Slashdot Mirror

I DON'T do a MacOS X one & I don't say hosts cure spectre/meltdown. Start64.com download page would say so.

Thanks 4 MISTAKES U MADE below!

APK

P.S.=> Your Mistakes:

https://tech.slashdot.org/comm... (password & *NIX I account for vs. your lie)

https://tech.slashdot.org/comm... (my code's audited security pros @ MALWAREBYTES who HOSTS/RECOMMEND it)

https://tech.slashdot.org/comm... (hosts = native kernelmode resolver filter in Windows - LINUX diskcache DOES kernelmode cache ref of hosts OR SHOULD https://yro.slashdot.org/comme... & WHY w/ IIS/Apache e.g.)

https://tech.slashdot.org/comm... (you PUT WORDS IN MY MOUTH I NEVER SAID "dns is in kernel" hosts = a native RESOLVER is in Windows. Linux partially diskcache - SHOULD ALL BE)

Hosts = native FASTEST RESOLVER pure kernelmode via IP stack + kernelmode diskcache (no context switch kernelmode FAST vs. SLOW USERMODE security issue riddled Windows dnscache https://blogs.msmvps.com/acefe... faulty w/ large hosts

I DON'T HAVE A MacOS X version! Thanks for MISTAKES YOU MADE vs. me listed below!

APK

P.S.=> Mistakes:

https://tech.slashdot.org/comm... (password & *NIX systems I account for vs. your lie)

https://tech.slashdot.org/comm... (my code's audited by a security pro @ MALWAREBYTES who HOSTS & RECOMMENDS it)

https://tech.slashdot.org/comm... (hosts = native kernelmode resolver filter in Windows - LINUX by diskcache DOES kernelmode cache reference of hosts OR SHOULD https://yro.slashdot.org/comme... & WHY w/ IIS/Apache e.g.)

https://tech.slashdot.org/comm... (PUTTING WORDS IN MY MOUTH! I NEVER SAID "dns is in the kernel" hosts AS A RESOLVER is in Windows, Linux partially (diskcache) but SHOULD ALL BE if not)

Hosts = native FASTEST RESOLVER pure kernelmode via IP stack + kernelmode diskcache subsystem (no context switch kernelmode FAST vs. SLOW USERMODE security issue riddled dnscache in Windows https://blogs.msmvps.com/acefe... that's faulty w/ large hosts... apk

Hosts is a file & files get cached (fact): Accesses faster that way on re-access, pure kernelmode no context switch (unless hosts changes & it reloads again pure kernelmode access, NO buggy w/ large hosts files USERMODE SLOW like Windows buggy DNS cache service is https://blogs.msmvps.com/acefe... (not a kernelmode driver, dnscache usermode service)).

Doesn't run SLOW - look @ 5 sets of users I posted telling you FAR DIFFERENT... why? THEY FOLLOW DIRECTIONS my program gives them (to disable the USERMODE SLOW BUGGY dnscache service that lags on large hosts files & HAS SECURITY ISSUES too).

I keep my top 100 fav sites @ TOP of hosts & cached too LOCALLY IN RAM is the FASTEST POSSIBLE RESOLVER (& is safer than dns redirect poisoned SLOWER remote DNS).

The rest of the 5 million entries ARE BLOCKED - I could care less "how fast" those are gotten to - I NEVER INTEND TO GET TO THEM & TTL does the rest.

APK

P.S.=> YOU LOSE... apk

For OS X: https://blog.filippo.io/untrusting-an-intermediate-ca-on-os-x/

For WIndows: http://blogs.msmvps.com/alunj/2016/05/26/untrusting-the-blue-coat-intermediate-ca-from-windows/

And why you should: https://motherboard.vice.com/read/a-controversial-surveillance-firm-was-granted-a-powerful-encryption-certifica

Kudos to your upbeat attitude, but in this case Apple did make a conscious decision to break many existing apps in the App Store. Here's a link that describes the changes they made. For what it's worth, I personally could have coded something that would either not break anything (realistically unlikely in an app store of hundreds of thousands of apps relying on obscure side effects), or at least break a lot fewer apps. link to description.

This is not like the 64 bit thing, because Apple could easily have avoided breaking this stuff on iOS 6. The message they sent was that you'd better be prepared to re-release your app for every new iOS version, because Apple's primary interest is forward-looking, not backward looking. They care about their next dollar, not one they earned a year ago. But I already said that.

HOSTS file.

There's no place like 127.0.0.1...

Unless Im mistaken, powershell is really only being pushed for server use. Its not even bundled with the desktop, you have to install it extra. On the server from 2008 and on, its built in.

PowerShell is an integrated part of Windows since Windows 7. You cannot even uninstall it, since other core functionality depends on it.

The automated troubleshooters, as an example, are written using PowerShell. When the system determines a problem with a NIC it will ask you if it should perform automated troubleshooting and attempt repair. The analysis and repair is a PowerShell script.

No, here's some prior art... http://msmvps.com/blogs/spywaresucks/archive/2007/02/18/591493.aspx

Cell Phone - Cell Phone
Phone - Cell Phone
If everyone in your house has a cell phone, why does your house need its own line?

Because kids can't afford a cell phone bill. Would you propose buying a phone and a plan for a single-digit-year-old child? Or are you of the opinion that any child old enough to be left alone deserves a phone on a parent's family plan?

TV - PC
DVD Player - PC

A 19" monitor doesn't work well for several people to sit around in the living room, and most people aren't geek enough to pull HDMI through the wall from the PC room to the living room. Appliances have a higher wife acceptance factor.

Game Console - PC

People buy separate appliances to play specific games or even entire genres that are exclusive to those appliances. For example, what's the closest PC counterpart to Jak/Sly/Ratchet/Crash, Metal Gear Solid, Smash Bros., Mario Party, or Animal Crossing?

Cable Box - PC
[...]
General-purpose computing devices (PCs) are able to do most of those things, and with linux and free (beer or speech) software available, can and are doing so.

How? This article claims that CableCARD OCUR doesn't support any operating systems for general-purpose personal computers other than some editions of Windows. Besides, what do you do when you want to watch TV while your daughter is typing up her homework?

Home Stereo - PC

True if you're listening in the PC room. But what about another member of the household listening to something else in the living room?

Car Stereo - Car
Car Engine - Car

The stereo might run on the same computer as the navigation, but the engine runs on an independent computer systems for safety reasons. Therefore, a car counts as two devices, each with its own telemetry.

Home Lighting - SmartHome
Climate Control - SmartHome
Security - Smarthome

Granted, a smart home might present a single proxy for all kitchen appliances that need to report status to outside. But one point of the article is that they will become able to report such status.

You need to either write COM component in Python and interface with Visual Basic that way, or use IronPython and call it from .Net like this.

Look into remote desktop packages. With those your iPad becomes a wireless-attached terminal to your normal environment, routing input and display. In that way you can run any app your other computer can - from anywhere with 3G service - including all of your favorite flash and FaceBook games, or even PC games.

I can't wait to see the screenshots of W7 through RDP on an iPad. Here's Windows Home Server.

Actually, there's some malware going around that presents a popup purporting to be from the content industry that demands $400 in restitution for having copyright-infringing movies and music on your computer. No, it's not the ??AA actually doing it, but it's certainly possible.

http://msmvps.com/blogs/spywaresucks/archive/2010/04/12/1763297.aspx

Ok... go lookup the story about iPods loaded with trojans that got through QA. http://msmvps.com/blogs/spywaresucks/archive/2006/10/19/187622.aspx This has nothing to do with android/apple and everything to do with crappy manufacturing using infected windows PC that will infect any usb connected device.

Will the eight be tipped on its side to make an infinity symbol?

Very unlikely, as it's the new logo for Visual Studio already.

Yeah right Compiler bugs don't really exist, and this one was found by Linus Torvalds maybe someone ought to fire him, it is not the compiler it is his kernel source code. :)

She must have been using Visual BASIC and found a bug.

As a Programmer I usually try to write code around the bug by defining my own functions to replace DLLs and API calls.

When I did so in college back in 1986 it was Turbo Pascal and it had a rounding bug in the compiler. So what I did was write my own rounding function by converting the floating point into a string and then operated on the string to round up and avoid the rounding bug. I was the only one in my class to get the correct answer, but I got a C because I didn't get the same answer as the rest of the class due to a bug in the rounding function. I was accused of 'hacking" and told that writing my own rounding function was illegal use of the language. I felt like Captain Kirk in the Kobayashi Maru scenario, I programmed it so that it was possible to win, but in doing so instead of being celebrated for being innovative I was punished instead. But then later the Star Trek remake made more sense to me. :)

FTPS doesn't have to do a full TLS handshake on the data port - it reuses the SSL session that was negotiated on the control channel.

There are better ways for FTPS to do data connections than PORT and PASV, and I'm in the middle of a series of notes on my blog http://msmvps.com/blogs/alunj that will culminate in describing the best way to handle data connections for modern FTP.

You have confused Implicit and explicit FTPS. Implicit SSL is where the SSL session is established immediately after making the connection; Explicit SSL is where a command is sent to elevate the connection to SSL. Having said that, the weakness you propose as a problem for Explicit SSL is not the problem you think it to be - FTP clients and servers that support FTPS generally have options to refuse to authenticate outside of an SSL session. Good thing too, because the AUTH TLS command forces a logout of any previously authenticated user session within the FTP connection.

Implicit SSL is deprecated in the FTPS standard.

Finally, a late addition to the FTPS standard was to add the CCC command, which keeps the user's session active, and closes the SSL session on the control connection, so that a NAT or other ALG can look for PORT and PASV commands to open up temporary firewall holes for data connections. I'm not sure that I think that's a great idea.

Exchange database engine is also called "Jet", but it's a different kind of Jet: Access is Jet Red, Exchange is Jet Blue. The difference is explained here.

3.b. Make a clone image of the system to an external hard drive so that next time you can be done in 20 minutes. I recommend clonezilla for this because it's free, boots from a pen drive, supports Windows and Linux, and will save to a USB drive or open Windows share on the network.

4) It is usually a good idea to use something else than Internet Explorer for surfing ;-)

Another good tip is to load a good hosts file. You would be amazed how much it helps. There's no host like localhost. It's cheezy, it's retro, it's cheating. But it doesn't cause cancer.*

*This statement has not been evaluated by the AMA. Void where prohibited. Your mileage may vary. Everything causes cancer.

And it will on Vista too, for that matter.

This debate is just so stupid for that matter IMHO.

Nothing LESS will play. It has ADDED support for the (optional) protection feature of HDCP, for those who want to support stores who sell such media for some stupid reason. Vista started supporting this, now Mac does. Linux still doesn't AFAIK (unless there's some project started for it just recently), so if still true, it can't play these things.

I completely agree that Google has been royally screwing up this search page. I also don't see how Google could foul up this search so badly. As you point out I just want to limit my search to microsoft.public.acccess* and it doesn't work. See http://msmvps.com/blogs/access/archive/2008/08/17/google-search-is-becoming-more-and-more-useless.aspx for my blog on this topic as well. And click on the Google complaints tag.

And the next "security research" company? And the next one? And the one after that? And ... well, you get the picture.

Alun Jones expressed it best: http://msmvps.com/blogs/alunj/archive/2008/02/07/1501848.aspx

To see just how screwed up Microsoft is regarding codec support. http://msmvps.com/blogs/chrisl/archive/2007/09/24/1212782.aspx Each piece of hardware they sell can play only certain file formats. Zune goes outside of WMP 11 to purchase music. Previous Plays for Sure users got screwed when the Zune and the new music store came out. Xbox 360 has an all together different store for buying movies and TV. Zune has retarded restrictions on how it interacts with Windows Media Center. Regular XP and Vista users can't access the Xbox 360 store. Talk about a fucked up and disjointed ecosystem.

To make matters worse the rest of the industry still thinks it is a good idea to fragment things even more. You have an ever increasing number of companies that want to sell things directly and bypass both Apple and Microsoft. Within a few years we will have 50 different place to buy movies and music from all with their own software interfaces and supported hardware.

Is there really still any wonder at all why consumers stick to downloading movies and music from P2P and Newsgroups?

The article somehow reminds me of early 2006.

So here's a nice and tidy list that summarizes most of it:
http://msmvps.com/blogs/chrisl/archive/2007/01/25/ 519180.aspx

That's because in Windows you can't replace a file if it is opened, and the sort of code which you want to patch is running from fairly early in the boot.

Mind you, recent versions of Windows support hot patching. The idea is the update daemon can attach to the process, pause it and, patch the updated function in place and then unpause it.

To make it work, the compiler uses a special function prologue and epilogue on API functions - on x86 the first two bytes of a function are a two byte NOP like mov edi, edi. These get replaced with jump short, but just before that there 5 actually NOP instructions which get replaced with a jmp long to the replacement.

http://msmvps.com/blogs/kernelmustard/archive/2005 /04/25/44413.aspx

It's not really clear if this is a temporary solution or if the hot patch version is replaced with a new binary at the next boot.

I've got a blog entry on this. Some of my comments were off base because I didn't know about some of the features of VS2005 at the time, but the ones I really would like fixed:
1) Open Resource (Ctrl-Shift-R in Eclipse)
2) Open Type (Ctrl-Shift-T in Eclipse)
3) Organise imports (using directives in C#; get rid of ones I don't use, sort the ones I do, add any necessary)
4) Make the overload tooltip show more than one ruddy entry at a time!

Oh, and compile-incrementally-on-save-so-quickly-you-don't -notice is rather handy too.

Here's the blog entry: http://msmvps.com/blogs/jon.skeet/archive/2005/12/ 22/79631.aspx

I haven't tried Orcas yet (hope to do so with the March CTP really soon) - perhaps some of it will have been implemented there...

Jon

http://msmvps.com/blogs/chrisl/archive/2007/01/25/ 519180.aspx

Someone posted a good list about Vista's DRM against XP's DRM http://msmvps.com/blogs/chrisl/archive/2007/01/25/ 519180.aspx

There are at least two, and probably three, things wrong with the popularly echoed "they'll revoke the keys" response:

1) Which player gets its keys revoked? The people involved are being intentionally elusive on this topic. It's been determined that WinDVD can be used, but content providers can never be sure they eradicated the source of leaks unless they ban all software players. For all we know PowerDVD is cracked, too, despite their claims; the fact that muslix64 uses it for his demo certainly makes one wonder.

2) Even if you wipe out a player, you can still crack all the discs currently on the market. Key revocation only involves future titles, manufacturers have to change how they press discs to revoke a key and stop the hack.

I quote from Wikipedia which has all this correct: "if a given player's keys are compromised and published by an attacker, the AACS licensing authority can simply revoke those keys in future content, making the keys/player useless for decrypting new titles. However, if attacker doesn't publish the compromised player key, the AACS licensing authority doesn't know which key is compromised, and it can not revoke it." I'd also suggest the thread where muslix64 comments about this subject.

3) What gives you any reason to believe that the same misguided souls who believed AACS was a secure solution implemented revocation securely?

The driver signing is only required on the 64bit edition, just like XP 64bit Edition. To quote this article:

The basic premise is that protected content can't be successfully protected on 32-bit Vista, since there's no driver signing requirement. So only 64-bit Vista will be able to play commercial, protected, high definition DVD content.

As far as I know, these requirements are for kernel-mode drivers, as well.

I wouldn't mind seeing a "permitted controls" list, so you could allow say javascript, xmlhttprequest, flash and java, while leaving the rest disabled

Well as you have noted, Javascript and Java already have their own configuration in the IE security settings, so you already can turn them on and off individually.

There is also a facility to allow only certain Active X controls and plug ins. In the Security->Custom Level dialog you can see "Administrator Approved" as an option for some of the Active X settings. If you select this, then you can configure which controls can be used with the IE Admin Kit.

Alternatively, a simple *.reg file can be made to add controls to the list. That is the method that I have used. I was given a registry file to add Flash to the approved list, which I used on a coworker's computer. Something like this (untested, I just found this example with Google).

By the way, I really don't know how the grandparent was moderated as Insightful whilst being so utterly wrong. Disabling Active X has been part of IE's configuration since they first introduced the feature.

When I said critical I meant vulnerabilities that could cause the server to be compromised. IIS6 had never had any.

Now lets analyze your last post...

"How about a buffer overflow exploit? Doies that count?
http://lists.grok.org.uk/pipermail/full-disclosure /2005-April/033445.html"

Sorry, but that one does count because it's not real.

"How about this long list as compiled by a Microsoft MVP?
http://msmvps.com/blogs/bernard/archive/2004/06/10 /7882.aspx"

That list counts every vulnerability in Win2k3 since it was released, and is not relevant. IE/Media PLayer/Flash/SMB vulnerabilities cannot be exploited via IIS6.

"How about these honorable mentions as well?
http://www.aqtronix.com/Advisories/AQ-2003-02.txt (unannounced by Microsoft)
http://isc.sans.org/diary.php?date=2005-10-11
http://www.securityfocus.com/bid/9409"

Hmm. The first is a IIS5 vulnerability. Try reading past the first line next time.

The second one is not an IIS6 or IIS5 vulnerability. Not sure WTF you posted that for.

The third one is an Exchange Vulnerability. Exchange != IIS6

"Lets also not forget that....several vulnerabilities to underlying systems and Dlls caused IIS6 to be vulnerable as well."

Just because some dll or binary is vulnerable in Windows does not necessarily mean it can be exploited via IIS. You are grasping for straws here.

So lets sum your glorious rebuttal to my claim that IIS6 has had no critical vulnerabilities.

* You've posted a fake (Here's your sign!) vulnerability.
* You've posted a list of all of the vulnerabilities in Win2k3, and insinuated that they all can be exploited via IIS6
* You've posted two vulnerabilities that had nothing to do with any version of IIS, and one IIS5 vulnerability.
* You repeatedly brought up IIS5, when in fact I never brought up IIS5 and was specifically talking about IIS6.

Faster? Perhaps, but by who's measure? I've never seen a useful (yes, Microsoft's don't count as useful) Apache/IIS performance comparison.

More secure? Why do you think that? IIS6 has never had a critical vulnerability discovered for it. In the same time frame you can't say that for Apache 1.x and 2.x.

Do the .Net languages allow a decent functional "Mix 'n Match" capability? If so, I'd make sure the VB rewrite was in VB.Net (or are there VB.Net idiosyncrasies that would justify sticking with the old VB6?) and then I'd learn C# really well. At some point in the project some component might fall under the "this will really suck under VB, and we can tackle it much better by writing this piece in C#" which will let you get a toe-hold on the idea of using a better language.

.NET languages are all pretty much interoperable, so long as you make sure to build your assembly as CLSCompliant (which may limit usage of some language features). The main problem is that VB.NET is quite a bit different from VB6. For someone who's only ever done VB code, it's easier to learn VB.NET than C#, but for everybody else you may as well start directly with C#. In the past, I'd have advocated building your UI with VB and calling C++ COM objects for any heavy lifting. Now, I'd recommend you go C# and do everything there.

As for the tasks VB are not suited for (again, I only know VB6, not VB.Net) the biggest glaring omission in my experience was the lack of decent Regular Expressions, or Hash Tables / "Dictionaries"--unless you link to the VBScript/IE6 library like everyone used to. On the other hand, there are IMOHO problems with languages like Perl that make them bad for a number of solutions, but that hasn't stopped nutty fanatics from treating them like "golden hammers".

You get regular expressions and collections with .NET (though not as many different collections as in Java, unless you bring in the J# assemblies for your project). You also get generics, anonymous methods (anonymous delegates, lambda functions, closures, whatever you want to call them), and quite a bit more cool stuff, though I have no idea how well that's exposed through the VB.NET language. Even cooler than that, you could subversively write modules in a functional language like F# (a dialect of ML) and nobody'd know the difference from their VB.NET or C# environments. (yeah, you can do that with Java as well.)

"okay, when looking at iis 6.0, there are a lot less security issues than in any of their previous versions.

http://msmvps.com/blogs/bernard/archive/2004/06/10 /7882.aspx"

That might be good news, or might not. We have no way of knowing if there are less security issues in IIS than previous versions because we do not have the source to review. Instead we only know how many officially recognized security holes there are. There are no shortage of known exploitable bugs that Microsoft has not acknowledged and not patched. I am forced to leave this as a blanket statement for all microsoft products since there are obviously no official stats on unoffical bugs.

"right. To point out that it is not always the fault of microsoft, but of the dumbass admins and users that don't update their systems."

That is kind of passing the buck don't you think? Yes an admin who has not applied a security patch has a share of the blame. But that hardly changes the fact that Microsoft shipping a product with a security hole is the root of the problem. The lion share of blame for all the security issues with Microsoft products rests with Microsoft.

This is like firestone shipping defective and dangerous tires. If firestone issues a recall to exchange the tires for new ones, no blame falls with the individual who never hears about the issue at all. Some does fall on the trucking company that does not immediately call in all the trucks and reoutfit the fleet. But the root of the problem and the ultimate liability would belong to firestone for shipping faulty tires to begin with. Doubly so if firestone avoided the recall until they had no choice instead of immediately issuing it upon discovering there was a problem. Microsoft certainly avoids admitting to exploitable holes when they think they can get away with it.

"I'm not really sure about the developer increase. I think there are a lot less developers working on linux than you think. At the core level, there aren't a lot of people even experienced enough to add fixes or updates (maybe even less than the amount of engineers working at Microsoft)."

Yes but kernel development is a tree with many branches. Each of those core are who Linus trusts to pass off good code. They in turn will be recieving patches from a far larger number of developers. Again, these developers may be passing along patches from still more developers. Only at the furthest reaches of the development model do untested and unreviewed patches come into play.

When the EU did a study on open source source software and distributed information for government bodies considering adopting it; they estimated the number of open source developers to be at least 3 million.

"open source sounds great on paper, but in the end, 1% of the people getting the source are doing the work. The rest are just interested in it because of the price."

Now that is just plain trolling. The open source development model is more than a party favor and is highly effective in practice. In fact, it is so much more effective than closed models that corporations (including microsoft) are trying to take as much from the model as they can without actually opening up.

In any case, this is not a debate that will be settled by us today. It is obvious that you either work for a MS shop or for MS though. Some of your points are almost word for word the arguments that Microsoft makes to defend itself.

Because no sane administrator would recommend or implement sendmail when there are numerous other open source applications to replace it? Sendmail is a case where the community determined the entire design had to trashed and replaced with an entirely new solution. Only ancient unix installations (or new installations created by ancient admins) utilize sendmail. That would be like comparing the security of OSX or Ubuntu to that of win95a...

okay, when looking at iis 6.0, there are a lot less security issues than in any of their previous versions.

http://msmvps.com/blogs/bernard/archive/2004/06/10 /7882.aspx

For the final time, a user CAN NOT simply download and execute a file under linux. A downloaded file is created with the default creation mask which will render it non-executable. A user would actually have to understand the permissions model and have a general idea how to run the system beyond clicking icons on his/her desktop to accomplish this. Further, users who would intentionally execute a file from email are few nowdays. Usually they are led to believe the file is not an executable

Even with the linux security model, there are still exploits and holes. If we took the average or inexperienced user out of the equation, windows would have a lot less issues. This is something we can't really see with linux (because the majority of users are somewhat experienced with computers), but is unfairy compared with windows when it comes to security.

It just tickles me the wrong way when I realize that every time the subject of windows security comes up there is something like that to point out. Perhaps last time it was not 0-day exploits, it was just remote execute holes, or script kiddy url spoofs but there is always something.

right. To point out that it is not always the fault of microsoft, but of the dumbass admins and users that don't update their systems.

I would never deny that with increased popularity there will be attacks on linux. Even without them, more exploits would be found and patched because with an increase in popularity, linux gains an increase in developers as well. But at this time there is no reason to believe that an innately more secure design like linux would be as easy to exploit as windows.

I'm not really sure about the developer increase. I think there are a lot less developers working on linux than you think. At the core level, there aren't a lot of people even experienced enough to add fixes or updates (maybe even less than the amount of engineers working at Microsoft).

open source sounds great on paper, but in the end, 1% of the people getting the source are doing the work. The rest are just interested in it because of the price.

...is create good IDEs.

As others have said, Visual Studio is significantly behind Eclipse. I believe it's also behind IDEA, although as I haven't used IDEA in anger I wouldn't like to speculate.

I blogged about just what I miss from Eclipse when I'm working in Visual Studio. Visual Studio 2005 has made up some ground, but it's still miles behind IMO.

Jon

just took a look at videohelp.com
When I checked the HD WMV box, the only player to come up was:
    I-O Data AVeL LinkPlayer2 AVLP2/DVDLA for $250
When I checked the WMV9 box, 3 standalone players came up, again no pioneer.
Searching for the Sigma EM8620L chip which is apparently the one that has the potential to do the HD WMV, comes up with 9 hits. Still no pioneer.
A brief browse over at http://www.pioneerelectronics.com/ I dont seem to see any dvd players that mention WMV period, let alone wmv9 of HD WMV. Granted I didn't do an exhaustive search, but I checked the specs on the top models in the two dvd player categories they had, elite and pro. Maybe they just like to hide it, or I need to dig down more.

Maybe you should learn how to use google or MSN Search. Here is the first hit I got even...

http://msmvps.com/chrisl/archive/2005/07/17/57932. aspx

And here is a link from last December on units available then as well.
http://www.engadget.com/entry/1234000427023177/

Also if you do some further looking, many of the popular online Movie sources have just recently moved to WMV-HD - like AtomFilms.com etc.

I just did a quick google and pulled the first result and the second one that looked relevent. Interesting is that many of the newer IN-Car DVD players already support WMV-HD content as well.

So if you don't think this stuff exists, or I was making it up, sorry, take a reality check...

Here is a walk through kind of thing

This was one of many announcements.

Most of the news sites that reported it, couldn't confirm it. It was big in japan, but no where else really considering that it isn't just a click and play kind of thing and you already had to have a license to remove the encryption. It's easier to just record your video out and take the minor loss that might be made if you use a cheap cable. But still... programs do exist to pull the drm key out of memory while the video is playing and then another tool exists to remove the DRM using said key. Its a pain in the ass but doable. The exe is no longer on websites (none that I know of)but you might find it on p2p networks. Rumor has it that Micorosft handled the situation quickly and silently with lawyers. Regardless, in the middle of February or so, Microsoft released an update that apparently makes this tool useless and allows content providers to make sure that you have the update installed. Treacherous computing at its best.
Regards,
Steve

The "Designed for Windows XP" logo requires the software to run under a low privileged user account (except for tools that need high privilege - administrative tools, backup software and the like). You need to bitch at Intuit and demand they meet this basic standard.

Meanwhile, try the MS Application Compatibility Toolkit which can fake out apps that require absurd priviledges. Or try Susan Bradley's fix.

Susan Bradley and other SBS-MVPs have closely analyzed the new Windows Server 2003 Server Pack 1 release (see http://www.crn.com/sections/breakingnews/dailyarch ives.jhtml?articleId=160400108 for details) and CONCLUDED that this SHOULD NOT BE APPLIED to SBS 2003!

Susan writes about this matter at her blog site:

http://msmvps.com/bradley/archive/2005/04/01/40479 .aspx
http://msmvps.com/bradley/archive/2005/03/31/40399 .aspx
http://msmvps.com/bradley/archive/2005/03/31/40423 .aspx

(above cut-n-paste from Harry Brelsford email)
Kevin

Susan Bradley and other SBS-MVPs have closely analyzed the new Windows Server 2003 Server Pack 1 release (see http://www.crn.com/sections/breakingnews/dailyarch ives.jhtml?articleId=160400108 for details) and CONCLUDED that this SHOULD NOT BE APPLIED to SBS 2003!

Susan writes about this matter at her blog site:

http://msmvps.com/bradley/archive/2005/04/01/40479 .aspx
http://msmvps.com/bradley/archive/2005/03/31/40399 .aspx
http://msmvps.com/bradley/archive/2005/03/31/40423 .aspx

(above cut-n-paste from Harry Brelsford email)
Kevin

Susan Bradley and other SBS-MVPs have closely analyzed the new Windows Server 2003 Server Pack 1 release (see http://www.crn.com/sections/breakingnews/dailyarch ives.jhtml?articleId=160400108 for details) and CONCLUDED that this SHOULD NOT BE APPLIED to SBS 2003!

Susan writes about this matter at her blog site:

http://msmvps.com/bradley/archive/2005/04/01/40479 .aspx
http://msmvps.com/bradley/archive/2005/03/31/40399 .aspx
http://msmvps.com/bradley/archive/2005/03/31/40423 .aspx

(above cut-n-paste from Harry Brelsford email)
Kevin

By the same token people mod their XBoxes to get more features out of them (with XBMC or FriendTech Media Center, which functions as a MythTV front end) than are provided by the Media Center Extender Pack.

The problem with these convergence applications is while they do a lot more than other commercial devices, they can't do nearly as much as the average user can with data on their own PC. You can't use nearly as many codecs with the XBox Extender than you can with XBMC or FTMC, and although you can extend the Windows MCE, you can't do so with nearly as many features as you would get with MythTV or Freevo.

The boxes produced by Intel, HP, and MS are not nearly as interesting to the consumer as these companies would like to think the force-fed rigidity of their solutions can satisfy.

No matter how you cut the vulnerabilities in Win2K3 some of the vulnerabilities are definitely part of IIS 6.0. However I don't believe for a second that Microsoft is reporting all security problems, such as this problem that M$ still hasn't acknowledged.

The Apache group is much more forthcoming about security problems and I don't trust Windows as a server platform.