Slashdot Mirror
Microsoft Drops Next-Generation Security Project [updated]
grooveFX points to this CRN article which starts "After a year of tackling the Windows security nightmare, Microsoft
has killed its Next-Generation Secure Computing Base (NGSCB)
project and later this year plans to detail a revised security plan for Longhorn,
the next major version of Windows, company executives said..." grooveFX writes "Glad to see they actually listen to the gripes from the media and users." Update: 05/05 19:13 GMT by T : phil reed writes "Oops. According to this article on Microsoft Watch, Microsoft really isn't giving up on NGSCB (aka 'Palladium') after all. Microsoft spent much of Day 2 of its Windows Hardware Engineering Conference (WinHEC) here refuting a published report claiming the company has axed its Next Generation Secure Computing Base (NGSCB) security technology."
If this goes well, they plan to cancel all security projects.
Palladium was too ambitious. It's nice that they're atleast going with memory page protection.
------- "From bored to fanboy in 3.8 asian girls" ----------
So, what does this mean for 'Trusted Computing'?
Isn't NGSCB Palladium?
Surely this is pretty good news and indicates that MS might not be so able to force these kind of security measures on their custimers.
Although I imagine knowing Microsoft, the problems were at least as much technical than political, and they just gave up considering it to be "too hard and we can't be arsed", just like WinFS.
This sig has been deprecated.
I've got a three suggestions for Microsoft on the issue of security:
Like the airlines think Saftey, Saftey, Saftey - Microsoft need to adopt the slogan.. Security Security Security
Simon
They have cancelled security? What next? Will Microsoft stop supporting Linux? Oh no!
Don't blame Durga. I voted for Centauri.
Their Next Generation security project was doomed from the start once Lore kidnapped Data and took his place in the landing party.
I watched C-beams glitter in the dark near the Tannhauser gate.
..that the "revised security plan" will make heavy use of the recent advances in obscurity technology.
pi = 3.141592653589793helpimtrappedinauniversefactory7
Microsoft has security projects?
This is Palladium, and it has not been "dropped", only shelved because it was too ambitious. They say they've invested too much on this not take advantage of it.
I'm out of my mind right now, but feel free to leave a message.....
Trusted computing, therefore, facilitates reduction of competition.
Don't blame Durga. I voted for Centauri.
Microsoft also lowered the hardware requireements for longhorn from 2x4ghz procs to a single 1ghz proc, citing the decrease in complexity of drm will free up much of the needed processing power.
I tried for 5 years to come up with a clever sig...only to realize that I am not clever.
...bypass virus scanning for malware authors who pay Microsoft?
What makes you think they are listening. They are presumably publically "killing the project named NGCSB", quietly inventing a new name and happily keep working on that, less publically this time now that they have used the publicity of Palladium/NGCSB to make initial "front door" contacts in the entertainment industry, they know who to expect at the "back door".
The ol' "keep renaming the thing so people don't have a steady label for what they are fighting". The british sellafield->windscale->thorp nuclear shenanigans, the last Palladium->NGCSB namechange, TIA->something-or-other. All the same propaganda trick.
The solution for opponents is to either keep using the old name so that the public latches onto it (everyone still calls it "Sellafield" and, to an extent, "TIA"), or invent your own name and get it to penetrate the public consciousness (much harder, only example I can think of it "Infidel")
What we need is "No Executive" security technology. Even the greatest security tools can be hogswaddled by the pointy hair types.
[/obligitory upper-management jab]
This one gang kept wanting me to join cause I'm pretty good with a bo staff.
Glad to see they actually listen to the gripes from the media and users.
Microsoft doesn't listen to the media and the users, they listen to their shareholders and their finance guys. And they are saying that Windows looks like crap when it comes to security, undermining the credibility of the product, in turn threatening the sales and therefore their dividends.
Microsoft listen to users? bah... If they did, they'd have jumped on the internet bandwagon much earlier. They're going about the whole security thing just like they dealt with TCP/IP and the web: they're thrasing to catch up. And the sad thing is, they probably will sooner than you think...
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Microsoft never lets projects really die. They may kill off other companies' projects, but never their own.
What they are doing, as they have done in the past with such flops as Bob, is slowly merge the improvements and features that they planned on delivering in a single project into their whole lineup across the board. As the article says, Longhorn is planned to incorporate this security technology.
While this is by no means a cure-all for the problems that Windows faces, it is a step forward in computing. Whereas legacy systems such as Unix are finding it harder to support newer hardware features such as the NX codes in the latest AMD and Intel chips, the deep corporate partnerships that Microsoft has with these companies allows them to bring such technologies to the public at a faster rate than otherwise possible.
That said, Windows sucks, has sucked, and will continue to suck. Linux shows it up every single time. Not to mention that Linux's security structure is already designed to thwart the exact problems that Microsoft is attempting to stop.
I have been pwned because my
First they cancel WinFS, now the NextGen Security stuff, they just delayed it to 2006 and they just announced the hardware specs that are totally way off. Next thing they cancel is Avalon and they will delay it to december 2006. In the end it will be a minor upgrade such as WinXP was to 2k with some boring new stuff and an ugly new GUI-theme. We've seen this before. This won't stop them from calling it the biggest step since Windows 95. well, nothing to see here. Move along...
;-)
Actually, it's good for the Linux Community that Microsoft keeps making the same mistakes again and again. Ahh..old faithful!
Maybe Miguel will now rethink his very stupid "I'm scared, I'm very scared" quote he made a few days ago...
Can we please get this modded past all the responses that seem to think that NGSCB has something to do with security. NGSCB aka Palladium is/was Microsoft's locked down "trusted" computer project, meant to facilitate DRM. It never had anything to with security save for in name and spin.
This is a good thing of course, but I seriously doubt it means that that Microsoft won't find other ways of sneaking locked down computer on us in the future...
We are getting to the stage where a fair chunk of PCs connected to the Internet are destined to die. It's reasonable to assume that MS has performed a kind of triage: - Home PCs are beyond the reach of any help. Whatever is done is already too late. Home PC users will have to migrate to Linux within 6-12 months or face working without the Internet. - SMEs can be protected with additional work. SMEs need better firewall security and better patching methods. - Most enterprise computing is safe as is. Many data centers will switch away from Windows for cost and reliability issues but the ones that can't will remain faithful Windows clients. So Microsoft has to concentrate on helping the people who can still be saved, namely SMEs that have several PCs behind a shared internet connection. Having seen three of my friends' PCs dead today from Sasser (MSIE rebooting without end, and no way to do anything else on the system), I'm rather sceptical that home computing can be saved.
Sig for sale or rent. One previous user. Inquire within.
Please stop making the mistake of thinking that NGSCB was ever a security project. It is simply the newer name for "Palladium", Microsoft's total lockdown and DRM system to create a "trusted" (by the music industry, not by you) computer.
Microsoft dropping this is good in every way, except that it's ghost will return in other forms for sure...
The witch is dead, but will likely by replaced by an ogre or a kraken.
Don't blame Durga. I voted for Centauri.
In a recent interview with WinEvil.com, Gates confirmed, "Yeah, it [the NGSCB] just wasn't eeeevil enough for us. We've got a history of setting the evilbar pretty high, and our current efforts were "extremely irritating" at best... We're looking for true unadulterated mindbending evil, and we know our customers won't settle for anything less. Give us a chance -- you won't be disappointed."
Gates then proceeded to use a Windows XP CDRom as a prism to magnify his own inner evil until it was focused enough to melt a cute puppy, drawing appreciative applause from the crowd of evildoers. The crowd then had a huge WindowsXP InstallFest and cut off their own testicles in preparation for the comet Zurg's arrival to take them away.
I'm not normally an irrational zealous dickhead, but I figure "When in Rome..."
It takes a MMORPG or a simple PC game 3+ years to make, MS seems to throw out OS's every couple years, whats wrong with this picture? There is no need for Windows 2003, they should have secured 2000 and waited to build a solid secured OS say in like 2006.. MS needs to buck up, get with the program and stop wasting peoples time. just my 2 cents.
- WinFS wasn't cancelled. It was scaled back so they could deliver what worked in a reasonable timeframe.
- Microsoft hasn't announced hardware specs. What you're referring to is what a bunch of watchdog folks are GUESSING will be the hardware specs.
- WinXP is much more stable than 2k. If you consider stability a "boring" enhancement, well, I bet you're in the minority.
The'll just insert a coupon with Longhorn saying that users will get the Free Security upgrade when Half Life 2 ships, or when someone believes the 'free beer - tomorrow" sign, whichever comes first
Like they ever had a security project in the first place
Expect the DRM lockdown initiative to be back with a new name, probably not long after some virus or worm scare that captures vast attention.
(In MS Meeting Room 30 feet below Earth's surface)
PHG (pointy hair guy): Right. We killed the old plan.
MSGurus: Hooray!
PHG: Everyone gets a bonus.
MSGurus: Hooray!
PHG: We have a better plan.
MSGurus: Hooray... we think.
PHG: Because we spent so much time and money on the old plan...
MSGurus: Booooo!
PHG: We have to implement the new time in a fraction of the time. Bill thinks six weeks is plenty. Meeting adjourned.
IANAL, but I've seen actors play them on TV
Yes. I've been trying to get the C++ committee to tighten up that language for years, with little success. It's time to get more serious about this, and apply pressure via ANSI (which is supposed to insure that standards are safe) and the Department of Homeland Security's National Cyber Security Division. Like it or not, we need to go to full subscript checking for anything that could possibly be exploited. The resulting 10-20% performance hit is minor compared to the costs of dealing with these attacks.
I've sent this to the C++ committee:
The Sasser worm exploits a buffer overflow in Microsoft's LSASS service, which is, apparently, written in C++.
Perhaps more weight should be given by the Standards Committee to tightening up C++ and making it a safer language. The Committee has consistently rejected most suggestions which tighten up the language, usually on the grounds that they would impact existing code or prevent some dangerous but valid code from being used.
It is now appropriate to ask ANSI, and the Department of Homeland Security's National Cyber Security Division, to reevaluate the C++ committee's priorities in the light of the documented and substantial damage caused by weak safety features of the language. Whether the committee should be permitted to promulgate unsafe technologies with ANSI approval must be seriously questioned at this point.
That will probably be ineffective. The appropriate forum will probably be Congressional hearings on computer security, which were threatened last year after the SOBIG virus, and are likely to happen this year.
Interestingly, at the same time as this article pops up in feedreader, I get this link from e-week that refutes the claim. Net: microsoft says palladium is still very much alive.
So what happens to the palladium bioses that the bios companies were building? Are they also going to be shelved?
Although I imagine knowing Microsoft, the problems were at least as much technical than political, and they just gave up considering it to be "too hard and we can't be arsed", just like WinFS.
This is why people complain about Slashdot's misreporting and falsehoods.
They never "gave up" on WinFS. WinFS is alive and well. All the MS blogs were making fun of the reporting on this--all that changed with WinFS was that some network things were taken out of it, extraneous features not required for it to work but will probably be added as additional downloads through Windows Update anyway.
I love how reality is revised around here when people base their reality on Slashdot headlines. WinFS is alive and well.
Sounds well and good, but I can think of at least two questions: has anyone in the linux community looked into making use of this and, if not, why not?
Real processors (SPARC, PA-RISC, Alpha) have had this same feature for years, and OpenBSD uses it as the basis for the W^X feature, which ensures that no page in a program's memory space will be both writeable and executable.
So if you consider OpenBSD to be part of the "Linux community", then the answer is yes.
Ubi dubium, ibi libertas.
Problem is, people (particularly Windows users) buy features before they buy security.
IMHO that's because Windows users have given up on getting security. B-)
With a choice of an insecure platform with fewer features or an insecure platform with more, of course they'll pick the one with more. Just think: They might actually be able to get something done between crashes, infections, and reinstalls.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
"Decrypts MSIL?"
Ahahahaha...have you not heard of the Common Language Specification, which publicly explains to compilers how to produce the intermediate code? We could have Python.NET if we wanted (and it's being worked on).
This isn't exactly some sort of black secret. They published them as open standards. How do you think Mono exists? Any compiler can look at the specs and produce the code.
Sigh...Slashdot sucks these days. The endless Microsoft articles are boring and uninformed. Remember when it was cool tech news?
What's the odds that Microsoft will continue to seek a way to push their concept of trusted computing onto the consumer -- by giving it another new name? Palladium got too much bad PR, so they changed the name. Enough people caught on, so now they are abandoning that name (not the project, for sure).
I was taking one day at a time, but then several days got together and ambushed me. (from a Rhymes with Orange comic)
The fact is that the only way to implement this sort of DRM is through tamper-proof hardware, and even then its not like someone with a camera phone or even a good old small film camera to get a copy of that 'private' email (which is mostly what they are touting its use for). As for music and videos theres the if-i-can-see-it-i-can-copy-it which just cant be stopped, people will tolarate surprisingly low quality. And this isnt rocket science either, most people will be able to defeat these systems, software or hardware. Its not in Microsoft's interest to pursue this unless they want to piss people off or look very stupid when their "virus proof" OS gets hit one week after launch. It was a stupid idea before and it always will be a stupid and hated idea. Im glad they dropped it.
This comment does not represent the views or opinions of the user.
Again, this is why people think Slashdot is a fucking joke when it comes to reporting "tech news." Slashdotters spread these incorrect truths around and they just become true because it's anti-"M$."
:)
WinFS was NOT cancelled. It wasn't even scaled back. They just removed some extraneous network features not required (which will probably be free downloadable updates anyway). But, all the sites like Slashdot completely SPUN it and misreported it. Slashdot is owned by VA Linux, so the agenda is obvious.
All the MSDN blogs were laughing about the reporting on this. And the Slashdot hivemind--that means all you people out there who build your computing mindset based entirely out of Slashdot articles--proves itself ignorant and foolish-looking once again. The rational of us know better.
WinFS is alive and well. MSDN just put a technology showcase video out about it a couple of weeks ago! All they did was decide not to implement some network-specific features in order to focus on getting the core technology done.
This is the second time I've seen WinFS supposedly "cancelled" in this article discussion.
they plan to provide DRM kits to script kiddies so all viruses are signed, and thus acceptable to Windows.
if this is supposed to be a new economy, how come they still want my old fashioned money?
Didn't you know that:
WinFS was "cancelled?"
The iPod Mini is a complete and utter failure?
Microsoft violates human rights in China?
Longhorn apparently already has hardware requirements, even though they were merely predictions by watchdogs who attended the WinHEC?
Nobody likes Windows XP, and everybody is hearing about Linux, even though Google Zeitgeist shows Linux at 1% usage?
The Lone Gunmen die? Oh, wait...
Yes, kids, you need to try getting your news outside of Slashdot once in a while--you'll see that the computing world is sometimes a completely different place than what you see reported here...
I think not.
Bob != Clippy. Bob was some sort of front end that was on my Packard Bell from the factory. It was a confusing, clunky UI that I promptly removed.
MSDOS != cmd.exe. cmd is a shell, much like bash or tcsh. It is not an OS. There is some DOS compatability left in WinXP from what I hear so I'll concede this point, but I still maintain that I cannot get a good current install of MSDOS (minus Win32) from Microsoft.
I am fully aware that Xenix was never available to end users. Last I heard SCO is keeping the Xenix heritage alive and well, but Microsoft has definately abandoned that project at this point.
It also would have opened up new markets. It's interesting to note that all of the great innovative periods in human history have been carried on the backs of breaktrhoughs in travel,commerce and communications. Even the lowly canoe can be credited for the rapid westward puch in canada and the US. (Shame about the beaver however). The invention of "coin of the realm" and accounting practices allowed goods to be passed over huge distances even the marco polo trail carried "mail-order" goods.
At present we dont have ways in place for people to watch digital movies and othe rprotected content in ways the the owners are willing to produce or share thier content for. Let's not get into an RIAA riff here. The point is that lots of people do want to "rent" content and watch it and without a secure communication channel they cant.
likewise things like internet voting and commerce trasnactions are held back by the lack of ubiquitous secure channels.
thus while I disliked the implications of NGSC for having control over my machine I would have liked to have had one in myhouse. I'd have two computers. one for my own uses and one for the cases where security outweighed the other issues.
Some drink at the fountain of knowledge. Others just gargle.
Implementing palladium hard will do one thing over night. Many tech savvy Windows users would switch away in a heartbeart. Most if not all of my friends who uses Windows rarely pay for any application they use. They consider it their god given rights do download anything they please. Any hindrance to that would make them switch in notime since they are very reluctant to actually start forking the dough for the applications they use. Bring in all the movies and music they download and they would gladly suffer hell on a commandline to avoid having to pay for the things they use.
Come to think about it, harder and more vigalant enforcement on comercial software is only going to drive these people to open source no matter how they do it. Enforce and people migrate, dont and people dont pay. They are in a tough spot, BSA and ppl.
HTTP/1.1 400
"We're evaluating how these NGSCB capabilities should be integrated into Longhorn, but we don't know exactly how it'll be manifested. A lot of decisions have yet to be made," said Mario Juarez, product manager in Microsoft's Security and Technology Business Unit. "We're going to come out later this year with a complete story." I have been writing code for windows systems for the past 10 years. We have had good times (Win2000, WinXP) we have had bad times (Access, Security, VB, Me, ....).
But today I realised that 'dare i say it' linux is
finaly (on my knees face to the sky tears in eyes) coming together. It may not be tomorrow, maybe not even Friday. But the day will soon be here when I can look at what i am coding around in a production enviroment.. I can ask questions about what will happen in the next OS release, and not get any marketing blurbs.
Microsoft realised that the Palladium idea would tighten thier noose of control. But that this would also be showdown time. Would the business world spend a fortune buying into this "secure world" where 2GB RAM is required. Where code is so 'tight' that 6GHz dual core PX could open notepad just as fast it did on my P1 233 Win98?
Linux does not represent a huge corperation requiering $$$$ to keep going. Microsoft has to be a money making empire and empires dont last forever - what happens when bill & co start dying.
I will still be around in 20 years 'falls on ground - so cant be struk down - waiting to be struk' but will they?
Linux gets faster with each release. It gets bigger and stronger, remember that an OS is just that. It is not some majical thing that will make majical things just majically happen as they keep promising us. They need some reason to milk the 'heard' for as long as they can. This is not going to be with an OS for much longer. Maybe they can finish DNFE (but i am shure it won't live upto the hype :)
Linux is made to be perfect. Windows is made to be Perfect(tm).
Besides Linux/Wine runs Winamp ...... Winex runs windows games ..... XoverOffice runs Photoshop ....
Remember "build it and they will come".
Don't make your problems my problems!
Didja notice that there were no comments on the story on the actual page, but that there is a whole bunch of threads going here. Looks like Slashdot has become the message board of choice. Either that or no one actually looked at the story before commenting here, naaa no one ever does that.
Try ripping out IE completely and then running help in your favorite commercial app. Chances are, it just broke. Microsoft's .CHM-based help spec REQUIRES IE.
An eWeek article located here:
. as p
http://www.eweek.com/article2/0,1759,1585363,00
says MS is denying this is true.
Be very, very careful what you put into that head, because you will never, ever get it out. -Thomas Cardinal Wolsey
I used to be afraid of what Palladium could do for the computing industry. Many tried to convince me that there was nothing to fear because there was no way in heck Microsoft could ever get anything done right and on time. It appears they were correct. Now it's being pushed back to Longhorn, which is being pushed back to oblivion. Now I'm left wondering what all the fuss was about.
Heck, Microsoft cannot even secure its own "proprietary" gaming console, why did we ever fear that they'd lock down all of our computers?!
If someone says he and his monkey have nothing to hide, they almost certainly do.
"Is Microsoft still going to be considered the "evil" company who "forces" things on people whether they want it or not?"
Leaving out the judgements of good or evil the only way one could argue that Microsoft doesn't force things on people is to ignore the entire company's history. It has been proven time and time again and finally through the court system that Microsoft has imposed its will on OEMs and consumers for years now. Every single time we have gotten even the slightest glimpse into Micrsoft's way of thinking its always been about Destroying the competition by leveraging its Monopoly and locking in consumers to elminate choice. Fine if you want to attempt this when your a startup but not appropriate behavior when you have a defacto monopoly and you use dirty tactics to prevent anyone from entering your market. If you want to argue contrary to that your going to need to wait for Microsoft to change its entire business model. That or find some really really dumb people who don't know how to read.
If you wanna get rich, you know that payback is a bitch
Tigerdirect is selling what they claim to be "The Next Level of Computer Security for Your Home or Office". I think their definition of computer security may be a bit different than yours or mine however, as one of the major selling points is a "-110 decibel siren to sound alarm and scare off intruders". Imagine that bad boy going off every time the machine is violated by the Windows worm de jour! ;)
I call bullshit.
*How* can NGSCB and Palladium be used to enforce the GPL?
Oh, by tying the source code to a key, which makes it impossible to change the source code and use the same key... but the verification is against the key. By tying the binary to a key, and making it impossible to modify the binary? So, rebuild the binary, and key use is lost.
In other words, these measures *can't* be used to enforce GPL. So much for this tool.
Now, is Palladium a security project? Well, yes, but not for the end user. Indeed, the end user can run the same old trojans, etc. as before. Palladium *will* prevent the trojan from accessing data that has bee "protected", by kicking out the unsuitable software.
It was NEVER meant to secure YOUR stuff -- if you want that, go use GPG, etc. I assume that even MS Outlook must have some integration with GPG! (all of my emails are digitally signed).
Ratboy.
Just another "Cubible(sic) Joe" 2 17 3061
They have axed it - or at the very least scaled it right back. forcing hardware changes on such a scale as demanded by Microsoft does not make economic sense for hardware makers, and Microsoft realised that the impact on legacy systems would be catastrophic. Imagine not being able to connect to your thirty-year old mainframe because Windows does not see it as a trusted system. Bye, bye Windows!
However, that doesn't mean that Microsoft still isn't keen on conclusively trying to lock everyone, and open source software, from communicating with Windows.
If you dont believe my security statement, just wander on over to securitytracker.com - there are more discovered flaws in the recent past with Linux than with Windows.
a) Despite the increased amount of bundling Microsoft's done over the years, a "Linux distribution flaw" is still awfully different from a "Windows security flaw". A Linux distribution is composed of many, many more lines of code and pieces of software than Windows. If you want to include security problems with Open Office, it's only reasonable to include security problems with MS Office.
b) Local exploits attract attention on Linux. A lot of "exploits" in Linux are local attacks. Local security on a Windows box is pretty much a lost cause.
c) When Microsoft discovers a security problem and fixes it internally, they don't say "fixes a security hole in...". They just bundle it with some other set of fixes and stay quiet. You won't hear about it.
d) MS has a PR department that spins bugs as "issues" and tries to dampen criticism of security. In the open source world, people generally call "bugs" "bugs" (and frequently wishlist items "bugs", which would drive companies with marketers bananas).
e) Many previous Microsoft security holes just wouldn't happen in the *IX world because of the more security-oriented culture (note that I suspect that Microsoft is improving here). MSIE and Outlook grant a lot of power to remote websites to cause execution, to modify bookmark lists, and the like. Windows NT infamously shipped with a blank Administrator password (and no prompt to set one during the install process), all drives shared by default *invisibly* (they were administrative shares, and the only security in place was the fact that Microsoft clients didn't display administrative shares remotely), and automatically reshared drives upon reboot if sharing was turned off on a drive.
f) Microsoft has been known to blame sysadmins for security problems ("Well, yeah, your network was compromised and your data destroyed by the latest virus, but you didn't firewall our systems, and we released a patch a week ago which you should have deployed.") *IX boxes was designed to sit on a network and be fully accessable, and "firewalling to fix implementation flaws" is not an interesting approach to most *IX admins. Plus, most open source contributors *are* sysadmins to some extent.
Want to do some *real* security criticisms of Linux? How about the following:
* Red Hat was trying to set a new golden security standard for Linux by adding SELinux *by default* starting in Fedora Core 2. This would have allowed giving limited access to things to processes (a sore Linux lack), helped make software SELinux-compatible, and paved the road for other distro vendors. Red Hat, after two test releases, finally just backed down on including SELinux enabled by default in FC2, saying that it just caused too many problems at the moment. This represents a loss of a year at least in moving to a much more powerful and secure security system.
* Stack overflow protection mechanisms are still not standard in the Linux world. The only distro vendor that I know of that definitely includes such a patch enabled by default currently is Red Hat with exec-shield. In contrast, *Microsoft* just added stack execution blocking to Windows.
* Filesystem ACL support in Linux today sucks. A lot. A software author cannot rely on filesystem ACLs being present (since they are not by default on most Linux boxes) -- just old-style *IX permissions. One can improvise to get *some* of the ACL functionality by cleverly nesting directories and adding users to extra groups for each directory in question, but most Linux boxes *still* have a 32 group-per-user limit. The *IX permission scheme is simple, fast, and easy-to-audit. However, it is lacking for many users -- there are a lot of sysadmins out there who'd like to be able to say "Anyone in Development can read or write this directory, Mary and all of the Marketing gro
May we never see th
The nexus was to be the kernel of an isolated software stack that was designed to run inside the standard Windows environment.
I believe they will be using Kernel version 2.6.14 for maximum security.
You know, I don't know why I'm "replying" to this AC, but I am. I'm sick of hereing this meme. The people mentioning it usually aren't aware that the health department had repeatedly asked McDonalds to turn down the temp. of the coffee makers. The coffee makers were set extra hot because you need less coffee grounds that way.
Beware of gifts bearing Greeks.
Windows are secure. They are not safe, though. Security is different than safety.
Something is not safe when its maker has made mistakes that all third parties to use it.
Something is not secure when it is not guarded, i.e. there is no one to watch over it.
Microsoft should increase the safety of its products, i.e. remove all the bugs. They are secure, already. There is no unguarded place in Microsoft Windows NT/2000/XP (unlike its baby O/S).
Palladium has nothing to do with safety or security. It only has to do with copyrights, i.e. to prevend from unauthorized access to media.
I am surprised that Microsoft has not made a tool to grep the code for buffer overruns and other potential problems. With all the compiler technology they have, it would be very easy for them.
I debated whether or not to respond to this post. Many of the things you pointed out are indeed true. Groupthink does tend to lead to this at one time or another.
*Copyright laws. I could possibly careless either way. GPL seems interesting enough. RIAA has the right to do what they are doing, the artists signed the contract. DO I like RIAA or dislike them? I don't think about it eitherway. I personally can't stand most music out these days except some of the new rock, and country. I mostly listen to metal, classical, and country that covers the past 40 years.
*VA Linux? I could possibly careless about them. I run slackware. Every time they release a stable version I buy it from their site. I like them.
*Your hang up over the GNU/Linux thing is rather silly. Not everyone here sees this as a religion. I personally think this stuff is great. Being legally free is great. Do I care if all software is opensource, or free as RMS would think? No not really, but hey, he can believe whatever he likes.
*"Linux is ready for the desktop" I think so yes. Do I think normal (read non-geeks) should run linux? Absolutely not. In fact I hope linux gets just enough market share on the desktop to convince Blizzard (yes i like them, no I don't care about their fights with bnetd) to make games, then stops. Whenever anything (computer or not) gets popular it starts to suck.
*I just installed win98 on a spare box so my girlfriend could play all her old games. I had all the drivers for the hardware, and I am using an onboard NIC. It took windows several tries to load this damn driver, where as in linux it was just reconized. So really, linux was EASIER in this case. Not all hardware works with all software. It's just a fact of life. Accept this, move on, stop b*tching.
*Not everyone here even remotely agrees with the majority of the posters here. Look at my post records. It's really low. I'm fairly sure that if their is a way to look up the average post per userid, you'd see most people do not post.
This might get modded down or not at all, but I just had to respond.
Brendan
P.S. If you do not like what Slashdot says anymore, your free to find a new place to frequent.
Yea, it's a cut and paste of the "troll" parent. The point, which you managed to stumble blindly through with the grace and elegance of a whino smashing a liquor store window, is that just because you don't agree with it, that doesn't mean it's a troll or it's not true. Why did you zone in on the Linux parts? The whole thing isn't about Linux, but a lot of the criticisms, while short on explanation and curt, are true to some extent or another. They're good starting points for getting you actually THINKING about a position you took or making you THINK about whether they're really true or not. They're not meant to be hard facts, put on that dusty old critical thinking cap and DECIDE FOR YOURSELF.
You can't just claim something is a troll and mod it away because you don't want to think about it, and that's EXACTLY what that parent poster had happen. Why did I get modded up? Because I'm logged in, and I have Excellent karma, so it's magically more legit NOW than when the last poster put it up? Bullshit. It's the same fucking post word for word. I don't agree with all of it, but I didn't cut any of it either just because I don't agree. The POINT that you so gleefully missed while gnashing your teeth to defend your poor, downtrodden Linux system (never mind that I have a Linux system protecting this Windows box and I do all my work on another Linux box on the same network.. I must just be an anti-Linux troll, hmmm?) is that there are a LOT of people here who are EXTREMELY tired of the groupthink and kneejerk reactions around here. Whether people are sucking up for karma or they're just screaming because everyone else is, it gets extremely tiresome to see the same bullshit perpetuated. Linux is NOT ready for the home desktop. The RIAA *does* have a right to defend its copyright (gee, did you [figuratively, not you personally] mean to argue that the RIAA's METHODS are unsound? Did you THINK about it before you posted an anti-RIAA rant?). The GPL is NOT the answer to everything. Microsoft DOES have some positive traits. Some of the Slashdot editors, especially michael, ARE abusive.
Try and post anything like that in some stories and you get modded to shit no matter how truthful, well-supported, or intelligent the post is.
I'm fucking tired of it, so now I'm lending my Karma to all those AC "trolls" who keep posting this. The POINT of the whole thing is: fucking think for yourself for once instead of just chasing after some stupid 'karma' attribute in a database or joining a chorus of your idiotic screaming peers. You have a brain, use it.
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!