Slashdot Mirror

> Martin: One thing that really frustrates me a
> little bit, and you can say this is partly because
> of us at Microsoft and hopefully we're getting
> better here, is that people try to position us as
> Microsoft versus open source.

Read an example EULA that seems to prohibit anybody from using the MSFT technology in question in a project that uses the GPL (or any license that requires the source to be included in the distribution).

To Mr. Martin: look, you can't have an EULA like that and say you're not against open source. This is not the first EULA that stops people from choosing whatever license they like to cover their IP.

It's strange, too, that MSFT made this business decision. There will consequently be fewer projects released into the open with this technology, and possibly fewer people paying for OS and development tools. All because the EULA says (IANAL) to me "you cannot distribute the DLL if your project distribution must include source code."

That just doesn't make sense. It's almost like MSFT is cutting off their nose to spite their face.

But I thought I could trust IE because of these certificates? No? Surely there's another solution?

Bye-bye, Internet Explorer?

Bye-bye, Internet Explorer?

Bye-bye, Internet Explorer?

According to Bruce Morgan at the IE Weblog, implementing transparent PNG is "one of the top developer requests"

According to Bruce Morgan at the IE Weblog, implementing transparent PNG is "one of the top developer requests"

If you think IE sucks, then be loud and proud about it. But don't bitch here, go over to the IEBlog and give them a piece of your mind.

If you get bored of fine arts, and prefer hearing something funny, check out some of the trolling done by IE developers at the IE Blog.

IEBlog

It makes for great comedy.

WARNING: Could cause serious coffee splurtage.

Actually, very little of the programs I use need Administrator privileges, and I can go for days without running anything as admin. I code, debug, do CS homework, and yes, even play games as a regular user. Another comment on this story posted this interesting link on non-admin tips. For games, making the game directory read-writable by all users also helps in a lot of cases; this is because a lot of games for some stupid reason store save games in the game directory instead of the user's profile. The former is typically read-only to users since it's in C:\Program Files.

Oops, sorry, didn't encode the urls properly (spaces got added as well, odd)

http://msdn.microsoft.com/library/default.asp?url= /library/en-us/dnwxp/html/winxpfus.asp
http://msdn.microsoft.com/library/default.asp?url= /library/en-us/dncode/html/secure06112002.asp
http://www.microsoft.com/windows/appcompatibility/ default.mspx
http://blogs.msdn.com/aaron_margosis

You'd be surprised how many things that come out of Microsoft Research make their way into products. The technology behind the MSN desktop search for instance... was in development for a number of years prior to the Google desktop search.

Did you know Microsoft even has a few MD (yes, Medical Doctors) who are using advanced computer modeling in HIV research. You can find an talk with one of those MD's from Channel 9.

for a semi-official answer, see this blog entry and its comments.

I've been looking with interest at Monad, the new .Net based Microsoft shell/scripting language (video demonstration here and another one here). I'm an avid Unix and bash user, but I'm still excited by the demonstration of this shell. It seems to have a lot of new functionality I even hadn't imagined before, and if it's as good as its demonstration in real life, it'll be a very powerful tool.

My question: I find it very interesting that you're enhacing the power of the command line in future versions of Windows, and even improving and inventing new and unexpected functionality. Since most Unix sysadmins does much of their work on the CLI, and the dependence on GUIs for even trivial tasks keeps many of us Unix guys from Windows, does this also meen that future versions of Windows will come with remote login such as SSH, and that more software can be automated and managed from the command line?

in an entry in Michael Kaplan's blog last month. That in turn mentions this entry which talks about spoofing filenames using a similar method.

in an entry in Michael Kaplan's blog last month. That in turn mentions this entry which talks about spoofing filenames using a similar method.

Nice troll,

From the same site that you quote comes this little gem.

With So Few Vulnerabilites, You'd Think They'd Be Fixed By Now 10/19/2004 6:56 AM Randy Wilson

- IIS 6, 3 vulnerabilities, 1 patched, 2 still open.

- Apache 2, 22 vulnerabilities, 21 patched, 1 still open.

That was 2004. If one brings 2005 data for apache 1.3 and apache-SSL 1.3 into the comparison, the view goes askew.

- Apache 1.3, 15 vulnerabilities, 13 patched, 1 partially patched, 1 still open.
(The open vulnerability was reported in 2005--not when the blog was posted).

- Apache-SSL 1.3, 1 vulberability, 1 patched.

Have you had enough FUD for today?
Cheers

So why did I chose Secunia? Well, they don't issue advisories, they simply reflect the vendor advisories, and in some instances "rumblings in the marketplace." There is a downside to the site too, as some vendors don't patch so they may look better on Secunia. However, both Microsoft and Apache have good advisory records, so the data is useful.

They work perfectly here if you deslashdotfuck them:

Link 1 and Link 2

They work perfectly here if you deslashdotfuck them:

Link 1 and Link 2

...its gone from about 130 errors when it was first released, to eight errors now. Not bad. Not bad at all.

Back on-topic I wouldn't be surprised if a fair number of Microsoft employees use Macs; they probably have the money and the technical inclination to learn more about all aspects of computer software.

Furthermore, it's relatively easy to run a variety of operating systems with VPC, so on a Mac they might run OS X and Windows and Linux. Or dual-boot OS X and Linux, because eventually everyone, I think, gets tired of their own dogfood.

Sadoly, however, I can't imagine how one would measure this, so I suppose we'll just have to go on rumor and innuendo. Maybe someone from MS -- and not the MBU -- will post.

The MBU, btw, is the Mac Business Unit, which produces OS X versions of Office and such. I read the blog of one of their developers sometimes, which is here.

There are several websites on converting laptops into "picture frames" http://www.likelysoft.com/hacks/pictureframes.shtm l, http://slashdot.org/article.pl?sid=04/12/27/023922 2&tid=222&tid=1, http://channel9.msdn.com/wiki/default.aspx/Channel 9.JunktopRevival Which you could modify slightly to add built in powered speakers and hang one in each room.

- Mike

heck you can even get emacs

And even Microsoft programmers do that, check out some of the video's on http://channel9.msdn.com/.

(If I remember correctly a video about Avalon and Indigo showed them using emacs for programming some quick demos of their XML based language)

Agreed. However, his point is that, since we're both respectable developers and neither of us would omit the unit tests, C/C++-style type checking is redundant book keeping and that type inference is of limited practical value.

I have to say, however, I've worked on a number of projects where developers wrote a large volume of unit tests. Then later, brought in code coverage tools. Invariably, everyone is dismayed at the truely huge amount of work required to simply get every line executed. (Simulating full/failing disks, torn database pages, dropped packets, other extenal events in such a way to get code coverage is hard.)

The first one I was involved in had automated tests that took >24hrs to run. When they brought in code coverage tools they found that they had a 60% coverage. A large proportion of the uncovered code was in error handling. (BTW, This claims that trying to get more that 80% code coverage is a mistake.)

Anyway, my point has always been that, even good tests aren't going to exercise every line so it's nice (but not a substitute) to be able to prove that some aspect the code is correct.

On a similar note, I haven't played with the BitC theorem prover:

--- Snip from the docs ---
11.1 Proof Obligations: Theorems
The defthm form introduces a proof obligation that must be discharged by the BitC Prover. The body of a theorem is a boolean expression that is considered to be discharged if its result is #t for all possible variable instantiations:

(defthm name truth-expr)

---

However, it looks interesting but kinda insane.

I keep thinking that I should just go out and develop a new language -- people have paid me for developing language implementation before (C, SQL, XQuery, and Java). However, <whine>I don't wanna. Can't somebody else do it.</whine> ;-)

Why don't people just run Windows in usermode and not as an Administrator? I mean, it's not that difficult, just check
http://blogs.msdn.com/Aaron_Margosis/
and you'll see.
No one uses Linux as root all the time. Just run Windows as a user and suddenly all of the spyware, trojan and virus problems are gone. Or at least 99% of them. No need for an antispam software...

To do this, make the script below into a batch file. (The script below assumes you've renamed your administrator account to something - I chose XXXAdministrator). Read the comments in the script to see how it works - it's pretty nifty.

@echo off
REM
REM This batch file starts a command shell under the current user account,
REM after temporarily adding that user to the local Administrators group.
REM Any program launched from that command shell will also run with
REM administrative privileges.
REM
REM You will be prompted for two passwords in two separate command shells:
REM first, for the password of the local administrator account, and
REM second for the password of the account under which you are logged on.
REM (The reason for this is that you are creating a new logon session in
REM which the user will be a member of the Administrators group.)
REM
REM CUSTOMIZATION:
REM The following values may be changed in order to customize this script:
REM
REM * _Prog_ : the program to run
REM
REM * _Admin_ : the name of the administrative account that can make changes
REM to local groups (usu. "Administrator" unless you renamed the
REM local administrator account). The first password prompt
REM will be for this account.
REM
REM * _Group_ : the local group to temporarily add the user to (e.g.,
REM "Administrators").
REM
REM * _User_ : the account under which to run the new program. The second
REM password prompt will be for this account. Leave it as
REM %USERDOMAIN%\%USERNAME% in order to elevate the current user.
REM

setlocal
set _Admin_=%COMPUTERNAME%\XXXAdministrator
set _Group_=Administrators
set _Prog_="C:\Program Files\Internet Explorer\iexplore.exe file:///c:/"
set _User_=%USERDOMAIN%\%USERNAME%

if "%1"=="" (
runas /savecred /u:%_Admin_% "%~s0 %_User_%"
if ERRORLEVEL 1 echo. && pause
) else (
echo Adding user %1 to group %_Group_%...
net localgroup %_Group_% %1 /ADD
if ERRORLEVEL 1 echo. && pause
echo.
echo Starting program in new logon session...
runas /savecred /u:%1 %_Prog_%
if ERRORLEVEL 1 echo. && pause
echo.
echo Removing user %1 from group %_Group_%...
net localgroup %_Group_% %1 /DELETE
if ERRORLEVEL 1 echo. && pause
)
endlocal

It's called XAML. It is not a programming language, it is a declarative way to control the user interface of a client application. It's nothing new conceptually, just jumping on the XML bandwagon. You can read more about it on this MSDN Blog.

Oh, and there are already commercial clones of it out, even though it won't be released until Avalan/Longhorn timeframe.

After all i've read and seen about Avalon, i still don't get what the fuzz is all about. Yes, it looks flashy, but at the expense of unreasonable processing power (don't forget this is an integral part of the Longhorn kernel). And i consider myself a sucker for eye-candy.

I know it's not comparable, because we're talking windows, but Enlightenment 0.17 will (hopefully) do everything Avalon does, and pretty much everything new Longhorn does as well. Just check the information on the e17 foundation libraries. Amazing stuff.

Here is a not bad demo video of avalon running on XP. http://channel9.msdn.com/ShowPost.aspx?PostID=3452 8

Theres a video demo here:

Daniel Lehenbauer - Demo of Avalon 3D #
and here :
Avalon Layout Basics

and info here:

http://channel9.msdn.com/wiki/default.aspx/Channel 9.Avalon

Theres a video demo here:

Daniel Lehenbauer - Demo of Avalon 3D #
and here :
Avalon Layout Basics

and info here:

http://channel9.msdn.com/wiki/default.aspx/Channel 9.Avalon

There is INETA, which has over 300,000 members worldwide and is promoted a lot by Microsoft.

There are many, many community websites put out or suppported in some way by Microsoft, like GotDotNet, MSDNAA (for students), Free ASP.NET starter kits, etc.

There are the helpful Shows and Webcasts highlighting and explaining new Microsoft products, which are especially helpful for .NET developers here.

There is the Student Ambassador (to Microsoft) program where a student serves as the liason between Microsoft and students and provides software, information, and community for students. This is run by Microsoft, and I play a small part as one SA among ~146 on college campuses in the US alone.

There is the Imagine Cup contest, which is geared for students which provides a programming competition for anyone interested. The website for that is here...

There's more, but you get the point.

As far as previous stuff (MFC, COM, etc.) I have not been involved at that stage, and a specific business may have had a different experience.

How does this kind of crap getting modded up to +5?! Amazing.
I recall years ago having a 450 MHz AMD K6-2 LINUX box with 128 MB of RAM consistently beating out a 900 MHz Athlon with 768 MB of RAM (running Windows) when it came to downloads over my broadband connection.

Quite the scientific study you did there. Case closed on the case of the kludge TCP/IP stack! This has nothing to do with served content from Apache versus IIS 6 running on hardware designed to serve content. Lets instead ask the important questions, like how much hardware is backing each site up? How many requests was each site receiving, and how much content was it serving for those requests? How much hardware does each site have backing it up? I'll bet that macworldexpo didn't have Akamai and their 3000 linux servers mirroring content like apple.com does. Microsoft runs Windows 2003 and IIS 6, and their web servers didn't choke while serving 100meg downloads of XP SP2 to how many millions of machines?

I might also point out that Hotmail for a time (and may very well still be) was using FreeBSD for its DNS servers... that's because when MS tried using their own "dogfood" (Windows 2000), it keeled over.

Maybe you should do a little fact checking before randomly repeating something you think you remember hearing something about.

Hotmail used a BSD variant and Apache before they were purchased by Microsoft in 1998. Since then they have moved over to Windows and IIS. As it took a while to switch over the entire production enviroment, the Microsoft runs Apache jokes surfaced. Hotmail also went from a subsrciption base of 9 million in 1998 to over 100 million in 2001 while they switched over. Microsoft fun "facts" regarding Hotmail

XP has some serious flaws, but Server 2003 is a pretty strong OS, and IIS 6 is rock solid compared to IIS 5 and even Apache. More Linkage

Now everyone can, thanks to Microsoft.

You guys obviously care very deeply what Microsoft users think. You see this all over the internet. Whenever a MS story is posted on any message board, all of the zealot psychopaths stop masturbating to their computer and post a million mentally retarded, sociopath comments. Every single one of them drips with mental illness and insecurity. It's funnier than Bozo the Clown.

Evidently the Phantom has made an appearance at the Microsoft booth at CES. According to Mike Hall's blog, it's running on WindowsXP Embedded.

Below is the text describing the system. There's also a nice picture posted there as well.

Next is the Phantom from Infinium Labs (Windows XP Embedded), this is quite an interesting device, I guess most people have XBOX's, Playstations, Nintendo Game Cubes or other dedicated game consoles - the Phantom plays PC games - a user gets offered a list of games (the Phantom supports all current and future Windows PC games according to the Infinium web site), the games are downloaded into the Phantom and then played on your TV set - since these are PC games you control the games through a keyboard and mouse - the keyboard/mouse being displayed with the Phantom on the Microsoft booth has an interesting "Lap" console for the keyboard and mouse - apparently it's quite comfortable to sit and play games using this.

Appreciate the history lesson. Are any of the early requirements management tools still around, in any incarnation?

Agree on the value of tracking estimates and actuals. I've not had the experience of working on a project that was mature enough to track both. But even a mental comparison of estimates with personal observation was invaluable in understanding developer strengths/weaknesses.

Do you think there is a place in the market for an open-source requirements management system? E.g. if someone started such a tool, would any home-grown tool owners contribute expertise or code?

Have you seen a good tool that is more affordable than CaliberRM/DOORS? The market seems to have an absent low end (excluding MS Office). Microsoft plans some process management for their developer tools, e.g. "Visual Studio Team System" is mentioned in a comprehensive description (with photos) of their internal build+test environment for ASP.NET.

MSDN Student Flash, a student-focused blog that is part of the MSDN blogs, has come out with a blog entry about Firefox. Who in Microsoft let this one slip?

It's an awesome post, though...

According to this post from MS themselves, Office 2003 is actually quite cheap.

First I want to say that I am not a fan of MS. My main living room devices for the last three years are a hacked Tivo and a PC with various "test" builds of MythTv.

Last month my spouse got tired of me futzing around with the MythTv box and purchased a MCE 2005 PC for the living room. At first I thought I would hate it because of the noted DRM, but after setting it up and using it for a while I have to say that I am impressed. The machine runs smoothly and I now finally have a slick/easy way to browse my MP3 and DVD backups off of my main file server. I am really impressed with how well the box plays DVD backups. After testing about thirty DVD backups I have not found anything that has DVD menus that choke the box (wish I could say the same for my homebrew solutions). The DRM has absolutely no control over my use of the box. I only give the MCE box read only access to the content on my file server, which means that my media library will continue to be safe from being crippled with DRM. I continue to use my favorite apps to rip/move content (audio/video/tivo/dvd) to my collection on my main file server.

The MCR 2005 box is not perfect. I will still continue hack away with Linux and MythTv, but now there is a PC in the living room that my whole family can use to enjoy my media library.

Also, writing add-ins is very easy, there is a good sized developer community and the SDK is a free download.

Hmmmm....

And some of them do - and they do not want people screaming about every app that breaks.

Here's a posting about how to run ancient a.out binaries on an ELF-based version of Red Hat http://www.ofb.net/~jheiss/aout_redhat.shtml [ofb.net]. Running ancient apps on Linux is simple. Everyone knows it is simple. Why do you try to claim that it is difficult?

Are you saying that Joe Sixpack, or my grandfather will be able to understand those instructions? Or even a typical business user?

Linux can get away with this stuff, because its audience is much more technically in tune. Microsoft cannot get away with this, since its audience is much less technically astute and unwilling to even drop to the command line.

You need a dose of reality

http://blogs.msdn.com/oldnewthing/archive/2003/12/ 24/45779.aspx

Of course, the open source world does not have this problem because they have the luxury of being able to break anybody that misuses a particular GTK/Qt/whatever API. But Microsoft does not have that luxury. Who knows? Maybe that might be their undoing someday.

http://blogs.msdn.com/oldnewthing/archive/2003/12/ 24/45779.aspx

Of course, the open source world does not have this problem because they have the luxury of being able to break anybody that misuses a particular GTK/Qt/whatever API. But Microsoft does not have that luxury. Who knows? Maybe that might be their undoing someday.

Firefox is unsafe.

I also noticed they promote downloading it through mirrors. EVERONE knows mirrors are bad security (especially mirrors with numeric ip addresses! http://blogs.msdn.com/ptorr/archive/2004/12/20/327 511.aspx :P

An utterly stripped version of it probably will, but without any of the four pillars remaining, it'd be like a Beatles reunion with members of Abba taking their place.

Rick Brew has posted a copy of the installer on his blog. Download it from http://blogs.msdn.com/rickbrew/.

Peter Torr has some pretty interesting rebuttals, actually.
http://blogs.msdn.com/ptorr/archive/2004/12/21/328 377.aspx
Among other things, he clarifies that he's not ranting about Firefox itself and that he was silly to speak of numerical IP addresses. Check it out- not a bad job rebutting considering the numbers are several thousand in slashdot's "favor."