions.

Learning powerful, high-level abstractions? Nope.

Most of those abstractions are substantially easier to understand if you can appreciate why they work. Take a look at The Old New Thing, Raymond Chen's blog. He periodically picks a question that a programmer has asked on a newsgroup and explains how you could work out the answer to it from first principles, just by working out how the abstractions you're using work at a low level. The point is: the abstractions have been designed to be efficiently implementable at a low level. This means that understanding the low level helps you understand them.

Programming efficiently to the hardware.

Is sometimes necessary. Computers may be getting faster and faster (but note that a 3.2GHz machine doesn't outperform my current 400MHz machine by a factor of 8 like it sounds like it should... there are other factors to the speed that aren't growing at anything like the speed of the processors: current RAM is only 3 times faster than it was when my machine was built, for instance), but the applications we're putting them to are getting harder and harder. Coding to that edge will always be necessary. Embedded systems usually only have *just enough* power to do the task they're designed for. Squeezing an extra few transactions per second from a machine could save a big web site thousands in additional hardware. People still want their video encodes to finish quicker. And faster cryptography means we can use better cryptography with bigger keys, which will always be desirable.

Look, I may be sitting here on a break from writing a highly abstract web application framework in an inefficient interpreted language and using an SQL database for storage when a custom file format might well deliver better performance, but in the end that's because I know it's more important to get this job finished quickly and with easily maintainable code at the end of the day than a high performance solution. But that doesn't mean I don't understand there are situations when high performance is desirable.

As far as I'm concenrned Sun is playing catch-up with Microsoft, and this is no more than a half assed response to MS releasing IronPython

Whatever happened to the Longhorn / Vista 'Red Screen of Death'?
Red is so much scarier.
http://blogs.msdn.com/michkap/archive/2005/05/07/4 15335.aspx

But, isn't burning a CD or DVD essentially I/O? (OK, maybe just O.) IANASA, but that sounds a lot like a basic OS function to me. Yeah, I know it's a direct competitor to existing "products". Existing products that exist because a basic OS function was ... overlooked?

I'm trying not to be a smart-ass about this (but I was never very good at restraint). So, is it ok for MS to bundle basic OS functions with their OS?

I had the exact same thought at first too, "why should MS be stopped from including basic I/O functionality just because it is an optical disc?". I looked into it and found out Vista may include what is called DVD Maker and it is a very bare bones application that allows a person to very easily create a DVD video disc that will play in a standalone DVD player. You can read more about it at the following link where one of the developers talks about it in his blog:

http://blogs.msdn.com/ericgu/archive/2006/01/03/50 9014.aspx

These are the types of tools that I think MS should be allowed to include. Basic tools that let a user easily accomplish something that a full featured application may make too difficult. It forces the makers of the full featured app to innovate more while also giving the "average" user (or someone who doesn't need a bunch of bells and whistles) some added functionality right away when they boot up their new computer.

Yes, absolutely, both formats can generate ploygons on the fly. Beyond HD, the rich and interactive media aspects of next gen formats are vastly better than SD. If you want a sense of what the HD DVD interactive layer can do, check out Peter Torr's blog:

http://blogs.msdn.com/ptorr/

It's a lot more like writing a modern XHTML web site than anything else. And it's a good thing - there's lots of great stuff coming out in titles that extend the movie experience.

If you feel the titles aren't user-friendly, go down to a CE store and try one of the HD DVD titles. They work great. You can bring up menus and navigation without having to stop the movie, for example. Definitely easier to use than DVD.

As for HBO HD, you're watching over cable or sat, right? So it's highly compressed, horizontally squeezed MPEG-2. HD DVD is a big quality jump from that - you get 6x the pixels of DVD, with higher average per-pixel quality. It's great stuff, and the first time a consumer can really fill a 1920x1080 displa y24 times a second with great video.