Slashdot Mirror
WinFS - Who Will Actually Use It?
Hel Toupee asks: "Tom's Hardware is running an article about the file system to be employed in Windows Longhorn, the to-be-long-overdue successor to Windows XP. According to the information that the authors could get out of Microsoft, WinFS seems to be little more than an indexing and searching service that sits on top of NTFS or FAT. It is also very flexible and extendable, which, for Microsoft, can mean 'slow' and 'exploitable'. For instance: quite a bit of the inner workings of WinFS rely on XML data tags which can allow 'for instance, that developers will additionally be able to automatically display or execute commands linked to items located by a specific search'. This seems to imply that the new generation of spyware only has to change a bit of XML and it can add entries to your context menus, or open webpages when you click on a file, or, since files can be grouped by content in 'virtual folders', spyware could effectively add entries to these folders, or reorganize your entire filesystem on the fly -- all with slight tweak in some XML file! Am I being paranoid? WinFS seems fairly insecure, and I will not be using it if given a choice. What's your take?"
Well, if WinFS is default, million of users _will_ use it. They don't care or know what's in the bottom. They just use the system that came with the PC. Only the future will tell what this will do to your system,
after all we weekly encounter new and exciting ways spyware/viruse/worms/etc. screws up windows.
"What's your take?"
It's too fscking early to say.
Stop talking out your ass and speculate on something important, like Episode III.
Joe
http://www.joegrossberg.com
What's your take?
Well, we have absolutely no information about how WinFS works, nobody here has actually used it, and it isn't even finished yet... but it comes from Microsoft, so it's probably slow, exploitable, and an attempt to abuse their monopoly powers.
Tarsnap: Online backups for the truly paranoid
Security isn't my primary worry, at least at first. The indexing data is stored in an SQL database. I've had my share of registry corruption to know that when Microsoft stores a pile of critical information in a centralized database, you'd better keep that database backed up. At the very least, it'd be wise to stay away from the new formats until everyone else has debugged them.
This is America, damnit. Speak Spanish!
The programmers at Microsoft are surely aware of these sorts of issues. It might be a good idea to wait until the product is complete before deciding that it's terribly insecure.
And why on earth can't spyware do any harm if it doesn't have "root" privileges ? What's stopping it from popping up ads ? Or running a mass spamming process ? Deleting all files owned by you ?
Right now, all spyware has to do is a few simple registry entries to add itself to context menus, startup, Internet Explorer default search engine, etc. What's the difference between a simple reg tweak and a simple XML tweak? Same "exploits", just different interfaces.
I'm sure I'll be hearing from /. about how all the concepts in WinFS would be wonderful to have... just as soon as we hear something new about Reiser4. Seriously, just adding some extra metadata to a filesystem doesn't have to make it insecure; in fact, in Reiser4, they're doing it to make the filesystem *more* secure.
/.'er, but let's wait until WinFS is actually released to start picking it apart, ok? Until then, it's still vaporware, and there's no guarantee that it'll get released in 2005, 2006, or any other time.
Now, I know about MS' track record with security just as well as the next
And if it just ends up being a layer on top of NTFS that lets people sort their music and vacation pictures, well, I'm not too worried about it yet. And if it turns out that it's a security risk, then you *turn it off*, or just use FAT32.
pb Reply or e-mail; don't vaguely moderate.
In the HFS filesystem, a file has two forks, a data fork, that corresponds to the file data in Windows or Unix file-system, and a resource fork, that contained structured data, basically bits of data that had an attached id, name and type.
Resources were used to store all kinds of stuff. This was very convenient, as you could for instance store the window shape of a text document in the resource fork without affecting the content of the file (data fork). This was also used to store custom icons, text styling without actually affecting the data. You could even use it to embed fonts into word documents.
The trick is, the OS used resources extensively, an application typically had an empty data fork and lots of resources (icons, pictures, sounds, windows, dialogs), including 68K code segments.
One Macintosh virus, WDEF, used this mechanism to propagate. What the virus did, was add resource of type WDEF to the database file describing all the icons on the desktop. WDEF resources were window definition code. So when the Finder (file explorer) opened this database file for a given volume, the resource would get loaded and overloaded the default window drawing code, thus enabling the virus to execute and spread.
I know this could be a shock: Reiserfs4. go check yourself.
;)
How do we know which part of a 1gb file should lie in memory, and which should not?
it's not a filesystem matter.
It's just like a big database where we need good rules of what's good and what's not.
I, for one, hope that won't be microsoft to choose what's good or bad
Ummm..... .NET object.
Have you looked at the 2.4+ Linux Kernels. Or for that matter the BSDs or OSX, the fact is that UNIX and its workalikes are perfectly capeable of handling large disk I/O tasks. Especially with Journaling file systems like JFS or XFS, hell even ext3 does a decent job. This is annother example of Microsoft "innovating" in an attempt to beat a proven solution (EX. putting IIS into the Win2003 kernel) The fact remains that a good journaling filesystem, with a swap partition, more than likely is a much safer solution to the problem you describe than turning every thing on the disk into an XML taged
Did Glenn Beck rape and kill a girl in 1990? gb1990.com
Solution:
You will not have a choice.
Conformity is the jailer of freedom and enemy of growth. -JFK
Hmm. I have certainly opened 1 GIGAbyte files (without any 1 KILObyte metadata file) without much trouble.
Tim
Omnia vestra castrorum habetur nobis.
Oh not the file system! The users data is nothing, but if it destroys something that is easily reproduced with a reinstall then its horrible. There was sarcasm intended in that comment, by the way.
As far as what the paranoid dude is talking about: an indexing file system will just mean it will be easier to search for what you are looking for. Instead of having a particular name, you can search on attributes. Natural language queries will follow shortly thereafter. Microsoft is making a very smart move here. Not that this hasn't been done before, but they are integrating it in with the core OS which is something Linux has needed to do for years.
And as far as the automatic execution of some spyware program or whatever bologna he's talking about. I'm sure it will just be like todays file associations, except instead of treating everything like a file to be opened with a program, it will probably be treated like an object which you can perform actions on. At least thats what they'd do if they were smart. And I'm sure these actions will be customizable by the user (again if they are smart).
Occam's razor is the blind faith in the natural selection of least resistance and in universal oversimplification. -- EF
BTW, I'm not WiNazi. I actually hate Microsoft and personally use Linux at home and work. But I do think that what they are doing is a good idea.
Occam's razor is the blind faith in the natural selection of least resistance and in universal oversimplification. -- EF
What do we do now to protect our computer from spyware? Regularly update and run adaware. What will we do with WinFS? Regularly update and run adaware longhorn. No problem. I haven't had spy/adware in freaking years; of course, it helps that I've switched to a superior browser...
Condemnant quod non intellegunt.
Who the hell are 'all users' who are not affected on a single user desktop machine?
The 'many users, single machine' concept is obsolete, except in cases of servers, where it's really a resource-sharing connecting point, not a true 'multi user' machine.
The new concept, at least for tech people, is 'many machines, single user' as in: KVM switch and a bunch of machines running various OSes and programs.
The UNIX multiuser concept is as obsolete as timesharing machines with big banks of dumb terminals connected through serial interfaces. Give it up.
---
Who will use it? Probably the millions of people who buy it or a those who buy a new computer with it already installed. Let's put our thinking cap on here people.
Support the First Amendment. Read at -1
I, for one, hope that won't be microsoft to choose what's good or bad ;)
Well, it will be, if everybody else just remains mired in 'ye old UNIX ways.'
---
The IBM iSeries has been on the market for some time, as has its predecessor, the AS/400, and its predecessor, the System/38.
I hope the USPTO considers expired patents in their prior art searches on the WinFS IP submissions.
The living have better things to do than to continue hating the dead.
The scary thing about WinFS will be the patent protection.
We've seen too many patents granted for which there certainly appears to be prior art. Someone else brought up the moniker, "Object Oriented Filesystems," and danced around the concept of single-level-store. That stuff goes back to the old IBM System/38, whose patents have probably expired. (It actually goes back further, but S/38 made it out the door.)
As others have said, metadata has been on the Apple resource fork since 1984, and OS/2's HPFS had Extended Attributes (OS/2 even had Extended Attributes kludged onto FAT.) prior to 1990. Then you (and others) bring up Reiser4.
I wonder what the patent filings on WinFS will look like. Reiser4 is obviously "published", but it would be good if there were some way to make the USPTO aware.
The living have better things to do than to continue hating the dead.
"Oh not the file system! The users data is nothing, but if it destroys something that is easily reproduced with a reinstall then its horrible. There was sarcasm intended in that comment, by the way."
User data is the stuff that *should* be backed up frequently, so losing it shouldn't be too much of an issue.
Having the inner workings of the system tinkered with is far more serious. It could be some long term damage that would render your frequent backups useless.
Windows is braindead and inconsistent in this respect. Much software still wants to piss in it's Program Files directory and will refuse to run unless it is run as Administrator.. other programs require it because of sloppy coding.
You'd think you could set everything in the Program Files directory to be writable by Admin only, but it doesn't work because of this.
Also, when you install software, it is unpredictable as to what it will do; whether it will put it's icons in the All Users start menu or in the current user's one.
So, basically, all there is to do is run as Administrator.. the system is nearly unusable otherwise.
Yes this is Microsoft, and have we forgotten about the little WinXP BS that happend? I will tell you that I'm not half as tech savy as any one else on this site, but even I've been shown the flaws in XP. If Microsoft even cared about a good prodoct any more, there wouldn't be any flaws in the final product in the first place.
---For philosophy and fun,---
THERE IS NO POWER GREATER THAN X
How timely, as yesterday MSDN posted a thick article on WinFS.
While the article date is December 2003, the date on the front page of msdn.microsoft.com is January 28, 2004.
Why? Because using normal files is just too slow. E.g. How do we know which part of a 1gb file should lie in memory, and which should not?
Actually, for interactive cases this is easier on Linux/Unix than on Windows because of the structure of the *nix inode. It allows for very easy random access of a file, so, like the other example, you can scroll randomly about your 1 gig file in vim without much worry. NTFS, FAT, and FAT32, on the other hand, are good for sequential access (great if you're copying one file to another, I suppose), but it's more difficult to page the file in memory, which, also aforementioned, is not the duty of the filesystem.
Why do you think it is obsolete? Noone shares a pc? A user (and thus any program) should be able to do root tasks? I really am having a hard time following your logic. You are right about 'new concept' of single user multiple machines [i.e. roaming profiles - which are NOT new] being a good thing - but as the only user on the machine? I think not and I believe multi-users will likely never become obsolete. Please prove me wrong by supporting your assertion. Being proved wrong means you learned something - teach me.
ymmv
"For traditional file-based data, such as text documents, audio tracks, and video clips, WinFS is the new Windows file system. Typically, you will store the main data of a file, the file stream, as a file on an NTFS volume. However, whenever you call an API that changes or adds items with NTFS file stream parts, WinFS extracts the metadata from the stream and adds the metadata to the WinFS store. This metadata describes information about the stream, such as its path, plus any information that WinFS can extract from the stream. Depending on file contents, this metadata can be the author (of a document), the genre (of an audio file), keywords (from a PDF file), and more. WinFS synchronizes the NTFS-resident file stream and the WinFS-resident metadata. New Longhorn applications can also choose to store their file streams directly in WinFS. File streams can be accessed using the existing Win32 file system API or the new WinFS API."
So, it seems that the files themselves are still stored in a filesytem, it's only the metadata that is stored in "WinFS".
The data itself does *not* live as a blob in a giant database.
Nice, call people idiots based on your (most likely) incorrect interpretation of something you haven't seen, or (it seems) researched.
Even from the quick description you gave, it sounds pretty safe to me. Not modifying the underlying file system is IMHO a good idea and mitigates all the paranoia you are having.
.jpg should run a certain image viewer. This is not done in the file system it is instead done by another program that reads normal files and determines this information from the normal files. Now we all know that those file associations can be mucked with (ie hijacked to run another program) but in fact any such messing with it can be determined by a program reading the setup files, and easily avoided by a program using *less* code to run a program.
.jpg extension would be a real and unfixable disaster. But in fact they are avoiding this if your description is at all accurate. This is a *good* thing.
Windows already has the file associations like knowing that clicking a
Compare with a worst-case scenario where the system only had a "run this file" command and you could not determine what it did because it was encrypted into the file system (sort of what you really fear WinFS would do). Then somebody hijacking the
I do worry about some peoples intentions for meta data. In my opinion meta data should be used *only* as a "cache" of data that could be determined from the file itself. An obvious example is an image preview. But the file type and program should also be figured out using a program like the Unix "file" command and the result cached in the metadata. You could even make schemes by which the author, owner, permissions, date and time, and even filename are considered cached metadata and determined from the file contents. We should not have to rely on the correct transmission of anything other than the "data" bytes and the file length in order for a program using a file to do the correct and predictable thing.
I am worried that in fact most recent ideas in filesystems are going exactly the wrong way, and in fact Microsoft may be doing this right for a change.
I don't see how this is much different from the registry, through which one can do a lot of the things you mention. And you don't even have to be buzzword compliant to use it!
Yeah, I agree with all that, but what I don't agree with is the people who claim this is *Microsoft's* fault.
I mean, hell, I could easily write an OS X program that tried to store all its data into a system directory and required an administrator account to run... would people suddenly declare that Apple screwed up, or that my program is crap?
Look at the software Microsoft writes: All of it is perfectly usable as a plain-jane user account, just as it should be. If other software developers wrote software *correctly*, the way Microsoft does, there'd be no problem at all.
So, in short, the parent post is true entirely... but it doesn't communicate how secure or insecure Microsoft products are because the problem is not *with* the Microsoft products.
Comment of the year
[quote]It is also very flexible and extendable, which, for Microsoft, can mean 'slow' and 'exploitable'.[quote]
Prepare for Karma burn in 5..4..3..2..
I guess nothing in the Linux world considered "flexible" and "extendable" can be considered "slow" or "exploitable"?
*cough* *cough* X-Windows *cough*.
Seriously, I don't like Microsoft any more than the next guy, but this kind of comment right on the front page shows why Slashdot has to be taken with a huge grain of salt to begin with. Let's all try to be a little bit more to the point and less editorial when posting news, mmmkay?
-JackAsh
I'm just saying the user data is the reason the system is there to begin with. If your user data gets corrupted, then whats the point?
Occam's razor is the blind faith in the natural selection of least resistance and in universal oversimplification. -- EF
Also, Microsoft doesn't help matters by shipping Windows XP with the default user account as Administrator or Power User.. software can still dump stuff everywhere, so less-skilled developers don't even likely realize what they are doing is wrong.
In fact, by default large areas of the hard drive are open to all users, where as in *nix, a regular user can't write to anything but the files in their home directory.
In an operating system such as *nix, there is a strong historical precedent for putting things in the RIGHT place, because of the strong usage of user accounts.
Just curious -- on the Linux / Unix systems you admin, do you set /usr/local 777 or /var or for that matter /etc.
..... install apache without installing it in my home dir -- oh wait even if I DID install it in my home dir I couldn't run it because it wants to bind to port 80, I would be most interested.
Hmmmm last time I checked you needed (or at least SHOULD be root to write to those dirs).
Again if you allow your users to have open write access to those directories I feel for you. But if you know of some way I can say
The fact of the matter is the standard install procedure for Linux / Unix software is:
make configure && make
su -
make install
And the PROPER way to install software on NT/2K/XP is:
right click on install.exe or setup.exe etc..etc
choose Run As... and choose an account you have delegated admin privs. to....
--Brian
-- http://anonet.org -- The internet the way it was meant to be. Check it out, you may be surprised.
Look at this; It needs full read/write access to C:\Temp, C:\Winnt, C:\Winnt\System, (these ones are already wide-open in a default install), C:\Program Files\Office 97, and a bunch others.
This makes it basically impossible to secure a Windows box..
I know very well how to install a program as the Admin user. The point is, the software does not work unless it is running as the administrator unless you give everyone read/write permissions on certain areas where they shouldn't need it (such as the Program Files directory, and so on).
That's just poor programming.
In Linux, unless you need to do system administration functions, you never ever need to log into your machine as root.
Just curious can you name me ONE program that you HAVE to be administrator to run if installed properly by the administrator?
I realize some require a little tweaking here and there to not require admin privs. to run. But MOST programs are multiuser aware now.
But I would like to know just one... because I have yet to find one. NOTE - the *IF* installed properly.
-- http://anonet.org -- The internet the way it was meant to be. Check it out, you may be surprised.
Let's see:
- It isn't slated for release until late 2005, early 2006.
- This suggests to me that what we're looking at in the current Longhorn builds is, in effect, early beta software.
- Microsoft have a long track record of changing their software quite dramatically through the creation process -- a la NT5.
- I don't particularly plan on upgrading to a Windows OS on my home systems if I can help it anyway. It'd have to have a hell of a lot of "must have" features before I'd consider doing so, since that would require an architectural switch for a lot of my equipment (Mac and Solaris to PC).
- At work, the IT department can bother with issues involving security/spyware and so on. Of course, the IT department's past history suggests we'll be upgrading to Windows XP about the time that Longhorn is finally released, and that any worms/virii won't be of much concern to them...
No, I don't think Microsoft will produce a particularly stable or reliable OS, or at least, not one which is much more stable or reliable than what they've released to date. Doubtless there'll be improvements, and doubtless there'll be new features to exploit. There always is, and I dare say always will be.ReiserFS is where I am hoping to see these kinds of revolutionary features emerge. Version 4 is about to be released and it already has a number of features that are hard to find in general purpose filesystems. If you really want to expand your thinking about data storage and access, read Hans Reiser's vision for the future of ReiserFS. Your ideas would definitely be implementable in his model.
The point is that
A) You have a backup from which you can restore the user data. (If you don't have a backup you obviously don't care for the data. Harddisks die sometimes.)
and
B) Modified user data is (more) easily detected (than modified system programs) since its used often and directly by the users and is "data", as opposed to "programs".
Changes to programs and to parts of the operating system can be used to camouflage manipulations of user data long enough to render all backups virtually useless.
Yeah, that was the whole point. And that whole multiuser thing with one user not being able to destroy/manipulate other users data, which isn't all that important on (non-server-)PCs nowadays.
Free as in mason.
Even with only one human user using a computer, having different programs run on separate user accounts is a good thing, as it reduces and compartmentalizes their damage potential.
Free as in mason.
VCDEasy burning software
Medal of Honour: Allied Assult Spearhead Multiplayer Demo
There's lots of others..
And C)Damage on a unix utility will damage only your files, not those of any other users on they system. With windows, say bye bye to all of it.
I still have more fans than freaks. WTF is wrong with you people?
The logical move for them would have been to go with the original story - create a whole NEW filesystem - preferrably taking in as many enhancements from ext3 and Reiser - keeping as much of NTFS as possible - and adding some incredible new "WinFS" features. This would have been totally acceptable in my book. Indexing services and filesystem add-ons, no way. I learned my lesson with DoubleSpace/DriveSpace years ago.
All users would not be affected.
The '70s called, they want their mainframe back.
2 words:
Terminal Server.
As in, Microsoft has one for windows....
Now, STFU
thats called a virus
Yeah, but Office 97 wasn't designed to run on NT4, the only Windows NT variant out at the time.
Your example is entirely worthless. It's perfectly acceptable for Office 97 to expect that, just as it's acceptable for a MacOS 9 program to expect that, because there's no true multi-user support in the OS.
Find a *current* application designed to run with modern copies of Windows and I'll be convinced.
Comment of the year
Great, so you're complaining about a 7 year version of the software written by Microsoft, and some third party apps. Microsoft have tidied up their act in this regard, and have been encouraging others to do so. Just because they haven't isn't really a fault of the operating system manufacturer.
Depending on file contents, this metadata can be the author (of a document), the genre (of an audio file), keywords (from a PDF file), and more.
This sounds exactly like the Desktop Database in Mac OS8/9, with a few extra fields.
Now, how is this new exactly?
You're just jealous because the voices only talk to me.
Tom's a long winded person who tries to impress by using big words unnecessarily.
It's lots of stupid things. PaintShopPro 8 with a straight install from the admin account, clicking the "make available to all users", boom it only worked for admin.
Lots of other crackers like Need For Speed Underground, which saves the save games in /Documents and Settings/All Users. Now what on earth were they thinking there?
jh
I'll use it. In fact I'm looking forward to it. I think it will be easy to program for, and make it easy to find and sort things into classes. I take many digital photos and I will definately appreciate being able to add meta data to the file that gives background on where it was taken, when, and the circumstances. Much like a photo-album where you scribble remarks under the photos.
I was led by other Slashdottoers to believe that Mac's can't have a virus
You can tweak windows so that apps will run with the bare minimum of privelege required.
What is amusing, in a narrow minded way, is that *nix advocates continually and endlessly fail to acknowledge that these applications that won't run unless you're admin are third party. They're not developed by MS. Microsoft business apps run quite well without admin privelege. Yet the parent blames Windows!
If these developers started writing must-have killer applications for Linux, and made them so they'd only run as root, would you blame Linus Torvalds for making a lousy operating system?
I am government man, come from the government. The government has sent me. -- G.I.R.