Slashdot Mirror

Timeline Inc has won a US Washington Court of Appeal judgment against Microsoft for the right to sue Microsoft's customers, and subsequently sued Cognos. On February 13, 2004, Cognos settled at cost to Cognos totaling $1.75 million

microsoft has used "generic error" messages to discriminate against users of software it doesn't like.

After winning awards and besting MS-DOS in virtually every comparison, DR-DOS had the rug pulled out from under it when Microsoft released a beta version of Windows 3.0 that detected DR-DOS and gave bogus error messages.

print the article while you can. now that the records from the caldera trial have been destroyed (along with the copy of the beta they managed to find for the trial, no doubt), microsoft will undoubted resume claiming it's an urban legend, if they have't already, and all mention of this little bit of history is rapidly vanishing from the virtual world as well. pathetic.

the destruction of the caldera trial documents has been mentioned on slashdot once or twice, and i commented on it both times. pity nobody cared. oh well. history repeats itself again.

Do you recall the issue where Sun complained that Microsoft was undermining Java by using its own polluted and incompatible version of the JRE - which (funnily enough) had security holes in it which Sun's JRE didn't?

Microsoft announced that it would elliminate a JRE from WinXP altogether.

Microsoft stated - to justify what it was doing - that it didn't feel bundling gave an advantage, and that it was easy enough for anybody to download Sun's JRE.

Isn't it funny how Microsoft has changed its view. Now, Microsoft would have you think that Windows was severely hampered by not having WMP bundled with it. People having to download it is just terrible!

Microsoft still doesn't mind people having to download megabytes worth of patches though.

Wo cares? Read this:
"The Linux hype has just one little problem. Despite steady improvements over the past several years and the support of major IT companies such as IBM, Novell, and even Sun Microsystems, Linux seems stuck in a perpetual holding pattern, unable to eat away at Microsoft's server market share." at So Much for the Linux Threat

In 2002, a comprehensive study on web browsing clients (which reports browser OS in the HTTP request) stated "Windows now controls 97.46 percent of the global desktop OS market, compared to just 1.43 percent for Apple Macintosh and 0.26 percent for Linux".

Of course, this is before WindowsXP and MacOSX, but I doubt that much has changed. Its funny that for all the preaching I hear on SlashDot, it's incredibly difficult to actually get hard numbers on how much market share there actually is for Linux... I personally gave up on it back at Slackware7 due to hardware incompatabilities, and haven't looked back. If I was going to jump from WinXP now, it would be to OSX, not Linux... but thats a story for another day.

Oldish article about Intergraph and its Clipper chip

This was around the time I bought a math co-processor so I could run AutoCAD on a Microchannel 286.

He's back, but in another country?

He should really bring back Dev Null from The Site. Now that was entertainment!

I can tell you from personal experience that lots of MS personnel run competitor OSes -- it's just not the official company line (for obvious reasons). Hell, they even have employees that talk/act like regular Linux disciples.
As for using Windows under an account with reduced permissions: if you've ever tried it, you'd understand why nobody really does it. A columnist at winnetmag.com tried it for a few weeks, and entitled his first column "Oh, The Pain..."
That should tell you something.

Did somebody say pinball?

Does that mean HPFS stands for High-Pressure-Formed-Soil?

--
All your OS/2 Belongs to US
-Mother Earth

The NT kernel's design has all kinds of wonderful possibilities for building a secure OS around. I really wish Microsoft would do it.

So do I. Maybe Reactos?

The Win32 subsystem, however, is inherently insecure. And without the Win32 subsystem, NT is not a complete OS.

Yes, Win32 IS insecure, to a point. Window station, desktop and job objects are securable objects that NT adds that can be used to partition Win32 into sandboxes. They just aren't used much.

Win32, includes not just the GUI but the equivalent of all the UNIX daemons and system services, and large parts of what in UNIX would be kernel modules. Take that out and you're left with less than the UNIX kernel.

Most built in services are written for the Win32 subsystem since the user mode service control manager's interface is part of win32, but several have only superficial dependencies. The SMB client and server come to mind.

I thought that the NT had more, not less things running in kernel mode. Nothing in kernel mode depends on win32, ever. The only thing related to win32 that runs in kernel mode is win32k.sys, the server part of win32. Nothing in the kernel depends on win32, or can even use win32. Moving win32 into kernel mode didn't change that.

What, specifically, in Windows is implemented as a user-mode win32 dependent service that would normally be a kernel module in UNIX?

Also, there is no such thing as THE UNIX kernel. There are UNIX kernels such as Linux or OpenBSD's kernel, but no one 'true' UNIX kernel.
Compared to Linux, the NT kernel and executive services (ntoskrnl.exe) do a couple of things that Linux doesn't: the Configuration Manager AKA the Registry; a database for configuration info, the extensible Object Manager (althought the VFS comes close), and a dedicated local proceduce call facility (you can use pipes under either, but only NT has LPC) If you include all the modules that run in kernel mode (besides win32), there is more: SMB: the client is in mrxsmb.sys and the server is in srv.sys, MUP (mup.sys), CD burning support (as a filesystem), audio processing, the mailslot filesystem (msfs.sys), the named pipe filesystem (npfs.sys), plus all the things you'd expect: filesystems, bus drivers, USB drivers, and network stuff.

If you were logged on to an NT workstation as a normal user, first of all, you're more likely to be infected by a virus in the first place because the design of the Win32 subsystem practically invites them in.

Invites? How's that?

Secondly, there's a lot more opportunities for an application to boost security to Administrator or even LOCALSYSTEM: not only is the security model very complex, but you have to have all the rights any application you run is ever going to need.

NT isn't any more vulnerable to privilege escilation than UNIX is. Just because the security model is complex, doesn't mean it is broken. It may be harder to use, but it also provides much granularity (if you use it). For the last part, I don't understand what you are trying to say; how is this different from any other security model? Define a user's permissions so that they can do everything they need to. ACLs can be changed, but you should be able to set them up once.

To top it all off, there's no hard "system call" interface between different security domains.

Sure there is. It's called the Native API. The only way to request services of the kernel is through the system call interrupt, and all those functions are exported by ntdll.dll. Win32k adds an extra function table, though; it exports the services that used to be in us

Even Microsoft's 2004 May 27th changes which apply only to customers under enterprise licensing contracts, which Microsoft claims grants greater immunity, contains many loop holes which greatly negate Microsoft's liability.

The section 6 clause contain exceptions:
Our obligations will not apply to the extent that the claim or adverse final judgment is based on (i) specifications you provide to us for the service deliverables; (ii) code or materials provided by you as part of service deliverables; (iii) your running of the product, fix or service deliverables after we notify you to discontinue running due to such a claim; (iv) your combining the product, fix or service deliverables with a non-Microsoft product, data or business process; (v) damages attributable to the value of the use of a non-Microsoft product, data or business process; (vi) your altering the product, fix or service deliverables; (vii) your distribution of the product, fix or services deliverable to, or its use for the benefit of, any third party; (viii) your use of our trademark(s) without express written consent to do so; or (ix) for any trade secret claim, your acquiring a trade secret (a) through improper means; (b) under circumstances giving rise to a duty to maintain its secrecy or limit its use; or (c) from a person (other than us or our affiliates) who owed to the party asserting the claim a duty to maintain the secrecy or limit the use of the trade secret. You will reimburse us for any costs or damages that result from these actions.

Loophole #1 "(ii) code or materials provided by you as part of service deliverables" This would effectively still indemnify Microsoft against most of the Timeline Inc patent claims, as it is the developer/end user's code ( even visual basic code ) which would be in violation of Timeline's patent claims.

Microsoft licensed Database/Datawarehouse technology from Timeline Inc, but unlike Oracle and other database vendors, Microsoft chose a license that did not grant Microsoft's customers the right to fully use that technology.
http://www.theregister.co.uk/2003/02/20/sql_server _developers_face_huge/
Timeline has extended it's patent claims to cover many featured widely used by developers, both ISV and in house.
http://www.winnetmag.com/Article/ArticleID/41479/4 1479.html

Timeline Inc has won a US Washington Court of Appeal judgment against Microsoft for the right to sue Microsoft's customers, and subsequently sued Cognos. On February 13, 2004, Cognos settled at cost to Cognos totaling $1.75 million.
http://www.timeline.com/021304PR1.htm

Microsoft has a history of licensing third party code and patents in such a manner that still leaves developers and users exposed to IP threats. Even going back to the LZH/GIF Unisys patents
http://web.archive.org/web/20020806173115/http://w ww.unisys.com/about__unisys/lzw/

"Microsoft Corporation obtained a license under the above Unisys LZW patents in September, 1996. Microsoft's license does NOT extend to software developers or third parties who use Microsoft toolkit, language, development or operating system products to provide GIF read/write and/or any other LZW capabilities in their own products(e.g., by way of DLLs and APIs)."

Other Loopholes include (v) and (vii), but the killer is (iv), which disclaims any
indemnity for users who wish to input any data. (ix)(a), also since literally it excludes trade secret liability for improper action on
anyone's part, including MS.

Does Microsoft's new agreement include such loopholes? Anyone have a link handy?

Kevin Lam,
Ben Smith,
David LeBlanc

Kevin Lam,
Ben Smith,
David LeBlanc

No. NTFS is neither patented, nor dangerous to use.

The history. All started about 5 years ago. The old NTFS driver was written for NT4 NTFS but Windows 2000 introduced some improvements. The changes were important enough not to work with the NT4 driver. Unfortunately the driver didn't check the NTFS version, developers vanished thus it thrashed quite many people's filesystem. Unfortunately nobody cared to fix it for a long time.

Here comes Merkey to the picture. He generously offered people a Linux utility, free of charge that had Windows fix NTFS itself (aka run fsck during boot). Unfortunately he had an NDA with Microsoft, not to reveal internals of NTFS. According to him, Microsoft threatened him with a suit. Microsoft claims that it never threatened him or his company with a suit. More about the issue here.

The story got Slashdot attention but with some twists: Microsoft Litigation vs. Linux NTFS Kernel Support. The minor problem was, that the Linux support for NTFS had nothing to do with Jeff Merkey or his company. Still, the Linux community thought they were directly threatened by Microsoft.

Conclusion? Linux NTFS development slowed down a lot. Red Hat has removed NTFS support completely and after 4 years, they still refer to non-existent NTFS patents, even if they would be void due to laws, e.g. the project is for the purpose of writing interoperable software under Sect. 1201 (f) Reverse Engineering exception of the DMCA.

And why NTFS isn't dangerous? Write support was disabled about 3-4 years ago and a new driver was written from scratch for 2.6 kernels that doesn't implement write, except file overwriting.

This guy's just giving in to peer pressure.

article on H.264
http://www.guidetohometheater.com/news/062804apple /

According to a few articles, Microsoft is endorsing HD-DVD for the adoption of WMV9 codec

here
here
here
here
then again, Paul Thurrot is to Microsoft as Rush Limbaugh to The Republicans

YIKES!!!!

-------

Microsoft has predicted the Victory over Sun over Java in 1997, The death of the password in Feb/2004 (also on CNet), and the Death of SPAM by 2006.

Yeah, the same man who said 640K would be enough for everybody. Let's put him on a pedestal and proclaim him messiah, yay!

You draw your own conclusions as to what that will mean.

Its been demonstrated that although people are willing to put up with microsoft products, they are unwilling to "trust" microsoft. Remember Microsoft Passport? Good idea, not too popular.

Some relevant urls:

http://yahoo.pcworld.com/yahoo/article/0,aid,63244 ,00.asp

http://www.winnetmag.com/Article/ArticleID/22777/2 2777.html

http://www.ecommercetimes.com/story/18366.html

http://www.thestreet.com/_yahoo/tech/software/1503 776.html

Every MSCE or MCT or MCP I have talked to have told me that NT stands for "New Technology"..

Although, looking at this page, I may be slightly mistaken..

Two questions:

1. Dave Cutler, mastermind of the Windows NT kernel, once described UNIX as a "junk OS designed by a committee of Ph.D.s.".

   Given two important facts:

   • Windows NT is mostly written in C and C++, both Bell Labs innovations, and
   • IE/Mediaplayer integration has turned the Windows NT codebase into a security disaster

   How would you respond to Cutler's assertions, and how would you rate the code quality of the NT kernel (assuming that you might have perused the recent leaked NT4 source)?

2. While UNIX-like operating systems are growing in popularity, actual Bell Labs code is rarely encountered in free operating systems because of licensing issues (with a few notible exceptions).

   This is a frustrating situation for all of us. Do you see any possibility that major portions of UNIX and Plan 9 source being released under licensing that major distributions would find acceptable?

Please also accept my personal thanks for your work in the field of computer science. The influence of the community of researchers at Bell Labs will be felt for many generations to come.

Hmm, not on Mary Jo Foley's list of MS community links.

Then again, neither is Paul Thurrott, apparently not a favorite of hers.

I'm amazed at how well you type with your head up your ass.

Apple sells rack mountable servers if you want to buy them, but rarely anyone does because you can get a comparable one for much cheaper through dell.

You must be fucking crazy. Yeah, Dell's servers are cheap if you want to just sit in your server room and watch the pretty lights blink. If you plan on, oh I don't know, actually CONNECTING to them with other machines to do work, you might want to factor in the cost of Microsoft CALs.

Any Xserve comes with a copy of Mac OS X Server with an unlimited connection license.
Do you know how much an "unlimited" CAL costs from Microsoft? I do, and it's in the low five figures (and remember, that's over and above the hardware cost). That same copy of OS X Server also provides mail service, so you'd better factor in the cost of Exchange 2003 into your Dell's price, too. And suddenly for the price of your Dell server with all the capabilities of my single Xserve, I could buy several Xserves and set them up identically to do load-balancing and such.

And as for rackmountable storage, the Xserve RAID kicks the shit out of comparably-sized competing hardware from other vendors. Again, I know because I've priced several alternatives out for clients, and they've always chosen the Xserve RAID because of its price/space ratio.

And by the way-- no, Microsoft keyboards and mice do not count as "home electronics" products, they're computer accessories. And their wireless products were remarkably short-lived, being announced in September of 2003 and discontinued in May of this year.

The odds of WU getting hacked are pretty slim as surely Microsoft concentrates all its security efforts there

Sure, I'd trust them...

No-one is beyond reach....

During the early 2000's an idea like this had already surfaced during the much hyped Storage Service Provider (SSP) rush. While most companys like the now defunct StorageNetworks (NASDAQ:STOR) were just building massive terabyte clusters into CoLo's around the country one provider Digital Knox was creating a system very similar to the OceanStore concepts from Berkeley. The idea was not using P2P however since this required users to volunteer space. Simply put take the idea of a RAID array with parity and instead of drives think CoLo. Now that the data is spread across multiple centers having just one go down will not effectively kill it. The only draw back of course is time to recover the data which would be slower but far more resiliant to natural disasters (hurricanes, terrorist attacks, etc).
These ideas were published in a book, written by former CTO of DigitalKnox, "Fundamentals of Secure SAN" although the book isn't available yet. The biggest problem of course is the fact that most clients do not like sending their sensitive data to others. For this reason an additional layer of obscurity was added in the form of EFS. This would allow for non RAND type storage to remain secret even from the storage provider. More importantly it eased concerns that *other clients* of the storage service could somehow sneak a peek at their data.
The problems only multiply at this point since now key escrow and remote searching become an issue. The speed tradeoff seemed accetable to many but only for long term storage. The problem hasn't gone away obviously but the market dropped off the face of the planet. One of the only major survivors was Iron Mountain who not only stores your data online but will keep backup tapes in secure vault locations around the country.

Often vendors/makers don't even have the right to sublicense patented techcnology to the end users, like the case of Cognos, who lost the lawsuit with Timeline despite the fact it was Microsoft who had infringed

Microsoft originally licensed the patents with the understanding that it would be able to sublicense the patents to their customers and to third party software developers who use Microsoft software and tools. Microsoft intended to provide this sublicense to its customers for free to ensure that the patent claims didn't directly affect customers. Microsoft sources told me that for this privilege, the company paid substantially more than other vendors for its license, although the exact figure isn't public. Microsoft filed suit against Timeline shortly after signing the license agreement in June 1999 because Timeline claimed that Microsoft didn't have the sublicensing rights. See the Microsoft PressPass article at http://www.microsoft.com/presspass/press/1999/jul9 9/timelinepr.asp for additional information about the suit Microsoft filed against Timeline. In December 2002, the Seattle Supreme Court ruled in favor of Timeline on this matter.

Cairo became Windows 2000? Where's my "Object Filesystem", then? How about the distributed filesystem? (I'm aware of the 'dfs' MSFT has in Win2k -- but it's just a CIFS naming and redirection service, not a Distributed Filesystem).

woah... sorry to duplicate. I kept getting errors when I originally tried to post this so I thought that it didn't go through.

Anyway, to keep from wasting space... here is the original slashdot article about longhorn meeting XP

Here's an article discussing that several aspects of longhorn are actually in SP2.

Remember Cairo?

There are quite a log of people that use to be Mac user, but have adopted Linux because of Apple's past cooperation with Microsoft. I'd image a fair propotaion of them are progammers.

Maybe that's why some contries banned Apple's misleading advertising!

It should be out today:

- August 18: Release to Automatic Updates for users running XP Home only
- August 25: Release to Automatic Updates for all XP users, including those running XP Pro, and to Windows Update for interactive user installations

Not exactly

• August 18: Release to Automatic Updates (not Windows Update) for users running XP Home only
• August 25: Release to Automatic Updates for all XP users, including those running XP Pro, and to Windows Update for interactive user installations

Microsoft's initial plan was to trickle the rollout of SP2 out at only 25,000 downloads a day, exclusively via Windows Update. This is extremely practical due to the scope of the patch -- it makes a lot of sense for them to control the release in case a catastrophic show-stopper pops up, and also to allow developers some extra update time.

Sounds like they want beta testers.

I mean, considering how many copies of Windows XP there are out there, that download rate was going to have to speed up significantly at some point. If they released SP2 to maybe 5% of XP systems out there every day, then maybe I'd believe that they're just worried about bandwidth consumption. But 0.01% a day? You're right, they do want a few people to check to see whether anything breaks.

Now, the question is, how to they pick those 25,000 people a day? MS has (properly) tried to convince everyone to turn on Automatic Updates. Are the "lucky few" who get SP2 aware that they're beta testers?

Microsoft "didn't [even] have the sublicensing rights". And clearly if a proprietary OS is infringing on a patent, they wouldn't have sublicensing rights in for those patents as well.

The
Challenge of Managing Petabytes of Storage

The great sucking noise of the expense of many Petabyte cases has got to be visible somewhere outside classified media.

Like I care, I pay taxes in more of a bananna republic, well I do care a little, just want to persuade someone else to do the spade work, while it is not part of my job, at which point I will become a lacky like everyone else, probability of selling out 99.9 percent and rising.

That does mean I have not crossed the line and it makes me 0.1% questionble, good job I did not go for the security check for that non dual use war job back in 1993.

Computer Associates will buy your company, chew on it until its got all the flavor, then spit you out. My company started a data warehouse with Platinum software (great a metadata and data movement), then Platinum was bought by these guys, and CA halted development. We had to sue them to get our project money back.

CA has been buying companies for years, and not necessarily in a good way for consumers.

"At No. 4, we have Computer Associates. The current federal investigation into accounting irregularities notwithstanding, the company's longtime practice of acquiring aging technologies, slashing new development, and attempting to milk the installed base for service and support is a bigger issue. Users are trapped, CA knows it, and it does its best to take advantage of the situation."

Oh ya, they dont want bad PR.

Riiiiiiiight.

DRDOS
Windows95 Registration Wizard
Bundling Antitrust
NSAKEY
Windows Product Activation

Etc. Etc. Etc. Me thinks their image is just a bit beyond repair at this point

read this http://www.winnetmag.com/Windows/Article/ArticleID /41095/Windows_41095.html

remember old document [January 2004] The Memory-Optimization Hoax RAM optimizers make false promises http://www.winnetmag.com/Windows/Article/ArticleID /41095/Windows_41095.html

You can run VM's as a service in VMWare Workstaion, it just takes a little 'extra' effort. Have a look here for a nice 'howto'.

Timeline Inc has won a US Washington Court of Appeal judgment against Microsoft for the right to sue Microsoft's customers, and subsequently sued Cognos. On February 13, 2004, Cognos settled at cost to Cognos totaling $1.75 million

In a lot of ways you are better with GPL licensed techology , which effectively grants all downstream users the right to use the patents from upstream developers under the terms of the GPL .

Software Patent are inherently bad but are also pushing an interesting trend. Pushing vendors towards adopting the GPL-like licensing as a form of simpler form of cross licensing arrangement.

What you say aobut the vendor being responsible would only be true if the infringing vendor had sublicing rights. In Microsoft's case, they didn't: for more info...

Microsoft originally licensed the patents with the understanding that it would be able to sublicense the patents to their customers and to third party software developers who use Microsoft software and tools. Microsoft intended to provide this sublicense to its customers for free to ensure that the patent claims didn't directly affect customers. Microsoft sources told me that for this privilege, the company paid substantially more than other vendors for its license, although the exact figure isn't public. Microsoft filed suit against Timeline shortly after signing the license agreement in June 1999 because Timeline claimed that Microsoft didn't have the sublicensing rights. See the Microsoft PressPass article at http://www.microsoft.com/presspass/press/1999/jul9 9/timelinepr.asp for additional information about the suit Microsoft filed against Timeline. In December 2002, the Seattle Supreme Court ruled in favor of Timeline on this matter.

I hope Munich carefully audits all of Microsoft's source code before deploying it as well.

Microsoft owns only 9% of Softimage.

The *used* to own all of Softimage, but since 1998, they just invest in them.

http://www.ceruleanstudios.com/products/tech_specs .php

Quick google for old Trillian encryption exploit. I don't know how it's faring now:

http://www.winnetmag.com/Article/ArticleID/26690/2 6690.html

I still use it, as I put it in the 'better than nothing' column. I also have IMSecure on (56-bit DES, oh no!) but I'm a community of one.

- Rob Vega

The way I see it, those Russian programmers who released the SSL-evading, key-logging, bank-site-sniffing software did me a favor. I've had a much easier time converting people over to Firefox ever since that little escapade. *wink*

A study by IDC which analyzed the installed base of Web browsers through the end of 1997 shows that Microsoft's Internet Explorer is gaining further on market leader Netscape. According to the study, marketshare for Netscape Navigator fell from 54.6% in 1996 to 50.5%. Microsoft's share rose in the same time period from 16.4% to 22.8%. In third place is America Online's browser, which rose from 13.1% to 16.1%. Since America Online now uses IE as its default browser, most of those users will probably be attributed to Internet Explorer this year.
"IE gains further on Netscape" -- 1998.

Bill's 6 non-secret predictions for 1998 (also here) (four of which were left over from 1997 because they did not become true) incuded that DSL and DVDs will be big, videoconferencing and net meetings will be big, PC TCO will reduce, and "that people will widely recognize that PC technology can take on any computing task." That last one is killer.

Also, earlier this year a more substantial prediction made by bill is that MS will kill spam in 2 years. I might switch to MS products if this becomes true.

What about this, eh?

If it was a bug then your support call would have been refunded: http://www.winnetmag.com/Article/ArticleID/14203/1 4203.html

-- Cyrus (http://blogs.msdn.com/cyrusn)