Slashdot Mirror

Au contraire. Microsoft is releasing a browser plugin (currently called "WPF/Everywhere") which will enable XAML/C# sandboxed apps to run on the Mac, and possibly even Linux. It won't be the full WPF model, but it will cover just about everything aside from 3D and local resource access. Call me crazy, but I'm gambling on this big time. Have you played with the .NET 3.0 dev resources? XAML wraps classes intuitively and directly, and the layout model is so much easier to work with than CSS. No more hidden spacer divs and z-index problems with various controls. It's also free. woot!

Hangs head in shame.

Contest Report, 2006 SubjuGator Team Members, full fledged Windows XP Professional on a Pentium M.

That's because the UI is written in XUL, and the installer includes all the libraries for it, for all win32 platforms. Not all software for windows is so lucky and portable. You're mistaken about windows apps being portable.

You're full of it. If you've ever read Raymond Chen's blog you'd know just how much work Microsoft puts into maintaining binary compatibility - and the results show. Maybe you're the one person in a million who uses the few applications that do break, but in my experience, when upgrading to new Windows versions, only a tiny number of programs have problems (mostly games, which tend to abuse low-level features... Raymond's blog provides numerous examples where the applications that do break tend to be misusing APIs).

Getting back to SeaMonkey, it's not like the whole backend is reimplemented for each Windows version. The vast majority of the code really isn't at all affected by the Windows version. There's a lot of C++ code in SeaMonkey too (it's nowhere near being just XUL + JS on top of Gecko), and of all the SeaMonkey and Gecko C++ I've written I've only had to worry about the Windows version once - when I was modifying splash screen code to take advantage of new Windows 2000 features. There are certainly other cases where the code is optimized and takes advantage of features of later Windows version, but it's rarely more than a tiny change to accomodate all versions of Windows. I don't recall ever worrying about the Windows version in the rest of my patches at all.

Seriously, have you ever looked at the seamonkey download page where they offer a Fedora Core rpm build?

If you want the ability to be able to download and install, just use Fedora. Don't bitch if you're using a geek Linux like Ubuntu or Gentoo or Slackware or something. Fedora is a pretty usable Desktop OS right now, and most download sites offer rpm builds of their software. Not everything needs to be in a yum repository.

So if I want even non-proprietary applications to be readily available, I have to use one of a tiny number of distros (ignoring the fact that I'm sure there's some other project that provides DEBs but not RPMs). That seems to me like you actually don't have any real choices in the Linux world.

Look, there are other problems with desktop Linux, but the ones you cite aren't the bad ones. Hardware compatibility for example. Or kernel modules you need to recompile every single bloody kernel update. Drivers that only work under ndiswrapper. WPA support in Linux wireless-tools package instead of wpa_supplicant. Those are issues. Wireless support should be friggin' perfect by now, yet lags behind the windows world by a long shot. Those are barriers to penetration much more than the availability of a binary installer (which btw some companies also offer).

Those are certainly larger barriers to adoption, but I do think that the more limited binary compatibility with Linux is not something that should be ignored.

Why ClearType isn't on in Windows XP by default (or even installed by default) I don't know.

Ask the man, Mr Hill.

Anyway, ClearType is installed by default - you just have to turn it on (I've certainly never had to 'install' ClearType on XP). You don't need to go to the website to do that. I think you still need the website to tune the ClearType rendering.

Those looking for an answer to the posed question, "Just what has Microsfot been doing for IE7?" regarding CSS, watch this channel 9 video IE7: CSS Support?.

But all of those fixes are far more important than ACID2, and the notion promoted by this thread, that IE7 is basically no better than IE6, is disinformation, pure and simple.

And besides those fixes, IE7's CSS support is much improved over IE6's. Those of you that are truly interested in how IE7 has improved on IE6's CSS support (as the submitter of this article *purports* to by asking what the IE7 team has been doing), watch this channel 9 video IE7 - CSS Support?.

No, it doesn't pass ACID2 yet, but it blows IE6's CSS support away.

I hope Mozilla/Firefox can maintain security without adopting a restricted "protected" sandbox mode ala IE 7 on Vista.

You can make Internet Explorer treat local web pages as if they were remote by giving them the mark of the web.

In the 90's, Linux advocates used "stability" as their main argument against Windows. Microsoft took that argument away with XP (regardless of the idiotic BSOD comments tossed around these parts).

Sure. If you don't mind rebooting your servers monthly. Ten OS patches out next Tuesday remember!

From 2001 to now, Linux advocates have used "security" as their main argument against Windows. Microsoft is in the process of taking that argument away.

Like securing Vista by rewriting the relatively mature TCP/IP stack?. There are a lot of security enhancements in Vista - e.g. Address Space Layout Randomization to mitigate buffer overflow issues. But don't expect anyone who cares to be deploying it in security-critical places until it's proved itself in the field.

Here's a blog posting by one of the engineers who worked on this product- http://blogs.msdn.com/pix/default.aspx Also, to the gp, the zooming is not just zooming into a particular picture- since it uses seadragon technology, it also allows for seamless zooming in to arbitrarily large images.

There's an explanation of this bug and yes, it's gain levels related.

Actually, no. It now says (after Sept. 2005) that you have to buy a complete system:

http://blogs.msdn.com/mssmallbiz/archive/2005/06/0 6/425681.aspx

(second half of the answer to question 1)

Microsoft seems to disagree with you there:

Excerpted from: http://blogs.msdn.com/mssmallbiz/archive/2005/06/0 6/425681.aspx

Q. Can OEM Microsoft software be purchased by itself or with "some hardware" such as a hard drive, etc.?

A. If it is an OEM Microsoft Desktop Operating System (such as Windows XP Pro or Windows XP Home), then it must also be sold only with a fully-assembled computer system as well (as of September 1, 2005), just like OEM server and application software. Prior to September 1, 2005, an OEM Desktop Operating System license could be sold with specific individual hardware components. These specific hardware components were defined as a nonperipheral computer hardware component... A "nonperipheral computer hardware component" means a component that will be an integral part of the fully assembled computer system on which the individual software license will be installed.." So, prior to September 1, 2005, an OEM Microsoft Desktop Operating System license (such as Windows XP Pro or Windows XP Home) could be sold with a hard drive, motherboard, CPU, memory, etc.

Being that we're past Sept. 1, 2005, it would appear that an OEM copy cannot be purchased (legitimately) without buying a complete system. And incidentally, the OEM license says when you install it you certify that you have the appropriate hardware (post Sep, that'd be a complete system), so you're reponsible for checking that you meet the requirements yourself instead of just trusting a shady vendor selling OEM software.

It's not legal because:

In the terms of the license agreement, microsoft stipulates you can only use an OEM license with a new system. The loophole of buying a cable or two doesn't cut it as of Sept 2005. Therefore, just because I've given microsoft money for an OEM copy, it doesn't mean I'm allowed to install it. I can give a toyota dealer money for a prius, but that doesn't mean I'm allowed to take a camry off the lot instead. Just because you can technically install an OEM copy on any old machine, doesn't mean you can LEGALLY install it on any old machine.

This is an example of contract law, which is, from what I hear, definitely part of the legal system of pretty much every country out there. And it's a good thing, too. Contract law and copyright law are what makes the GPL, etc, enforceable.

When you agree with a license agreement, you're entering a contract with microsoft. If you don't like the details (I often don't), DONT USE THE SOFTWARE. If more people took the time to read these things and take them seriously, we'd have more reasonable licenses. Until then, manufacturers will continue to say ridiculous things. Fortunately, sometimes the courts rule the some of those things are unenforcable, but I tell 'ya, I'd rather not be the test case. If I don't agree, I don't sign or buy.

More reading on why buying an OEM copy isn't legal without buying a whole system, straight from the horse's mouth:

http://blogs.msdn.com/mssmallbiz/archive/2005/06/0 6/425681.aspx

I'll put out two links for you since you're either lying or just misinformed. Link 1

Link 2

Apache is one of the most hacked services right under Sendmail I believe. As for OS X security let's see how much we can learn by sniffing the traffic coming from the unit. By default Samba on OS X doesn't support session signing or encryption. Both features fully support under practically ever modern linux distro. Apache is by far the dominant web server and because of that it is more prone to attack. It's simple math. Its major progress over the past is that it is getting easier to configure and secure properly so it will become less prone to attack. Why does this sound familiar? hmmmm.....

At any rate, every platform has its vulnerabilities; OS X has its patches just like every other OS out there. I'm not sure what you mean about innate security since I believe both OS's can and more importantly are often secured.

As for viruses, I honestly haven't seen one do any damage to any of my end-users in years. Of course they run with limited access just like I do. The mechanism has been there for quite some time, on the order of 10-12 years so it's mighty confusing how people are still mentioning it.

I'll leave you with one more link Shows both sides fairly

Both platforms have their faults but spreading mis-information does no one any good.

They're mostly retarded though.

Anyway, Aaron Margosis has some informative comments on fixing non-admin bugs in this month's TechNet magazine. This was originally 3 entries in his "non-admin" blog but has been taken up to get it to a wider audience.

And yes, I hate to link to the great Satan, but sometimes some of those are actually useful (at least to those of us who do occasionally have to deal with Windoze crap)...

As I posted yesterday, I got a chance to check out the machine that Shanen used for the Financial Analysts Meeting demo. I confirmed that it was just what I suspected: An audio gain issue.

If you watch the video clip on MSN Video you can see in the speech user interface that the microphone "volume" is very high. It pushes up into the red frequently while Shanen is speaking to the computer. That's caused by the fact that the audio sub-system wasn't respecting the audio gain settings we've asked it to use.

This is a known bug in current builds, and has already been fixed by the audio team in their private builds in preparation for RTM.

If you watch the video clip on MSN Video you can see in the speech user interface that the microphone "volume" is very high. It pushes up into the red frequently while Shanen is speaking to the computer. That's caused by the fact that the audio sub-system wasn't respecting the audio gain settings we've asked it to use.

This is a known bug in current builds, and has already been fixed by the audio team in their private builds in preparation for RTM.

For the curious, it was an audio gain issue. Details on Rob Chambers' blog:

http://blogs.msdn.com/robch/archive/2006/07/29/682 479.aspx

First of all, the update is OPTIONAL. The only thing that is "pushed" to the client via Windows Update is an installer shim. When it runs it prompts the user and asks them if they would like to install an update for IE. They can say Yes, No, or Ask Me Later.

Second, guess what I was greeted with this morning when I came in to work? It was a Firefox dialog saying that I was already updated to the new version and would I like to restart firefox so the changes could take effect. How is this really any different? Does anybody have knowledge that version 2.0 of Firefox won't be pushed this way, just like version 1.5.0.5 was today?

Could IE7 have bugs? It almost certainly does... but the fact of the matter is that it has some very important security related design changes and fixes that will make Windows users safer. If large e-commerce sites are worried about how their pages will display in IE7, why don't they download a copy of the freely available beta and test it?

Microsoft's decision to push IE7 out via Windows Update is a good one not just because of the security reasons, but because it will move a huge percentage of the people on the web to a browser with far better standards support. The lag time between standards adoption will be dramatically reduced. Let's face it, a big reason that many sites aren't standards compliant today is because of IE. If Microsoft simply offered it as a download on their web site it would take years for adoption to reach high enough levels to stop coding for IE6.

First of all, the update is OPTIONAL. The only thing that is "pushed" to the client via Windows Update is an installer shim. When it runs it prompts the user and asks them if they would like to install an update for IE. They can say Yes, No, or Ask Me Later.

Second, guess what I was greeted with this morning when I came in to work? It was a Firefox dialog saying that I was already updated to the new version and would I like to restart firefox so the changes could take effect. How is this really any different? Does anybody have knowledge that version 2.0 of Firefox won't be pushed this way, just like version 1.5.0.5 was today?

Could IE7 have bugs? It almost certainly does... but the fact of the matter is that it has some very important security related design changes and fixes that will make Windows users safer. If large e-commerce sites are worried about how their pages will display in IE7, why don't they download a copy of the freely available beta and test it?

Microsoft's decision to push IE7 out via Windows Update is a good one not just because of the security reasons, but because it will move a huge percentage of the people on the web to a browser with far better standards support. The lag time between standards adoption will be dramatically reduced. Let's face it, a big reason that many sites aren't standards compliant today is because of IE. If Microsoft simply offered it as a download on their web site it would take years for adoption to reach high enough levels to stop coding for IE6.

First of all, the update is OPTIONAL. The only thing that is "pushed" to the client via Windows Update is an installer shim. When it runs it prompts the user and asks them if they would like to install an update for IE. They can say Yes, No, or Ask Me Later.

Second, guess what I was greeted with this morning when I came in to work? It was a Firefox dialog saying that I was already updated to the new version and would I like to restart firefox so the changes could take effect. How is this really any different? Does anybody have knowledge that version 2.0 of Firefox won't be pushed this way, just like version 1.5.0.5 was today?

Could IE7 have bugs? It almost certainly does... but the fact of the matter is that it has some very important security related design changes and fixes that will make Windows users safer. If large e-commerce sites are worried about how their pages will display in IE7, why don't they download a copy of the freely available beta and test it?

Microsoft's decision to push IE7 out via Windows Update is a good one not just because of the security reasons, but because it will move a huge percentage of the people on the web to a browser with far better standards support. The lag time between standards adoption will be dramatically reduced. Let's face it, a big reason that many sites aren't standards compliant today is because of IE. If Microsoft simply offered it as a download on their web site it would take years for adoption to reach high enough levels to stop coding for IE6.

You are very misinformed.

'Pretend XHTML'? You are kidding right? MS is one of the companies that wrote XHTML and sure IE6 support sucked, but IE7? Um.... I don't think so.

I quote from the Internet Explorer developers' weblog:

if we tried to support real XHTML in IE 7 we would have ended up using our existing HTML parser (which is focused on compatibility) and hacking in XML constructs. It is highly unlikely we could support XHTML well in this way; in particular, we would certainly not detect a few error cases here or there, and we would silently support invalid cases.

I would much rather take the time to implement XHTML properly after IE 7, and have it be truly interoperable - but I did want to unblock deployment of XHTML as best we could, which is why we made sure to address the XML prolog/DOCTYPE issue.

No version of Internet Explorer supports XHTML. If you label XHTML as text/html, Internet Explorer will render it because it thinks it's HTML. There's a problem that XML prologs cause because of this, so they implemented a special-case workaround.

All of this is very well known to web developers, I suggest you actually ask your developers about this if you don't believe me.

Watch the Video on Expression Web Designer. It is the new FrontPage so to speak, and is designed to work with IE7 in the long run, and it pushes VERY HARD - XHTML and CSS standards, to the point it will break IE6 if you tell it to comply 100% with standards. They also wouldn't be making such a 'standards' based site development tool if it was going to break IE7.

XHTML is being treated as a buzzword these days. The document included in that video included a <meta> element that claimed the media type was text/html. This is not XHTML being parsed as XHTML. It's XHTML pretending to be HTML and being parsed as HTML - which is the only way in which any version of Internet Explorer can understand XHTML as it doesn't support XHTML.

In every way in which XHTML differs from HTML, Internet Explorer follows the HTML rules. If you disagree, please give examples. If you don't disagree, please explain how that means that Internet Explorer supports XHTML rather than "pretend XHTML".

Are you seriously making assumptions about what Internet Explorer supports by trying to spot implications from marketing material for a tangentially related product by the same company?

That isn't why it won't pass the Acid2 test. It won't pass the Acid2 test because that is far too much work for a single major revision. It would require implementing a lot of the CSS that is currently unsupported

This has 'little' to do with WHAT CSS is implemented, but more over what 'foreign and non-standard' CSS and IE specific goofs are allowed. IE7 does a good job of support CSS features, the DRAWBACK is that is STILL supports NON-STANDARD CSS and MS IE standards that when put to the ACID2 test fail.

I'm sorry, but this simply isn't the case. Have you looked at the Acid2 test at all? The problems Internet Explorer has with it are either parsing problems or outright lack of support for various features of CSS and HTML. Internet Explorer's support for non-standard CSS extensions are not a factor.

WindowsXP is 5 years old, it is about time people moved to it.

You can argue that people should upgrade all you like, it makes no difference as to whether they actually do it or not. I'm saying that lots of people don't upgrade for years. Telling me that they should is completely irrelevant. It's not up to me whether they upgrade.

So YES we can start moving to real XHTML and CSS based sit

First of all, since you admin a site of 100 seats, you can install the IE7 blocker to block Windows Update from downloading IE7.

Secondly, even if you don't install the blocker, and the user does elect to install IE7 (after downloading IE7, Windows Update presents the options "Install", "Don't Install", "Ask me later" (if you select "Don't Install", you're never asked again, even for future security updates)), IE7 will not be installed as the default browser, unless an older IE was already the default browser.

From the IE blog: "If you decide to install IE7, it will preserve your current toolbars, home page, search settings, and favorites and installing will not change your choice of default browser. You will also be able to roll back to IE6 at any point by using Add/Remove Programs in the Control Panel."

If you read the IE blog, you'll see that what happens is if you don't install the IE7 blocker, then Windows Update (if set to automatic) downloads IE7, then you're presented with options to "Install", "Don't Install", or "Ask Me Later". If you choose "Don't Install", then you're never asked again, even when later security updates occur (see the comments portion of the blog for this info).

According to http://blogs.msdn.com/ie/archive/2006/07/26/678149 .aspx, the update will not change your default browser.

http://www.google.com/search?q=spinlock+vsync

Particularly some of the comments to the Old New Thing blog.

Raymond Chen has discussed the logic behind Microsoft's approach to multiple OS installs, and frankly, the logic isn't that far off.

http://blogs.msdn.com/oldnewthing/archive/2005/12/ 20/505887.aspx
http://blogs.msdn.com/oldnewthing/archive/2006/07/ 11/662325.aspx

Raymond Chen has discussed the logic behind Microsoft's approach to multiple OS installs, and frankly, the logic isn't that far off.

http://blogs.msdn.com/oldnewthing/archive/2005/12/ 20/505887.aspx
http://blogs.msdn.com/oldnewthing/archive/2006/07/ 11/662325.aspx

To be fair, they have a valid reason (even if we disagree) for ignoring other paritions in that sometimes people have them without knowing.

Check out: Typed DataSets, LINQ and ADO.NET Entities. The last two technologies are under development. In the mean time, how about NHibernate, or ActiveRecord.

It wouldn't make sense for a relational database to do this, so you will always need an abstract layer in between. The ADO.NET API gives you direct access to the relational data, the aforementioned layers will abstract it for you, where LINQ uses new language constructs to try to bring queries in a natural syntax to your programming.

Check out: Typed DataSets, LINQ and ADO.NET Entities. The last two technologies are under development. In the mean time, how about NHibernate, or ActiveRecord.

It wouldn't make sense for a relational database to do this, so you will always need an abstract layer in between. The ADO.NET API gives you direct access to the relational data, the aforementioned layers will abstract it for you, where LINQ uses new language constructs to try to bring queries in a natural syntax to your programming.

Dude, at least try and get some facts in the post, the Sybase rant is such BS, see here for more details; http://blogs.msdn.com/euanga/archive/2006/01/19/51 4479.aspx to see pictures; http://blogs.msdn.com/euanga/archive/2006/05/23/59 7677.aspx

Dude, at least try and get some facts in the post, the Sybase rant is such BS, see here for more details; http://blogs.msdn.com/euanga/archive/2006/01/19/51 4479.aspx to see pictures; http://blogs.msdn.com/euanga/archive/2006/05/23/59 7677.aspx

Unless there's a good C# SQL wrapper that I don't know about

The Entity Framework in ADO.Net 3.0 combined with Language INtegrated query (Linq) C# language extensions is going to change how you write data based applications. Dispite my obvious bias this is one of the coolest things I've seen in quite a while.

LINQ and ADO.NET Entities: Video Podcast
http://channel9.msdn.com/Showpost.aspx?postid=2021 38
Whitepaper:
http://msdn.microsoft.com/vstudio/default.aspx?pul l=/library/en-us/dnvs05/html/nxtgenda.asp
Screencast: (see the code)
http://blogs.msdn.com/adonet/archive/2006/07/11/66 2454.aspx

Unless there's a good C# SQL wrapper that I don't know about

The Entity Framework in ADO.Net 3.0 combined with Language INtegrated query (Linq) C# language extensions is going to change how you write data based applications. Dispite my obvious bias this is one of the coolest things I've seen in quite a while.

LINQ and ADO.NET Entities: Video Podcast
http://channel9.msdn.com/Showpost.aspx?postid=2021 38
Whitepaper:
http://msdn.microsoft.com/vstudio/default.aspx?pul l=/library/en-us/dnvs05/html/nxtgenda.asp
Screencast: (see the code)
http://blogs.msdn.com/adonet/archive/2006/07/11/66 2454.aspx

That may be changing. Check out their recent webcast on the upcoming "ADO Entity Objects Framework," which looks like it's shaping up to be a formal ORM product.

You want hibernate once read many (HORM) setup. XPe supports this... never seen it but it sounds interesting.

Actually there are .net framework diagrams, and they're cheaper than $20

.NET Class Libraries Reference Poster : $5

Microsoft .NET Framework 2.0 Poster Pack : $19.99 before discounts, but I've seen it given away when you buy 2 MS Press books.

Of course MS also supply class posters in the Visual Studio box, but in case you're using the Express editions you can download and print your own copy from Bard Abrams' blog.

He mentioned corrupt boot sectors (no boot sectors or boot sector virus), but primarily emphasized the user freindliness for those users who try to install/upgrade. He also mentioned that it wasn't possible for MS to code for every single "foreign" boot sector out there.

We're going to have to give up on recognition and put more effort into partitioning. We need setups where each web page renders in its own jail, and it doesn't matter if the browser is insecure - when the page closes, a program exits and any corrupted info goes away.

Of course, this will break Active-X, toolbars, downloads, etc. Then again, on business systems, you want those things broken.

Once the browser is locked down like that, you need a "guard" program. When you want to move a file out of a browser's jail, it has to go through a program that "sanitizes" it. Often, a translation to a well-documented format that doesn't contain execution capability will do the job.

Yeah, that's a very good idea... and that's why Microsoft has implemented almost exactly that with Internet Explorer 7+ in Vista. It's called "Protected Mode".
Here's a good starting point to read about the technology.

ActiveX controls and toolbars can still operate inside this jailed environment (keep in mind that conceptually, binary code and toolbars aren't the -problem- ... it's what they're able to access that has been the problem), but they don't have access to anything outside of it. If, due to the nature of the plug-in, it really should be able to work with the user's files, there is the Protected Mode API which gives plug-in developers their only way out of the jail, and it's extremely limited... basically, you can find out where you're allowed to write to on the file system or registry (for storing configuration information), and you can trigger a save dialog that is executed in the context of the parent IE process (the one that isn't jailed), and you can trigger the file save... and that's about it.

When the file save happens, Internet Explorer makes use of the OS's Attachment Execution Service interface to save the file. This is something that was introduced with XP SP2, and it offers a couple of things: it lets anti-virus, anti-malware etc. applications hook in and scan the file and give the thumbs-up before allowing the save. In other words, the file doesn't even touch the non-jailed environment (ie. your regular user profile) before it gets scanned. Another thing the AES does is attach the source URL of the file (if appropriate), and store it in an NTFS alternate data stream. AES is also used by Outlook Express (Windows Mail in Vista) and Microsoft's various IM programs.

As for sanitising data, go ahead and put an application out onto the market that will automatically translate Office document formats into equivalent OpenOffice formats if you like. I'm sure some people would be interested in it, though bear in mind that the Office formats contain a bunch of features that ODF doesn't support yet (ODF doesn't have a facility for highlighting text in a way that's distinct from background colours, for example)...

We have programs the don't work as non-admin, but we try to fix them using file/reg permissions changes. I've still yet to find an app (that we run) that can't be tweaked to run as a regular user. One great method of making life on your users easier as non-admin is to run as a non-admin yourself. Even though I am the uber domain admin at work, I run my windows workstation as a regular user. As a result I run into the same issues that every user does. If I run into something I can't do that I think users should be able to do, I research how to fix it and send the permissions changes out the to workstations using scripts, or group policy settings. One example of something I ran into is the annoying fact that you can't change your power management settings as a regular users. A few registry permission changes were all that was need to fix that.

XP is a huge pain to use without admin rights due to braindead apps

> it is only hurting and hindering legitimate users

A major problem with Windows piracy was small OEMs buying just a few copies of Windows and installing them on thousands of PCs. Microsoft have successfully shut down several such operations, who were collectively responsible for distributing counterfeit software to millions of customers WITHOUT THEIR KNOWLEDGE.

Let me clarify that somewhat more: THE CUSTOMER WAS PERFECTLY INNOCENT. The purpose of the notification service in WGA is not to make users feel guilty for using software they pirate themselves; that is a perfectly fruitless endeavor. It is instead to notify the INNOCENT customer who has purchased or otherwise received illegal software from a source they believe to be legitimate.

It is for precisely this reason that disabling or crippling the computer that fails WGA is immensely stupid. There is simply no benefit to it: the major piracy problem is not Joe down the street installing the same copy of Windows on two computers, it's organised crime syndicates that sell thousands of counterfeit CDs to people who expect to receive legitimate, licensed software. Whatever someone might do to those computers doesn't do anything to the actual criminals, so it's just plain ill-tempered and mean. It's punishing the victim.

What Microsoft are trying to do instead is tell the victim "Hey, you're a victim. Come to us and we will help you." If you're a victim of yourself, however, chances are you don't want Microsoft's help.

Paul Thurott installed this copy of Windows a long time ago, presumably before there was notification in the WGA service, and possibly before there was a WGA service at all. Chances are his Windows installation was *never* legitimate, but he just didn't know it. Since his copy is in fact legitimate, he can readily fix this problem with a little effort. If he doesn't want to bother, he can disable the notification, as could a willful software pirate.

And I for one find it decidedly odd that his "false positive" happens the day after a Microsoft blogger writes extensively about them: http://blogs.msdn.com/wga/default.aspx

If I recall correctly, beta1 didn't have any changes to the rendering engine, but betas 2 and 3 do. Eric Meyer linked to a post about IE7 changes. The IE7 blog has the details of some of the changes.
Now, that doesn't mean that they are ALL fixed, but there are just enough to make all the expert webpage creators learn all new hacks to make pages work in IE.

IE 7 supports alpha PNGs! http://blogs.msdn.com/ie/archive/2005/04/26/412263 .aspx

Whatever language they use, developers are going to need to learn the OS X APIs (Cocoa and Quicktime at the very least) to make any real significant use of OS X - unless you're proposing that Apple also switch over to using the .NET2 / WinFX APIs rather than Cocoa, in which case OS X would cease to have much real point. You're more likely to see the rumoured 'Cocoa running on a Windows kernel' than Apple ditching their prime asset.

A large reason that the Java bridge 'failed' is that there was very little interest from cross-platform developers (i.e. Java programmers) in using any of the bridged Cocoa classes, when they could use a 'Java Native' equivalent. There's not a lot of interest from Mac developers in using Java over Obj-C to write Cocoa apps - there isn't any productivity gain.
On the other hand, there is interest from Mac developers in scripting languages, but my understanding is that most of those bridges are being maintained outside of Apple, whereas the Java-Cocoa bridge was an Apple-funded project. There are a couple of Java-side initiatives to provide better cross-platform bridges to O/S, but they're not JCP supported - there's SWT on the widget side, and there's another project to provide a standard Java library that would use JNI calls to support native features common to Windows, OS X and Linux that the JCP won't allow in the standard Java runtime.

I'm not convinced that Apple are 'getting by' with bridges to scripting languages as I think most 'real' development on the Mac is still Obj-C based.

If you're serious enough about Mac development to actually want to use Cocoa features, I don't think learning Obj-C is a massive overhead for a competent OO developer. That said, it is showing it's age, and could learn a few tricks from more recent Smalltalk derived languages like Ruby, but the last attempt to revise Obj-C syntax failed and I expect any new one would also.

There is certainly more fit between a dynamic, Smalltalk derived language like Ruby and Obj-C, than the C++ -> Java -> C# lineage.

>rapidly increasing cross-platform interest in the language over Java.

I think the problem here is the 'cross-platform' developers and Mac developers have completely different motives. I work as a team leader in a cross-platform firm - even though our clients all run Windows and we never actually test on Linux or Solaris, and we don't have a Mac in the building, we've always stuck with cross-platform tools.
Part of that is our legacy (we were cross-platform when that meant using 4GL's to generate platform specific binaries - hell, we were cross-platform when it meant having to put conditional compilation into your C code so it would compile on different compilers / O/S). What we've never been interested in is making great client-side software - we'd rather be happy it will run on anything.

There are a smaller group, who actually work for companies that do release cross-platform software, who see cross-platform languages as a solution to a real problem, rather than a political one. They want to 'write-once, run-anywhere'. The problem is in this phrase - it purely deals with the technical level, rather than the design one. It typically means 'design for Windows, Mac and Linux users should be grateful we've even done a version'.

Microsoft actually understand this quite well, and did not develop a 'cross-platform' version of Office - having learnt their lesson from the one time they did :
http://blogs.msdn.com/rick_schaut/archive/2004/02/ 26/80193.aspx

Mac developers, on the other hand, are largely motivated towards exploiting the platform specific side, and that is currently serving Apple well. If 90% of Mac apps were as ugly as 90% of Windows apps, a lot of the apparent slickness of the platform would be lost. There are definitely Windows apps every bit as good as anything on the Mac, but you see them as so exceptional you gi

The IE7 developers have really improved their printing options. This is an area the Firefox team should focus on.

e.g. In Firefox the scaling to fit the page just squeezes the content between wider margins rather than actually scaling the pages.

Just yesterday a work colleague was trying to print off a page that was split horizontally into two frames. The top one had a company logo, and the lower one the table of figures she actually wanted. Printing normally just output the first bit of the lower frame. I had to view that frame only to get the full table in the frame to print.

From what I've read at the UAC blog (http://blogs.msdn.com/uac) and the IE blog (http://blogs.msdn.com/ie), it's somewhat different.

IE and the desktop run in the same security context - in the worst case, IE can't do anything more than the user can. Since the user isn't running in a privileged account on Vista (unlike XP, users on Vista run with admin privileges turned off), IE still can't do anything that the user can't do. That eliminates shatter attacks.

But beyond that, IE runs in a special limited mode (User Interface Privilege Isolation, or UIPI) where even things that the normal user can do are restricted - code running in IE can't send window messages to higher integrity level windows (essentially every other window on the desktop). In addition, code running in IE effectively runs in a sandbox - can't write to the filesystem or the registry except for certain certain defined areas (this is the MIC feature mentioned in the IE blog post). See this Channel 9 video, or this IE blog post for more details on how IE's protected mode works.

Shatter attacks happen when code running in a restricted security context is allowed to send window messages to code running in highly privileged security context, the UIPI feature is explicitly designed to stop that. In addition to IE, when you run an application elevated (right click, select "Run as administrator"), the elevated application is run at a "high" UIPI mode. That means that normal apps running on the desktop cannot send window messages to those applications. Apps running on the desktop are also prohibited from opening processes at a higher UIPI mode for write access, which stops a different set of attacks. You can find info about UIPI here here.

So in Vista for an ActiveX control to issue a shatter attack that would exploit the system, you would need to have:
1) A hostile ActiveX running in the browser (so the attacker first has to convince the user to execute their code).
2) a vulnerability in UIPI that allows the ActiveX control to send a window message to a higher privileged application (like every other application running on the desktop).
3) An application running on the users desktop that is running with elevated privileges (to get an application running with elevated privileges requires a special action of the user), normally no application runs with elevated privileges.
4) A vulnerability in that application that would allow an attacker to cause the application to allow the attacker to execute arbitrary code in the application.

The bottom line is that there are at least 4 levels of defense-in-depth that would have to be breached for code running in IE to be execute a shatter attack.

There may be other ways of attacking the system that don't involve shatter attacks, but from what the Microsoft guys have said, I think that shatter attacks are gone.

From what I've read at the UAC blog (http://blogs.msdn.com/uac) and the IE blog (http://blogs.msdn.com/ie), it's somewhat different.

IE and the desktop run in the same security context - in the worst case, IE can't do anything more than the user can. Since the user isn't running in a privileged account on Vista (unlike XP, users on Vista run with admin privileges turned off), IE still can't do anything that the user can't do. That eliminates shatter attacks.

But beyond that, IE runs in a special limited mode (User Interface Privilege Isolation, or UIPI) where even things that the normal user can do are restricted - code running in IE can't send window messages to higher integrity level windows (essentially every other window on the desktop). In addition, code running in IE effectively runs in a sandbox - can't write to the filesystem or the registry except for certain certain defined areas (this is the MIC feature mentioned in the IE blog post). See this Channel 9 video, or this IE blog post for more details on how IE's protected mode works.

Shatter attacks happen when code running in a restricted security context is allowed to send window messages to code running in highly privileged security context, the UIPI feature is explicitly designed to stop that. In addition to IE, when you run an application elevated (right click, select "Run as administrator"), the elevated application is run at a "high" UIPI mode. That means that normal apps running on the desktop cannot send window messages to those applications. Apps running on the desktop are also prohibited from opening processes at a higher UIPI mode for write access, which stops a different set of attacks. You can find info about UIPI here here.

So in Vista for an ActiveX control to issue a shatter attack that would exploit the system, you would need to have:
1) A hostile ActiveX running in the browser (so the attacker first has to convince the user to execute their code).
2) a vulnerability in UIPI that allows the ActiveX control to send a window message to a higher privileged application (like every other application running on the desktop).
3) An application running on the users desktop that is running with elevated privileges (to get an application running with elevated privileges requires a special action of the user), normally no application runs with elevated privileges.
4) A vulnerability in that application that would allow an attacker to cause the application to allow the attacker to execute arbitrary code in the application.

The bottom line is that there are at least 4 levels of defense-in-depth that would have to be breached for code running in IE to be execute a shatter attack.

There may be other ways of attacking the system that don't involve shatter attacks, but from what the Microsoft guys have said, I think that shatter attacks are gone.

Do you actually have any proof to support your "DOS ain't done till Lotus wont run" claim? That's just about as widespread, and just as unproven as the " who would ever need more than 640KB of ram" crap that gets repeated here over and over again.

If you bothered to google your quote, you'd come up with http://www.proudlyserving.com/archives/2005/08/dos _aint_done_t.html which has quotes from both microsoft and lotus dispelling that myth, and http://blogs.msdn.com/larryosterman/archive/2004/0 8/12/213681.aspx explaining why windows 3 did the check for incompatible DOS installations.

As someone has already pointed out above, the "DOS aint done" myth was already exposed right here on /.

Slashdot needs a -1, Factually incorrect mod.