Slashdot Mirror
More on Longhorn
An anonymous reader writes "Everything I have read concering MS's future plans: Palladium, Client/Server tie in, Office 11 breaking backward compatability, 3 year licensing plans, product activation - all leave me with a foreboding sense of the potential synergy for furthering Microsoft's goals of complete domination. Now this article tells about Longhorn's new filesystem being based on the the future Yukon server. And surprise it will only work with new hardware, which they want to be Palladium enabled. And all pitched to you under the rubric of Security & Efficency.
For years MS has been accused of only wanting
people to run MS Software. Now according to the article, 'Microsoft doesn't think computer users should have to use one program to read and write a word-processing file, another to use a spreadsheet, and a third to correspond via e-mail. Rather, the company thinks, a single program should handle it all.' One program to rule them all, one program to bind them, indeed."
Corporate computing is not some ideal world... it's all about money, money, and more money. Computers exist in the first place to save time (and therefore money).
Conversion Rate Optimisation French / English consultant
I sure hope he isn't talking about security in general, because I sincerely doubt that Palladium will yield any kind of increased security other than security for MS's bottom line. The ignorance of that statement is astounding. Even if Palladium-esque code signing does increase security the added complexity is sure to keep the security people busy for years to come.
Kidding aside, the idea of hiding to the final user the application layer may be a good one. If this was done openly (i.e. documenting the API that each class of applications should have and allowing administrators to switch one application with another, from a different vendor, without troubles), could be a good step to make computers easier to use.
Knowing Microsoft, however ...
Ciao
----
FB
If any company is capable of doing this right now it is Microsoft. The idea has a certain charm, it is a logical extension of components and virtual machines.
Microsoft engineers don't seem able to program their way out of a wet paper sack, let alone implement security features.
Individual programmers at MS probably have the same skill levels as those at any software company. The ad-hoc feature growth of many MS products is likely the cause of most of the security problems (and many stability problems as well).
[Set Cain on fire and steal his lute.]
Since when are 'leaked rumours' (!) news, based on facts? Here we have an article which bases conclusions (!) on rumours.
Ok, not that the conclusions are then worth anything, but still some remarkable opinions are ventilated in the article, even when you take into account the conclusion-based-on-rumour factor.
For example:
"Neither Linux nor Unix ties the operating system to hardware," he said.
Come again? We're talking about a new PCI architecture here, not about a new soundcard!. And since when can I install AIX or HP-UX on ANY i386 system? Ever installed Solaris for Intel on an Intel machine you also happen to use as a workstation (f.e. with Linux on another partition?). The 'he' person definitely doesn't have a clue whatsoever about tying an OS to hardware. It's in all situations very important the OS works flawlessly with the hardware it's installed on, so yes, every OS is tied to a subset of available hardware. Big deal.
Ok, then we move on to:
"I'd like to see Microsoft act like the operating-system leader it is, not promising scores of new features or letting rumors fly but stepping forward and saying, 'We will have X, Y and Z features and not A, B and C,' " he said. "That would be leadership, especially when so many people are dependent on you."
WTF is the 'he' person to ask for this? First he throws in the rumours no-one confirmed as being true (the article clearly states MS didn't say a word about any detail concerning Longhorn) and then he wants MS to clear the sky for him about the rumours and to step forward about any featureset they'll implement in an OS which isn't even in Alpha-stadium nor a releasedate has been set.
Like Linus is going to talk about features in the 3.2 kernel, released somewhere in Q4 2004, "because so many people are dependent on you.". Sure...
Never underestimate the relief of true separation of Religion and State.
I'm all in favour of keeping a paranoid eye open to the workings or Redmond, but it might be a bit early to start declaring the closing proximity of the sky. My favourite /. quote is the one about Bill being just a monacle and a Persian cat away from being a Bond bad guy.
/. have been calling for a Be-like fs). An 'all-in-one' office application? It's an interesting challenge, but based on XML, feasable.
;)
The 'database' file system is not new (and many on
Keep in mind though, that this type of pitch is being made to the corporate IS types. Stories like this are 'leaked' to help test the waters. The money just isn't out there any more for the latest bleeding edge operating system and Office upgrades. In order to pry the dollars out of corporate boards these days, you have to show real value, and the IT types these days only know one way to count (with their socks on that is), and that is the magical phrase "TCO". You can guarantee that the M$ marketing types will be selling the reduced training costs of the one-application scheme.
Maybe though, before completely calling it a waste of code, we can judge the ideas on their technical merits and make fun of the marketing slime later? Of course, if your just interested in getting the story posted, keep the chicken little act up
My $0.05 (AUD - we don't have pennies any more)
I think some people posting on this topic have spent too much time watching the X files. It's only an operating system guys, and, if it is as radically different to previous versions of Windows as is claimed in the article, it is going to have to compete not only with Linux and friends, but also with W2k and XP.
So if it really does offer something fundamentally new and useful that outweighs the disadvantages of DRM, people might buy new hardware and switch. If not, they won't. And even if the new OS is a runaway success, it will have to talk to W2K, XP and Un*x servers or it just won't work on the current Internet.
In other words, if things pan out as stated in the article (which is by no means certain), Windows 04 is going to have to compete without most of the advantages enjoyed by previous versions, so it should be a much more even fight between MS and OSS. And could it be that this is what has really got everyone spooked?
Virtually serving coffee
Dilbert is coming true. Remember the one where Dilbert is at the computer store and the saleman says something like "this computer only has 1 button and we push that for you before is leaves the factory".
If Mr. Edison had thought smarter he wouldn't sweat as much. --Nikola Tesla
If Microsoft is going to put everything into a single program, presumably with loadable .NET-based components for extensible functionality, why did they just spend a decade moving towards a UNIX-like multi-process operating system? The NT/XP kernel and technologies like XML are redundant and inefficient for building that kind of system.
What this tells me is that the company has no clue where they are going. Most of their technologies (NT/XP, C#/.NET, XML/SOAP, DRM, etc.) are "me-too" reactions to industry fads. And a few ideas are somewhat dated gee-whiz gearhead ideas that seem to pop up randomly out of their research organization ("database-as-filesystem", etc.). The only thing that is predictable is that Ballmer and Microsoft marketing will try to figure out how to sell that stuff to the public.
Microsoft is not the only one working on a filesystem that does (if I read the article right) what Yukon does. Vendors like Oracle are already doing something similar today. They realize that most content today exists as "unstructured" data (ie., not columns in relational database tables). They are enhancing their software to more easily handle unstructured data through the database. I actually think this can be a good thing: databases already can manage very huge amounts of data across multiple physical stores. This extends the concept to unstructure files. You can run SQL like operations against it, use enhanced indexing and search techniques, export the content easily using the built-in database access tools (WebDAV views and the like), etc. You get robust role based security, excellent logging/monitoring (which some people might think is a bad thing).
I'll use Oracle as an example because I'm more familiar with it. When you store things like PowerPoints and the like into Oracle, through their products like InterMedia you can automatically do things like search for content insides of these "opaque" files (not just look for file names in a filesystem directory), automate metadata generation (e.g., width/heigh/color depth, etc for images), transcode from one format to another, etc. At this point, most of the capabilities I've seen are "toolkit" oriented. That is, they enable developers to build apps that take advantage of them but aren't necessarily suitable for use directly by end users. I believe all of oracle.com is managed in this way, so check it out.
If Yukon is basically doing a similar thing in extending SQL Server to support unstructured content well, this could very much be a good thing in terms of functionality.
Also, don't be so quick to dismiss MS's security talk as just another way to take over the world. Obviously, these guys are very focused on market success and very focused on competition with GNU/Linux and free software. But they understand that in general security flaws have been a huge achilles heel for their products and they are doing a number of things top to bottom throughout their development process to really wring out security bugs and make more robust software. I can't reveal what most of this is due to non-disclosure, but from what I've seen MS are treating security very seriously and are focusing on the "security gap" in the same way they've focused on competitor functionality in the past.
Wait until Microsoft actually publishes what they plan to implement in Longhorn, rather than what some analysts predict the plan is...
/.]
Will due respect (perhaps) to the analysts, the article reads more like a cute marketing ploy or extreme FUD: haven't Microsoft brought out enough drivel in those areas to warrant even more coming from unofficial/non-connected sources?
I mean, please, when people are quoted as saying "Neither Linux nor Unix ties the operating system to hardware,...This could bring [for Windows] a higher level of security than anything we've ever seen. It will almost completely prevent the platform from being compromised." then exactly how much respect does the article warrant? Not only are the quotes lacking in true factual content, but the majority is damn right humourous (in the groaning sense)!
[Disclaimer: I'm ranting at the article and its content, not the fact that it was submitted to
or even the medium term view. If win9x is competing with win04, what do you do? Two things:
1. Stop fixing win95 problems when they pop up (yes they do pop up, as certain as the sun rising every day). Eventually retire the OS so that users of this ancient operating system become software renegades, but first make it even more difficult to use than it was when it first came out so that there won't be much fuss when it's eventually retired.
2. Use those billions in the bank to pay a few companies to make software that requires features in newer versions of windows, i.e., not backwards-compatible with win98/ME any more. Microsoft has the money to play this waiting game, and they face no threat from the courts, so every day their influence grows. X-Files indeed- I think you're the one living in the imaginary world.
You say it's just an operating system, why have I been *forced* to use it at every job I've had since at least 1997? They are a *monopoly* and they abuse their power in ways that make life miserable for the rest of us.
microsoftword.mp3 - it doesn't care that they're not words...
Obviously, Longhorn is not going to come out as early as 2004-- the PI article is at least fair enough to quote another source who knows better than to believe the MS PR. Since the new OS is not likely to be out for another three years, this is a chance for the open source community to make its case to the public of why it should try its products.
The first case for open source will be, "You don't have to give up your old computer!" We already know that Linux and other OSs can be installed on x86 hardware; it has to be easy to install, and it has to have all the other things that people are accustomed to having on their machines. Finally, it has to have programs that are compatible with common file formats, like MS Office. With OpenOffice, that last need has largely been fulfilled, where it comes to productivity.
What would also be helpful is to pitch open source products to hardware manufacturers, as a way to sell more units. If not to the consumer market, then to the business market. Having Linux pre-installed on machines would make the transition to open source a lot easier for the enterprise. Of course, with Longhorn, the promise for the HW people is that they can sell a lot more units in the future with Longhorn. But, in the meantime, they may be struggling with machines that can only be loaded with warmed over versions of XP.
The other thing that has to happen is that people need to be made aware of what DRM really represents. If you don't like MS having admin rights on your machine (as they do with the latest SPs on Win 2k and XP), you sure as hell won't like DRM-enabling Palladium. It's about freedom, and I think a simple slogan on a T-shirt to get this home could be: "DRM=Total Information Awareness". "Trusted Computing" is just a slogan, when the count on security patches for Windows and related products this year is 65; for open source, it's closer to 10. Which do you think is more "trustworthy"?
Always look on the briight side of life! (whistle, whistle)
Comment removed based on user account deletion
chrisseaton wrote:
The research project was Millennium , from the late 1990's. What, you think Microsoft came up with "trustworthy computing" when they did that memo? Or that they started on Longhorn the day XP was released? They have been working on this scheme for a looong time. They had to build .Net just to have a distributed platform-independent development tool they controlled. They are literally betting the company on this.
Yes, but unfortunately it is Microsoft. That means bugs, like the flaw in SQL Server (on which Yukon is based) that may well have eaten some of our nuclear materials.
Even if Microsoft made it bug free for once, they are the last people on the planet I'd put in charge of a world-wide distributed network. I don't know who would be safe to have administrate the thing.
To Microsoft:
The crown is not yours.
Footsteps drum a dirge of doom
By nuclear rage!
The world's great hero,
Dreaded God and Monster King,
Millennium ends.
This just isn't true! I've been using Windows since 2.0 and there weren't that many users - most people stuck to MSDOS. Slowly people picked on Windows and by 3.0/3.1 there was a big pickup. There was a BIG change in 95 and a lot of people took that up. Most people thought it was for the best. This "evolved" for a while. Now there is the "XP" feel. This is starting to slay users. All the icons are different in XP. It confused the hell out of me and I still don't like it much. MS _Keeps_ changing. They feel they have to to sell anything new but users get really confused with ALL this Windows crap and forever changing Office GUIs.
The number one reason that _users_ are using windows is that when you go to the shops to buy a PC you don't get much choice and if you even asked about the software the sales people would become very confused and wonder what you were on about.
The PC was never supposed to be a home computer OR an office computer. It shows this and so does windows.
"None of this shit works" -W.Shatner
I think Microsoft decided to go all the way with a full OS-Software-Hardware security solution without first asking the question "What are the sources of security problems on a computer?", to which 99% of the cases the answer would have to be (1) social engineering and (2) user's naiveness.
By Social Engineering I refer to the oldest form of hacking: convince someone to do something for you on his/her machine. No hardware, software, or operating system can protect a user from this today.
By user's naiveness I mean that most users (who naturally are not tech-savy) simply open every email attachment they get, or simply click on "yes" or "ok" on every pop up they see without first reading. Combine this with Social Engineering and I really don't see how Microsoft will stop the wave of attacks against windows machines.
The only thing I have seen so far that works to a good degree is Java's sandbox model, where in a sense every program is an island unto itself, and if it wants to communicate with other programs it needs explicit permissions or use well-document open-standards-based protocols. However even this suffers from user's naiveness sindrome.
Bottom line: Security is an EDUCATIONAL issue. Create awareness and teach people the basics of security (don't give your credit card number to ANYONE who calls you, don't open attachments from people you don't know, use an updated virus scanner, patch the latest discovered holes in your OS, use a firewall, etc), if we manage to do this (a daunting task), I think we can get MUCH farther in the security arena than instead taking all our freedom away in a completelly-controlled and restrictive environment.
My observation over time has been that Linux seems to stay about 3 or 4 years behind Windows in the area of user interaction. For example, the latest RedHat 8.0 release with KDE finally has an elusive "buttery smoothness" that I first noticed with Win2K. (Yes, I know Macs probably had it since 1932, but I don't use those.) RH8 even supports mostly point-and-click administration functionality.
The thing is, going forward from here, I don't see the incremental improvements in OSes as being very compelling. For example, I've had no reason whatsoever to use Windows XP over Win2K. This means that even if the Linux user interface remains a few years behind Windows, the difference becomes less and less important over time.
As far as a database filesystem, I think it will be like the NT security model vs UNIX. Better in theory, but too complicated for anybody to actually use effectively. In the past, the NT security permissions were usually left too loose because nobody wanted to deal with figuring out appropriate settings. Likewise, I'll bet that in the real world, the relational database filesystem will be mostly organized into a strict heirarchy just like today. The bottom line is that it won't have much value for the average user.
Which one? RMS didn't write the first emacs, that was Gosling.
The slashblather today is pretty much of the form 'Microsoft is doing nothing new because it never does', followed by 'Microsoft is going to change the hardware'.
Microsoft does not have a reputation for security, but they do employ some of the top people in the business. Assuming that all those people become imbeciles the minute they move to Redmond is just a self serving slashdot dellusion.
Not so long ago the standard repost to any Microsoft post was the time a system stayed up before the blue screen of death. Funny thing, you don't hear that half so often since Windows 2000 and XP hit the stores.
Not so long ago UNIX had a lousy reputation for security. That took about five years to change as people started to deploy Kerberos and ssh to patch up some of the more eggregious holes.
Basically there are two routes the open source community can take. Route one you sit arround and congratulate each other while Microsoft goes out and eats your lunch, or you could start to look at ways to extend the security model of Linux to be competative. The execs at Apple, Wordperfect and Lotus took the first approach so you would be in good company.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/