I thought I was the only one that knew this was a dupe... so now we have article dupes and book review dupes. I can gather two things from this: the editors have been smoking too much pot and they don't read the news on their own site.
There will be no "rape" of your "freedom". You see, developers won't be able to write the driver in the first place if we don't have a certificate. Thus, there will never be a case where someone writes drivers for Vista64 that you can't install.
Hmm... what i'm saying is that every driver developer that you get drivers from will have to sign their code. Its not that you won't be able to install them, it's that we developers won't be able to develop them if we don't have the cert. This is IMO a good thing. You as an end user won't notice anything except that all of the drivers that you download are signed:-)
I don't have the official drivers for the graphics cards installed. I have tweaked versions of beta drivers.
Whatever company is writing the drivers will have all versions signed, they will be required to as it would be impossible to install and test the "beta" drivers.
I don't think that you fully understand: From the very beginning of any driver development, they will need to signed. That is to say that all drivers will be signed, or they simply won't be written. If they are not signed, they can't be installed.
There are no barriers here - by requiring signing - msft is creating a paper trail so that we may know who has installed what on our machines.
No this will make it worse, as malicious coders will find a way to spoof or hack the protections, so you'll think you're OK when in reality you've been rooted.
Unlikely. Unless the cert implementation is pwnd. This would be equivalent to malicious coders being able to "spoof" an SSL cert on a shopping site.
Additionally, it provides identity verification for holder of the cert. We can now see who owns the code.
Just because an entity can afford a certification does not mean they are trustworthy. I mean, there's some sort of horrible irony that you even say this, as the gatekeeper here is Microsoft.
Of course. The key here is that you know who made your software. Additionally, the identity of the signer is verified not by MSFT but by the certification authority - who sole job is to ensure that identies are real.
No, it is being used as an anticompetitive tool. It is helping the media cartels and large hardware/software vendors while creating a financial and legal burden for small/FOSS developers. And the malware argument is bunk. Malware writers will find a way around this, just as they have found ways around every other "protection" that's been created.
The proposed model does not exclude any development organization from participating. Given that the entry price is 199.00 per year, it is a tiny cost even from a personal perspective. Also, this will generally affect those who create software <-> hardware interfaces, a group generally used to paying for the "parts" for their projects.
This model does this model cater to media cartels and large hardware vendors as the cost is not prohibitive. There are no other barriers to entry besides the 199 cert cost.
This probably won't eliminate the possibilty of writers finding a way to circumvent this protection, but it will raise the bar. The fact that installation is prevented, even while operating under a "root" account will help substantially.
The broader issue that we are facting is that we (software manufactures/developers) have a "literacy" problem on our hands. Even with the additional safe guards that sp2 put in place to help protect users from taking risky actions, they continue to Pwn their computers. Make no mistake, malware and spyware is a byproduct of a user's interaction with their computer. For the sake of this discussion I'd like to exclude "Viruses" from this discussion.
The average end user seems to be incapable of distinguishing trusted software or web sites from untrusted software and sites. The situation is unlikely to change in the near future, and certificates are a great way to verify identity.
With that said, requiring code signing, even for non-kernel mode drivers or apps would likely help the situation a great deal.
The reality is that this particular change is not going to change much of anything. Most malware is not installed as a kernel mode driver. Most of it runs as regular userland software or services. I think that MSFT is warming the dev community up for a more general code-signing requirement.
Just becuase your drivers are not signed now, does not mean that Silicon Image, NVidia and ATI will not start signing their drivers. Of course they will. 500 bones is nothing as far as normal shop goes. They don't do it now, becuase they don't have to.
what is fantastic about this is that it will prevent nafarious entities from installing low level code or drivers. it will also create a chain of accountability for the software running on users machines.
admittedly, five hundred dollars isn't a great deal - but as an end user i'd rather know where my software is coming from.
what's amusing about this is that when windows 2000 introduced code signing, a lot of people got upset saying that msft would use it as a way to control who could develop software for windows. fortunately, signing has not been used as an anti-competitive tool, rather it's now being used to protect us from malware./clap
Intel chips are designed to be socket mounted, and not surface mounted. Intel would probably not not change the package type for such a small quantity of chips.
Macs have a long history of addin CPU cards, and clock modifying chips. I'm sure that upgrades will be available. However in recent years there have been major breaking changes (FSB speeds, Dual Core, x64) between lines of chips every year or so. So, to upgrade to the latest and greatest might require a new motherboard anyway.
After using iTunes, who wants to sift through a bunch of songs of questionable quality, infectiousness, and organization. Really, what a waste of time.
No, but you might very well be, ye of little faith.
Hiding the mini store isn't a "fix" for this issue. What if I want to use the mini store without sending my music data to apple? I can't. Where in the iTunes EULA does it state that apple will transfer information about my *personal* music collection to the iTunes servers so that Apple can decide what to try and sell me while using the store? It doesn't.
A few years ago Real got into a lot of trouble for assigning players a unique ID via cookies and collection behavioral information about their users.
This is in my opinion one step worse, because Apple is collecting data about not only your habits, but also collecting information about your music library (drm'd or not) with out your consent, or knowledge and with no way to prevent it.
I think the larger issue here is that iTunes is an actual thick client application that is installed on your computer. It has access to your personal files and data, some of which can be quite sensitive. Apple is essentially exploiting the application to gain access to information that they would not otherwise have without telling the end user.
It can be disabled, and there is detail about what exactly is collected and transmitted in the EULA.
Both features are both missing from iTunes.
Re:Extremely easy to disable, and more info
on
iTunes is Malware?
·
· Score: 1
I'd love to have comment from Apple, and a clear presentation that information is being sent to Apple for x purpose, and a clear option to allow - or disallow - such use. I've looked through the iTunes 6.0.2 license and do not see any such guidance.
And that my friend is the problem. Full disclosure is needed about what the progam is gathering and sending back to their servers. And of course, you should always have the option of opting out of this sort of business.
If I recall correctly, Real got into a great deal of legal trouble for using undisclosed techniques such as this.
Some people freely admit to being high-tech junkies.
"The internet connection is my lifeline," said Jennifer Strother, a mother of two young children who lives in Smithfield, Virginia. "It's the connection to friends, e-mail -- especially for stay-at-home moms. I'm hungry for adult conversation and any news that isn't Dora the Explorer or Blue's Clues."
How is this an admission to being a hi tech junkie? The very reason for her use of the internet is not tech, but communication. As with most of the article the authors attempt to classify us as "junkies" fails. He or she fails to see that for the most part, tech purchases are so that we may consume media such as TV or Music or communicate with others. This is not an hi tech additiction as the author would have us believe, because the technology itself is not the motivator for purchase.
No see, that's the problem. Good software doesn't require you to "get used to it" it just works the way you expect it to. When you think "where is feature [x]" it is where it is supposed to be.
me thinks you took the time to learn the "opera way".
i must disclaim: i have not had the opportunity to get "used to" opera.
"You're describing requirements which are typical of a power user who knows most all the features and uses them all. Most people simply don't come under this heading."
Not really. If you asked most of my clients if they described themselves as "power users" they would answer no. Yet, they use all of these features on a regular basis. In fact one of the least technical can easily understand that outlook for the web (still an excellent client) is less functional than the thick client. Though, they'd have difficulty decribing exactly what it was that is different. I happen to be able to articulate why outlook is better than other mail clients.
But you are right, there are a number of hurdles that Linux faces before adoption becomes widespread and e-mail is just one. The thing that MSFT offers over Linux is coheasion. Things just work, for the most part under windows. Exchange, Office, Sharepoint,.NET, SQL Server the level of integration across these products is unprecedented. And that is the barrier to entry for linux - they need to offer a *platform* for business to adopt, not just a just a bunch of programs.
Outlook is the best designed e-mail client out there.
Every view is cusomizable. The arrangement and display of mail can be changed to support whatever you would like.
Columns are automatically changed based on the available screen space - something not seen implemented in any other e-mail client.
The calendaring function is unsurpassed. Especially in a domain deployment.
You can also compose an e-mail and send it without using the mouse. In a GUI this is special, command line not so much:-)
Scripting is incredibly useful if you have applications to deploy where you don't want users launching 6 applications to get their day to day work done, sales benefit greatly from outlook integration.
Integration with office allows for a very high level of interaction and collaboration between outlook users.
Outlook also has real time message notification.
The list goes on. There are a number of reasons why users love outlook.
Slashdot Mirror
I thought I was the only one that knew this was a dupe... so now we have article dupes and book review dupes. I can gather two things from this: the editors have been smoking too much pot and they don't read the news on their own site.
Go figure
"he's setting a new bar for how to manage a Digital Age corporation."
he's setting a new bar for promoting a Digital Age corporation.
There will be no "rape" of your "freedom". You see, developers won't be able to write the driver in the first place if we don't have a certificate. Thus, there will never be a case where someone writes drivers for Vista64 that you can't install.
It's really not as bad as it sounds.
Hmm... what i'm saying is that every driver developer that you get drivers from will have to sign their code. Its not that you won't be able to install them, it's that we developers won't be able to develop them if we don't have the cert. This is IMO a good thing. You as an end user won't notice anything except that all of the drivers that you download are signed :-)
I don't have the official drivers for the graphics cards installed. I have tweaked versions of beta drivers.
Whatever company is writing the drivers will have all versions signed, they will be required to as it would be impossible to install and test the "beta" drivers.
I don't think that you fully understand: From the very beginning of any driver development, they will need to signed. That is to say that all drivers will be signed, or they simply won't be written. If they are not signed, they can't be installed.
There are no barriers here - by requiring signing - msft is creating a paper trail so that we may know who has installed what on our machines.
No this will make it worse, as malicious coders will find a way to spoof or hack the protections, so you'll think you're OK when in reality you've been rooted.
Unlikely. Unless the cert implementation is pwnd. This would be equivalent to malicious coders being able to "spoof" an SSL cert on a shopping site.
Additionally, it provides identity verification for holder of the cert. We can now see who owns the code.
Just because an entity can afford a certification does not mean they are trustworthy. I mean, there's some sort of horrible irony that you even say this, as the gatekeeper here is Microsoft.
Of course. The key here is that you know who made your software. Additionally, the identity of the signer is verified not by MSFT but by the certification authority - who sole job is to ensure that identies are real.
No, it is being used as an anticompetitive tool. It is helping the media cartels and large hardware/software vendors while creating a financial and legal burden for small/FOSS developers. And the malware argument is bunk. Malware writers will find a way around this, just as they have found ways around every other "protection" that's been created.
The proposed model does not exclude any development organization from participating. Given that the entry price is 199.00 per year, it is a tiny cost even from a personal perspective. Also, this will generally affect those who create software <-> hardware interfaces, a group generally used to paying for the "parts" for their projects.
This model does this model cater to media cartels and large hardware vendors as the cost is not prohibitive. There are no other barriers to entry besides the 199 cert cost.
This probably won't eliminate the possibilty of writers finding a way to circumvent this protection, but it will raise the bar. The fact that installation is prevented, even while operating under a "root" account will help substantially.
The broader issue that we are facting is that we (software manufactures/developers) have a "literacy" problem on our hands. Even with the additional safe guards that sp2 put in place to help protect users from taking risky actions, they continue to Pwn their computers. Make no mistake, malware and spyware is a byproduct of a user's interaction with their computer. For the sake of this discussion I'd like to exclude "Viruses" from this discussion.
The average end user seems to be incapable of distinguishing trusted software or web sites from untrusted software and sites. The situation is unlikely to change in the near future, and certificates are a great way to verify identity.
With that said, requiring code signing, even for non-kernel mode drivers or apps would likely help the situation a great deal.
The reality is that this particular change is not going to change much of anything. Most malware is not installed as a kernel mode driver. Most of it runs as regular userland software or services. I think that MSFT is warming the dev community up for a more general code-signing requirement.
As a developer, I'm all for it.
Just becuase your drivers are not signed now, does not mean that Silicon Image, NVidia and ATI will not start signing their drivers. Of course they will. 500 bones is nothing as far as normal shop goes. They don't do it now, becuase they don't have to.
d e-signing/index.html will provide us with $199 certs. A price, but not one that is rediculously high.
For the private driver developer - http://www.thawte.com/ssl-digital-certificates/co
what is fantastic about this is that it will prevent nafarious entities from installing low level code or drivers. it will also create a chain of accountability for the software running on users machines.
/clap
admittedly, five hundred dollars isn't a great deal - but as an end user i'd rather know where my software is coming from.
what's amusing about this is that when windows 2000 introduced code signing, a lot of people got upset saying that msft would use it as a way to control who could develop software for windows. fortunately, signing has not been used as an anti-competitive tool, rather it's now being used to protect us from malware.
a hell yeah!?
Yes, that was pretty much my point :-)
"Google's transition to mainstream media"
No, we are seeing Google's transition to ALL media.
Think what you will of such things.
Intel chips are designed to be socket mounted, and not surface mounted. Intel would probably not not change the package type for such a small quantity of chips.
Macs have a long history of addin CPU cards, and clock modifying chips. I'm sure that upgrades will be available. However in recent years there have been major breaking changes (FSB speeds, Dual Core, x64) between lines of chips every year or so. So, to upgrade to the latest and greatest might require a new motherboard anyway.
Only time will tell
lol
:-)
i was referring to the encoding rates
After using iTunes, who wants to sift through a bunch of songs of questionable quality, infectiousness, and organization. Really, what a waste of time.
Sign me up. We'll take a trip for a thousand years, and then well, see how google.net is doing.
No, but you might very well be, ye of little faith.
Hiding the mini store isn't a "fix" for this issue. What if I want to use the mini store without sending my music data to apple? I can't. Where in the iTunes EULA does it state that apple will transfer information about my *personal* music collection to the iTunes servers so that Apple can decide what to try and sell me while using the store? It doesn't.
A few years ago Real got into a lot of trouble for assigning players a unique ID via cookies and collection behavioral information about their users.
This is in my opinion one step worse, because Apple is collecting data about not only your habits, but also collecting information about your music library (drm'd or not) with out your consent, or knowledge and with no way to prevent it.
I think the larger issue here is that iTunes is an actual thick client application that is installed on your computer. It has access to your personal files and data, some of which can be quite sensitive. Apple is essentially exploiting the application to gain access to information that they would not otherwise have without telling the end user.
That, is the issue.
lol.
t ml
http://www.apple.com/support/itunes/legal/terms.h
Please direct me to paragraph that states that apple is going to user your *personal* music data from within the iTunes interface to target albums.
Second, please direct me to the check box that allows me to use the store without sharing my music data with apple.
Thanks.
It can be disabled, and there is detail about what exactly is collected and transmitted in the EULA.
Both features are both missing from iTunes.
I'd love to have comment from Apple, and a clear presentation that information is being sent to Apple for x purpose, and a clear option to allow - or disallow - such use. I've looked through the iTunes 6.0.2 license and do not see any such guidance.
And that my friend is the problem. Full disclosure is needed about what the progam is gathering and sending back to their servers. And of course, you should always have the option of opting out of this sort of business.
If I recall correctly, Real got into a great deal of legal trouble for using undisclosed techniques such as this.
This is so not needed. Why another format to be used as a tool to "carve out marketshare". In the end however, only the consumer suffers.
:-)
I want six DRM formats and one program to rule them all.
On the upside, I imagine the DRM will be *nix/Linux compatible
from the article:
Some people freely admit to being high-tech junkies.
"The internet connection is my lifeline," said Jennifer Strother, a mother of two young children who lives in Smithfield, Virginia. "It's the connection to friends, e-mail -- especially for stay-at-home moms. I'm hungry for adult conversation and any news that isn't Dora the Explorer or Blue's Clues."
How is this an admission to being a hi tech junkie? The very reason for her use of the internet is not tech, but communication. As with most of the article the authors attempt to classify us as "junkies" fails. He or she fails to see that for the most part, tech purchases are so that we may consume media such as TV or Music or communicate with others. This is not an hi tech additiction as the author would have us believe, because the technology itself is not the motivator for purchase.
Once you get used to it, you just can't go back
No see, that's the problem. Good software doesn't require you to "get used to it" it just works the way you expect it to. When you think "where is feature [x]" it is where it is supposed to be.
me thinks you took the time to learn the "opera way".
i must disclaim: i have not had the opportunity to get "used to" opera.
Minority report anyone?
"You're describing requirements which are typical of a power user who knows most all the features and uses them all. Most people simply don't come under this heading."
.NET, SQL Server the level of integration across these products is unprecedented. And that is the barrier to entry for linux - they need to offer a *platform* for business to adopt, not just a just a bunch of programs.
Not really. If you asked most of my clients if they described themselves as "power users" they would answer no. Yet, they use all of these features on a regular basis. In fact one of the least technical can easily understand that outlook for the web (still an excellent client) is less functional than the thick client. Though, they'd have difficulty decribing exactly what it was that is different. I happen to be able to articulate why outlook is better than other mail clients.
But you are right, there are a number of hurdles that Linux faces before adoption becomes widespread and e-mail is just one. The thing that MSFT offers over Linux is coheasion. Things just work, for the most part under windows. Exchange, Office, Sharepoint,
Outlook is the best designed e-mail client out there.
:-)
Every view is cusomizable. The arrangement and display of mail can be changed to support whatever you would like.
Columns are automatically changed based on the available screen space - something not seen implemented in any other e-mail client.
The calendaring function is unsurpassed. Especially in a domain deployment.
You can also compose an e-mail and send it without using the mouse. In a GUI this is special, command line not so much
Scripting is incredibly useful if you have applications to deploy where you don't want users launching 6 applications to get their day to day work done, sales benefit greatly from outlook integration.
Integration with office allows for a very high level of interaction and collaboration between outlook users.
Outlook also has real time message notification.
The list goes on. There are a number of reasons why users love outlook.