"Actually, Sun essentially forced MS to fight against Java by not letting MS devs take the idea and run with it"
The historical record paints a different picture:
"Microsoft has no choice, we must seize control [of] the Java platform", Sep 4 1995
"I think the path we were going down of building on AWT was a sure disaster - It was creating a situation where pure 100% Java applications would look just as good as pure Windows applications which we have to avoid", Bill Gates Jan 1997
"How do we wrest control of Java away from Sun?", Ben Slivka April 1997
"I am hard core about NOT supporting JDK 1.2", Bill Gates May 1997
'My question to you is what parts of Internet Explorer were "embedded into the kernel"'
The actual words were 'core OS kernel'. The core rendering engine and the help system for two. Reasons why it's impossible to uninstall it without breaking something, not that there is even that option.
"While browser exploits do exist and are important to guard against, a vast majority of problems that exist out there are user-initiated"
How does the end-user protect against a malicious website or email attachment? Or something that don't require user action like the Conficker worm
"What worms or trojans hook into the kernel of the OS?"
The viruses, worms or trojans don't hook, what happens is that the browser invokes an ActiveX control that basically runs as native code on the user's machine. All well and good unless it's malicious at which point the malware owns your computer.
--
A bit of a typo and it might read better like this:
"Run the Browser in an isolated process using a restricted set of system calls and sandbox from the rest of the system. In other words don't do what *they* did with Internet Explorer and embed it into the core OS"
"Process models 1 and 2 of Google Chrome are insecure since they don't provide memory or other resource protection across multiple principals in a monolithic process or browser instance. Model 4 doesn't provide failure containment across site instances [32].
Google Chrome's process-per-site-instance model is the closest to Gazelle's two processes-per-principal-instance model, but with several crucial differences: 1) Chrome's principal is site (see above) while ">Gazelle's principal is the same as the SOP principal"
"Chrome's decision is to allow a site to set document:domain to a postfix domain (ad.socialnet.com set to socialnet. com). We argue in Section 3 that this practice has significant security risks. 2) A parent page's principal and its embedded principals co-exist in the same process in Google Chrome, whereas Gazelle places them into separate processes"
"Tahoma doesn't provide protection to existing browser principals. In contrast, Gazelle's Browser Kernel protects browser principals first hand"
Classic bait and switch, compare Chrome running on Windows to Gazelle running on some imaginary secure other OS. MS.memo: Googles Chrome is eating our lunch, quick rush out a 'research paper' trashing it, and pretend Chrome is playing catch-up with Gazelle. Like, if Chrome was so bad, then why expend time in criticizing it.
"Browser Kernel runs in a separate OS process, directly interacts with the underlying OS, and exposes a set of system calls for browser principals. We draw the isolation boundary across the existing browser principal1 defined by the same-origin policy (SOP) [34], namely, the triple of , using sandboxed OS processes"
Run the OS in a separate process using a restricted set of system calls and sandbox from the rest of the system. In other words don't do what we did with Internet Explorer and embed it into the core OS kernel.
"In this paper, we introduce Gazelle, a secure web browser constructed as a multi-principal OS. Gazelle's Browser Kernel is an operating system that exclusively manages resource protection and sharing across web site principals"
Is this similar to Googles Chrome and its ability to run native X86 code, and what's Microsofts' definition of 'multi-principal', and is a working copy of Gazelle out yet?
"Do you have any idea how much of a bitch it is to keep backups of gigabytes or terabytes of data constantly preserved and updated? How much time it takes to make an image and put it on tapes?"
"if an email is deleted before the backup process runs there will be no backup"
Have they subpoenaed SMARTech Corporation for the backups for this email server which would have copies of any emails that passed through it. Backups are maintained (usually on tape) as part of routine maintenance, to be used in the event of a hardware failure. The tapes are rotated until they near end-of-life and then stored somewhere off-site. To claim there are no records is disingenuous in the extreme.
Does anyone seriously believe the excuses as to how the emails went 'missing'?. Even if they deleted the emails there would be numerous copies on the backup tapes.
"We want the PS3 to be hard to program for and understand so that the only really good games for the platform will come out years from now after people have struggled to learn how to make it work"
Microsoft should sign a patent covenant with Apple promising not to use any Apple end-users of the iPhone for any violations of MS patents. All the rest should start paying royalties to Redmond...
"In the late 70's, when PC's began to appear, corporate IT managers were deathly afraid of them"
My understand is that IBM and the rest were indiferent to them. Which is why the Boca Raton project was specifically tasked with producing a low-spec machine using off-the-shelf components, a second attempt to enter the PC market after the failed very expensive IBM 5100 ($20,000).
"those damn users, tired of the glacial slowness of mainframe application development, slow response times, and especially the lack of a spreadsheet capability.. By the time Apple introduced the Mac, the PC already had a huge lead because of this tremendous IBM lock in"
Actually IBM PC didn't sell in too huge a number until Columbia Data Products discovered how to clean room it and Compaq and the rest started to sell cheap knock-offs manufactured in the far east. And users tired of the lack of a spreadsheet capability already had access to the Apple 11(1997), which came with VisiCalc the original killer spreadsheet application.
People (especially those who were born after 1985 forget that Microsoft entire business model was founded on principles of openness. They were smart enough to get IBM to agree to a non-exclusive license for early versions of DOS so they could then license it to Compaq and, eventually, hundreds of other PC manufacturers
Other people remember it differently. IBM contracted Microsoft to write the OS for the IBM PC. Compaq and the other clone makers didn't arive on the market until Columbia Data Products figured out a way of cleanrooming the BIOS. After that the clone makers could sell units without paying IBM the expensive license. Microsoft was more than happy to supply DOS to these.
"It was only in the 1990's that "open" came to mean something different...open sourcecode"
Again, history occurred differently in this continuum...
'You give it a mission and tools to work with, such as mobility and intrusion sensors, and it uses those tools and cooperates with other cybots to accomplish the mission"
Sounds like something to be targeted by a penetration tester. Imagine being able to deploy an army of software robots intelligent enough to cooperate with one another to inflitrate and hack the largest networks.
"While others debate whether GNU/Linux is ready for the desktop, Userful is quietly proving that it is -- and making a profit while doing so"
"By combining a mixture of proprietary administrative tools with a modified Red Hat distribution and a GNOME desktop, Userful has updated the concept of timesharing by adapting it to a personal computer. The result is DiscoverStation, a hardware and software solution that connects as many as 10 terminals to a single computer"
synopsis: Rogue sysadmin holds San francisco to ransom, only one man can defeat this maniac. Staring Brad Pitt as Terry Childs and Bruce Willis as James T. Ramsey..
Well, it's not as if we have any real news or investigative reporting anymore, the news is told to us in the form of a movie trailer, hero vs bad-guy lots of quick-cuts and scary music in the background..
No one bothers to tell Childs that former co-worker, Jeana Pieralde gets promoted to Chief Information Security Officer, despite no role actually existing up to then. She then sneeks back in after hours and is caught remoiving a harddrive. Childs photographs her and next think in in the clink on $5,000,000 bail. If was only retrospectively that the City realized that this 'rogue' administrator had been recalcitrant "Over the last months"..
Slashdot Mirror
"They want to make a browser that tries to be an OS for the apps it runs"
..
You mean similar to how Chrome can run native x86 code in the browser, cross-platform, which would dilute Microsoft's monopoly on the DeskTop
"A browser runs IN an OS, not the other way 'round"
:)
Why not, they pioneered the concept of an OS running on top of the GUI didn't they
"Actually, Sun essentially forced MS to fight against Java by not letting MS devs take the idea and run with it"
The historical record paints a different picture:
"Microsoft has no choice, we must seize control [of] the Java platform", Sep 4 1995
"I think the path we were going down of building on AWT was a sure disaster - It was creating a situation where pure 100% Java applications would look just as good as pure Windows applications which we have to avoid", Bill Gates Jan 1997
"How do we wrest control of Java away from Sun?", Ben Slivka April 1997
"I am hard core about NOT supporting JDK 1.2", Bill Gates May 1997
'My question to you is what parts of Internet Explorer were "embedded into the kernel"'
The actual words were 'core OS kernel'. The core rendering engine and the help system for two. Reasons why it's impossible to uninstall it without breaking something, not that there is even that option.
"While browser exploits do exist and are important to guard against, a vast majority of problems that exist out there are user-initiated"
How does the end-user protect against a malicious website or email attachment? Or something that don't require user action like the Conficker worm
"What worms or trojans hook into the kernel of the OS?"
The viruses, worms or trojans don't hook, what happens is that the browser invokes an ActiveX control that basically runs as native code on the user's machine. All well and good unless it's malicious at which point the malware owns your computer.
--
A bit of a typo and it might read better like this:
"Run the Browser in an isolated process using a restricted set of system calls and sandbox from the rest of the system. In other words don't do what *they* did with Internet Explorer and embed it into the core OS"
"Process models 1 and 2 of Google Chrome are insecure since they don't provide memory or other resource protection across multiple principals in a monolithic process or browser instance. Model 4 doesn't provide failure containment across site instances [32].
Google Chrome's process-per-site-instance model is the closest to Gazelle's two processes-per-principal-instance model, but with several crucial differences: 1) Chrome's principal is site (see above) while ">Gazelle's principal is the same as the SOP principal"
" Chrome's decision is to allow a site to set document:domain to a postfix domain (ad.socialnet.com set to socialnet. com). We argue in Section 3 that this practice has significant security risks. 2) A parent page's principal and its embedded principals co-exist in the same process in Google Chrome, whereas Gazelle places them into separate processes"
" Tahoma doesn't provide protection to existing browser principals. In contrast, Gazelle's Browser Kernel protects browser principals first hand "
Classic bait and switch, compare Chrome running on Windows to Gazelle running on some imaginary secure other OS. MS.memo: Googles Chrome is eating our lunch, quick rush out a 'research paper' trashing it, and pretend Chrome is playing catch-up with Gazelle. Like, if Chrome was so bad, then why expend time in criticizing it.
"Browser Kernel runs in a separate OS process, directly interacts with the underlying OS, and exposes a set of system calls for browser principals. We draw the isolation boundary across the existing browser principal1 defined by the same-origin policy (SOP) [34], namely, the triple of , using sandboxed OS processes"
Run the OS in a separate process using a restricted set of system calls and sandbox from the rest of the system. In other words don't do what we did with Internet Explorer and embed it into the core OS kernel.
"In this paper, we introduce Gazelle, a secure web browser constructed as a multi-principal OS. Gazelle's Browser Kernel is an operating system that exclusively manages resource protection and sharing across web site principals"
Is this similar to Googles Chrome and its ability to run native X86 code, and what's Microsofts' definition of 'multi-principal', and is a working copy of Gazelle out yet?
"Do you have any idea how much of a bitch it is to keep backups of gigabytes or terabytes of data constantly preserved and updated? How much time it takes to make an image and put it on tapes?"
...
Use a tape carousel
"if an email is deleted before the backup process runs there will be no backup"
Have they subpoenaed SMARTech Corporation for the backups for this email server which would have copies of any emails that passed through it. Backups are maintained (usually on tape) as part of routine maintenance, to be used in the event of a hardware failure. The tapes are rotated until they near end-of-life and then stored somewhere off-site. To claim there are no records is disingenuous in the extreme.
Does anyone seriously believe the excuses as to how the emails went 'missing'?. Even if they deleted the emails there would be numerous copies on the backup tapes.
'hackers breached the site, then modified it to redirect users to a rogue URL that in turn directed attack code against their systems'
'was this breach similar to what happened in the FISERV/CheckFree incident, or did something else happen?'
"We want the PS3 to be hard to program for and understand so that the only really good games for the platform will come out years from now after people have struggled to learn how to make it work"
Do you have any citations for the above?
Microsoft should sign a patent covenant with Apple promising not to use any Apple end-users of the iPhone for any violations of MS patents. All the rest should start paying royalties to Redmond ...
"In the late 70's, when PC's began to appear, corporate IT managers were deathly afraid of them"
.. By the time Apple introduced the Mac, the PC already had a huge lead because of this tremendous IBM lock in"
My understand is that IBM and the rest were indiferent to them. Which is why the Boca Raton project was specifically tasked with producing a low-spec machine using off-the-shelf components, a second attempt to enter the PC market after the failed very expensive IBM 5100 ($20,000).
"those damn users, tired of the glacial slowness of mainframe application development, slow response times, and especially the lack of a spreadsheet capability
Actually IBM PC didn't sell in too huge a number until Columbia Data Products discovered how to clean room it and Compaq and the rest started to sell cheap knock-offs manufactured in the far east. And users tired of the lack of a spreadsheet capability already had access to the Apple 11(1997), which came with VisiCalc the original killer spreadsheet application.
If Apple put its OS on all hardware, wouldn't that create an Apple monopoly .. er ecosystem ?
People (especially those who were born after 1985 forget that Microsoft entire business model was founded on principles of openness. They were smart enough to get IBM to agree to a non-exclusive license for early versions of DOS so they could then license it to Compaq and, eventually, hundreds of other PC manufacturers
...
Other people remember it differently. IBM contracted Microsoft to write the OS for the IBM PC. Compaq and the other clone makers didn't arive on the market until Columbia Data Products figured out a way of cleanrooming the BIOS. After that the clone makers could sell units without paying IBM the expensive license. Microsoft was more than happy to supply DOS to these.
"It was only in the 1990's that "open" came to mean something different...open sourcecode"
Again, history occurred differently in this continuum
'You give it a mission and tools to work with, such as mobility and intrusion sensors, and it uses those tools and cooperates with other cybots to accomplish the mission"
Sounds like something to be targeted by a penetration tester. Imagine being able to deploy an army of software robots intelligent enough to cooperate with one another to inflitrate and hack the largest networks.
How difficult is it to get a website to display the same in different browsers on the same computer ..
FireFox 3.0.6
InternetExplorer7
I figured mentioning OpenOffice would only bring out a stack of 'OO can't do X' trolls .. :)
"While others debate whether GNU/Linux is ready for the desktop, Userful is quietly proving that it is -- and making a profit while doing so"
"By combining a mixture of proprietary administrative tools with a modified Red Hat distribution and a GNOME desktop, Userful has updated the concept of timesharing by adapting it to a personal computer. The result is DiscoverStation, a hardware and software solution that connects as many as 10 terminals to a single computer"
synopsis: Rogue sysadmin holds San francisco to ransom, only one man can defeat this maniac. Staring Brad Pitt as Terry Childs and Bruce Willis as James T. Ramsey ..
"Don't forget to watch the next episode of ..."
..
Well, it's not as if we have any real news or investigative reporting anymore, the news is told to us in the form of a movie trailer, hero vs bad-guy lots of quick-cuts and scary music in the background
Set the default viewer for msWord docs to the Word Viewer, make normal.dot read only, disable auto-opening of macros ..
"It looks like if you use CPAN to install modules, Apple's latest security update might just have broken your Perl"
...
Doesn't matter, no one in his right mind updates a live system. Especially with some third-party update package, never nada
No one bothers to tell Childs that former co-worker, Jeana Pieralde gets promoted to Chief Information Security Officer, despite no role actually existing up to then. She then sneeks back in after hours and is caught remoiving a harddrive. Childs photographs her and next think in in the clink on $5,000,000 bail. If was only retrospectively that the City realized that this 'rogue' administrator had been recalcitrant "Over the last months" ..