you know, this makes me think how to make it easier to migrate. Something like a tool that runs on windows to prepare the system (decrypt EFS files, record hardware and network settings from the registry), maybe even copy files to a remote network share (or to a gmail account created for the purpose).
Then the linux installer would take over, move you from FAT32/NTFS to ext3, restore enough windows config settings to make your linux install look the same. Screen background, saver, favourites, all those things should go over. Printers, fileshares &c, all there.
That'd be slick. Most of it is just configuration settings; we need to pull them from windows, turn them into linux/gnome/kde options.
As someone who works in HPLabs, in the same building as the tesseract team, I must differ.
We in HPLabs do still try and do leading edge research. Its just really hard to get your stuff into products where there's more and more emphasis on buying prepackaged stuff from VC-funded startups.
What we have found is that OSS projects make a great destination for advanced research. A lot of stuff uses linux that way, Xen, and other existing projects. then things like SmartFrog and Jena are in-house projects with open codebases. Come try them out!
If you want to see what an OSS project where money buys voting rights, go look at Eclipse.
Its a company, not a community. They do some good stuff, with enough full time staff to realease on a regular basis. but it doesnt feel like a place that needs or wants your help, not unless you have $150K and two full time engineers to spare.
Yeah, this is the same mistake that verisign marketing thought -thayt there was no network traffic other than humans browsing port 80 and that when browsers got an NXDOMAIN response they displayed a bad message.
Most browsers are called Internet Explorer, and they handle NX domain with a microsoft search page on MSN. Anyone trying to take off hostname resolution for those browsers is taking money off Microsoft. Its not 'spare cash left on the table', its 'microsofts money'. If you want to do something for end users, distribute your own version of IE or mozilla with a custom search engine.
What really annoys me is how they've broken every other app out there. As for SOAP stacks, they have an awful time of it, especially as nobody wants to field "your app doesnt work on earthlink" kinds of bugreps.
I havent looked at the networking details; configuring virtual lans for isolation is possible, albeit tricky.
One thing about image size is it isnt mandatory to have guis on these things. I would go for something like DSL for a lightweight system image, they produce very small binaries. That only leaves the data. S3 stores bulk data nicely, but you also need a back end RDBMS, or you host mysql in a cluster all of your own.
I suspect that the next offering of amazon will be pay-to-use RDBMS with an availability guarantee; MySQL-7x24 or something, so you can use your own front end images against the back end.
I also think this service shows us how they are moving to host their own systems; fully virtualized, on-demand cloning. nice,
yeah, laptops could implement this in the keyboard controller. Or even the USB hub could do it.
you have to trust the pc vendors, as they have nothing to gain, and everything to lose, in lawsuits and lost sales. But what if their government comes along and says 'add this back door'. They'd comply.
they sent messages with 64 bit encryption (!), but 24 bits of the key was hidden in the message, where the NSA knew to look, or otherwise given to them. You only had 40 bit keys, which upset the swedish government.
Moral: You cant trust closed source apps any more than closed source hardware.
It's also proportional to the amount of memory in use. this is the policy (its been a while since i did laptop coding, so I could be wrong)
-unused memory isnt saved (obvious) -memory that is just swap space isnt saved, it gets swapped in on demand -memory that is bound to a memory mapped file isn't saved, it gets swapped in on demand -all programs are loaded via memory mapping the binaries.
the effect is that your system in theory comes back up when all non-pageable memory is restored. In practise, it is only usable once win32 has been paged back in. Then every app gets sent a WM_POWER message telling it that it has resumed, so every app is forced to page in enough of their event handling code to handle that message. then they get a WM_PAINT message and have to page in the rendering code. By the time you get the screen, a lot of stuff is paged in. And much of that stuff doesnt come from the hibernate file. It comes from your pagefile, it comes from your apps themselves.
Yes, X11 is a chatty little bunny. it was written for the lan, not the long-haul link, and one of its design goals was to support diskless client workstations, at a time when HDDs were expensive. Nor is it good for gaming, which is why linux 3D gaming bypasses X.
But funnily enough, one little benefit of X11 is that a Unix GUI application can run on a different back end from the front. Which lets you run a legacy solaris app on a legacy solaris server, with your ubunto laptop getting the front end, with much better integration with the desktop than you get with VNC.
I'm sorry to hear that video performance is a dog. Presumably the laptop is targeted towards power efficient 2D than decent gaming.
It's going to be an interesting problem for Vista, which uses the GPU aggressively; I dont know how many of todays laptops can handle aero, and of those that do, it's going to kill their battery life.
The irony is, Vista Aero gui is a client-side GUI; you dont want it on your servers. But desktops are going away; apart from the home gaming/media desktops, laptops are all people need. But Vista Aero is going to kill laptop battery life, probably compared to MacOS as well as XP. So its a gui which isnt the right one for the primary client computer of the future.
What has effectively happened is that the vendors have decided that 2-3 hours is the max battery life that "Desktop replacement" laptops need. If ever battery power gets above that, they crank up CPU or GPU power, and battery life goes right down again. Its the way that all the SUV manufacturers give their SUVs fuel tanks that do 300 or so miles; that's the expected range of the truck, regardless of its fuel consumption.
Displays are a major battery hog, so is eclipse. crank back on the brightness and you will get more.
on a long flight, I have this vision of an extension airline power adapter, one that says "boeing, do not touch" that we plug in to someone in biz-class's power socket, then roll it back to economy.
Otherwise, get a battery that plugs in where the DVD drive goes, rip all your DVDs to the HDD before you travel, because they play more power efficiently that way anyway. Sleep a bit on the plane eventually.
What we really need is an ultra-power efficient text mode linux distro or just runlevel for long flights, where you get nothing but emacs and your build tools, all networking is turned off, the display backlight goes off except for 15s after you press any key or move the mouse. Yeah, that'd be cool. The first linux distro optimised for long haul flights.
I agree. RedHat effectively abandoned the desktop market with its split between RHEL and fedora. I could get RHEL at work, but that would make my home boxes a different OS image, and that is just inconvenient.
I switched to SuSE, and have been happy right up until SuSE 10.1 screwed up their update process. Never release an OS with a broken auto-updater, as it is well-nigh impossible to fix.
As for Ubuntu. they are looking at the mass market, they care about laptops. And they want to work with the PC vendors to get preinstalled images. I don't know what their staying power will be, but they have executed pretty well to date.
6+ hours battery life when I pull out the DVD drive and stick in the extension pack. Three hours otherwise.
The more ram you have, the worse the resume from hibernate, and there is too much corporate security junk (firewall, VPN, Symantec) to take up memory and battery life. The extra battery pack is very good for conferences, as I dont need to sit glued to power cords all day long.
The problem with long-life laptops is most people prefer performance over battery life. And with reason -most people don't go that far without a recharge. The most definitive data gathering on this topic was actually an experiment I did in 1999, logging how different people used a laptop for six months, in a paper called
"the secret life of laptops"
The conclusion we came to then was that power at home and work was unimportant, compared to the wide variation in network state. Getting consistent networking mattered much more to people.
Now that we have near-universal, WLAN, maybe being unwired matters more. I should rerun the experiment, but first I need to finish the analysis of my ongoing experiment, that of capturing the bluetooth ID of every discoverable mobile phone that goes past my house. Embrace experimental computer science!
Well, also "It's bad to have any code receiving parameters from untrusted callers". AX controls are one example, PHP scripts that are vulnerable to XSS attacks or or web services that feed their data straight into SQL-injection attacks are different examples.
I do have VMWare images for things I dont trust. Like WinXP and Win98, the latter which has to come up isolated from the big net. Then on the linux system that hosts these things, I dont run as root.
What sandboxes do is add extra defenses. As do languages that don't inherently make stack overflows a way to run arbitrary code, as does giving your web-side code access to the DB through a restricted user, limiting the amount of damage SQL attacks can do.
Defence in depth, that's all there is, defence in depth.
I dont mind companies having that as a license; but it should really be called something like "server GPL", because it is as different from classic GPL as LGPL is, and it should be separated
It really annoys me when people reinterpret things like this, MySQL deserve special mention, IMO, as in their view if you access a database by any means, you need a license. They do this as their business model needs people to pay for licenses, but it still isnt classic GPL.
1. I dont let java code escalate its privileges. Its got a sandbox, stay in it. Actually, I dont even enable java in the browser.
2. I actually discovered one of the first activeX security holes, way back in 1999.
The problem with AX is that it is really Ole Controls, OCX, upgraded for the internet era. OCX was nice, a version of Visual Basic (VBX) controls that was language neutral. Their goal was to make it easy for anyone to embed their controls inside their apps, and so have fancy apps with less coding. Classic Java Beans were sun's ill-fated attempt to copy this. VBX and OCX were probably the enablers of the best market in re-usable client-side components. Want fancy reports in your app? Crystal Reports OCX. Want good database access? Use the db access controls that ship from MS. OCX was a really nice design.
The trouble with ActiveX was that they turned the web browser into a container, with the ability to download and run any activeX control. By default, all OCXs that are installed on a PC are enabled for use in IE, even though they were never written for the assumption that their caller was trusted. There's nothing wrong with an OCX to be embedded inside a C++ app letting you open files in the local filesystem. delete files there, overwrite things. But have some random javascript do that and your box is owned. Most emergency patches by MS and PC manufacturers is for built in controls. to mark them as unsafe for scripting, or to mark them as revoked.
Failing one: ActiveX is only secure if the controls are designed to be called by untrusted people. Even if the controls arent scripted, they can still take params which can be malicious and read/write illegitimate files. Example: windows media control lets you pass in a path in the local filesystem. Script doesnt have access to the contents, but you can work out if the file is present or not. It is leaking information.
Auto control download is the other problem. AX controls are pulled down, their signature verified. There is no sandbox, so the system is built entirely on the model that the people who write the controls are well meaning. The spyware industry showed the lie for that.
Failing two: there is no sandbox for control.
Now, for a few hundred dollars verisign will sell a cerificate in the name "Microsoft requires you to install this component.ltd" and that is what appears on the click-here-to-be-0wned dialog.
Failing three: the vendors of certificates are more interested in certificate sales fees than the safety of the box. If verisign took some financial hit for every bit of spyware they signed off, things would be different.
AX controls are usually written in C++, which is one of the C/C++ family of 'buffer overflow enabled' languages. I know I always get marked down for flame baiting when I say that, but the truth is while compentent people can write really secure code in C/C++ (eg. Apache HTTPD, openSSH), too many developers are in a hurry that ship something that just about works on the deadline required. Because AX controls are not in a sandbox, every single attribute and method has to be treated as something that a malicious piece of javascript can call.
Failing four: the lack of a sandbox forces AX developers to write secure code, and they don't appear up to the job.
If you find a security hole in an active x control, it can be rereleased, a new.cab file produced and the web pages marked so that IE will update to a later version. Sound good? No. You can push out any old version of an activeX control up by serving it out and using a version marker of -1,-1,-1,-1, meaning "always update". This makes it impossible for anyone to ever reliably stop an insecure AX control from being served up. The only way to do this is by adding the control to the "do not run" list in the registry, a registry that is fault of myself and richard smith.
failing 5: its nearly impossible to stop malicious sites pushing out buggy versions of other people's AX controls.
I spent an evening last month purging my sister's box of spyware, dial up trojans and other junk.
she was running Macafee, everything turned on, all these 'sign on to the internet' dialogs cropping up, etc. None of it worked; it just made the machine really slow to start up.
She asked whether she should renew her subscription. I asked her what was the point and sent her towards f-secure, that do at least view sony rootkits as evil.
The whole windows security business is a tax on people who believe that paying $40-50 a year will make their box secure. But the latest virus/worm authors ship their code after testing against the latest releases of all these products, to make sure they dont get detected. It's a checklist item for malware distribution.
You want secure? Get your own linux distro on an obscure CPU, where nothing runs unless you type./configure; make first, and where even perl and ruby are in odd places. Then build open office with whatever #define set that turns off macro support.
MS think they are allowed to incorporate any feedback, anyone gives them.
What is worse, many of their NDAs imply that if you suggest something to them, you give them the rights to use any of your IP (i.e evil softwre patents) in the process. Thus they care enough about software patent infringement to want to get the rights to other peoples intellectual property, while still pushing the EU campaign to make software patents legal.
When we talk to the great satan of the Pacific North West, we mustnt ever make suggestions. Like "why dont you fix your laptop docking so that laptops remember what the display settings are for different docks and even which side of the laptop the mouse is, and dynamically switch to the appropriate binding on dock".
All I can say is the truth, without any suggestions for improvement "As the user of multiple docking stations, I find the current experience atrocious".
I agree about the lawyers. One problem with all corporate R&D labs (disclaimer, I work for one) is that getting stuff into product has always been really, really hard. It doesnt matter how good the idea is, turning that into something profitable is tricky.
A recent trend, one that s/w patents enable, is for R&D labs to patent the ideas and then license them out (good) or sue people that come up with the same idea (bad, bad). So IBM makes money out of its patent portfolio, HP wants to. If the companies could make profitable products instead, they wouldnt need that (substitute) business model.
There is a way, its called open source. If R&D labs do research in/on open source, their stuff is immediately useful? Sounds unrealistic? Think of how Unix had to be given away, source included. That was open source, even if the lawyers came along later and tried to change the contract (and still are, in the SCO case).
That $7B includes all product development -Vista, next version of SQL server, etc, all in there.
The amount spent on "corporate research" is a lot less, probably no more than $100M, though that is a rough guess.
The other thing is yes, they've hired some great people. Lamport, for example. But hiring people because they did great work in the past does not mean they will do great stuff in your company. I've seen that in my own.
It was 17GB when I built a vmware image on beta2 up.
I couldn't believe they'd managed to get so much into one DVD, but somehow they did. And then come the security patches which you need to pull down from the net.
As a contrast, go to Instalinux, at www.instalinux.com , and create your own OS image through a web form. 5 minutes work, download time restricted to what you ask for.
well, the nice thing about vmware is that you can move your stuff around without activation being triggered.
VirtualPC appears to have been written with OS licensing in mind, so that XP detects when it gets moved around and asks to be re-activated.
Now, given there is a 'virtual' device that lets code in the VM detect that they are vm-hosted, its possible that MS could maybe insert some logic to stop Vista working properly under vmware, the way they did with Windows under Dr-DOS. But that would stop so many people using Vista beta it would get noticed fast, and blamed on Vista not VMWare.
What they have done is more subtle: made vista such a memory and performance hog that you wouldnt want to host it under any VM layer.
yeah, all that single user stuff gets in the way. Plus all those CAL licenses. A single desktop with 6 VM images can use up 5 licenses from the domain controller or the SQL server. The licensing infrastructure doesnt scale.
Its a pain to go through the wizards to create and clone VMs, and even when you've done so you still can't reliably use the cloned PCs, as the domain controller doesnt like clones. You need to use 3rd party tools to change the machine SID, fiddle with domain settings, etc. Whereas Xen images can be created on the fly.
I agree, managing multiple boxes is where the money gets charged, because that is (historically) something that only enterprises wanted to do -and it is where all enterprise-grade distros ask for money. Now that anyone with Xen or VMWare player can have a heterogenous cluster of linux distros on their laptop, everyone needs distributed cluster admin.
Novell's
red carpet stuff is free (well, "evaluation" free) for two systems. Since I cannot get the update client that shipped with SuSE10.1 to work properly, I haven't even looked at the zenworks server. Distros should know never to ship with broken update applications, as it is one thing you can't recover from.
Have you looked at LCFG for managing many linux systems. It is one of the very-large-scale linux desktop management tools, used for very large clusters including european grid installations, edinburgh university's computing department's linux infrastructure, etc.
I think the US encryption system changes on a regular (monthly?) basis; you need new keys in your receiver. So even if you manage to pick up an military GPS rx on ebay or somewhere else, you wont get the military fix.
which is a pity -apparently it works better under tree cover than civilian GPS.
I have to boot up IE once a month to download this months windows/office/IE patches. That's its last role, running an activeX control needed to download the stuff needed to stop your XP box being 0wned by somebody else. There's something deeply ironic there.
Slashdot Mirror
you know, this makes me think how to make it easier to migrate. Something like a tool that runs on windows to prepare the system (decrypt EFS files, record hardware and network settings from the registry), maybe even copy files to a remote network share (or to a gmail account created for the purpose).
Then the linux installer would take over, move you from FAT32/NTFS to ext3, restore enough windows config settings to make your linux install look the same. Screen background, saver, favourites, all those things should go over. Printers, fileshares &c, all there.
That'd be slick. Most of it is just configuration settings; we need to pull them from windows, turn them into linux/gnome/kde options.
As someone who works in HPLabs, in the same building as the tesseract team, I must differ.
We in HPLabs do still try and do leading edge research. Its just really hard to get your stuff into products where there's more and more emphasis on buying prepackaged stuff from VC-funded startups.
What we have found is that OSS projects make a great destination for advanced research. A lot of stuff uses linux that way, Xen, and other existing projects. then things like SmartFrog and Jena are in-house projects with open codebases. Come try them out!
If you want to see what an OSS project where money buys voting rights, go look at Eclipse.
Its a company, not a community. They do some good stuff, with enough full time staff to realease on a regular basis. but it doesnt feel like a place that needs or wants your help, not unless you have $150K and two full time engineers to spare.
Yeah, this is the same mistake that verisign marketing thought -thayt there was no network traffic other than humans browsing port 80 and that when browsers got an NXDOMAIN response they displayed a bad message.
Most browsers are called Internet Explorer, and they handle NX domain with a microsoft search page on MSN. Anyone trying to take off hostname resolution for those browsers is taking money off Microsoft. Its not 'spare cash left on the table', its 'microsofts money'. If you want to do something for end users, distribute your own version of IE or mozilla with a custom search engine.
What really annoys me is how they've broken every other app out there. As for SOAP stacks, they have an awful time of it, especially as nobody wants to field "your app doesnt work on earthlink" kinds of bugreps.
-steve
I havent looked at the networking details; configuring virtual lans for isolation is possible, albeit tricky.
One thing about image size is it isnt mandatory to have guis on these things. I would go for something like DSL for a lightweight system image, they produce very small binaries. That only leaves the data. S3 stores bulk data nicely, but you also need a back end RDBMS, or you host mysql in a cluster all of your own.
I suspect that the next offering of amazon will be pay-to-use RDBMS with an availability guarantee; MySQL-7x24 or something, so you can use your own front end images against the back end.
I also think this service shows us how they are moving to host their own systems; fully virtualized, on-demand cloning. nice,
yeah, laptops could implement this in the keyboard controller. Or even the USB hub could do it.
you have to trust the pc vendors, as they have nothing to gain, and everything to lose, in lawsuits and lost sales. But what if their government comes along and says 'add this back door'. They'd comply.
Case in point: Lotus notes put a back door in export versions of notes:
http://catless.ncl.ac.uk/Risks/19.52.html#subj1
they sent messages with 64 bit encryption (!), but 24 bits of the key was hidden in the message, where the NSA knew to look, or otherwise given to them. You only had 40 bit keys, which upset the swedish government.
Moral: You cant trust closed source apps any more than closed source hardware.
It's also proportional to the amount of memory in use. this is the policy (its been a while since i did laptop coding, so I could be wrong)
-unused memory isnt saved (obvious)
-memory that is just swap space isnt saved, it gets swapped in on demand
-memory that is bound to a memory mapped file isn't saved, it gets swapped in on demand
-all programs are loaded via memory mapping the binaries.
the effect is that your system in theory comes back up when all non-pageable memory is restored. In practise, it is only usable once win32 has been paged back in. Then every app gets sent a WM_POWER message telling it that it has resumed, so every app is forced to page in enough of their event handling code to handle that message. then they get a WM_PAINT message and have to page in the rendering code. By the time you get the screen, a lot of stuff is paged in. And much of that stuff doesnt come from the hibernate file. It comes from your pagefile, it comes from your apps themselves.
Yes, X11 is a chatty little bunny. it was written for the lan, not the long-haul link, and one of its design goals was to support diskless client workstations, at a time when HDDs were expensive. Nor is it good for gaming, which is why linux 3D gaming bypasses X.
But funnily enough, one little benefit of X11 is that a Unix GUI application can run on a different back end from the front. Which lets you run a legacy solaris app on a legacy solaris server, with your ubunto laptop getting the front end, with much better integration with the desktop than you get with VNC.
I'm sorry to hear that video performance is a dog. Presumably the laptop is targeted towards power efficient 2D than decent gaming.
It's going to be an interesting problem for Vista, which uses the GPU aggressively; I dont know how many of todays laptops can handle aero, and of those that do, it's going to kill their battery life.
The irony is, Vista Aero gui is a client-side GUI; you dont want it on your servers. But desktops are going away; apart from the home gaming/media desktops, laptops are all people need. But Vista Aero is going to kill laptop battery life, probably compared to MacOS as well as XP. So its a gui which isnt the right one for the primary client computer of the future.
What has effectively happened is that the vendors have decided that 2-3 hours is the max battery life that "Desktop replacement" laptops need. If ever battery power gets above that, they crank up CPU or GPU power, and battery life goes right down again. Its the way that all the SUV manufacturers give their SUVs fuel tanks that do 300 or so miles; that's the expected range of the truck, regardless of its fuel consumption.
Displays are a major battery hog, so is eclipse. crank back on the brightness and you will get more.
on a long flight, I have this vision of an extension airline power adapter, one that says "boeing, do not touch" that we plug in to someone in biz-class's power socket, then roll it back to economy.
Otherwise, get a battery that plugs in where the DVD drive goes, rip all your DVDs to the HDD before you travel, because they play more power efficiently that way anyway. Sleep a bit on the plane eventually.
What we really need is an ultra-power efficient text mode linux distro or just runlevel for long flights, where you get nothing but emacs and your build tools, all networking is turned off, the display backlight goes off except for 15s after you press any key or move the mouse. Yeah, that'd be cool. The first linux distro optimised for long haul flights.
I agree. RedHat effectively abandoned the desktop market with its split between RHEL and fedora. I could get RHEL at work, but that would make my home boxes a different OS image, and that is just inconvenient.
I switched to SuSE, and have been happy right up until SuSE 10.1 screwed up their update process. Never release an OS with a broken auto-updater, as it is well-nigh impossible to fix.
As for Ubuntu. they are looking at the mass market, they care about laptops. And they want to work with the PC vendors to get preinstalled images. I don't know what their staying power will be, but they have executed pretty well to date.
The more ram you have, the worse the resume from hibernate, and there is too much corporate security junk (firewall, VPN, Symantec) to take up memory and battery life. The extra battery pack is very good for conferences, as I dont need to sit glued to power cords all day long.
The problem with long-life laptops is most people prefer performance over battery life. And with reason -most people don't go that far without a recharge. The most definitive data gathering on this topic was actually an experiment I did in 1999, logging how different people used a laptop for six months, in a paper called "the secret life of laptops"
The conclusion we came to then was that power at home and work was unimportant, compared to the wide variation in network state. Getting consistent networking mattered much more to people.
Now that we have near-universal, WLAN, maybe being unwired matters more. I should rerun the experiment, but first I need to finish the analysis of my ongoing experiment, that of capturing the bluetooth ID of every discoverable mobile phone that goes past my house. Embrace experimental computer science!
Well, also "It's bad to have any code receiving parameters from untrusted callers". AX controls are one example, PHP scripts that are vulnerable to XSS attacks or or web services that feed their data straight into SQL-injection attacks are different examples.
I do have VMWare images for things I dont trust. Like WinXP and Win98, the latter which has to come up isolated from the big net. Then on the linux system that hosts these things, I dont run as root.
What sandboxes do is add extra defenses. As do languages that don't inherently make stack overflows a way to run arbitrary code, as does giving your web-side code access to the DB through a restricted user, limiting the amount of damage SQL attacks can do.
Defence in depth, that's all there is, defence in depth.
Whatever that is, it aint GPL.
I dont mind companies having that as a license; but it should really be called something like "server GPL", because it is as different from classic GPL as LGPL is, and it should be separated
It really annoys me when people reinterpret things like this, MySQL deserve special mention, IMO, as in their view if you access a database by any means, you need a license. They do this as their business model needs people to pay for licenses, but it still isnt classic GPL.
-steve
1. I dont let java code escalate its privileges. Its got a sandbox, stay in it. Actually, I dont even enable java in the browser.
.cab file produced and the web pages marked so that IE will update to a later version. Sound good? No. You can push out any old version of an activeX control up by serving it out and using a version marker of -1,-1,-1,-1, meaning "always update". This makes it impossible for anyone to ever reliably stop an insecure AX control from being served up. The only way to do this is by adding the control to the "do not run" list in the registry, a registry that is fault of myself and richard smith.
2. I actually discovered one of the first activeX security holes, way back in 1999.
The problem with AX is that it is really Ole Controls, OCX, upgraded for the internet era. OCX was nice, a version of Visual Basic (VBX) controls that was language neutral. Their goal was to make it easy for anyone to embed their controls inside their apps, and so have fancy apps with less coding. Classic Java Beans were sun's ill-fated attempt to copy this. VBX and OCX were probably the enablers of the best market in re-usable client-side components. Want fancy reports in your app? Crystal Reports OCX. Want good database access? Use the db access controls that ship from MS. OCX was a really nice design.
The trouble with ActiveX was that they turned the web browser into a container, with the ability to download and run any activeX control. By default, all OCXs that are installed on a PC are enabled for use in IE, even though they were never written for the assumption that their caller was trusted. There's nothing wrong with an OCX to be embedded inside a C++ app letting you open files in the local filesystem. delete files there, overwrite things. But have some random javascript do that and your box is owned. Most emergency patches by MS and PC manufacturers is for built in controls. to mark them as unsafe for scripting, or to mark them as revoked.
Failing one: ActiveX is only secure if the controls are designed to be called by untrusted people. Even if the controls arent scripted, they can still take params which can be malicious and read/write illegitimate files. Example: windows media control lets you pass in a path in the local filesystem. Script doesnt have access to the contents, but you can work out if the file is present or not. It is leaking information.
Auto control download is the other problem. AX controls are pulled down, their signature verified. There is no sandbox, so the system is built entirely on the model that the people who write the controls are well meaning. The spyware industry showed the lie for that.
Failing two: there is no sandbox for control.
Now, for a few hundred dollars verisign will sell a cerificate in the name "Microsoft requires you to install this component.ltd" and that is what appears on the click-here-to-be-0wned dialog.
Failing three: the vendors of certificates are more interested in certificate sales fees than the safety of the box. If verisign took some financial hit for every bit of spyware they signed off, things would be different.
AX controls are usually written in C++, which is one of the C/C++ family of 'buffer overflow enabled' languages. I know I always get marked down for flame baiting when I say that, but the truth is while compentent people can write really secure code in C/C++ (eg. Apache HTTPD, openSSH), too many developers are in a hurry that ship something that just about works on the deadline required. Because AX controls are not in a sandbox, every single attribute and method has to be treated as something that a malicious piece of javascript can call.
Failing four: the lack of a sandbox forces AX developers to write secure code, and they don't appear up to the job.
If you find a security hole in an active x control, it can be rereleased, a new
failing 5: its nearly impossible to stop malicious sites pushing out buggy versions of other people's AX controls.
I spent an evening last month purging my sister's box of spyware, dial up trojans and other junk.
./configure; make first, and where even perl and ruby are in odd places. Then build open office with whatever #define set that turns off macro support.
she was running Macafee, everything turned on, all these 'sign on to the internet' dialogs cropping up, etc. None of it worked; it just made the machine really slow to start up.
She asked whether she should renew her subscription. I asked her what was the point and sent her towards f-secure, that do at least view sony rootkits as evil.
The whole windows security business is a tax on people who believe that paying $40-50 a year will make their box secure. But the latest virus/worm authors ship their code after testing against the latest releases of all these products, to make sure they dont get detected. It's a checklist item for malware distribution.
You want secure? Get your own linux distro on an obscure CPU, where nothing runs unless you type
-steve
MS think they are allowed to incorporate any feedback, anyone gives them.
What is worse, many of their NDAs imply that if you suggest something to them, you give them the rights to use any of your IP (i.e evil softwre patents) in the process. Thus they care enough about software patent infringement to want to get the rights to other peoples intellectual property, while still pushing the EU campaign to make software patents legal.
When we talk to the great satan of the Pacific North West, we mustnt ever make suggestions. Like "why dont you fix your laptop docking so that laptops remember what the display settings are for different docks and even which side of the laptop the mouse is, and dynamically switch to the appropriate binding on dock".
All I can say is the truth, without any suggestions for improvement "As the user of multiple docking stations, I find the current experience atrocious".
-steve
I agree about the lawyers. One problem with all corporate R&D labs (disclaimer, I work for one) is that getting stuff into product has always been really, really hard. It doesnt matter how good the idea is, turning that into something profitable is tricky.
A recent trend, one that s/w patents enable, is for R&D labs to patent the ideas and then license them out (good) or sue people that come up with the same idea (bad, bad). So IBM makes money out of its patent portfolio, HP wants to. If the companies could make profitable products instead, they wouldnt need that (substitute) business model.
There is a way, its called open source. If R&D labs do research in/on open source, their stuff is immediately useful? Sounds unrealistic? Think of how Unix had to be given away, source included. That was open source, even if the lawyers came along later and tried to change the contract (and still are, in the SCO case).
That $7B includes all product development -Vista, next version of SQL server, etc, all in there.
The amount spent on "corporate research" is a lot less, probably no more than $100M, though that is a rough guess.
The other thing is yes, they've hired some great people. Lamport, for example. But hiring people because they did great work in the past does not mean they will do great stuff in your company. I've seen that in my own.
It was 17GB when I built a vmware image on beta2 up.
I couldn't believe they'd managed to get so much into one DVD, but somehow they did. And then come the security patches which you need to pull down from the net.
As a contrast, go to Instalinux, at www.instalinux.com , and create your own OS image through a web form. 5 minutes work, download time restricted to what you ask for.
well, the nice thing about vmware is that you can move your stuff around without activation being triggered.
VirtualPC appears to have been written with OS licensing in mind, so that XP detects when it gets moved around and asks to be re-activated.
Now, given there is a 'virtual' device that lets code in the VM detect that they are vm-hosted, its possible that MS could maybe insert some logic to stop Vista working properly under vmware, the way they did with Windows under Dr-DOS. But that would stop so many people using Vista beta it would get noticed fast, and blamed on Vista not VMWare.
What they have done is more subtle: made vista such a memory and performance hog that you wouldnt want to host it under any VM layer.
yeah, all that single user stuff gets in the way. Plus all those CAL licenses. A single desktop with 6 VM images can use up 5 licenses from the domain controller or the SQL server. The licensing infrastructure doesnt scale.
f o/debug.mspx
The other issue with VPC is shown in this document, which covers developing and debugging under VPC:
http://www.microsoft.com/windows/virtualpc/techin
Its a pain to go through the wizards to create and clone VMs, and even when you've done so you still can't reliably use the cloned PCs, as the domain controller doesnt like clones. You need to use 3rd party tools to change the machine SID, fiddle with domain settings, etc. Whereas Xen images can be created on the fly.
I agree, managing multiple boxes is where the money gets charged, because that is (historically) something that only enterprises wanted to do -and it is where all enterprise-grade distros ask for money. Now that anyone with Xen or VMWare player can have a heterogenous cluster of linux distros on their laptop, everyone needs distributed cluster admin.
Novell's red carpet stuff is free (well, "evaluation" free) for two systems. Since I cannot get the update client that shipped with SuSE10.1 to work properly, I haven't even looked at the zenworks server. Distros should know never to ship with broken update applications, as it is one thing you can't recover from.Have you looked at LCFG for managing many linux systems. It is one of the very-large-scale linux desktop management tools, used for very large clusters including european grid installations, edinburgh university's computing department's linux infrastructure, etc.
I think the US encryption system changes on a regular (monthly?) basis; you need new keys in your receiver. So even if you manage to pick up an military GPS rx on ebay or somewhere else, you wont get the military fix.
which is a pity -apparently it works better under tree cover than civilian GPS.
I have to boot up IE once a month to download this months windows/office/IE patches. That's its last role, running an activeX control needed to download the stuff needed to stop your XP box being 0wned by somebody else. There's something deeply ironic there.
-steve