Slashdot Mirror

← Back to Stories (view on slashdot.org)

WinFS - Who Will Actually Use It?

Posted by Cliff on from the banking-on-a-new-filesystem dept.

Hel Toupee asks: "Tom's Hardware is running an article about the file system to be employed in Windows Longhorn, the to-be-long-overdue successor to Windows XP. According to the information that the authors could get out of Microsoft, WinFS seems to be little more than an indexing and searching service that sits on top of NTFS or FAT. It is also very flexible and extendable, which, for Microsoft, can mean 'slow' and 'exploitable'. For instance: quite a bit of the inner workings of WinFS rely on XML data tags which can allow 'for instance, that developers will additionally be able to automatically display or execute commands linked to items located by a specific search'. This seems to imply that the new generation of spyware only has to change a bit of XML and it can add entries to your context menus, or open webpages when you click on a file, or, since files can be grouped by content in 'virtual folders', spyware could effectively add entries to these folders, or reorganize your entire filesystem on the fly -- all with slight tweak in some XML file! Am I being paranoid? WinFS seems fairly insecure, and I will not be using it if given a choice. What's your take?"

12 of 106 comments (clear)

  1. My take ? by noselasd · · Score: 5, Insightful

    Well, if WinFS is default, million of users _will_ use it. They don't care or know what's in the bottom. They just use the system that came with the PC. Only the future will tell what this will do to your system,
    after all we weekly encounter new and exciting ways spyware/viruse/worms/etc. screws up windows.

    1. Re:My take ? by Phillup · · Score: 4, Funny

      Sorry, but... in this case, choice is an illusion.

      First it will be the default... then it will be the only choice.

      This is, of course, the optimist in me... the pessimist says that you will be lucky if this is as bad as it gets.

      It could very well be a "transitional" file system. The final file system will actually live on your bank's system... making the movement of money from your account to their's all the more seamless.

      The end goal is to create one massive grid computing system that constantly funnels money from the banks of the world into MS's coffers.

      --

      --Phillip

      Can you say BIRTH TAX
  2. Take some Ritalin by josephgrossberg · · Score: 4, Funny

    "What's your take?"

    It's too fscking early to say.

    Stop talking out your ass and speculate on something important, like Episode III.

    --

    Joe
    http://www.joegrossberg.com
  3. Security by Uma+Thurman · · Score: 5, Insightful

    Security isn't my primary worry, at least at first. The indexing data is stored in an SQL database. I've had my share of registry corruption to know that when Microsoft stores a pile of critical information in a centralized database, you'd better keep that database backed up. At the very least, it'd be wise to stay away from the new formats until everyone else has debugged them.

    --
    This is America, damnit. Speak Spanish!
    1. Re:Security by simonecaldana · · Score: 4, Insightful

      Security isn't my primary worry

      and seems it is not a worry for end users too. End users always thinks bad things happens to someone else. That's why a poorly designed security model IS a problem. OTOH, it is an end user problem, something here on slashdot could be used as base for jokes.

  4. Woah, hold on by slubberdegullion · · Score: 4, Insightful

    The programmers at Microsoft are surely aware of these sorts of issues. It might be a good idea to wait until the product is complete before deciding that it's terribly insecure.

  5. Bah Apple did it before by Matthias+Wiesmann · · Score: 4, Informative
    Actually, the trick of embedding viruses into the filesystem was done a long time ago (1989) on the Macintosh.

    In the HFS filesystem, a file has two forks, a data fork, that corresponds to the file data in Windows or Unix file-system, and a resource fork, that contained structured data, basically bits of data that had an attached id, name and type.

    Resources were used to store all kinds of stuff. This was very convenient, as you could for instance store the window shape of a text document in the resource fork without affecting the content of the file (data fork). This was also used to store custom icons, text styling without actually affecting the data. You could even use it to embed fonts into word documents.

    The trick is, the OS used resources extensively, an application typically had an empty data fork and lots of resources (icons, pictures, sounds, windows, dialogs), including 68K code segments.

    One Macintosh virus, WDEF, used this mechanism to propagate. What the virus did, was add resource of type WDEF to the database file describing all the icons on the desktop. WDEF resources were window definition code. So when the Finder (file explorer) opened this database file for a given volume, the resource would get loaded and overloaded the default window drawing code, thus enabling the virus to execute and spread.

    1. Re:Bah Apple did it before by Tux2000 · · Score: 4, Informative

      NTFS has "Streams", essentially a more generic case of the HFS. You don't just have two forks, you have a nearly infinite number of forks/streams, with the unnamed stream being the "normal" file. Windows uses this forks for file descriptions and a few other things. But nearly nobody knows this feature. It seems even the virus programmers don't (ab)use it.

      Google found among others this page explaining those streams a little more.

      The most evil thing about streams is that you can only see the default stream using "onboard" tools like "dir" or the Explorer.

      Tux2000

      --
      Denken hilft.
  6. Re:Files are not files anymore by simonecaldana · · Score: 4, Insightful

    I know this could be a shock: Reiserfs4. go check yourself.

    How do we know which part of a 1gb file should lie in memory, and which should not?

    it's not a filesystem matter.

    It's just like a big database where we need good rules of what's good and what's not.

    I, for one, hope that won't be microsoft to choose what's good or bad ;)

  7. "and I will not be using it if given a choice" by duffbeer703 · · Score: 4, Insightful

    Solution:

    You will not have a choice.

    --
    Conformity is the jailer of freedom and enemy of growth. -JFK
  8. Nothing to worry about, folks by Txiasaeia · · Score: 4, Insightful

    What do we do now to protect our computer from spyware? Regularly update and run adaware. What will we do with WinFS? Regularly update and run adaware longhorn. No problem. I haven't had spy/adware in freaking years; of course, it helps that I've switched to a superior browser...

    --
    Condemnant quod non intellegunt.
  9. Patents by dpilot · · Score: 4, Interesting

    The scary thing about WinFS will be the patent protection.

    We've seen too many patents granted for which there certainly appears to be prior art. Someone else brought up the moniker, "Object Oriented Filesystems," and danced around the concept of single-level-store. That stuff goes back to the old IBM System/38, whose patents have probably expired. (It actually goes back further, but S/38 made it out the door.)

    As others have said, metadata has been on the Apple resource fork since 1984, and OS/2's HPFS had Extended Attributes (OS/2 even had Extended Attributes kludged onto FAT.) prior to 1990. Then you (and others) bring up Reiser4.

    I wonder what the patent filings on WinFS will look like. Reiser4 is obviously "published", but it would be good if there were some way to make the USPTO aware.

    --
    The living have better things to do than to continue hating the dead.