Windows XP To Block Use Of "Troublesome" Drivers

Johnno74 writes "According to this story on The Register, Windows XP rc2 now includes the ability for Microsoft to prevent users from installing certain device drivers. Sounds like a good idea? Well, apparently among the casualties are ZoneAlarm and BlackIce... Two popular free personal firewall products for windows. Guess What? XP includes its own firewall ... So you don't really need then anyway, right? The full details on how this works are in this 1mb word document on Microsoft's site.

The document details how XP will automatically download the latest drivers for your hardware from the windows update site, and more worringly, XP will reguarly update the list of blocked drivers from the site. Quote from the document:

&nbsp&nbsp&nbsp"On a related note, Windows XP provides the ability for Microsoft to receive crash dump data on specific drivers (i.e. when a user receives a blue screen, we upload that information for further analysis). When Microsoft reporting systems indicate crashes have exceeded a certain threshold, Microsoft will notify the Vendor that the device is being considered for the blocked driver list. If reports pass an even greater threshold, we will then flag that specific version of the driver as needing to be blocked."

Boy, The site that uploads that crash dump data (and whatever else it snags...) better have a lot of bandwidth... ;-) As The Register points out, this brings back memories of how Microsoft killed Caldera DR-DOS by deliberately crashing Windows 3.1 if you were running on DR-DOS -- for no reason other than forcing you to use MS-DOS."

Note: according to this article, the change does not prevent Black Ice or other programs from running per se -- but it does require them to use updated versions tailored for XP.

Re:Blocking drivers is minor.

[tswinzig]

This is just another method to determine what things are installed on your computer. They couldn't get away with HD scan uploads, so now they upload what's installed on your computer - but only when it crashes.

I realize this is blasphemy to say this, but I seriously doubt Microsoft would be stupid enough to risk the fallout that would occur if people's crash dumps were anything more than anonymous.

There is just no way in hell they are going to have your computer send them anything more than the crash dump and system configuration data. Not your personal data.

I know you paranoids will think of a million different ways that Microsoft can try to tie this data to you personally ("They can record my IP address," "They can match up my name and location to caller ID," etc). But the fact is, the watchdogs are going to be all over this, and it would be suicide for them to try it.

As an example, whenever you are setting up Windows Update, they make it very clear that they are only sending system configuration data (which you can view), and not anything personally identifiable. They realize people are paranoid about that, and when the screen first loads, it says something like "checking your system configuration -- this is done without sending anything to Microsoft."

They are dumb, but not stupid.

Re:Blocking drivers is minor.

[tswinzig]

The entire justice system can't touch MS

How did they win their recent case against MS?

but they will be afraid of watchdogs

Microsoft has repeatedly been bitten by watchdog groups, and often changes their behavior because of it. Apparantly you need an example. How about the recent Smart Tags issue? Everyone got in a tizzy, and Microsoft pulled it, even though I feel the problem wasn't as bad as it was made out to be.

MS has a monopoly and they can do whatever they damned well please. They have 30 billion in cash for chrissake they can buy the entire congress and have change left over to buy the president. Oh I forgot they already bought the president and the attorney general nevermind

Uhhhh yeah. ok.

Re:Improve "reliability"

[MrBogus]

Yes, despite what the most vocal MS critics say, NT is quite stable, third party drivers do kill it.

Infoworld published a Microsoft study into the causes of NT 4.0 failures. "3rd Party drivers" and "Internal failure" were about equal as the two greatest sources of failure. As someone who saw a few bleu screens in the SP1 through SP4 days, this jibes with experience.

Obviously Microsoft's approach has been to reduce both those causes with the much more stable W2K OS and a enhanced driver certification program.

Re:Another piece of misinformation

[pjrc]

In this case, only CURRENT versions of these programs are blocked, because they access Windows internals which causes instability on XP. They just need to be adjusted to work with XP correctly.

It is such a stretch of imagination to believe that Microsoft could improve the APIs that are used to "access windows internals" so that it's simply not possible to "cause instability on XP"?

XP: a gamble that is important to tech sector

[walterbyrd]

For those who didn'tt know: the entire PC sector is counting on XP to pull it out of the year long tech wreck. By PC sector I am refering to: INTC, AMD, MU, GTW, DELL, CPQ, etc. XP seems like a huge gamble for MS, either it will be a great success, or an awful failure. Considering MS history, it is hard to believe that anything from MS will be a failure - no matter how bad it sucks. But, I keep hearing people say that they want no part of XP.

Handling the truth (about driver failures)

[warpeightbot]

You can't handle a driver failure.

Exqueeze me??

Hey, I used to write Linux kernel code for a living. I've seen a driver crash all over the place. Multiple times. And you know what? Linux kept on ticking. It's easy to handle a driver crash. Just write the oops to the log device and return from the driver as if nothing happened. Of course, you can't do that when your memory protection has failed (or is non-existient) and the bad driver just scribbled all over your stack...

A driver under Linux is a module. If the module fails, it fails; the scheduler continues to run, and therefore so does the rest of the system. It's not a very pretty way to handle a screwup, but a system complex enough to handle it prettily is gonna be such a resource hog I wouldn't want it. But it does get handled.

As for the wags that say Linux is not a desktop operating system, tell that to my wife, who's been running Red Hat and Mandrake for the last four years. Or better yet, tell it to the Germans, who just threw out Microsoft in favor of SuSE. (And then there's all the folks running OS X, which we all know is just BSD with a nice GUI... and looks a helluvalot like Solaris and CDE...)

You're missing the point

[tulare]

Microsoft is simply doing what it has done for years: describe anybody who has a chance of competing with them, ususally due to a better product, as "troublesome" or "incompatable" or "unstable" and then rewriting critical parts of the operating system to, er... prove their point. I liked DR DOS, and still haven't forgiven M$ for their treatment of it back in the day.

Re:You're missing the point

[Mike+Schiraldi]

The apps like zonealarm may serve as replacements for applications INCLUDED with the OS. But who gives a shit? At that Microsoft has already got their money - they really could care less what app you use as long it foesnt fsck the system up and as long as its windows/dos compatible.

Oh, so Microsoft wasn't worried about Netscape, because it only served as a replacement for an application included with the OS?

Re:You're missing the point

[Mike+Schiraldi]

1. Tech support isn't Microsoft's problem, it's the OEM's problem. When was the last time you even heard of anyone calling Microsoft Tech Support? When my mom is having trouble connecting to MSNBC over MSN using Microsoft Internet Explorer running on Microsoft Windows, she calls Dell Tech Support and they have to deal with it.

2. Why would people think that everything on their computer was approved by Microsoft? Why shouldn't they think that everything was approved by the OEM? When you buy a car with an AIWA music system, you don't say, "Oh, gee, these must be AIWA tires, too."

The first step is to allow OEMs to replace the bootup screen, so that it conveys the impression of, "This is a Gateway computer running Windows" rather than "This is a Windows computer shipped by Gateway."

Re:You're missing the point

[Wansu]

I liked DR DOS, and still haven't forgiven M$ for their treatment of it back in the day.

Yeah, I remember that. It was '92 and when MS released Win3.1, it wouldn't start if you were running DR DOS. I still have the patch diskettes from Digital Research. That purdy well sunk them. They became yet another chunk in Microsoft's stool.

Not a bad idea, but not perfect, either

[chennes]

Putting all the anti-Microsoft BS aside, this really is a pretty good idea - they just need an opt-out option. I wouldn't mind MS telling me that the driver I'm about to install has crashed 4 trillion machines - but I reserve the right to go ahead and install it anyway.

Re:Not a bad idea, but not perfect, either

[CAIMLAS]

Take the cost of a support call? No, no, no... no. They don't pay for you to call them, you pay them. They charge extorbanant prices for per-minute calls, where you're lucky to get someone that knows what they're talking about. It's likely the person on the other end is simply a glorified marketeer.

From this standpoint, it's more financially beneficial for MS to put intentional glitches in their software - if anything.

Makes you ponder why Win98 had/has more problems and is less stable than Win95...

Re:Not a bad idea, but not perfect, either

[Joe+Rumsey]

And besides, with a little bit of futzing, you can easily disable specific drivers from being on the list.

That's probably true, since the article tells us what file the list is stored in, but that list is going to be automatically updated periodically, so even assuming that it is easy to manually remove drivers from the list (which isn't clear, you never know what kind of tricks they might play to avoid letting you run your system with a modified file!), you're going to have to do it every time it gets updated. And maybe they'll move it around or otherwise obfuscate it in future system updates.

I do think that this is a REALLY NEAT IDEA. Heck, some Linux distro should steal it. But it's not so neat not if they are forcing everyone to use it.

Ah well, it's not like this is the first reason not to use XP.

Re:Not a bad idea, but not perfect, either

[spongman]

yeah the problem with this is that when the operating system crashes because of a 3rd party driver Microsoft often has to take the cost of a support call. This cost effecively means they may as well not have sold that copy of windows - it's a huge hit. anything they can do to reduce the number of support calls - especially when it's not their fault - it a big win for them and their stock-holders.

Re:Blocking drivers is minor.

[IronChef]

I wouldn't have thought they'd have faked three videos presented as evidence in a Federal court, either.

Oh, yes I can!

[tulare]

It's called "Don't buy the fscking software!" I take every opportunity to encourage people to do the same. Right now, my winbox runs only those programs I haven't had the time to port (yet). I see no need to buy a piece of software which breaks my firewall.

o my god

[martijn-s]

How can you publish such a biased comment? The article from TheReg clearly states that Microsoft is working with exactly those vendors to solve compatibility problems. And that is probably just because the programs previously used hacks to accomplish their tasks.

"We've been working closely with Microsoft - BlackIce is widely used inside Microsoft - in order to make sure it works well," Rob Graham, founder of NetworkIce told us.

Re:o my god

[Bimble]

Don't get so wrapped up in indignation over biased treatment of Microsoft that you forget that Microsoft has done some things that merit harsh criticism. If you read the Register article referenced, you'll notice a reference to how Windows would give bogus error messages to people trying to run it on top of DR-DOS, error messages put into Windows because management didn't want people using a competing product. While the driver-blocking in Windows XP does have a legitimate reason for being implemented in many cases (changes to the TCP/IP implementation would cause problems for firewall software, for instance, so disabling them would prevent the first boot of an XP-upgraded system from crashing due to that conflict), the possibility does exist that Microsoft could pull an old trick. All they would need to do would be to put some competing software in the "banned" list not because it could cause problems, but because it's competing software. The quick rise of IE illustrated that users are more likely to use what they get with the OS than they are to go out of their way to download a competing product, so such a move would certainly encourage people to use whatever's bundled with XP rather than download an updated version of the software. Especially since I'm sure the "blocking" feature doesn't display a download URL for the user to make updating the software easier.

Yes, Microsoft does make some good software (I hate IE for Windows, for instance, but love IE 5 on the Mac). But in case you missed the recent appeals court ruling, Microsoft isn't exactly a saint. If you look beyond blind MS-bashing and blind MS-defending, you'll see a report about a feature that should be closely watched because of its potential for abuse.

Re:o my god

[ConsumedByTV]

I would hope that they dont use "blackIce" after Steve Gibson's report on firewalls here http://grc.com/lt/leaktest.htm
But then again I guess if microsoft wants to use the least secure firewall on the market, who can blame them?!?

Microsoft Using OpenSource?

[ryanw]

My question is how much is microsoft actually comming up with themselves and how much are they hacking away from the opensource community? I heard that Active Directory is just bind with a microsoft twist to it. Is IIS just apache tweeked to hell and back?

Microsoft is combining a firewall with WindowsXP but did they actually write it or is it just ipchains? Is there any way we would ever really know if microsoft is using open source (GPL) code for their commercial purposes?

Re:Microsoft Using OpenSource?

[plone]

yah, and outlook is just pine with a pretty interface. And internet explorer is just lynx with graphics. I'm pretty sure that microsoft stole the code for calculator from xcalc. They practically work alike, so Microsoft MUST have stolen it from the GPL'd version.

Re:Microsoft Using OpenSource?

[Zeinfeld]

My question is how much is microsoft actually comming up with themselves and how much are they hacking away from the opensource community? I heard that Active Directory is just bind with a microsoft twist to it. Is IIS just apache tweeked to hell and back?

Active Directory is an LDAP interface, BIND is a DNS interface. Active Directory also provides DNS support but the underlying data model is LDAP and the probability that any BIND code would be useful is zero.

At the time IIS first appeared Apache did not exist, it was still the NCSA Web server with a bunch of third party patches. Thau was still doing major surgery on the first release of Apache while I was running IIS in the office across the hall from him. IIS could conceivably contain some of the CERN Libwww code, but that was put in the public domain, it is not open source restricted. The Microsoft lawyers called up to ask what the status of the CERN code was before MSFT downloaded it.

But still it is easier to make completely unsubstantiated allegations, admitting that you have no evidence apart from your belief that Microsoft >= absolute evil => If it is evil Microsoft must be doing it.

Since you appear to be a Newbie Microsoft-basher I will help you with some hints:

The Register article itself states that the blocking of the old incompatible application versions is taking place with the knowledge and co-operation of the companies themselves who are not complaining. Therefore Microsoft must bave blackmailed the companies into not complaining

The mechanism is a blacklist that lists bad programs that cannot be run. Therefore Microsoft csn stop you running your own software by not including it on the blacklist.

Hmm, product identification key, remember?

[Balinares]

Yeah, a lot of kiddies and black hats all around the world must have been thinking about that the second they read the article, but you can BET Microsoft will have thought of it: they'll ask for your id key, or worse, your Passport id, before letting you submit crash dumps and download stuff. The former would make sense, since it also contains info about your hardware. Anyway, in both cases, you'll have to auth yourself in a way that will let MS know who you are.
This could also be a way for them to check that you didn't crack the product activation key, for what we know... The sad thing is, it is actually a good idea they had, but they're severed their own reputation so badly over the years, that whenever they come up with something new, people all other the world immediately assume they'll use it for Evil Purposes. The SmartTags weren't that bad, in themselves, for example (go see a screenshot of them, they don't really deface sites); we just assumed they'd be put to their worse possible use. I don't know if we were right to do so. It's just not possible to trust Microsoft.
Ah well. I'm sure the aforementionned kiddies will find a way to exploit the update server anyway. I mean, it's such a big entry point for such a variety of data, there has to be a buffer overflow somewhere in there. And God bless XP users once the kiddies fiddle with the central driver database! :)

Then write drivers that don't crash

[Chemisor]

If you read the article, you'll see that the mechanism
blocks drivers which crash the system frequently
as determined by the crash dump reports sent to MS.
Clearly, if you write your driver so it crashes the
system all the time, it will be blocked. So stop
complaining that you are "denied market share" and
write a better driver. What, do you think you are
entitled to be installed on every Windows machine just
because your software is free?

Re:Then write drivers that don't crash

[J'raxis]

That's one way to get a driver blocked by Microsoft -- but here's another way the block list could (and probably will) be (ab)used.

But sir...

[jsse]

Microsoft to prevent users from installing certain device drivers.

Oh Great! One more product edge taken down by marketing idiots!

Do they get a clue why their product is so popular?

Clogging up the internet

[DrCode]

People are worried about all the worms and viruses slowing down the internet? If every time Windows PC's blue-screen, the data is uploaded to MS, it will slow to a crawl.

If this happend....NO XP FOR ME!

[Chanc_Gorkon]

You know why? I have a Permedia 2. Yeah I know, it's old, but it's paid for and as soon as I can afford to dump it, I will. I am not a 3D gamer. The Permedia does fine on most of the stuff I play. I use the last driver for it that 3DLabs released. Well, it's not WHQL (Windows Hardware Quality Labs) certified. I guess it means I have to upgrade it since, by my guess, Microsoft won't let me use this driver. 3DLabs no longer is releasing drivers for it. I know I was planning on getting rid of this card, but that's not the point. The point is Microsoft DOESN'T know best. If they did, they'd have done a better job with the Driver section of Windows Update. Has anyone EVER downloaded a driver from there? ....I here CRICKETS!!!! I have never had ANYTHING come up in there. Not even a LPT driver or anything. Not ONE of my devices use a driver that's on the Windows CD. I have to use a generic video driver until I get the proper one installed, the modem driver does load, but it doesn't work and I have a Multimedia Keyboard I use that I had to load the driver for too. If I installed ANY MS OS and it recognized most (I'd say I would be happy with 90 percent) of my devices and got the right, most current driver for it, well, then I would say fine. But if it did that, then they wouldn't need this mumbo jumbo.

Does Linux bitch when I install my decidedly non standard Sound Card driver for my Aureal?? Nope! So Windows should not either.

Re:If this happend....NO XP FOR ME!

[Chanc_Gorkon]

Like I tell my boss with a printer we run and someone else makes the files: As long as we have some part, no matter how small, we have to fix their CRAP! Microsoft will have to just deal wit it! You are running a BETA and not a final product. Just because it works on the beta means SQUAT! The whole idea is bad. If they at least let you install a driver, even if it's in their list, then I have no problem with letting you know there may be a problem with the driver. Just so long as they don't scare the crap out of new users...unfortunately that's what this will do! The new user will have something that worked under 98 and they will try it on XP and it does not work. They will want something else but my neighbor who has just gotten his computer will not have any choice. He'll have to get a Mac I guess to have something easy to manage. Linux would not be easy for him as easy as it is for us. As much as I hate to say it, Microsoft's software, at least for home users, is decent, easy to use, and unless you try to do things like heavy multitasking or web serving, it performs quite well. Stability isn't as important for home users (although, I think it is) as it is for business or techies. Is this an excuse to not make XP better? NO! But I see this causing MAJOR problems for home users and they will complain....loudly!

Re:If this happend....NO XP FOR ME!

[Zeinfeld]

I have a Vodoo 3 card as well, only my problem is that I can't get it to work with my existing O/S, Tomb Raider Chronicles that is. But the problem is that 3DFX being a gonna and not having released their drivers open source the hardware is going to be useless sometime or other regadless.

Re:If this happend....NO XP FOR ME!

[spongman]

does you linux vendor have to handle a support call when you screw up and install some unsupported device or driver? microsoft does, and they don't want to. that's the driving force behind this. i doubt any of the drivers you currently use will be blacklisted as long as they work okay on XP. i'm running xp rc2 and using a whole bunch of 3rd party drivers and mostly they work fine. one of them didn't and it caused me a whole bunch of trouble when it blue-screened on boot and corrupted by drive (not unrecoverably so, but still...). I eventually got an updated driver, I wish that XP had warned me about it first, but I guess that Microsoft hasn't gotten around to testing it yet.

This is getting RIDICULOUS.

[SuiteSisterMary]

An entire story that intimates, implies, and infers that Microsoft has decided to block competing products, then the last sentance says

does not prevent Black Ice or other programs from running per se -- but it does require them to use updated versions tailored for XP.

Ok, I'm all for bashing things that need bashing, but this is getting out of hand. How DARE Microsoft try to stop those damn BSODs! How DARE they actually stop you from doing something that has the possibility of rendering your machine unbootable. How DARE they let vendors know when they're seeing a lot of problems with a new driver revision! Oh, but if something like this is on Linux, i.e. Ximian Red Carpet, then that's ok. Then it's great. They should download new versions automatically, and install them without asking. But if it's from Windows Update, then NO NO NO! IT'S WRONG!

Free?

[tetrad]

among the casualties are ZoneAlarm and BlackIce, Two popular free personal firewall products

Don't know about ZoneAlarm, but BlackIce isn't free. It costs $40.

Re:zone alarm and xp rc 2 - gotta love ZoneLabs

[tulare]

Still no reason to buy Bill's Bogus Journey, though. Although the idea of using ZoneAlarm to prevent Microsoftware from phoning home every time I crashed it (by using java?) does have some appeal :)

This *is* MS's problem

[StrawberryFrog]

.... rant to the effect that we musn't blame MS for the instabilities of 3rd party drivers ...

Actually we should blame MS - it was a deliberate decision on MS's part to put speed over stability - ie to put the video etc. drivers into the kernel level in NT4 onwards, for increased speed as the expense of them being able to bring down the whole OS if they crashed.

Oh, god, no!

[tulare]

After about the umpteenth million time that I've successfully used ZoneAlarm to block out some adware, or some s'kiddie trying to r00t my winbox, I'm what you'd call satisfied. Sure, That program causes some instability, but that's nothing compared to what would happen if my computer were a zombie. Presumably Microsoft expects me to trust their firewall to block out adware? Or to actually be secure? No thanks. XP is one "upgrade" this user won't be wasting time/money on.

Re:Oh, god, no!

[coolgeek]

Bottom line is that they are saying that vendors will need to upgrade their wares to be compliant with the new platform.

Almost, but not quite. Yes, an app vendor needs to recompile/port/totally rewrite their 9x/NT application to get it running reliably under XP. That's not the issue. The issue is that M$ is now requiring that you certify your software under the XP logo program. This is cost-prohibitive for many companies, almost certainly excludes any GPL programs from running under windows, and it seems that an individual will be unable to author, compile and run a program on their own system!

The only way to get your program into that list is to get the logo. This implies that the database will have to be refreshed on individual user's computers from time-to-time, so a new app when published, will fail to install on any computer that has not been refreshed recently. The user will not blame Microsoft for this, and will likely return the product to the store and buy the competing solution. Also, if you read the entire Register article, it mentions that ill behaved software will have their XP credentials yanked, if too much BSOD events are logged. If you've ever developed any Windows software, you know that Microsoft breaks plenty of API calls during rev-level releases, potentially causing a vendor's application to get blacklisted. Or from the conspiracy theory perspective, this becomes a new tool Microsoft can employ during the "extinguish" phase.

Re:Oh, god, no!

[HydroCarbon10]

AFAIK, no internet connection is required. You can use activation over the phone if you prefer, and you can turn off any automatic updating that might want you to be connected (although the auto. updates will not force you to go online if, for example, you're on a dial-up connection). So far I've seen no indication that internet connectivity is a must (at least under build 2486 of winxp pro).

Re:Oh, god, no!

[tulare]

I dunno ?genius. I guess if you weren't so hastily blasting out hard-nosed apology for the Redmond team, at least two things would have happened: first of all, you would have seen my comment which I posted when someone pointed out that the ZoneAlarm port is already out. Second, you wouldn't have run into the Cowboy speech, which considering how much you appear to be missing, probably wouldn't be a bad thing.

My beef is with the Big Picture of what M$ is and has done. The beef you attempted with a later post is yet another example of this. No, Microsoft wasn't opposing DR-DOS because it was screwing it up: they deliberately set 3.1 up so that bogus errors would appear if a user wasn't using MS DOS, which IMHO was and is inferior.
No, the problem is trust. Microsoft has done just about everything possible to ensure that they don't have mine. Remember the truism: fuck me once, fuck you. Fuck me twice, fuck me! Bill can go find another hunny to take from. He can't have any more of mine.

Re:Oh, god, no!

[Malcontent]

Wow when did mozilla or opera become drivers.

I should install what I want on my PC, period.

[Maul]

It doesn't matter if these programs do not work properly with Windows XP. This feature is dangerous, and gives Microsoft yet another unfair advantage over competing products.

Sure, it might block programs to cause Windows to crash, but it could also be used to block software MS just doesn't want you to run. They've done things like this before. Because MS feels safer with Dubya's administration, I won't be surprised if they do even nastier things to competition than they did in the past. I expect them to try to kill off all non-MS operating systems by replacing TCP/IP with their own.

When I buy a PC, I should be able to install whatever software I want, period. If I'm dumb enough to install software that is known to make my OS crash repeatedly, so be it. It is MY box. I'm responsible for what happens to it. If we give away that responsibility to MS, then we're also giving them the ability to further steal away our freedom of choice.

/. has had lots of recent articles about business wanting to kill off the internet and replace it with a new one where users are at their whim. I think Windows XP is going to be Microsoft's stepping stone to creating that new internet. Companies will pay MS to give their packets priority. All service providers will have to pay MS royalties to use their protocols. All users will have to upgrade Windows every year to stay connected. MS will control it all, and their software won't even allow you to TRY to install another network protocol.

And it won't be any more secure than what we have in place. If anything, stupid email viruses and exploits will be even more damaging than before, because now EVERYONE will have the exact same system setups. And each time one of these attacks takes place, Microsoft can charge everyone for the update.

Oh, and let's call this new Internet/Software Control system "RapeNet," since that is what it is going to do to each and every computer user.

Re:I should install what I want on my PC, period.

[spongman]

sure, Micrsoft could put code in windows to automatically transfer funds from your back account to them when you log onto your online banking system. will they do this? i don't think so. are you being paranoid? why, only you can answer that one. careful though...

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:The real reason for this:

[JoeShmoe]

Yes...and Win2K shares its roots with WinNT but is not WinNT. Windows NT 3.x laid the groundwork, registry, ntfs, accounts, services, events, hal...etc. NT 4.x added the familiar interface and rudimentary multimedia functions, increased drivers...etc. 2K added plug and play, USB firewire, file encryption...etc. And now XP adds the Luna interface, registration locking, driver blocking...etc.

It all depends on what you define as code base. To me, Win2K and XP are no more different from NT4 as Windows 98SE and ME are different than 98. Basic updates and add ons that could have easily been added as an incremental release.

I'm still pissed as hell I had to upgrade stable bloat-free NT4 servers just because I needed to access a USB accessory...there's is absolutely no reason why MS couldn't have done USB support in NT except for the fact they would sell less 2K!

- JoeShmoe

Guess what - more FUD

[Drestin]

Zone Alarm has ALREADY been updated to be XP compatible. BlackICE will be updated before the end of next week to be compatible.

This is a Good Thing(tm) for MS to do. If they KNOW that a certain driver is bad then why shouldn't they prevent you from making an obvious mistake. Why would you WANT to be able to add in a known bad driver? You actually fault MS for this? I applaud them - I say: FINALLY!!

Re:Guess what - more FUD

[Tri0de]

Because- I *AND ONLY FUCKING I* should decide what does or does not get installed on my computer. I DO NOT give a shit about what you *OR* Mickyshaft think will or will not work. Not that I intend to use Xcess Profits anyway, but, still, fuck them, and anybody who would ever say to me or anyone "No, you shouldn't have that". I shall install, upgrade or uninstall any damn thing I want to on my computer. If it dosen't work then I'll fucking troubleshoot it myself; fuck Redmond and their FUDsters.

Re:Guess what - more FUD

[spitzak]

Um, that was what I was trying to say. My complaint is that MicroSoft is not breaking *enough* software. They should have switched to NT a decade ago and they still haven't. This is not good design and demonstrates that they are quite unwilling to break existing software, no matter how good of an idea it is.

I am concerned that they have decided to break old software by explicitly putting each piece of software in a list that they control, rathern than having the software fail for technical reasons that are under the software writer's control.

Re:Guess what - more FUD

[spitzak]

I would greatly applaud MicroSoft getting away from their back-compatability parnoia and actually fixing the system. But this is obviously not the reason they are doing this.

If they were fixing the system and unconcerned about old programs doing "tricks" they would switch to NT as the underlying system. XP is not NT. They have promised the NT+DOS merge for TWELVE years now and it has not happened, this is because the upper management (probably in a big fight with the actual poor saps who have to implement this mess) do not want to do obvious steps, like have all programs that make an old call pop up a box that says "This program does not work on Windows XP". The problem is that this may prevent some sales of XP and the continuation of older MicroSoft machines, which are actually their biggest "competitor" (there are about 100 times as many Windows '93 machines than Linux machines, and that is probably an "enemy" they are more worried about!).

This system sounds like it will allow them to actively choose which programs they want to have fail, and they can make them fail with ominous messages about the given program being unsafe and disallowed by MicroSoft.

Serious OS design would cause Black Ice and literally thousands of others to fail at startup, possibly with cryptic messages. And I agree with you that would be a good design decision. But that is not what they seem to be doing.

Re:Guess what - more FUD

[Jace+of+Fuse!]

Serious OS design would cause Black Ice and literally thousands of others to fail at startup, possibly with cryptic messages. And I agree with you that would be a good design decision. But that is not what they seem to be doing.

That is the primary side effect of it being done, like it or not. You can blame the reasons as to WHY it is being done on any conspiracy you care to dream up. The side effect is the same. Forward progress breaks legacy compatibility. WinXP is a better OS for it. Deal with it.

If Microsoft hadn't chosen to make WinXP a more modern OS keeping with Win9x, everybody would be bitching about how they just rename the OS and sell it again and again without "adding anything". Nevermind that 98, SE, and ME all added many things, the ones who scream the loudest are almost always the ones who know the least.

Me personally? I use many operating systems and I don't play favorites. But I'm not in the habit of shooting down Microsoft just because I don't like them.

Windows XP technically is a step in the right direction. Their liscensing schems, their content control plans, and their rigid rules for developement however leave me with some serious doubts about XP's future.

If We Trusted Them....

[quakeaddict]

If we trusted them this might not be so bad. They ARE trying to make the end user expereince better. they are trying to say that drivers that are certified to work will be allowed.

The problem is though...we really do not trust them. I like MS and I don't trust them.

On the bright side though, this seems more like a hardware issue. Except for mice/keyboards/joysticks there isn't a wholelot of hardware MS sells. Thats not to say though that they wouldn't blackball a competitor of a favored hardware manufacturer that pays them a little extra cash to get their hardware/driver certified.

It seems to me that if what it takes to pass the test is out in the open, and it really is in MS's best interest to do that, there shouldn't be a p[roblem. I have always said that the reason why MS seemed so unstable was because the device drivers and the devices really didn't play well with Windows despite the Windows certified logo.

Re:What's the problem?

[BeanThere]

You don't see the problem? Its Microsoft doing this. Here are a few questions for you:

(1) Has Microsoft's behaviour, in the past, shown that we can reasonably expect that we can trust Microsoft to NOT abuse this feature to diss or shut out competition?

(2) Looking at the general trend that this feature is most likely to go, can we expect that a similar feature could, in future, be used to block competing^H^H^H^H^H^H^H^H^H, uh, I mean, unstable applications?

(3) In the case of Linux, not only can we most likely expect the entire process to be open and transparent (i.e. so we'll know who is getting blocked and why), but with Linux you can always just rebuild the source with the 'feature' disabled. Now, in the case of Microsoft, can we expect fully open and transparent access to the database of blocked drivers (and in future applications), and can we expect to always be able to disable this feature easily?

Not everything is black and white. Just because the same feature is there, doesn't make it the same issue.

Re:The real reason for this:

[JoeShmoe]

From the document:

One of the valuable prevention features that have been added to Windows XP is the ability to block users from installing a particular version of a driver. Since the release of Windows 2000, Windows has had the ability to block installation of a driver through a Setupapi.dll check of known problem drivers. Windows XP adds the capability to update the list of problem drivers from Windows Update. Windows Update, independent of the access mechanism described above, automatically downloads this information.

Read that...the list of drivers is controlled by a DLL that is updated by Microsoft. The information is automatically updated.

If a user with administrative privileges has the device installed (or plugs an external peripheral into the PC), they will receive a balloon popup in the taskbar indicating that the driver has known problems and will not be loaded. When a user clicks on the balloon or notification icon, Help and Support Services will provide information on where to get an updated driver if information is available. Driver blocking is independent of whether the device is signed or not (i.e. Microsoft will block signed drivers that are known to have problems).

So yes you are correct...it will be possible for 3rd parties to add in their own drivers...the catch being that Microsoft still retains control over them...even if they are signed (which most unofficial drivers aren't). All MS has to do is add the driver (probably DLL information?) to their list of "problem drivers" and they will be blocked.

I don't know bout you...but that sounds like a perfect setup for MS to break practically any application they want at will on millions of PCs in a heartbeat. Brrrr.

- JoeShmoe

Re:Crash dump uploads are totally voluntary!!

[BeanThere]

Are you incapable of thinking long-term? Just because something is voluntary now doens't mean it will always be. New Microsoft features are almost always voluntary - they're usually voluntary only until people have gotten used to the idea. Then either they become involuntary, or the process of opting out is made overly-complicated and obscure, so that most people just give in anyway. Think man.

Re:Blocking drivers is minor.

[Malcontent]

Who cares if they lost? They lost before and all they got was a slap on the wrist. This court is going to do the same thing. They are utterly immune from any and all pressures from the govt. MS is above the law. If you need proof take a look at the trial. For most people tampering with evidence is a crime for MS executives there is zero punishment for evidence tampering. Same with witness tampering, intimidating witnesses, and of course lying under oath.

BTW if you think smart tags are gone you are really stupid.

Re:Misleading summary

[Sarcasmooo!]

Well thank god we have Microsoft to solve all our problems so us morons don't have to deal with them. I'm done putting peoples' rights over the rights of a for-profit business. I want passport and hailstorm, I want my news handpicked by MS-spinsters before I wake up, I want my computer tailored to MS's idea of what I should be using it for, I want my car fixed before I even knew it was broken, and when I become utterly vacant of dignity and turn to suicide as a last resort, I want hailstorm tobe able to notify the authorities when I purchase a noose. Now, please bend over.

it IS Microsoft's fault

[janpod66]

It's a perfect example of double standards: when Windows crashes this is always the fault of Microsoft, not of bad drivers or programs which access Windows internals, while in fact they often are (especially video drivers).

Software vendors don't "access Windows internals" because programmers want to--it takes a lot of time to do so. They do it because Microsoft's APIs are insufficient and poorly thought out. Microsoft has profited handsomely from this because third parties have managed to figure out how to make that pitiful platform do things Microsoft never had the sense to design APIs for. Without third party vendors doing this, Windows would be nowhere. Now that Microsoft has finally copied enough from other vendors, their system doesn't quite need such enthusiastic third party software vendors anymore.

It's also a question of architecture: except for a very limited set of hardware drivers, there is no reason why the installation of anything should either be prohibited or cause instability. (Linux doesn't get this right either, but it is considerably better than Windows.)

The biggest problem with this is, though, that, whether it is sensible or not, Microsoft is driven by the profit motive, and for them to be able to exclude vendors from the market and force them to submit to certification procedures is a great way of controlling their market and increasing their profits. That is, even if there is some weak justification of this action in terms of profits, it is still highly suspect, and should be.

This isn't about being intrinsically "anti-Microsoft". The company has been found to be a monopolist, and it is rightfully subject to this kind of scrutiny and suspicion. Microsoft needs to tread extra careful in ways other companies don't have to, and instead the company is still giving consumers, software vendors, and regulators the finger.

(Incidentally, your characterization of blocking "only current versions of the drivers" is incorrect. I suggest you take the time and actually read the document at Microsoft's site describing their policies.)

Re:Slashdot Needs A Microsoft Section

[donutello]

That Bill Gates as borg icon you see on top signifies the topic "Microsoft".

While I agree that the whole article should probably be labeled "Flamebait" designed to increase hits, you can always block articles about MS out by going to your user info and clicking "Customize Homepage". Check on "Microsoft" and you won't see any articles about the company again.

The problem, of course, is that you will also miss out on the important stuff like the final resolution of the DOJ case and also that Slashdot editors frequently post thinly veiled flamebait about Microsoft under other topics.

Re:Stop the ride! I want off!

[shokk]

For my firewall needs, I went with Darrel Reed's IPFilter on an old Sparc5. As a single purpose box, it more than fills the need to protect my Windows desktop machines at home. Here in the office, I went with Netscreen, a relatively cheap, but powerful firewall, VPN, and remote access solution.

Actually, you're wrong too

[Vladinator]

According to the The NIST Reference on Constants, Units, and Uncertainty the correct terminology is derived from the International Electrotechnical Commission (IEC), Prefixes for binary multiples. So as you can see, the correct term would actually be one mebibyte (1 MiB = 220 B = 1 048 576 B). It is suggested that in English, the first syllable of the name of the binary-multiple prefix should be pronounced in the same way as the first syllable of the name of the corresponding SI prefix, and that the second syllable should be pronounced as "bee."

Re:Improve "reliability"

[spongman]

yeah, basically the only way the operating system can crash is if an expcetion raised in a thread running in kernel mode is unhandled. this leads to a BugCheck (aka blue-screen). however, sometimes a kernel thread can cause the OS to hang if it's running at a particular interrupt level and doesn't yield, or otherwise prevents user threads from running (maybe by holding a mutex when it shouldn't). bad driver code is the most common cause of problems on any operating system and I'm sure that this move by Microsoft is just them trying to improve the percieved stability of their OS. The problem with writing drivers is that often the code is specific to one version of the OS. I'm not surprised that vertain driver no longer run correctly on XP. I woudln't want to upgrade to XP and find that I get a blue-screen on boot just because I had some bad driver installed. Maybe the win2k versions of the ZoneAlarm drivers work fine on XP, if so this is a bad move on Microsoft's part, but I wouldn't be surpised of they need updating to a newer version.

Instability?

[Cardhore]

I want to know exactly how people know that "most of the instability I've had with windows was due to bad 3-rd party drivers."

--or--

"Most of the instability I've had with windows was due to windows."

Re:Good! Finally we get rid of stupid "personal fw

[jchristopher]

The "personal firewall" industry is a full-of-crap industry created by the media. There is absolutely NO NEED for a person to install a 'personal firewall'. There is a small set of rules he should follow to be safe from email-viruses, trojans and "crack attempts".

I MUST disagree with you. You should see my ZoneAlarm logs of people port-scanning me, trying to make a connection on every port.

I am not a systems administrator, and although I try, I do not neccessarily have the knowledge needed to completely lock down my various systems.

ZoneAlarm fills two important needs:

1. Prompt me when incoming connections have been denied on some port. (Lets me know I have an open port, also, it's nice to know when you're being hit so you can do something about it if it gets really bad)

2. Lets me know when spyware has been installed on one of my systems, because the first time it gets installed, I get a prompt when it tries to 'phone home'. I can then deny the connection and go uninstall it.

I want to KNOW what internet traffic is coming IN and OUT of my system. ZoneAlarm fulfills that need, for $0, and deserves praise.

A whole new Bred of Hacks!

[QwkHyenA]

I can see this one coming a mile a way!

I can imagine someone flooding Microsoft's 'Crash Dump Servers' with loads of fake dump info making Microsoft take action on disallowing that application to run!

First one to make Windows XP NOT ALLOW OFFICE XP TO RUN --->!!WINS!!

Re:A whole new Bred of Hacks!

[rkent]

I can imagine someone flooding Microsoft's 'Crash Dump Servers'

What I'm really waiting on is the technology to dial up to the internet after windows has crashed. If I could consistently do that, then BSODs wouldn't bother me nearly so much.

Of course, they wouldn't really be "... of death" anymore, either.

Re:A whole new Bred of Hacks!

[Tackhead]

> First one to make Windows XP NOT ALLOW OFFICE XP TO RUN --->!!WINS!!

1) Virus/worm.
2) ...that randomly corrupts one or two bytes in a pointer table in a .DLL installed by Orifice XP...
3) ...that modifies itself to change which bytes its children will corrupt before attempting to propagate...
4) ...that securely deletes itself after propagating, leaving only the corrupted .DLL files or other internals.
5) Bonus points for doing some RTM-Worm-like cross-platform magic and using r00t exploits to leave a reservoir of Linux boxen from which it can re-emerge after the publicity dies down.

Good thing I'm not running XP. And never will.

First step towards software closed shop

[heretic108]

Something tells me that this is the first step towards creating a 'closed shop', whereby NO software, not even application-level, can be installed or run unless it has M$'s approval.

Goodbye small independent software developers - if you can't afford the hassle and expense of MS$'s Certification Program, or if you don't toe the party line with MS$'s marketing agendas, then you'll find that your software is barred from Lose-dows XP.

Another possibility is that unknown software might be severely restricted in what XP allows it to do - for instance, non-certified programs may be strictly forbidden from all but the most basic access to the Internet.

And it's only a matter of a couple of years before you won't be able to buy a legal copy of Win2k, Win98 etc - it'll be WinXP or nothing.

Don't be surprised to see mandatory updates of XP which include blocked websites, blocked protocols etc.

I hope that the masses migrate to Linux, and that WinXP fails to recoup its development costs.

Re:Blocking drivers is minor.

[dasunt]

I'm sorry I'm not 3l33t3 d00d downloading warez versions of XP. I'm certainly not following the beta process of an OS I have absolutely no intention of installing even when it's final. So, stick your ego ....

WinXP has been in beta for awhile now, someone in the local shop has been testing a prerelease version for the past month. In Microsoft's big package of fun software you can get for $500/year, the latest one the local shop got included WinXP (arrived this week).

So, don't start flaming people who have actually researched and used an OS that a vast majority of us will probably come in contact with over the next few years. Some of us can't support a Linux only setup, there are end users, and customers, with software sometimes going back years, and specialized equipment with windows only support. Hint: Linux may be nice, but it doesn't work everywhere, for everyone.

(Oh, replace "Linux" with your operating system of choice. The argument doesn't change.)

The Future of programming....

[F34RL3SS+L34D3R]

Since XP is being pushed so hard by MS as the future desktop OS, I wonder what type of questionable changes like this will have on those in the programming community who write for MS products. It would seem that ANY software corporation not directly in contact with MS, might possibly be hung out to dry and on their own in terms of support. From where I stand, Windows 2000 may be the last functional OS MS has released.

Just another evolved monkey with a keyboard!

Good! Finally we get rid of stupid "personal fws"

[arcade]

Ahh. It would be So Cool if microsoft actually blocked blackice and zonealarm. Preferrably blocked each new version, with each new update of windows.

The "personal firewall" industry is a full-of-crap industry created by the media. There is absolutely NO NEED for a person to install a 'personal firewall'. There is a small set of rules he should follow to be safe from email-viruses, trojans and "crack attempts".

The firewalls prevents crack attempts, and preventes outgoing connections on non-allowed ports from non-allowed software. The first .. well .. normal people with windows (or newser linux distros) really have their computers pretty damn closed down when they buy'em. If they open things up - they really don't need a firewall to "double-check" everything for them.

The "firewall" may prevent them from becomming netbus/back orifice /sub7 victims, but only _after_ they've been stupid enough to run the fscking trojan in the first place. NOrmal rules of conduct on computers really says that they SHOULD NOT RUN PROGRAMS THEY DO NOT KNOW.

The entire 'personal-firewall' industry is a mediahyped hystery that really shouldn't exist. Its an industry that is all about creating 'fear' in the normal citizens, and the SO CALLED "security consultants" that recomends that you should install personal firewalls .. well .. I don't know why they do it -- either they are stupid or they are bought out by the "personal-fw-industry".

Personally I just shake my head when I hear about stupid lusers that has actually INSTALLED such things.

Since when ...

[whjwhj]

Since when did it become the responsibility of the OS to insure that third party software / drivers work adaquately? Clearly this is a ploy by Microsoft to wrestle even more control from third party vendors.

I've been using Windows on the desktop (more out of necessity than anything) for several years. But I am *not* going to upgrade to XP. No sir. I'm going to jump ship to the only other viable desktop alternative: Mac OS X.

Re:The real reason for this:

[shokk]

All they will do is drive people to dual boot their machines to Linux for those purposes. Anyone using "SMR, DivX ;-), 3ivx, M$MPEG-4" are probably good enough with computers to handle the dual boot. So just keep MS for the MS approved games, and start using Linux for everything else. Eventually the games will follow.

Re:zone alarm and xp rc 2

[cmat]

I another thing I dunno is how to turn off this "feature" in windows....

Well, the thing is you can't turn this feature on or off... it's automatically running all the time in the back ground. And actually, it looks like it's geard to reducing the number of "unstable" drivers on your system. This may or may not be a good thing(tm), however, they did not mention in their reference document exactly how they are going to validate these "crash dumps" that will be sent back to them. They will need to validate these dumps somehow, or else you'll get a new kinda of DoS attack... one where a bunch of computers are crashed purposefully to generate dumps that seem to indicate that a particular driver is faulty. Then MicroSoft blocks this driver from ALL the installed XP user base and Wammo! Driver DoS :)

BTW, I copyright that idea.... erm, yeah, whatever. ;) Cheers!

Another piece of misinformation

[roguerez]

This is so typical of some Slashdot submitters. Any news about Microsoft is mangled into something bad about the company, regardless whether this really is the case or not.

In this case, only CURRENT versions of these programs are blocked, because they access Windows internals which causes instability on XP. They just need to be adjusted to work with XP correctly. Just like some /dev/ files changed between some version of Linux. Microsoft preventing this software from installing is like having different plugs for 220 V and 9 V devices so you won't plug your shaver directly into a high voltage outlet.

People who badmounth a company (whether it be Microsoft or another) using information like this as an argument should either shut up or be sued and punished for spreading mis-information.

It's a perfect example of double standards: when Windows crashes this is always the fault of Microsoft, not of bad drivers or programs which access Windows internals, while in fact they often are (especially video drivers). When Microsoft tries to do something about it, it's suddenly only done for promotion of their own firewall software.

Make up your mind. If you are against Microsoft for monopoly reasons or anything else, that's your right. But mangling any piece of information to something negative only hurts the credibility of the anti-Microsoft camp.

MS Marketing : internal pr

[Alien54]

No, the problem is trust. Microsoft has done just about everything possible to ensure that they don't have mine. Remember the truism: fuck me once, fuck you. Fuck me twice, fuck me! Bill can go find another hunny to take from. He can't have any more of mine.

Agreed. It has gotten to the point that I no longer trust their technology solutions, because of all of this enhancement in ther marketing and monopoly functionalities.

Let me repeat this. I do not trust their technology. I do not trust their marketing. There is the old joke revisted: How can you tell when an MS exec tells a lie? Answer: [fill in the blank]

Many MS geeks live inside a microsoft world depicted by microsoft marketing. Imagine the vaporware presentations they give the staff about the new technology coming out 5 to 10 years down the road! No wonder they go OOO and AHHH. But it is vaporware all the same. MS probably lies to thier staff as much as they lie to us. They got to keep the vision alive, sell the microserfs on the long term dream enough to get get 5 or 10 years of juicey code out of them before they burn out.

Re:Malicious use

[coolgeek]

New Email Worm Selectively Disables Software on your Computer

Los Angeles, CA February 20, 2003

Think you're safe just because you never open an email attachment, like your computer savvy friends have told you? This is not the case any longer. Software on your computer, software that you have paid hundreds of dollars of your hard-earned cash for, can be disabled on your system, even if you never check your email with it.

You may ask yourself, How is this possible? Well, it seems to be the result of a Half-Baked[tm] feature integrated into the new Microsoft Windows XP Operating System that was designed to prevent the installation of error-prone software on your computer has been subverted by hackers to deny services to computers users on a massive scale.

This technology works by maintaining a list of "good", meaning Microsoft-approved software titles. If a program is not on the list, it cannot run on your computer. Fine enough, but the software ran on my computer yesterday, you might say. The clincher is this, an application that is believed to cause too many errors can be removed from the list, thus rendering it unusable. The hackers authoring this worm have targetted certain software titles, and introduce new computer codes into those titles, causing those titles to create system errors during their use.

Why can't I post a longer message than 2 lines?

[Otis_INF]

bug in slash?

Another real reason to kill non MS firewalls

[owlmeat]

The last thing that MS wants is for the user to see a bunch of pop-up warnings each time XP and MS servers talk to each other to validate/snitch registration information.

I hope they automate this server-side...

[Kjella]

...because I can't wait to see something like KERNEL32.DLL or NTDLL.DLL getting blocked. Then again it probably has a "if M$ then ignore", if not they'd never get the beta out the door. Disclaimer: Using win2k here, and from my personal experience, next to a crappy ISDN card driver, most BSODs happen because of M$ internal drivers.

Kjella

Re:I hope they automate this server-side...

[spongman]

most BSODs happen because of M$ internal drivers

really? is your hardware on the HCL?

Stop whining and keep using win2k.

[tcc]

I mean. what is WinXP? it's taking a very good and successful product with good features, and put some "meat" around it to grab more marketshares. For most of us, everything new XP has to offer we know how to install the equivalent on win2k... switching from Win2k to winXP is simply an interface upgrade (which can be done also with windowsblind(?) or similar).

Question is, is there a good reason for a win2k user to upgrade (downgrade I should say) to XP? XP seems so much more restrictive WIHTOUT giving any new features that can't be match with 3rd parties software. It's not an OS for most of us who like to mess around with hardware or software and betas. It's meant for the home user that is running 98/ME and wants to upgrade, THAT guy is gonna see a shitload of improvements.

Yes there's a professionnal version as well... I know... do you really think it's gonna be a major seller? heck they didn't expect win2k to sell that much, why did it sell that much? Games support/directX, Stability, speed, dual processor support, etc... XP offers nothing new in any of these area, so the win2k userbase Won't upgrade unless they have money to burn.

Finally, that product activation thing is gonna be another major pain in the butt for them, most IT people won't tolerate that, and boycott it. (personnally I don't feel like wasting 10hrs a month waiting over the phone because something bad happened to my users and I have to reactivate each one of them one by one or for whatever other reasons).

Spoofing?

[JimDabell]

How can Microsoft stop people from sending in spoofed data? What will stop, for example, NVidia from sending in data that makes Matrox drivers look buggy as hell and getting them blocked?

Misleading summary

[Phroggy]

Note: according to this article, the change does not prevent Black Ice or other programs from running per se -- but it does require them to use updated versions tailored for XP.

Hello??? Anybody home? Did it occur to anyone that maybe the reason why Microsoft is considering blocking old versions of ZoneAlarm and BlackIce is because they don't work on the new operating system? I'm sure by the time XP ships, there will be updated versions of ZoneAlarm and BlackIce available, and users will simply be required to upgrade them (for free I'm sure) before installing them on XP. If Microsoft didn't do this, some morons would try to install the same old version they used on Win98, and it would break things, and many of the users would blame XP.

Microsoft did something similar in WinME: the OS ships with a database of known-incompatible software, and if you try to run a known-incompatible program, it gives you a warning, with the option to cancel or run it anyway. An example of this is Enternet 100, a PPPoE client that Mindspring used to distribute for their ADSL service. Guess what? It actually doesn't work on WinME. Runs fine on Win95b, Win98, NT 4 and 2000, and I understand there's a way to hack it to make it work on ME, but according to the company that makes it, it's not compatible - you have to upgrade to a version of Enternet 300, or use a different PPPoE client. I did tech support for Earthlink after the Mindspring merger, and that feature that Microsoft put in actually saved us from some pretty annoyed customers, because it told them it wasn't going to work before they found out for themselves the hard way.

Re:Misleading summary

[einhverfr]

Hello??? Anybody home? Did it occur to anyone that maybe the reason why Microsoft is considering blocking old versions of ZoneAlarm and BlackIce is because they don't work on the new operating system? I'm sure by the time XP ships, there will be updated versions of ZoneAlarm and BlackIce available, and users will simply be required to upgrade them (for free I'm sure) before installing them on XP. If Microsoft didn't do this, some morons would try to install the same old version they used on Win98, and it would break things, and many of the users would blame XP.

OK. But the beta users know exactly what they are getting into. RC2 is not supposed to be used by people who are not beta testing the software. The driver blocking is a problem because it is being used at a beta stage rather than at a release stage.

One can draw a parallel to the AARD code in Windows 3.1 beta which used a nested flag proceedure to check whether it was really MSDOS that was running and not a clone (like DR-DOS). If it was not, it would display an error (Non-fatal error detected. Please contact Windows Beta Support. Press Enter to continue or Escape to exit). This code was included in the released version of Windows 3.1 but in an inactive form. Dr Dobbs had a great article on this issue.

Apparently Windows never did anything with that sort of nested flag, and it was used as part of a strategy to discredit DR-DOS and thus protect the Microsoft OS monopoly. You can bet that these programs will work on the release time, but by then, will home and business users still trust the products? Will word spread which will forclose market share?

Part of the purpose of beta testing is to help manufacturers solve the problems with their apps. This prevents this if it is done in a beta.

Re:The real reason for this:

[KarmaBlackballed]

even though the code base is no different than NT/2K

I think not. The XP code base shares its roots with Win2k but is not Win2k.

The real reason for this:

[JoeShmoe]

Is to do away with those pesky non-standard codecs like SMR, DivX ;-), 3ivx, M$MPEG-4 and so forth. Right now you get just a warning when you try to install those ACX/DLL files but come XP then that "Unable to find codec" message is all you are going to see.

Also you can say goodbye to those wonderful drivers that let you load a "sound card" to output the contents of the wave device to the hard drive of those "video cards" that let you screen capture ASF/RM player windows in an unencrypted format.

As soon as the encrypted video standards are rolled out you can bet that any kind of video output driver will be limited to VHS quality or the driver just simply won't be allowed.

Microsoft is smoking some serious crack if they think they can become the sole authoritative source for drivers on the Internet. Their WindowsUpdate driver server (if you go though the process of registering your hardware config with Microsoft) is worthless and do you think that companies are going to want to have to go through the hassle of signing very beta or unsupported driver they release?

Lesson from history folks...when the Amiga 4000 came out and told their customers that everything they had bought up to this point was no longer compatible Amiga went down the toilet. When Mom and Pop find their CD burner no longer works because their manufacturer hasn't gotten around to becoming "XP Ready" (even though the code base is no different than NT/2K) then I seriously doubt they'll be keeping it. Even though they can't return it. Shafted.

- JoeShmoe

Re:The real reason for this:

[TummyX]

Funny. DivX works fine on XP RC2 here.

You only get warnings. It doesn't prevent you from installing any unsupported driver. I've install the beta nVdia 14.2 drivers as well.

If Microsoft prevented you from installing ANY unsupported driver in XP it would mean 3rd parties can't write custom drivers without going through microsoft. I see nothing that mentions this will ever happen in the DDK docs.

Re:The real reason for this:

[spongman]

i installed the divx driver on windows XP RC2 without any warnings. I'm not sure what you're talking about. I'm pretty sure you don't either.

Re:The real reason for this:

[NutscrapeSucks]

A couple datapoints about the way Win2000 handles this:

1) Policy towards signed drivers can be controlled by the group policy manager

2) There are 'undocumented' ways to install drivers that bypass the cert check. These have been published on bugtraq, etc.

3) Windows Media Player is aware of the 'certified' status of your soundcard driver and can disable loopback or analog output using features that the certification requires.

Re:The real reason for this:

[TheMeld]

Actually, yes there is. NT's driver model cannot handle hotplug devices very well. Hence why just about any change to a driver requires a reboot.

Maybe they should fix their priorities...

[Guppy06]

I've seen several posts jumping on Slashdot about how this story is biased against Microsoft, how it's normal with such a big change for the OS, that the hardware and software in question will have new versions, and so on and so forth...

However...

One thing no post has touched on (at least not to my satisfaction) is why popular hardware and software manufacturers need to bend over backwards to keep up with changes to the operating system instead of the other whay around.

Re:Maybe they should fix their priorities...

[spitzak]

There is nothing wrong with MicroSoft requiring everybody to rewrite their programs to work on the new system. That is an excellent way to get rid of these programs that are using unsafe interfaces.

Yes this would be bad for developers (who should also be allowed complete API documentation and test machines at least a year ahead of release, so MicroSoft cannot have the only programs that work at release). So there are monopoly problems with it. But technically it is the correct solution. I am also quite happy that Linux decided to replace libc or a.out and broke programs, sometimes you have to do that (it would be nice if they made the old programs fail in a more user-friendly way, however).

However it sounds like MicroSoft is making a back-compatability mess in an attempt to run everything, and then making a database of the programs they failed to be back-compatable for. As a lot of people here have indicated there is a lot of fear that this list's contents will be selected more on political than technical reasons.

The one you got aint workin so good

[Graymalkin]

So...Windows XP figures out when vendors write shitty drivers and call them on it by informing you and the vendor and that's bad? Is it just as bad when a kernel module causes a core dump and it writes a mail message to the admin defining the error? This is ridiculous. So the fuck what if Microsoft fucked over Caldera by making Windows 3.11 crash on it, it's their fucking product. Windows 2000 supports driver certification just like Win XP does, it is a professional class workstation OS and damn well should have some way to verify the integrity of the hardware drivers you're installing. Maybe when a vendor's drivers keep causing a system to core dump they will get on the ball and release what we call "updates" to their drivers. I'm sorry releasing a single driver update over a product's lifetime is a pretty shitty way to treat your customers. Compare for example Creative and nVidia. Creative drivers for their sound cards and modems are over a year old and dispite being shit have not been improved upon at all. On the other end of the spectrum nVidia unified their driver base and continuously updates and refines their drivers. It drives you to buy shitty bargain basement hardware for your systems because at least then you get what you paid for.
I'd like to see alot more talkback features in fucking software so vendors can actually improve their fucking products. The Omni group pretty graciously lets you use their browser for free with no restrictions yet maintains a bug tracking system. Bug report e-mails aren't exactly support for software. Slashdot always finds a reason to bitch just because Microsoft's logo is found somewhere near an article.

As an Option

[Midnight+Thunder]

As said by other posters this is probably not such a bad thing, as it ensures that driver developers do better quality control before they release the driver. The problem, like anything it is open to abuse. For example do we know for sure that MS will be putting the same limitations on home grown drivers, or that they won't use this in anti-comptetitve manner? We don't, but this doesn't mean they will (only time will tell).

I believe that if there was an option to disactivate this feature, or have a admin control-panel which lists the software that has been perceived as causing the problems, with an over-ride, then I am sure users would appreciate this feature a bit more. The FUD comes from the fact that the user, as I understand, has no control over this feature and has to trust MS is not abusing their position - given past history it would take a lot of faith to put 100% trust in them.

Being to turn off this featue would also mean that you don't need an MS certified development environment to develop your software.

The other question I ask myself, is what do you do if you don't have an internet connection?

Re:Ignorance

[tb3]

because XP is raising the bar to a whole new level in terms of user experience

Oops, blew your cover there, quoting directly from the Microsoft PR handbook. You certainly have earned your right to praise XP; in your weekly pay packet.

and you all bitched

[gsfprez]

when apple wouldn't let you change the theme of Mac OS X?

ah...the days of installing whatever drivers we felt like installing...make us sound like the "I actually USED punchcards!" guys, don't it?

*sigh* Again someone who doesn't understand it

[Otis_INF]

Look: the overall experience of XP by the majority of the users of it will INCREASE if the crappy videodrivers from manufacturers like f.e. ATI or Matrox, or soundcard drivers like the poop from Creative, are tested by the MS testlab if they are compatible with XP and don't crash the box.

This way, the name of 'crash-prone' OS windows has for decades will slowly vanish. That's the whole idea.

Now, to get to your point of choice: in win2k, you get a warning when you install a non-signed driver. If you continue, and the box crashes due to that driver, just when you were about to save that important document, are you still happy? Who will you blame? Yourself, because you were so utterly stupid to install that poopdriver? Or microsoft because 'their OS' crashes all the time?

I know the answer. So does Microsoft. That's why this option is included.

Gee

[Snover]

What happens if "explorer" crashes? God knows that it happens at least once-per-day to every Windows user. Would that be an unacceptable threshold? Would explorer be put on the banned driver list (putting aside the fact that it isn't a driver, heh)

Re:Now make up your mind folks

[shokk]

This is not about making things more stable. This is about squashing the competition by claiming that the product was defective. This is just a more brazen way of being anti-competition.

My guess is with this kind of press, Microsoft is going to make the decision to punish them a lot easier for the government. It's transparent and no one is going to be fooled by it. This cannot be helping their case.

Stop the ride! I want off!

[shokk]

Firewall included in XP? I can see the support calls now.

"I heard about these viruses and l337 h4x0r5 and wanted to protect my desktop so I installed the firewall. Why is it you people can't have a stable network?"

"But, Bob, you're protected inside our site firewall. You didn't need that, and that is why your network stopped working."

OK, so this scenario could happen with any of the commercial firewalls now, but in most places one would have to go through an approval process to get the software, where if it is now included on the CD it is more readily accessible and much easier for people to screw it up.

And frankly with everything that Microsoft has gone through in the last few months (sites hacked into multiple times, Red Code, etc.), they are the last people I will trust to make firewall product. They had better have already qualified both Zone Alarm and Black Ice. This "driver blocked by vote" idea is just too too dumb.

Re:Stop the ride! I want off!

[SuiteSisterMary]

Just so you know, an NT admin would simply define a group policy to disable that option for XP installs on their network.

Blocking drivers is minor.

[Bartab]

The big thing is that they will be uploading crash dumps.
This is just another method to determine what things are installed on your computer. They couldn't get away with HD scan uploads, so now they upload what's installed on your computer - but only when it crashes. On windows, that's more than early enough, my win2k box crashed twice today.

Do you have StarOffice installed? Well that's why you crashed.

Re:Blocking drivers is minor.

[michael_cain]

Anyone want to bet on how soon users start getting e-mail along the lines of "You appear to be running apps/drivers X, Y, and Z and experiencing frequent problems -- why not use MS's product instead?"

Re:Blocking drivers is minor.

[DickBreath]

I realize this is blasphemy to say this, but I seriously doubt Microsoft would be stupid enough to risk the fallout that would occur if people's crash dumps were anything more than anonymous.

Realy? And who is gonna stop them? The government? Yeah. Right.

MS can do anything they want, with impunity. Well not with total impunity. They may have to write a check for a $100 million fine, or some similar amount of chump change.

Re:Blocking drivers is minor.

[csbruce]

Do you have StarOffice installed? Well that's why you crashed.

Obviously Microsoft needs to extend its black-listing mechanism to include user-level application programs also.

Re:Blocking drivers is minor.

[dachshund]

When a program in XP crashes you are given the option of whether or not to upload crashdumps. I hit yes or no. If I hit yes it uploads it. If I hit no it does not.

One has to question Microsoft at this point. They include an automatic function that disables certain drivers instead of simply giving a warning message, based on the assumption that "most users don't read warning messages very carefully." Yet when the computer crashes, they believe that users will carefully consider what they're doing to their privacy when presented with a warning message?

Re:Blocking drivers is minor.

[Malcontent]

"But the fact is, the watchdogs are going to be all over this"

Yea right dream on. The entire justice system can't touch MS but they will be afraid of watchdogs. Where do you get this stuff?

MS has a monopoly and they can do whatever they damned well please. They have 30 billion in cash for chrissake they can buy the entire congress and have change left over to buy the president. Oh I forgot they already bought the president and the attorney general nevermind.

News at 11

[bryan1945]

"This just in: Microsoft drops support for all security products in a move to solidfy support for its own firewall. However, Microsoft's firewall has a mere 61,000 bugs, but only 20,000 are considered to be serious. Bill Gates says, 'Screw you Steve Jobs, we got the money, baby!'"

And everyone thought that Apple's "Big Brother" ad was so off the wall...

What's the difference?

[Keeper]

When Mozilla receives n crash reports from a specific page, they don't block you from looking at the URL that crashed the browser. When Microsoft gets n crash reports from a certain program, they won't allow it to run. Of course, with Microsoft's dubious history, I'm *sure* that a perfectly good 3rd party application that works just fine won't be blocked ... rriiiiggghhttt....

Re:Good! Finally we get rid of stupid "personal fw

[svirre]

Are you opposed to traditional firewalls as well? While a personal firewall can't compete with a dedicated firewall it will still provide far better protection than a bare connection.

While you can likely keep a machine free from trojans by beeing cautious of who you source your software from, there is still loads of spyware out there, some contained in quite useful apps.

While you can say (/shout) "SHOULD NOT RUN PROGRAMS THEY DO NOT KNOW". In practice noone can know all the software they run, as this entails reading and understanding all source, as well as building from the ground up all software you use. Some trust must be applied, and when you trust you may be mistaken.

A firewall app provedes an extra layer of security against your own erronous judgements (after all noone is perfect) as well an enable you to use and identify some spyware without sacrificing privacy (By blocking the spyware's channel to home)

Things to remember

[cluge]

Remember Microsoft claimed they were working on a fix for DrDOS. It just never came.

The windows XP OS "phones home" and delivers information to MS headquarters (supposeldy just about your liscence data and nothing else of course). If you had a firewall program like Black Ice or ZoneAlarm you would be alerted that your computer was trying to send something over your internet connection. You could then STOP IT from transmitting data with a functional personal firewall.

When MS says they are working with vendors on an "XP" version what they really mean is
**sillymodeon**
"We are forcing vendors to allow our Big Brother program to work without your ability to disable it because we really need to know what software you are installing and whether or not you have an ext2 partition or other non-suitable for XP partitions on your harddrives. You of course have accepted us snooping into what you eat and your e-mail when you bought windows XP, merely glancing at the packaging in the store binds you to this agreement whether or not you even own XP. Our lawyers are that well paid *wink*".
**/sillymode**

I don't think I will be purchasing any computer with XP on it.

Re:So its good AND bad - Sigh in an ideal world...

[spongman]

Now I fault Microsoft for writing code that can't handle a drive rfailure,

You can't handle a driver failure. By definition a driver is part of the kernel, and if the kernel screws up, you're toast. the NT kernel does support exception handling, in fact many of the kernel support routines require you to handle exceptions that they throw, but if you don't handle an exception, or BugCheck intentionally then there's nothing the kernel can do. "Oh, the drive controller failed to load this virtual memory page from disk that I was just about to execute kernel code in, hey I'll just make it up as I go along..." I don't think so.

Maybe someone can correct me here, but I don't think there are any desktop operating systems that can recover after an unhandler kernel-mode exception.

Re:black ice

[D+Anderson+n'Swaart]

BlackICE is generally regarded by internet security experts, to the best of my knowledge, as a very poor firewall solution. Many intruder reports are not genuine, and many genuine intrusions are not reported. In addition to this, it does not use any kind of encryption to ascertain whether an application authorised to access certain ports is really what it pretends to be. For example, a Trojan named IExplore.exe will slip right by BlackICE because the firewall doesn't check it for authenticity. On the other hand, programs like ZoneAlarm, and Tiny Personal Firewall do perform these authentications, and are excellent at blocking intrusions as well. ZoneAlarm tends to be a little unstable and I have personally had some trouble with it, but I still highly recommend it for average Windows users. I find Tiny stable, secure, and it tells you exactly what is happening. I have tested it on Win2k and WinME and it runs perfectly on both.

In addition, you might be interested to know that BlackICE completely blocks all network traffic when lanning, and is very troublesome, while Tiny is not. BlackICE, in my experience, also does not actually uninstall properly and continues to run after you have theoretically removed it. This struck me as very strange, and could be a random incident. However, I have had my computer frozen solid with BlackICE running, on Windows 2000, and my opinion of it, like that of Steve Gibson is somewhat low. And yeah, some of you might laugh at Steve Gibson, but I'm not just going by what he says, bear that in mind.

To be honest, when I read that BlackICE was used widely inside Microsoft, I laughed my arse off.

Interesting...

[lavaforge]

I'm a bit unnerved by what the new version of XP is blocking. Between Blackice and ZoneAlarm, both of them have the ability to block "suspicious" outgoing information from things such as adware and zombies.

Call me paranoid, but I have a hunch that the new "compliant" versions of this software will have certain microsoft ports opened for various reasons. Not only does this present a security threat, but I am also somewhat worried about the user's privacy.

As for AOL, I think I can guess about that one.

Re:utter hypocrisy

[coolgeek]

the difference little troll, is Mozilla is not asking anyone to pay money for the Mozilla-Logo Certified App program.

Re:Improve "reliability"

[JediTrainer]

Later on, in another thread, you're going to be the guy who says 'They sit on problems for MONTHS and never fix them' aren't you?

Nooooo. But I do control a bunch of Linux boxes which have great uptimes. A couple of them had a full year before I took them down for a kernel upgrade. I've patched all other software throughout last year without taking any of the boxes down. Try doing that with NT. Now I didn't let them 'sit with problems' because I kept up with the kernel changelogs and only patched when I needed to because of a genuine issue (security or otherwise). I do the same with NT.

Before you say anything, mind that I also have 5 NT boxes in my control, and every time IIS needs a patch, which IS practically weekly, the damned thing needs a complete reboot. Not so with Apache. Not so with anything on my linux boxes, with the exception of the kernel.

And in a company which is a Microsoft shop (meaning, we're a VAR which resells pretty much exclusively MS products), the higher-ups are now asking me to move our other services to Linux because they've seen the stability of those boxes. Earlier (a year ago) our applications HAD to be on NT (their words) because we had to use what we sold. Now they have decided to let me move everything off NT, because they've seen for themselves how unreliable they are.

Finally, my post was a joke. Lighten up.

It all makes sense now...

[fleener]

Ahhhhh, all the evil news about XP that is being floated is obviously a ploy to boost sales of Windows 98 and ME. Well, it worked. I'll be advising my friends, who rely on prebuilt systems, to purchase tricked-out PCs before XP ships.

Re:microsoft might replace TCP anyway

[s20451]

Although the article you refer to appeared on Slashdot, it was basically uninformed, hysterical speculation. MS doesn't have sufficient inroads on the Internet to impose a proprietary protocol. If any company does, it's Cisco, but they're happy to use open standards anyway, for obvious reasons. Furthermore, Sun owns a large portion of the server market, and they don't exactly get along with MS after the Java deal.

TCP/IP is on its way out the door anyway, with IPv6 promising to provide an open standard that implements most of what was claimed for "TCP/MS" in the article.

Its about time...

[Utopia]

I think this is a good thing.
They are making device developers fall into line.

I sure Microsoft is as tired of the the blue screen jokes as the rest of us are.

O my god right back at you!

[Tony+Shepps]

I guess it was the need to inject your own leveling to Slashdot, but the article does NOT state that Microsoft is working with "exactly those vendors". It says nothing of the sort. Your pull quote was the only evidence that there is cooperation going on, and if you read that quote carefully and critically, you might spot the touch of bias in it that indicates we can draw very little information from it.

I would not say that adding a major feature that breaks competitors' software in the SECOND RELEASE CANDIDATE is kosher in ANY sense of the word. I mean, think of the implications JUST from the software development life cycle aspect. This addition will certainly have system-wide implications, and it's going into RC2? TWO??? Wouldn't that effectively nullify most of the beta testing that applied to RC1 and ALL previous builds? Isn't this just plain common sense?

And if you were a prosecutor, you'd look at the defendant's past history of proven, similar actions and call it damning. Just the things that we know for sure, coming largely from internal memos and emails that came out of the discovery process during the various legal actions, indicate that there is a predatory culture in Microsoft. Not that there isn't a similar culture in a lot of companies, but this one goes beyond the bounds of the law, common sense, and is certainly NOT in the interests of the comsumer. (And when I say comsumer, that's you 'n' me, chief!)

Furthermore, you saw fit to add your own conjecture. Frankly, if ZoneAlarm uses hacks to accomplish what it needs to do, I for one am entirely happy; and so are the millions of other people using it, who find that it causes no crashes whatsoever. I am hard-pressed, in fact, to think of a system utility that does its job so well, sitting in the background as unobtrusive as it can be. Especially something that has to intercept and examine every packet coming into a machine.

If you're going to accuse Slashdot submitters of faulty journalism, you can't interject your own bias as well and hope it all balances out...

Re:this will force me to break my ISPs EULA

[spongman]

err, if you class 'sending information to another computer' as being a server, then posting that slashdot article counts, doesn't it?

even if they did use ftp, it wouldn't be by running an ftp server on your machine, they'd just do the equivalent of a 'put'. the fact that when you open an ftp connection to an ftp server, that ftp server actually tries to open a connection back to your client pretty much makes you a server whenever you download anything from an ftp server. unless, of course, you're doing a 'quote PASV' for each ftp connection.

Re:Casio

[spongman]

yeah, the best strategy for this one is not to install 3rd party drivers unless you really have to. sometimes devices like digital cameras will be regognized by windows without the driver as USB mass storage devices that you can use through the generic explorer interface. I don't trust most hardware vendors to code themselves out of a paper bag, especially when it comes to devices like cameras whose primary use isn't connection to a computer.

Shared source would work here

[uncadonna]

If there are objective criteria used and published, and Microsoft apps were as likely to be banned as any other for violating the criteria, I don't think it would be a problem. While this does move us closer to the non-personal computer (centralized service), as Macneally and Ellison have long argued, that may be the right approach for the mass market.

If the criteria are not published, though, one may reasonably presume that the criteria are not objective. Even barring malicious intent, subjective criteria would be bent to Microsoft's convenience. This is for the same reason that science uses double-blind experiments when possible. People always are biased in favor of judgements that favor their own interests. In the absence of an objective specification, I believe this no-run list would be a clear violation of monopoly power even if it were not so intended.

Re:Free? (how about tiny personal firewall?)

Hi I've been using "Tiny Personal Firewall" from "http://www.tinysoftware.com/" and I'd like to say that I'm pretty much happy with it - it lets you set rules and doesn't nag you whenever somebody pings you. I don't know about black-ice or other perasonal firewalls, however, I find Tiny personal firewall by far more intelligent (& free for non-commercial use). I highly recommend it, even though that company has some shareware products (winroute etc.) because it seems much simpler and compatible with my taste in software. I would like to simply use IP-tables under and OSS OS but simply don't have the knowledge to install one.

Re:Improve "reliability"

[Dr.+Evil]

Yes, despite what the most vocal MS critics say, NT is quite stable, third party drivers do kill it.

Linux doesn't have this problem because there aren't too many vendors writing kernel modules.

IMHO, it is a harsh solution for a bad problem. But I can't fault them -- I can't think of any other way of doing it... except maybe a "I forfeit support from MS, and accept the risks of running this driver" button.

Remember too that MS has been responding to industry requests for privacy and control over updates. I imagine this will be among those tools with an option to point towards a privately run server. If not, corporate customers would have a fit. Just imagine being an IT manager finding out that Windows XP purged the video drivers from half your users in North America.

On the other hand, the worse MS gets, the more sense Linux makes.

I did read it and it scares me.

[alricsca]

They can remotely cripple any software or hardware that uses a specialized driver. While they use the excuse that it is not XP compliant. What is to stop them from placing drivers from any software or hardware they choose on the list? Imagine if they wanted to block a certain piece of hardware, a specialized sound driver or a Divx codec. What would stop the? This impacts open source because often the software used is in beta when people first download and try it. This would not work if they wished it. Where are the controls to disable this feature? Even then how much do you want to bet that in order to watch or listen to any secure content that you will need to update your list of banned devices? Anyone here use Disk Daemon or VNC? I will bet that packages like these will be banned because they can emulate hardware or provide ways to pull screen content. I would also bet that Microsoft is not about to remove any of its products from the list. Imagine them restricting the latest version of Apache or MySQL while releasing the newest version off IIS. Even if this feature were meant to be used with good intention, it allows them in an underhanded way to control the software and hardware market. Futhermore, it just dawned on me that they could even block software that uses standard Windows drivers by updating a standad driver in way that cripples third party software ability to communicate with it and then blocking the old driver as outdated. All they have to do is make sure that the driver update and the patch for their own software to work with the new driver's FEATURES is released in the same package. I could easily see them doing this with the streaming Media Codecs.

So its good AND bad - Sigh in an ideal world...

[baptiste]

this would be welcomed with open arms. Yes, on first read this seems like an awesome idea. Just look at how Talkback has helped improve the stability of Mozilla. God knows anything that improves the stability of Windows - amen! Heck, most of the instability I've seen with Windows over the years HAS been due to drivers, etc. Now I fault Microsoft for writing code that can't handle a drive rfailure, but plenty of blame goes to the dirver vendors.

That said, there is NO question Microsoft has used tactics to drive competition into the ground. The DR_DOS is a clear example and there are others. Again, we're left with the conspiracy theory - Microsoft could easily use this and WIndows update to degrade the stability of competing products and then block them out entirely or make them spend precious R&D on fixing bugs Microsoft has cause. Now in most other contexts (except maybe the gov't) something like this would be laughed at. But time and again Microsoft has proved they will go to extreme lengths to eliminate competition and a setup like this gives them a very powerful weapon.

Its too bad really. Microsoft has rightly earned their reputation and now they are in the position that even when they might have good intentions they get slammed for it. Its their own fault, but at times you wish we could trust Redmond in cases like these so that we could help improve the stability of WINdows and make our lives easier (for those that are forced to support them)

The way path to solve inestabilities

[gallir]

It's OK that some drivers don't work to avoid inestabilities. According to my sources in Redmond, the MS steps will be:

1. Don't allow installation certain drivers.
2. Don't allow installation of bad application. Most VB application won't work.
3. Don't allow booting by dumb users. Most nannies won't be able to boot the machine.
4. Don't allow booting of dumb operating systems: Windows XP won't boot.
5. Plan A: Buy back SCO and sell SCO Linux.
   Plan B: buy Caldera.
   Plan C: buy Ximian.

Slashdot Needs A Microsoft Section

[istartedi]

Slashdot should have a Microsoft section. It seems like there is at least one MS article a day, and they are all the same article: "MS bad OSS good."

With a separate section, those who enjoy whining about how "M$" is taking over the world can go off in a corner and circle-jerk all they want. The rest of us can (hopefully) read something truly interesting.

Also, the MS articles shouldn't appear on the main page unless there is something *truly* newsworthy, for example, the final resolution to the anti-trust case.

Of course, this will never happen because /. gets more page hits from MS articles on the front page than from any other single source; but I can dream.

Re:Improve "reliability"

[wolf-]

I would say, yes.
We HAD NT systems here that ran for almost 5 years, with reboots only for service packs and hotfixes.

(As a side note, after receiving nearly 35 letters from the BSA and Microsoft, sent to us because we were developers and resellers and customers, offering us a "truce" and calling us all manner of names, we have removed all Microsoft Server products from our organization, have replaced them with Linux or BSD based systems. MS, F*CK you and your BSA Cronies! I dont care if it was a form letter, we were a bit more than offended.)

The implications

[Mihg]

I've seen lots of comments about how Microsoft is evil and is trying to eliminate all their competitors in the personal firewal market and how they are going to spy on what the users have installed and how they will block web sites a programs too, along with the drivers, but nobody seems to have realized the true implications of this modification to Windows, instead of all the paranoid stupidity.

First of all, this provides another revenue stream for Microsoft. In order to get their the drivers marked as Windows XP Compatible (and the digital signature that goes along with this), hardware vendors will undoubtedly have to pay Microsoft some fee, whether it be for the signature itself or perhaps something slightly more useful (and less greedy), like paying Microsoft to do some testing on the drivers and then providing the certification.

This isn't particularly bad (although, Microsoft is once again abusing its monopoly power to gain money, who else are the hardware companies going to make hardware for?).

What does worry me is the fact that this provides an easy way for Microsoft to infulence hardware manufacturers. If they don'y follow Microsoft's "suggestions", the testing and certification could be "accidently" delayed, while all the hardware company's competitors deliver their products to market before them.

What will those suggestions be?

Probably something like "Hey, you know those weird communist hippy freaks who work on that evil anti-American OS called Linux? We want you to stop providing them with technical specifications and hardware drivers. Thanks, and have a nice day!"

Re:Good! Finally we get rid of stupid "personal fw

[mikethegeek]

"I want to KNOW what internet traffic is coming IN and OUT of my system. ZoneAlarm fulfills that need, for $0, and deserves praise."

Microsoft has a history of creating deliberate incompatibilities for competition, and it's no coincidence that ZoneAlarm and others find their software broken for no good reason in XP. It's happened before and it will happen again, and KEEP happening until developers learn that when they are playing M$'s game, the only winning move is NOT TO PLAY.

In the case of a firewall, or any other kind of security software, I have a LOT more faith in a third party than I do in MS's "security bug a week" laughable record.

I have no doubt that MS's so-called "firewall" in XP with Active Swiss Cheese (tm) technology will prove just as sucessful as their foray into bundling anti-virus software with DOS 6.x (horrible failure).

Bundling a swiss-cheese firewall with the OS is a BAD idea, as it will, like the MS Anti-Virus debacle, it will give a LOT of people a false sense of security, and cause the demise of third party security apps for `Doze (who will cease development because their air supply is cut off). Which will do NOTHING for MS's reputation as the least secure, MOST dangerous OS to let loose on the `net there is.

Aim down, FIRE, where did my foot go today?

Re:Improve "reliability"

[IvyMike]

Yes, despite what the most vocal MS critics say, NT is quite stable, third party drivers do kill it.

Here's a fix for this problem: MS requires all vendors (except for itself, of course) to open-source their drivers. THAT would be ironic.

Re:You can't.

[cicadia]

Then that's not a firewall, and shouldn't be marketed as such.

At best it's a packet filter.

A firewall should be a seperate machine, which, among other things, filters network packets to protect internal machines.

The fact that the software on the machine you are trying to protect is capable of actively bypassing the filtering rules set up to protect it means that you do not even have an effective packet filter. What you have is a marketing device.

Re:Stop the ride! I want off!

[einhverfr]

And frankly with everything that Microsoft has gone through in the last few months (sites hacked into multiple times, Red Code, etc.), they are the last people I will trust to make firewall product. They had better have already qualified both Zone Alarm and Black Ice. This "driver blocked by vote" idea is just too too dumb.

The main problem is that, like all personal firewall manufacturers, Microsoft ahs to take into consideration support costs. For this reason, personal firewalls do not offer high levels of security. This is why I build my own...

The Personal Firewall in XP has a number of design decisions made in order to cut down on support costs (read security). Among these are the fact that they decided to not allow it to protect packets traversing through Internet Connection Sharing meaning that there is no single point of administration for a home network. This limits its security and violates nearly all good security practices by making Personal Firewall somehting that simply provides enhanced host-based security. It is not a piece of software I would encourage in any sirt of networked environment...

Re:utter hypocrisy

[jejones]

Bogus analogy. mozilla talkback doesn't make mozilla refuse to run certain plugins, or prevent you from running anything else. What Win XP evidently will have in it is not only a bug reporting facility, but something that will refuse to run software deemed "unsafe" or "incompatible." How long before MS uses that to cut off someone's air supply?

Where's the Unabomber when you need him?

[leereyno]

The justice department and the courts have not been able to find a solution to the Microsoft problem. Even M$'s competititors have failed miserably.

At this point only group of people can save us....this is a job for Ted Kaczynski and the Trench Coat Mafia!

Re:CLX

[Ronin+Developer]

If a vendor complies and uses CLX and only CLX calls, their code should port to D6 and vice-versa.

My understanding is that BORLAND is helping fund the QT effort (especially for Windows). Their drive is to become a cross platform tool supplier rather than be bound to a single platform.

I'm suprised that my original post was marked as flamebait. My guess is they figured that I was implying that only decent programs can built for Linux using Kylix. However, Delphi 6 and Kylix are good attempts at making apps cross platform. As such, it is a good vehicle to move Windows apps to Linux.

The release of Kylix Open Source edition was to aid the Open Source community. In doing so, it is anticipated by the Delphi and Kylix users that more CLX compliant components will become available. When leading VCL vendors like DevExpress and Woll2Woll see that Kylix (and Linux) are viable platforms to which they can market their product, they will. But, it costs money and time to make the port from VCL to CLX. Other VCL vendors probably realize the same thing.

We are interested in moving our Delphi 5 app to Delphi 6 and Kylix. While we can migrate to D6, we can't to Kylix because of the non-availability of CLX replacements for many of the VCL components we use. This is unfortunate and I expect many other developers will encounter this as well.

Our plan was to wait out the XP debacle and, as people realize that their favorite apps won't run or not available on XP, they will begin looking elsewhere. We figure this will happen in about 3-4 years when NT4 and 2000 are hard to find commodities as M$ implements XP.

They might not even cooperative users

[GroundBounce]

Perhaps they might write a worm that damages your driver, making it cause crashes, and then replicates and spreads itself to other susceptable machines. It wouldn't take too long - after a few days, thousands of machines would be crashing on YOUR driver, which might be enough to get it blacklisted.

Of course, Microsoft's tracking program might be smart enough to note the sudden change in crash reports and conclude that it's a worm, but do you trust them to do so?

Dim Legalities???

[GroundBounce]

Might there be issues with the legality of one company disabling another company's products without their permission, regardless of "qulity" issues?

I'm not a lawyer, so I'm asking this, but it seems that they might be asking for trouble here.

Here's one MS Geek still living in the real world

[Robber+Baron]

Yes, I have an MCSE certification.
Yes, I know it isn't worth very much around here.
No, I don't live in a world depicted by Microsoft marketing.
You see, I don't work for Microsoft, I work for my clients, and the technical advice I give them will be what is in their best interests, not Microsoft's! And that advice doesn't include XP in future deployments. Expect to see more Linux, BSD, BeOS etc...
(gee, I feel like I'm at an A.A meeting! ...Hi, my name is_________and I use Microsoft products...)

"News for Nerds", what a load of shit

[Recolada]

There isn't much journalistic integrity on this site is there? "Well, apparently among the casualties are ZoneAlarm and BlackIce... Two popular free personal firewall products for windows. Guess What? XP includes its own firewall ... So you don't really need then anyway, right?" and at the very end of the article: "Note: according to this article, the change does not prevent Black Ice or other programs from running per se -- but it does require them to use updated versions tailored for XP. " Why wasn't the entire summary of that one line posted, instead of so blatantly skewing the truth? "RC2 refuses to install a host of third party applications including Black Ice, Zone Alarm and AOL. Users will need to upgrade their applications to Windows XP-compliant versions."

Stop Whining anf Build Something Better

[reallocate]

I suppose this business of XP blocking drivers it thinks will gum up the works is going to trigger the usual flood of semi-rational and semi-profane rants about the Great Evil That Is Microsoft and how it is using its monopoly to thwart the Great Good Thing That is Open Source.

You know, I really think the average consumer oesn't care a bit about open souce, closed source, or shared source. Sure, maybe most people think that Microsoft shouldn't be such a bully, but that's not going to keep them from wanting to buy computers they can use without reading a book.

Wake up, folks. People don't really care about free software, open source and all the rest. No more than they'd be expected to care about Free Toasters and Open Refrigerators. They don't want choice if the choice means reading howto's and Unix manuals. They don't want to have the freedom to build their own computing environmen because computers are complicated, intimidating and scary.

If Microsoft disappeared tomorrow, Linux and all the other free Unixes still wouldn't be easy enough, simple enough, and attractive enough to fill the void.

So, rather then whining about how the Big Bully is keeping Your Favorite Unix LookAlike from taking over the world, how about getting busy and putting together on OS that is so outrageously good that people will wipe Windows from their PC's and buy it.

Antitrust questions

[Dwonis]

Why is Microsoft the only one with the privilege of getting automatic bug reports for their products? Why can't each vendor set up an address where crash dumps can be sent?

Note on the DOC file

[macdaddy]

I've got to ask, how many people downloaded to the doc file and read it? How many downloaded it to /dev/null just to eat a little M$ bandwidth? :-) 'nough said.

Re:Improve "reliability"

[spitzak]

Yes this is somewhat true, and it certainly is true of Windows (which has many more third-party drivers).

Linux also seems to be crashing much more often due to third-party drivers. I have had several lockups due to a closed-source X driver (fire GL) that killed everything except ping (actually that is done by the hardware, right). (PS new versions of the drivers do not seem to be crashing).

NT also suffered from a great deal of the GUI in the kernel. This caused most of our crashes as we attempted to use our machines as a renderfarm and the whole thing would bluescreen when somebody logged in. This appears to have been fixed as the rendering processes no longer link with any GUI DLLs (I know NT was not fixed as we never updated past 4.0 here). I suppose you could just say that the programs are written correctly, now, but I still think this is a problem.

Re:Improve "reliability"

[Malcontent]

Actually the number one reason for serious system crashes is probably IE upgrades, MDAC upgrades or service patches. Not even MS can write stable software for MS how do they expect everybody else to.

Project UDI would allow user-mode drivers...

[Deven]

You can't handle a driver failure. By definition a driver is part of the kernel, and if the kernel screws up, you're toast.

This is an unsupported proposition. While it may be typical for a driver to be implemented in kernel mode, it's not "by definition" a requirement. Take a look at Project UDI for a device driver API that could be implemented in user-mode. This would allow the system to be equally protected against untrusted drivers as it can be from untrusted applications. Now, I'm not saying that the Reference Implementation or any other UDI implementation actually supports user-mode drivers today. However, the API standard is written in such a way as to allow for that possibility.

Of course, user-mode drivers would execute more slowly than kernel-mode drivers, but if an OS supported both types, paying the performance price for stability on untrusted drivers would be a worthwhile tradeoff...