If your software is perfect, it wouldn't need a "security model" to begin with. Why do the *BSDs focus so much on "jails" and why does Linux have SELinux and LSM and the like -- because they know that even with all the compulsive auditing, they probably missed something and their software has holes.
If I understand Vista's security model correctly, IE is sandboxed so that the exploitable avenues from the WMF hole are extremely minimized.
> Hell look at what Apple did with OS X in far less time than MSFT
Apple bought an abandoned OS from the 1980s, that uses kernel with code originally written in the late 1970s. On top of that, they bolted a bunch of Toolbox compatibility code dating from the 80s and 90s, and a bunch of *nix stuff which is also 10-20 years old.
So, it somewhat silly that you would argue that MS performs a "complete ground up rewrite", all while advocating MacOS X, which is a complete slut for legacy code.
Not true! Windows Vista was promised to be nearly completely backward-compatibile with previous Windows!
And that is exactly what IT customers want. They only way they can keep all those millions of custom programs developed for Windows over the last decades working is by pulling forward legacy code.
Hey look at Apple -- they just introduced machines that do not run any software from as little as 5 years ago. Apple also has nearly zero corporate desktops. Connect the dots. Maybe consumer users running Firefox and iTunes and MSN Messenger want a "all new Windows", but nobody else does.
I know that Happy Hacking is the knee-jerk response to any keyboard question -- but it doesn't come anywhere near his requirements for the navigation keys -- It doesn't even have dedicated keys!
Also, the Apple PowerBook keyboard was obviously designed by Happy Hacking-using crackbabies.
And IBM sells a desktop version of the ThinkPad keyboard, called the UltraNav Travel. However it doesn't have standard navigaton key placement like the questioner is looking for.
> and by loyal I mean "did not bail when Apple's star was dimming at various times in the past"
Actually, they put out a shitty version of Mac Office in 1994 and left it on the market for four long years while Windows 95 succeeded in dominating consumer computing. Oh, and they only replaced it with Office 98 after Apple sued them, settled, and Steve Jobs gave Bill Gates credit for "saving Apple".
I'm not denying that MS has been an Apple supporter, but they did withhold new versions of Office during those dim days.
My feeling is that this "agreement" is a whole lot of nothing.
They've already announced the next version of Mac Office as a PPC & Intel release, and you can bet it does not require them to do anything more than support that version (which they would anyway).
What you miss is that Microsoft had already reinvented the wheel -- there was a reasonably functional port of Outlook and MAPI working under the classic MacOS, but they chose to kill it.
Note that I don't think it was necessarily a conspiracy... It could be that the actual number of Mac Exchange seats didn't justify the OS X port costs.
Re:What if we sandbox major apps like browsers?
on
Future Trends of Malware
·
· Score: 2, Insightful
(A) You are trying to kludge Unix Permissions onto a siutation where a new model is required. Unix Groups are already a nightmare and this sort of thing would just makes it worse. How would you save a file from your web browser without a nightmare of permission settings?
Furthermore it doesn't do what you want: Exploiting "user1Firefox:user1Firefoxgroup" is good enough to send spam and DoS attacks.
Check "Capabilities"-based systems that do what you really want. They've been around for a while.
(B) Users want Data Exchange between applications. Firefox need to talk to plugins like Java and RealPlayer. People want to embed spreadsheets into word processor documents. You need rich-copy-paste. You need to be able to script apps and pipe output. All of these Data Exchange vectors would undermine your permission system.
Well, we were talking about "open" commodity Unix, so NeXT DPS and NeWS aren't all that relevant. You couldn't run them on Linux.
The success of Frame and Interleaf (had to dig deep to remember that!) was largely because they packed along their own printing knowhow and didn't use "/dev/lp" or whatever you think is adequate. Even WordPerfect for Linux in ~1999 still used it's own print architecture, and WordPerfect had their own Linux distro!
> When they were designing Motif/CDE, they went to Microsoft for advice on how to do it.
Microsoft wrote the UI guidelines for Motif. ("The style guide aims at making a user's transition from IBM's Presentation Manager (or Microsoft Windows) to Motif nearly transparent.") Rumor has it they wrote a lot of the code as well.
The stated goal of CDE was to equal "The visual elegance of Microsoft Windows 3.0".
The perception in the OSF group was certainly that Microsoft (Windows | OS/2) was ahead of Unix in UI matters!
Judging by statements made at CES, that seems to be the industry opinion as well. As long as it prevents you from turning around and uploading it on a filesharing network in 2 clicks, the DRM has done it's job.
Of course, once the infrastructure is in place, they can set whatever policy they want.
> This was also a bit of an eyebrow raiser for Microsoft manager
It shouldn't have been. The 32/16 thunking in Win9x is very slow, the I/O sucks, the memory management is even worse, and the thing still made DOS calls for certain things. A modern, pure 32-bit OS should always be faster.
Win 9x was designed mainly around (1) Compatibility and (2) Memory Footprint. And if you look at what killed OS/2 and NT3, it was those two things, not performance issues.
Perhaps I should have said No WYSIWYG printing architecture (although there actually was one, but apparently it was so maldesigned that nobody used it.)
And it's not true that Unix had the components before Windows -- When they were designing Motif/CDE, they went to Microsoft for advice on how to do it.
I was just about to reply and saw the AC post... he's right. MacOS filetyping problems had nothing to do with the resource fork. Eventually, around System 7.5, Apple finally added something called PC Exchange which would map "*.jpg" to "JFIF" and one could open a foreign JPEG file normally.
The pain in the ass with the resource fork was having to encode everything as "HQX" or "MacBinaryII" before sending it across the Internet -- And the OS came with no tools encode/deencode these. For the longest time, it was impossible to get a Mac on the Internet unless you had another Internet connected Mac nearby. Catch-22. It also took Mac mail programs 5 years to get their shit together with attachements.
I actually enjoyed MONDO 2000 -- until it degenerated into "Here's what some Alt-Rock Star thinks about VR" and got wiped of the map by Wired. Reading them now would be a facinating case study into the cybernetic road not taken.
The Linux desktop in 1995 was skin deep. Yeah, you could set a background and change your widget color. But there was no printing architecture, no decent way to deal with fonts, no higher level widgets or drawing APIs. Compared to Windows or Mac, it was all an illusion, a fake. I always thought it funny that Open Source devs produced the pretty screenshots first, and only later went back and built the architecture. Just the opposite of what MS did with Windows.
Yeah, you can't surf anywhere nowdays without all those 16-bit buffer-overflow attacks infecting your Netscape Gold, and Pings-O-Doom crashing your ODI drivers!
Seriously, websurfing with Windows 3.1 would probably be a lot like surfing with an old version of Firefox on Linux. Yes, there's vulnerabilities, but no, nobody cares.
Every time Microsoft has released a new OS, the usable hardware specs (by most people's perception) has been beyond the average hardware of the time.
Let's not overstate the point. I recall the days when you had to buy thousands of dollars of RAM and SCSI stuff to get a usable desktop out of OS/2 or Win NT 3.5. For the most part, the consumer release of Windows have been a decent fit for the OEM hardware they're designed for, even if they want more RAM.
(And that's still true... I would really dislike using less than 1GB of RAM, but most systems ship with 512MB.)
I believe it... I always felt that, given enough RAM, Windows NT 4.0 was a much snappier desktop than Win98, and all things considered, XP is not *that* much more bloated than NT4. I doubt your laptops are very pleasant for our modern tastes, but it is believable that they work as well as they did when new. There was a time when a developer would have loved to have a 200Mhz system.
And a 400Mhz server? Top of the line when Windows 2000 and SQL 2000 shipped.
Doesn't surprise me... I used to run W2K, Office 2K, and Lotus Bloats on a Pentium 133 as my primary desktop, and I thought it worked fine.
However, it was a nicer 'workstation' type machine with SCSI and Matrox video and something like 112MB of RAM. Almost all of the fancy hardware was desupported by XP.
IIRC, the requirements for XP were partly driven by the need to cut QA Certification time for drivers. By eliminating Pentium and PPro systems, there were able to drop hundreds of obscure drivers that were on the Win2000 CD. (Including a few that I was using.)
Win2000 ran on pretty minimal systems, all things considered, and XP is not all that different with the eyecandy off.
Which reminds me, Linux does still contain drivers for all sorts of 386/486 hardware (MFM drives, SoundBlaster CDROMs, prehistoric SCSI cards, etc), but I rather doubt they are being very actively maintained or tested. Unlike with LInux distros, MS won't ship a driver just because it's there.
Still, you are talking about an obscure skillset getting paid no better than a VB Programmer.
But I'm probably reacting due to the local market. I took an iSeries training once, and the IBM rep said there was more 400s in Salt Lake City than the SF Bay Area (being HP and Sun's backyard). Right now there's only one local 400 job on Monster, and zero on Craigslist. Maybe if you're in Chicago it's a different story.
Actually, when Lotus shat itself, the entire production line shut down. IBM's contract was fine for what it did, but their shitass consultants put them into a no-win situation just to get them to buy/upgrade more 400 stuff. They would have saved tons of money putting Lotus on Windows, where it belongs.
Slashdot Mirror
If your software is perfect, it wouldn't need a "security model" to begin with. Why do the *BSDs focus so much on "jails" and why does Linux have SELinux and LSM and the like -- because they know that even with all the compulsive auditing, they probably missed something and their software has holes.
If I understand Vista's security model correctly, IE is sandboxed so that the exploitable avenues from the WMF hole are extremely minimized.
> Hell look at what Apple did with OS X in far less time than MSFT
Apple bought an abandoned OS from the 1980s, that uses kernel with code originally written in the late 1970s. On top of that, they bolted a bunch of Toolbox compatibility code dating from the 80s and 90s, and a bunch of *nix stuff which is also 10-20 years old.
So, it somewhat silly that you would argue that MS performs a "complete ground up rewrite", all while advocating MacOS X, which is a complete slut for legacy code.
Not true! Windows Vista was promised to be nearly completely backward-compatibile with previous Windows!
And that is exactly what IT customers want. They only way they can keep all those millions of custom programs developed for Windows over the last decades working is by pulling forward legacy code.
Hey look at Apple -- they just introduced machines that do not run any software from as little as 5 years ago. Apple also has nearly zero corporate desktops. Connect the dots. Maybe consumer users running Firefox and iTunes and MSN Messenger want a "all new Windows", but nobody else does.
I know that Happy Hacking is the knee-jerk response to any keyboard question -- but it doesn't come anywhere near his requirements for the navigation keys -- It doesn't even have dedicated keys!
Also, the Apple PowerBook keyboard was obviously designed by Happy Hacking-using crackbabies.
And IBM sells a desktop version of the ThinkPad keyboard, called the UltraNav Travel. However it doesn't have standard navigaton key placement like the questioner is looking for.
> and by loyal I mean "did not bail when Apple's star was dimming at various times in the past"
Actually, they put out a shitty version of Mac Office in 1994 and left it on the market for four long years while Windows 95 succeeded in dominating consumer computing. Oh, and they only replaced it with Office 98 after Apple sued them, settled, and Steve Jobs gave Bill Gates credit for "saving Apple".
I'm not denying that MS has been an Apple supporter, but they did withhold new versions of Office during those dim days.
My feeling is that this "agreement" is a whole lot of nothing.
They've already announced the next version of Mac Office as a PPC & Intel release, and you can bet it does not require them to do anything more than support that version (which they would anyway).
What you miss is that Microsoft had already reinvented the wheel -- there was a reasonably functional port of Outlook and MAPI working under the classic MacOS, but they chose to kill it.
... It could be that the actual number of Mac Exchange seats didn't justify the OS X port costs.
Note that I don't think it was necessarily a conspiracy
(A) You are trying to kludge Unix Permissions onto a siutation where a new model is required. Unix Groups are already a nightmare and this sort of thing would just makes it worse. How would you save a file from your web browser without a nightmare of permission settings?
Furthermore it doesn't do what you want: Exploiting "user1Firefox:user1Firefoxgroup" is good enough to send spam and DoS attacks.
Check "Capabilities"-based systems that do what you really want. They've been around for a while.
(B) Users want Data Exchange between applications. Firefox need to talk to plugins like Java and RealPlayer. People want to embed spreadsheets into word processor documents. You need rich-copy-paste. You need to be able to script apps and pipe output. All of these Data Exchange vectors would undermine your permission system.
Well, we were talking about "open" commodity Unix, so NeXT DPS and NeWS aren't all that relevant. You couldn't run them on Linux.
The success of Frame and Interleaf (had to dig deep to remember that!) was largely because they packed along their own printing knowhow and didn't use "/dev/lp" or whatever you think is adequate. Even WordPerfect for Linux in ~1999 still used it's own print architecture, and WordPerfect had their own Linux distro!
> When they were designing Motif/CDE, they went to Microsoft for advice on how to do it.
Microsoft wrote the UI guidelines for Motif. ("The style guide aims at making a user's transition from IBM's Presentation Manager (or Microsoft Windows) to Motif nearly transparent.") Rumor has it they wrote a lot of the code as well.
The stated goal of CDE was to equal "The visual elegance of Microsoft Windows 3.0".
The perception in the OSF group was certainly that Microsoft (Windows | OS/2) was ahead of Unix in UI matters!
> In other words, DRM is ok, if it doesn't work!
Judging by statements made at CES, that seems to be the industry opinion as well. As long as it prevents you from turning around and uploading it on a filesharing network in 2 clicks, the DRM has done it's job.
Of course, once the infrastructure is in place, they can set whatever policy they want.
> This was also a bit of an eyebrow raiser for Microsoft manager
It shouldn't have been. The 32/16 thunking in Win9x is very slow, the I/O sucks, the memory management is even worse, and the thing still made DOS calls for certain things. A modern, pure 32-bit OS should always be faster.
Win 9x was designed mainly around (1) Compatibility and (2) Memory Footprint. And if you look at what killed OS/2 and NT3, it was those two things, not performance issues.
Perhaps I should have said No WYSIWYG printing architecture (although there actually was one, but apparently it was so maldesigned that nobody used it.)
And it's not true that Unix had the components before Windows -- When they were designing Motif/CDE, they went to Microsoft for advice on how to do it.
I was just about to reply and saw the AC post ... he's right. MacOS filetyping problems had nothing to do with the resource fork. Eventually, around System 7.5, Apple finally added something called PC Exchange which would map "*.jpg" to "JFIF" and one could open a foreign JPEG file normally.
The pain in the ass with the resource fork was having to encode everything as "HQX" or "MacBinaryII" before sending it across the Internet -- And the OS came with no tools encode/deencode these. For the longest time, it was impossible to get a Mac on the Internet unless you had another Internet connected Mac nearby. Catch-22. It also took Mac mail programs 5 years to get their shit together with attachements.
I actually enjoyed MONDO 2000 -- until it degenerated into "Here's what some Alt-Rock Star thinks about VR" and got wiped of the map by Wired. Reading them now would be a facinating case study into the cybernetic road not taken.
The Linux desktop in 1995 was skin deep. Yeah, you could set a background and change your widget color. But there was no printing architecture, no decent way to deal with fonts, no higher level widgets or drawing APIs. Compared to Windows or Mac, it was all an illusion, a fake. I always thought it funny that Open Source devs produced the pretty screenshots first, and only later went back and built the architecture. Just the opposite of what MS did with Windows.
Yeah, you can't surf anywhere nowdays without all those 16-bit buffer-overflow attacks infecting your Netscape Gold, and Pings-O-Doom crashing your ODI drivers!
Seriously, websurfing with Windows 3.1 would probably be a lot like surfing with an old version of Firefox on Linux. Yes, there's vulnerabilities, but no, nobody cares.
Every time Microsoft has released a new OS, the usable hardware specs (by most people's perception) has been beyond the average hardware of the time.
... I would really dislike using less than 1GB of RAM, but most systems ship with 512MB.)
Let's not overstate the point. I recall the days when you had to buy thousands of dollars of RAM and SCSI stuff to get a usable desktop out of OS/2 or Win NT 3.5. For the most part, the consumer release of Windows have been a decent fit for the OEM hardware they're designed for, even if they want more RAM.
(And that's still true
I believe it ... I always felt that, given enough RAM, Windows NT 4.0 was a much snappier desktop than Win98, and all things considered, XP is not *that* much more bloated than NT4. I doubt your laptops are very pleasant for our modern tastes, but it is believable that they work as well as they did when new. There was a time when a developer would have loved to have a 200Mhz system.
And a 400Mhz server? Top of the line when Windows 2000 and SQL 2000 shipped.
Doesn't surprise me ... I used to run W2K, Office 2K, and Lotus Bloats on a Pentium 133 as my primary desktop, and I thought it worked fine.
However, it was a nicer 'workstation' type machine with SCSI and Matrox video and something like 112MB of RAM. Almost all of the fancy hardware was desupported by XP.
IIRC, the requirements for XP were partly driven by the need to cut QA Certification time for drivers. By eliminating Pentium and PPro systems, there were able to drop hundreds of obscure drivers that were on the Win2000 CD. (Including a few that I was using.)
Win2000 ran on pretty minimal systems, all things considered, and XP is not all that different with the eyecandy off.
Which reminds me, Linux does still contain drivers for all sorts of 386/486 hardware (MFM drives, SoundBlaster CDROMs, prehistoric SCSI cards, etc), but I rather doubt they are being very actively maintained or tested. Unlike with LInux distros, MS won't ship a driver just because it's there.
Still, you are talking about an obscure skillset getting paid no better than a VB Programmer.
But I'm probably reacting due to the local market. I took an iSeries training once, and the IBM rep said there was more 400s in Salt Lake City than the SF Bay Area (being HP and Sun's backyard). Right now there's only one local 400 job on Monster, and zero on Craigslist. Maybe if you're in Chicago it's a different story.
Oh, I know what it is ... the point the IBM guys were enthralled with something not any more sophisticated than the stuff found in x86 servers.
It's not so much of question of "can" but why anyone would want to. It is not knowledge that's rewarded in the job market.
Actually, when Lotus shat itself, the entire production line shut down. IBM's contract was fine for what it did, but their shitass consultants put them into a no-win situation just to get them to buy/upgrade more 400 stuff. They would have saved tons of money putting Lotus on Windows, where it belongs.