No, that's because they batch them in some gigantic 100mb+ update, instead of doing small updates for several applications, which is what Microsoft does.
Seriously, there's no reason why a security update should take several dozens of megabytes. This only ensures that dial up users will not install them and that people are more likely to delay installing patches due to the download time.
Also, most patches on Windows are released every month, on what is called patch Tuesday, which is the second Tuesday of every month. I'm not sure I fully agree with the idea of a fixed patch schedule as it gives the malware authors a one-month window to exploit, although it does give corporate deployments a chance to test patches prior to deployment on a sane schedule.
And running games in an OS above the firmware would be too slow to run most of them at top speed[...]
Wrong. The Xbox ran a modified version of Windows 2000, for example. They're just not general purpose operating systems and contain only what's needed to make games. Otherwise, every single game would need to write filesystem access code and drivers to access the harddrive and whatnot.
Who needs branch prediction when you could just have 2 cores running a thread? Send each one executing instructions without a break in the pipeline and sync the wrong core to the correct one once you know the result. You'd still have to wait for results before any store operations, but you should probably know the branch result by then anyway.
This is actually how 3D cards used to do branching(not sure nowadays, though). Basically you would compute both outputs and do a linear interpolation between both. Since you would use either 0 or 1 as the linear interpolation factor, you would end up with either result A or B.
IIRC this is how the old nVidia register combiner ops worked as well, though I haven't really used them.
I assume it's horribly inefficient in terms of performance/watt, though I might be wrong.
USB doesn't specify a standard way for devices to have a unique identifier. The result is that all USB devices of a given model appear identical to the host.
Wrong. USB specifies the mechanism for obtaining a device's unique serial number through the iSerialNumber field of the standard device descriptor. (See section "9.6.1 Device" of the USB2 spec, available at http://www.usb.org/developers/docs/)
However, it is not a mandatory part of the spec. For example, some cheaper joysticks do not have a unique serial number and Windows will generate a synthetic serial number based on the port into which the device is plugged into. This is also why plugging a device into another port may trigger the "Windows has finished installing drivers for your new device", even though the device had been previously connected to another port.
I sure hope that at that kind of price, they're at least burning some unique serial number into the USB controller.
Triangulation of radio signals is not accurate enough to give sub-centimeter accuracy and the added mass to the tennis ball would probably cause the players to have some objection to adding a radio transmitter into the ball.
The claim that the Hawkeye system gives an average of about four millimetres of error seems somewhat reasonable, given that we're getting accuracy greater better than two centimetres on detecting objects with a single camera with optics as large as the last segment of a typical pinky. (FWIW, here's a short demo of what we're working on for our autonomous underwater vehicle)
However, the suggestion to display the error range for a particular shot and leaving the final decision to a human from TFA is quite reasonable and is how it should be. Blindingly trusting technology or discarding it altogether is unreasonable.
How does it fare for programming, though, with the odd placement of the braces and square brackets(which are on the top row, right next to backspace)?
I know there is "Programmer dvorak", but it's not a layout that ships with a lot of operating systems --- IIRC neither OS X nor Windows offer it --- and how do you fare on using other computers, which don't have the dvorak keyboard layout installed?
I've been considering switching to dvorak, but I'd like to know how significant those drawbacks are in reality.
it come to our attention that someone released a fake DT PRO version that is
contaminated with trojans and viruses, among the fact it is only a DT Lite and
not a PRO version!
DT Pro is the version that you have to pay for, thus getting it for free from some shady website should at least make you think twice, in the same way that you probably shouldn't download kernel sources from untrusted websites without checking the MD5/SHA checksum.
Frankly just googling and then downloading stuff that looks like it could help is bound to lead to a malware infested computer.
I haven't been infested with malware in the last decade, although this is only anecdotal evidence.
One of the very clear things that good Linux distros have over Windows is the use of a centralized software repository.
It is indeed convenient for installing various software packages --- which is sorely lacking in Windows --- although the usage of a centralized software repository does not guarantee that the binaries will be free of defects/malware either, since someone could poison the upstream source of software(which already happened in the past) and the maintainer would have no clue.
I find Linux more capable on the Desktop than Microsoft. There are often times when MS's (using XP) internal burning software is inadequate - like burning images. I don't know if it's fixed yet, but for a long time XP just would not burn an image with its built in software and you had to use something like Nero. Never had a problem burning an image running any linux distro. Same with mounting.iso right from the harddrive as a cd-rom. It usually required some pay-for software (Alcohol 120%) in Windows, while a 2 minute search yield a few command lines to do it in Ubuntu. I know I'd rather save the money.
A two minute search on Google yields CDBurnerXP as a freeware CD burning tool and Daemon tools as an image mounting tool for Windows.
It might not be free as in speech, but it sure is free as in beer.
But if you wanted to steal his SSN, all you'd have to do is record the ad. Also, they're not advertising his SSN, they're advertising the service LifeLock provides, which is why they would repeat the phone number and not the SSN.
Exactly. These kinds of vehicles usually have a preset mission and have enough smarts to carry it out without needing human intervention, they're not remote-controlled vehicles at all!
The difference is akin to the difference between the instructions you'd give to a blind car driver and what some mapping software would do.
The blind car driver would require constant attention to make sure the car is not steering towards pedestrians or other obstacles. This is essentially remote control operation.
On the other hand, autonomous operation would be closer to the list of directions given out by mapping software; go there, turn to the left, take the 4th Avenue, go 500 meters, etc.
For example, some companies are working on automated control of agricultural machinery by using GPS and automatic steering(http://www.gpsfarm.com/products/). I assume the instructions given to the control software are closer to "Plow this area delimited with these GPS coordinates along this angle" than "Press the gas pedal a little more, then turn the steering wheel 12 degrees to the right."
Maybe I misread the article, but wouldn't that mean that if they filtered some content from another government(such as the water processing plant plans from another country), they could get fined? If so, isn't that an egregious case of two weights, two measures?
It depends on the game. For example, the first releases of Quake 3 had different physics depending on your framerate, due to integer clamping of player positions. They fixed the issue in later patches by adding an option to force everyone to run at 125 Hz, but by default it is off.
This allows a couple jumps that are not possible UNLESS you are running at 125 Hz, such as the megahealth jump on q3dm13.
A scan of a fingerprint is never exactly the same twice, thus it is useless as a cryptographic key... The most it can do, is provide a "close enough" match to a program which will then provide the actual key.
Wrong. You can recognize certain features(loops, groove density, etc.) in the actual fingerprint and map those to an actual key, in the same way that you can scan a piece of paper on different scanners, run optical character recognition on it and spew the exact same text. There might not be enough entropy in a single finger to provide a good crypto key, though.
This is only true if the built-in Administrator account has no password. If you enable the built-in Administrator account (which can apparently be done any of several ways, but the one I've always used is 'net user administrator/active:yes') and then give it a password, the UAC dialog will thereafter have a password prompt. This has always been the first thing I do on any Vista machine I've had to configure (which fortunately has not been many).
Interesting. I never enabled the Administrator account on my Vista machine and didn't think it would make a difference.
I also remove sudo from every *nix box I admin; 'su -c' does just fine, and since it requires the root password it does not leave room for know-nothing-user mistakes the way sudo does. Anyone who should be making changes which require root access already has the root password anyway.
Sudo has the advantage that it leaves an audit trail, which can be a desireable feature in an environment where there are multiple administrators. I agree though that it doesn't make as much sense if you're the sole administrator.
The addition of an effective admin-privileges model and at least some of what is needed to enforce it is one of the few things I would consider an improvement in Vista as compared to XP - and note that I'm generally anti-Microsoft, and dislike Vista significantly more than I do XP. Why, having added such a model, Microsoft then chose to cripple it by not only hiding the root user, and not only automatically creating an admin-level account, but not automatically creating a non-admin account is something which I have never been able to figure out; nothing about it makes the least bit of sense to me.
It is pretty much the best implementation they could have made, considering the amount of legacy stuff they had to live with. As for not running as admin by default, it is so that, by default, applications don't run with all privileges. It behaves the same way as OSX or Linux, when you're in the wheel group/sudoers.
Lower CPU overhead, as the CPU is not involved in DMA operations. For example, if you're dealing with a firewire camera, it can push out frames to the host with only minimal interaction from the CPU, whereas a USB camera requires much more CPU power to push out frames to the host, as the host has to pull them from the camera(see USB vs Firewire).
This was actually proposed in 1998, as the Internet time. The day is divided in 1000 "beats", which are the same worldwide. It didn't seem to have catched on. As for your relatives, there's nothing that prevents you from telling them that you'll call at 13:00... GMT.
I don't have vast experience of Vista because I decided against deploying it on the last few networks I managed. However, it seems that it must still be incredibly easy to access the MBR even, as you point out, as a non-administrator user.
Not really. UAC is essentially like sudo, except that when you run in an administrator account, there is no password prompt, only a Allow/Cancel choice. From a non-administrator user, you have to enter the login and password of an administrator. Of course, if you disable UAC and set it so that everything runs as administrator, there is no protection.
However I assume that "Boot sector protection" as available in most modern BIOS's should stop this stone dead (I know that I implement it but I doubt everyone does). It's like 1989 all over again...
It probably would. It's a good idea to use this option anyway, there's no real reason to write the MBR very often, maybe except to update Grub or LILO.
Granted, the virus is easily cleaned, although it's potential effects may not be (identity theft etc.).
Agreed, especially when considering that TFA mentions that it mostly targets financial websites.
I'd rather pay more for software that had the same amount of features but less years of krufty hack layered upon krufty hack.
You seem to be downplaying the costs that are incurred when throwing away working code to build new one. Non-trivial code takes a lot of time and effort to build. For example, let's look at Mozilla. The Wikipedia article mentions the decision to scrap the codebase somewhere in 1998. When did the 1.0 version of Mozilla came out? 2002, four years later.
It clearly is not a viable option for commercial software to release nothing for a couple years just because "we're rewriting the code", for potential gains that may or may not exist, unless maintenance is simply too costly compared to the cost of rebuilding. However, since OSS does not need to meet any kind of revenue expectation, they can do such a thing.
Quite simply, we're talking about Windows here (and maybe Norton). Mac OS7 did a great job of providing both abstraction and speed in a maintainable environment on a 68030: a chip so slow that you wouldn't notice it if it was working as a co-processor on a modern machine.
OS 7 does not even have preemptive multitasking, instead relying on cooperative multitasking, just like Windows 3.1 did. I'll take your Motorola 68030 and raise you a 386.
Vista, on the other hand, requires a pretty beefy on-board graphics chip to do anything at all, and renders every window as a 3D object. It also pulls in tons of useless side-board crap that probably renders in its own wonky and inefficient scripting language. And, from everything I've heard out of Redmond, has grown into an unmaintainable and unsupportable mess anyway.
Not if you disable Aero, it'll fallback to the old framebuffer approach. As for the second argument, are you talking about SideShow?
Larger software takes more effort to maintain per LOC than smaller software. Research proves this point over and over again. What would you want, an OS that can only run "Hello World"? I'm sure it will be very maintainable, but not very useful. Since we're pulling random hearsay, I heard that it's mostly a management debacle, with poor interactions between the different groups building the various parts of Windows.
Right now, the biggest efficiencies to computer speed seem to lie within the realm of software. Specifically, getting rid of the years of bad decisions and bad hacks that are stealing inordinate amounts of processor time and making it impossible to deliver on promised feature upgrades. We currently have processors that are capable of crunching tens of thousands of times more numbers than could have been done in the 68030 days. Where is that power going? Throwing more hardware at the problem isn't the most efficient way of effecting a solution, especially if the problem is preventing necessary code updates.
We also have more features which are delivered faster than before and implemented by teams that are smaller(for the same feature). Compare the amount of work and performance when implementing a dynamic website nowadays to what was available a decade ago. A decade ago, for high performance dynamic websites, you had to code it in C/C++ using NSAPI/ISAPI. Nowadays, you just take Ruby on Rails or whatever is the framework of the day and build it faster. Sure it won't run as fast, but it also cost way less to build and has more features to boot.
Throwing more hardware at the problem was, historically, a better choice. I don't hear about a lot of people doing assembly nowadays, though I hear a lot of people writing maintainable code in Java/.NET/Ruby/Python/whatever. Might not be as fast as raw assembly, but it sure comes out quicker. Whether this trend will remain in the face of multicore architectures is still uncertain, however.
And then you have the obvious - why is the OS allowing you to modify the MBR without appropriate rights and/or why are users running as users with the rights necessary to do this? This is STILL a problem harking back to the DOS days - everyone as administrator. With a new twist - the average user hasn't needed to BE administrator for quite a long time now.
Except in Vista, this isn't true. You need to either have elevated privileges(or have disabled UAC so that everything runs as administrator) to be able to write to the MBR, at least according to this website. Of course, UAC does not mitigate the issue if they attach to a publically available installer(say kazaa-super-deluxe-installer.exe), since you'll need elevated privileges to run the installer and thus will click "Accept". However, since writing to the MBR is a highly unusual operation, they could bring another box that clearly marks the operation as unusual before allowing the write to the MBR.
Also, since the article mentions that the rootkit does not modify the registry, it would appear that all that is required to remove it is to do a "fixmbr" from the installation CD to overwrite the MBR with a clean copy(which is corroborated by Symantec).
As for abstractions, they allow other things that were simply impossible before. Abstractions allow tuning a design on criteria such as maintainability, extensibility, supportability, etc. Yes, making software more maintainable can reduce performance, but it also reduces the maintenance cost. Would you rather pay more for software that has less features but is faster?
The people buying it will get everything they wanted - a laptop you can edit text and sufr the internet on, with a Ferrari logo. Exactly. A lot of average people don't check specs(or do a poor job at it) and rather rely on aesthetics/salesmen recommendations to guide their choice. If I were to be a Ferrari fanatic, maybe I'd buy it because of the brand attachment, as crazy as it may sound. On the other hand, some people only look at the specs and don't care if their PC is only parts in a cardboard box.
PINs longer than four digits are available outside of the US(at least in Canada). Canadian banks warn travellers to the US to change longer PINs to have four digits, as longer PINs are not well supported by the US ATM network. I assume this is an issue of interoperability, as the US bank system must be quite complex with the large number of financial institutions.
Just so you know, three weeks after Ice storm 1998, there were still about 700k people without electricity in the middle of winter(most houses use electric heating and usual temperatures around that time of the year are below zero).
I presume they want the easement to bury long distance powerlines, not the ones for local distribution. Wikipedia seems to mention that electric power transmission lines are very seldom underground. Of maybe they're concerned about being sued for EMF-related medical issues.
Slashdot Mirror
No, that's because they batch them in some gigantic 100mb+ update, instead of doing small updates for several applications, which is what Microsoft does.
Seriously, there's no reason why a security update should take several dozens of megabytes. This only ensures that dial up users will not install them and that people are more likely to delay installing patches due to the download time.
Also, most patches on Windows are released every month, on what is called patch Tuesday, which is the second Tuesday of every month. I'm not sure I fully agree with the idea of a fixed patch schedule as it gives the malware authors a one-month window to exploit, although it does give corporate deployments a chance to test patches prior to deployment on a sane schedule.
Wrong. The Xbox ran a modified version of Windows 2000, for example. They're just not general purpose operating systems and contain only what's needed to make games. Otherwise, every single game would need to write filesystem access code and drivers to access the harddrive and whatnot.
This is actually how 3D cards used to do branching(not sure nowadays, though). Basically you would compute both outputs and do a linear interpolation between both. Since you would use either 0 or 1 as the linear interpolation factor, you would end up with either result A or B.
IIRC this is how the old nVidia register combiner ops worked as well, though I haven't really used them.
I assume it's horribly inefficient in terms of performance/watt, though I might be wrong.
Wrong. USB specifies the mechanism for obtaining a device's unique serial number through the iSerialNumber field of the standard device descriptor. (See section "9.6.1 Device" of the USB2 spec, available at http://www.usb.org/developers/docs/)
However, it is not a mandatory part of the spec. For example, some cheaper joysticks do not have a unique serial number and Windows will generate a synthetic serial number based on the port into which the device is plugged into. This is also why plugging a device into another port may trigger the "Windows has finished installing drivers for your new device", even though the device had been previously connected to another port.
I sure hope that at that kind of price, they're at least burning some unique serial number into the USB controller.
Triangulation of radio signals is not accurate enough to give sub-centimeter accuracy and the added mass to the tennis ball would probably cause the players to have some objection to adding a radio transmitter into the ball.
The claim that the Hawkeye system gives an average of about four millimetres of error seems somewhat reasonable, given that we're getting accuracy greater better than two centimetres on detecting objects with a single camera with optics as large as the last segment of a typical pinky. (FWIW, here's a short demo of what we're working on for our autonomous underwater vehicle)
However, the suggestion to display the error range for a particular shot and leaving the final decision to a human from TFA is quite reasonable and is how it should be. Blindingly trusting technology or discarding it altogether is unreasonable.
How does it fare for programming, though, with the odd placement of the braces and square brackets(which are on the top row, right next to backspace)?
I know there is "Programmer dvorak", but it's not a layout that ships with a lot of operating systems --- IIRC neither OS X nor Windows offer it --- and how do you fare on using other computers, which don't have the dvorak keyboard layout installed?
I've been considering switching to dvorak, but I'd like to know how significant those drawbacks are in reality.
DT Pro is the version that you have to pay for, thus getting it for free from some shady website should at least make you think twice, in the same way that you probably shouldn't download kernel sources from untrusted websites without checking the MD5/SHA checksum.
I haven't been infested with malware in the last decade, although this is only anecdotal evidence.
It is indeed convenient for installing various software packages --- which is sorely lacking in Windows --- although the usage of a centralized software repository does not guarantee that the binaries will be free of defects/malware either, since someone could poison the upstream source of software(which already happened in the past) and the maintainer would have no clue.
A two minute search on Google yields CDBurnerXP as a freeware CD burning tool and Daemon tools as an image mounting tool for Windows.
It might not be free as in speech, but it sure is free as in beer.
But if you wanted to steal his SSN, all you'd have to do is record the ad. Also, they're not advertising his SSN, they're advertising the service LifeLock provides, which is why they would repeat the phone number and not the SSN.
Exactly. These kinds of vehicles usually have a preset mission and have enough smarts to carry it out without needing human intervention, they're not remote-controlled vehicles at all!
The difference is akin to the difference between the instructions you'd give to a blind car driver and what some mapping software would do.
The blind car driver would require constant attention to make sure the car is not steering towards pedestrians or other obstacles. This is essentially remote control operation.
On the other hand, autonomous operation would be closer to the list of directions given out by mapping software; go there, turn to the left, take the 4th Avenue, go 500 meters, etc.
For example, some companies are working on automated control of agricultural machinery by using GPS and automatic steering(http://www.gpsfarm.com/products/). I assume the instructions given to the control software are closer to "Plow this area delimited with these GPS coordinates along this angle" than "Press the gas pedal a little more, then turn the steering wheel 12 degrees to the right."
Unfortunately, the presentation materials are not available at the URL he mentions, but they are available at http://www.myharddrivedied.com/
Maybe I misread the article, but wouldn't that mean that if they filtered some content from another government(such as the water processing plant plans from another country), they could get fined? If so, isn't that an egregious case of two weights, two measures?
As far as I know, that's what project Blackbox uses for cooling. Note the blurb where it specifies the water connectivity requirements.
It depends on the game. For example, the first releases of Quake 3 had different physics depending on your framerate, due to integer clamping of player positions. They fixed the issue in later patches by adding an option to force everyone to run at 125 Hz, but by default it is off.
This allows a couple jumps that are not possible UNLESS you are running at 125 Hz, such as the megahealth jump on q3dm13.
This guide has more information: http://ucguides.savagehelp.com/Quake3/FAQFPSJumps.html
Wrong. You can recognize certain features(loops, groove density, etc.) in the actual fingerprint and map those to an actual key, in the same way that you can scan a piece of paper on different scanners, run optical character recognition on it and spew the exact same text. There might not be enough entropy in a single finger to provide a good crypto key, though.
Lower CPU overhead, as the CPU is not involved in DMA operations. For example, if you're dealing with a firewire camera, it can push out frames to the host with only minimal interaction from the CPU, whereas a USB camera requires much more CPU power to push out frames to the host, as the host has to pull them from the camera(see USB vs Firewire).
This was actually proposed in 1998, as the Internet time. The day is divided in 1000 "beats", which are the same worldwide. It didn't seem to have catched on. As for your relatives, there's nothing that prevents you from telling them that you'll call at 13:00... GMT.
You seem to be downplaying the costs that are incurred when throwing away working code to build new one. Non-trivial code takes a lot of time and effort to build. For example, let's look at Mozilla. The Wikipedia article mentions the decision to scrap the codebase somewhere in 1998. When did the 1.0 version of Mozilla came out? 2002, four years later.
It clearly is not a viable option for commercial software to release nothing for a couple years just because "we're rewriting the code", for potential gains that may or may not exist, unless maintenance is simply too costly compared to the cost of rebuilding. However, since OSS does not need to meet any kind of revenue expectation, they can do such a thing.
OS 7 does not even have preemptive multitasking, instead relying on cooperative multitasking, just like Windows 3.1 did. I'll take your Motorola 68030 and raise you a 386.
Not if you disable Aero, it'll fallback to the old framebuffer approach. As for the second argument, are you talking about SideShow?
Larger software takes more effort to maintain per LOC than smaller software. Research proves this point over and over again. What would you want, an OS that can only run "Hello World"? I'm sure it will be very maintainable, but not very useful. Since we're pulling random hearsay, I heard that it's mostly a management debacle, with poor interactions between the different groups building the various parts of Windows.
We also have more features which are delivered faster than before and implemented by teams that are smaller(for the same feature). Compare the amount of work and performance when implementing a dynamic website nowadays to what was available a decade ago. A decade ago, for high performance dynamic websites, you had to code it in C/C++ using NSAPI/ISAPI. Nowadays, you just take Ruby on Rails or whatever is the framework of the day and build it faster. Sure it won't run as fast, but it also cost way less to build and has more features to boot.
Throwing more hardware at the problem was, historically, a better choice. I don't hear about a lot of people doing assembly nowadays, though I hear a lot of people writing maintainable code in Java/.NET/Ruby/Python/whatever. Might not be as fast as raw assembly, but it sure comes out quicker. Whether this trend will remain in the face of multicore architectures is still uncertain, however.
Except in Vista, this isn't true. You need to either have elevated privileges(or have disabled UAC so that everything runs as administrator) to be able to write to the MBR, at least according to this website. Of course, UAC does not mitigate the issue if they attach to a publically available installer(say kazaa-super-deluxe-installer.exe), since you'll need elevated privileges to run the installer and thus will click "Accept". However, since writing to the MBR is a highly unusual operation, they could bring another box that clearly marks the operation as unusual before allowing the write to the MBR.
Also, since the article mentions that the rootkit does not modify the registry, it would appear that all that is required to remove it is to do a "fixmbr" from the installation CD to overwrite the MBR with a clean copy(which is corroborated by Symantec).
This depends on where you are. In Canada, the title of engineer is protected by law(see wikipedia or Engineers Canada on MSCEs).
As for abstractions, they allow other things that were simply impossible before. Abstractions allow tuning a design on criteria such as maintainability, extensibility, supportability, etc. Yes, making software more maintainable can reduce performance, but it also reduces the maintenance cost. Would you rather pay more for software that has less features but is faster?
PINs longer than four digits are available outside of the US(at least in Canada). Canadian banks warn travellers to the US to change longer PINs to have four digits, as longer PINs are not well supported by the US ATM network. I assume this is an issue of interoperability, as the US bank system must be quite complex with the large number of financial institutions.
Just so you know, three weeks after Ice storm 1998, there were still about 700k people without electricity in the middle of winter(most houses use electric heating and usual temperatures around that time of the year are below zero).
I presume they want the easement to bury long distance powerlines, not the ones for local distribution. Wikipedia seems to mention that electric power transmission lines are very seldom underground. Of maybe they're concerned about being sued for EMF-related medical issues.