Perhaps they feel that Microsoft brings recognition to a technology that RedHat is poised to exploit in their products. RedHat is only too happy to compete with Microsoft on an even playing field.
Didn't Paul Allen do the same thing? We used to laugh about the folks who worked at his start-ups, pulling down good money to sit around and look busy.
They have a dispute resolution process, I'd suggest you get on it.
I have never had a problem getting reimbursed for late UPS shipments. All I've ever had to do is present the receipts and they've put the money back on my credit card on the spot.
If you pick express overnight guaranteed and it does not show up, get your money back. I've done it. If it does not show up at all, file a claim. I've done that, too. I have shipped hundreds of packages over the years. The success rate is over 99%. I have NEVER lost a penny shipping stuff. CYA. I HAVE has computer equipment damaged and destroyed (never stolen) in checked baggage.
UPS might drop your package 3 feet (they specify this explicitly), but the airline might drop your bag out of the plane onto the tarmac. Ouch.
Swing by UPS on your way to the airport and just ship your stuff to yourself. You don't have to deal with security and it will be delivered straight to your hotel room. It might even be cheaper than checking it.
--- Until this model is changed and only exlicitly installed applications can run outside the browser's sandbox, Windows is going to remain the poster boy for "insecure systems". ---
And this change you are talking about does NOTHING to address that.
All the objections you raise are easily handed by the emulation layer. The app get its own persistent copy of what it thinks the registry is. You could configure the emulation to explictly share or not share sections of the registry tree with other apps. Same with the file system. Whatever. That's the beauty of emulation, just decide how you want it to behave and do that.
You don't even need a dialog box at all. When the app starts up, the OS sees that it's an old app and automatically chooses an appropriate sandbox to run it in. No user input is necessary at all.
On a modern linux installation, the number of times you need to log in as root to do ordinary stuff is ZERO. All of those desktop things that you used to have to do as root is now being done by setuid programs or other such carefully designed gateways.
My wife uses my linux laptop all the time and does all kinds of useful things on it and she does not know the root password.
$$$ rules the day. If there is money to be made, it will be done. The vendor needs to convince the third party developers that it is worth the $$$, and no ordering is necessary, they will fall in line.
It's actually quite easy to increase security in emulation. The application thinks it is getting away with bloody murder but in fact it's ALL just an emulation. The files that it thinks it's overwriting are not overwritten at all. The bogus registry keys it writes are visible only to itself. I could go on but you see what I mean.
They should have gotten rid of the dialog boxes altogether and just let the apps fail. Then the issues would have been fixed and things would be much better.
You speak of the Win32 API as if it were some sort of immutable thing. It is not. It can be changed. Microsoft is AFRAID to make big changes to the API because they do not want to lose the customers who are going to ditch Microsoft the next time they upgrade their software.
IBM has managed to evolve their mainframe operating system over the years quite nicely. They have compatibility layers so old code runs fine. New code can run closer to native and ignore the limitations of the older APIs.
This sort of thing is done all the time by other vendors, but Microsoft can't seem to figure out how to do it right.
How do you propose for Microsoft to "convince" developers to clean up API calls if the developers simply ignore them?
Let the application fail. It crashes and burns. This is a good thing. The developers will fix it.
Operating systems and applications by necessity need to be moving targets. Security requirements change over time as applications change. Operating systems need to be able to adapt, which means the applications need to adapt.
Saying they did not have a choice might be insightful if it were correct.
Apple could have made the same "excuses" about 6502 compatibility or 68000 compatibility or PPC compatibility, but they always managed to find ways to smooth over the transition. Microsoft could have done similar things.
Apple can convince developers to switch processors, why can't Microsoft convince developers to clean up API calls?
Towns already run their own water pipes, sewer pipes, fire alarm systems, roads, etc. What is one more cable?
I call BS if you say running fiber takes more expertise than running water and sewer pipes. Electrons can go uphill of their own accord, water needs help.
Slashdot Mirror
It works great. The computer thinks it's a keyboard. When I swipe a barcode it types the digits and hits return at the end. Who needs software?
Perhaps they feel that Microsoft brings recognition to a technology that RedHat is poised to exploit in their products. RedHat is only too happy to compete with Microsoft on an even playing field.
Didn't Paul Allen do the same thing? We used to laugh about the folks who worked at his start-ups, pulling down good money to sit around and look busy.
They have a dispute resolution process, I'd suggest you get on it.
I have never had a problem getting reimbursed for late UPS shipments. All I've ever had to do is present the receipts and they've put the money back on my credit card on the spot.
If you pick express overnight guaranteed and it does not show up, get your money back. I've done it. If it does not show up at all, file a claim. I've done that, too. I have shipped hundreds of packages over the years. The success rate is over 99%. I have NEVER lost a penny shipping stuff. CYA. I HAVE has computer equipment damaged and destroyed (never stolen) in checked baggage.
UPS might drop your package 3 feet (they specify this explicitly), but the airline might drop your bag out of the plane onto the tarmac. Ouch.
Swing by UPS on your way to the airport and just ship your stuff to yourself. You don't have to deal with security and it will be delivered straight to your hotel room. It might even be cheaper than checking it.
New computers don't have any of those things. Have you been to a computer store lately?
Maybe used MacBooks are in for a bit of a price drop, considering that they are ticking time bombs.
The central point in the orginal post is:
---
Until this model is changed and only exlicitly installed applications can run outside the browser's sandbox, Windows is going to remain the poster boy for "insecure systems".
---
And this change you are talking about does NOTHING to address that.
All the objections you raise are easily handed by the emulation layer. The app get its own persistent copy of what it thinks the registry is. You could configure the emulation to explictly share or not share sections of the registry tree with other apps. Same with the file system. Whatever. That's the beauty of emulation, just decide how you want it to behave and do that.
You don't even need a dialog box at all. When the app starts up, the OS sees that it's an old app and automatically chooses an appropriate sandbox to run it in. No user input is necessary at all.
On a modern linux installation, the number of times you need to log in as root to do ordinary stuff is ZERO. All of those desktop things that you used to have to do as root is now being done by setuid programs or other such carefully designed gateways.
My wife uses my linux laptop all the time and does all kinds of useful things on it and she does not know the root password.
Microsoft only needs to fix their own apps. The third-party developers are the ones to fix the rest.
It is healthy to keep the developers on their toes. It stimulates new releases of software. New stuff also gets rolled in. Progress is made.
"Release early and often" is very successful with free software, it works with commercial software, too.
$$$ rules the day. If there is money to be made, it will be done. The vendor needs to convince the third party developers that it is worth the $$$, and no ordering is necessary, they will fall in line.
It's actually quite easy to increase security in emulation. The application thinks it is getting away with bloody murder but in fact it's ALL just an emulation. The files that it thinks it's overwriting are not overwritten at all. The bogus registry keys it writes are visible only to itself. I could go on but you see what I mean.
Remember the old line,
"Even Bill Gates can't buy more DOS memory"
They should have gotten rid of the dialog boxes altogether and just let the apps fail. Then the issues would have been fixed and things would be much better.
You speak of the Win32 API as if it were some sort of immutable thing. It is not. It can be changed. Microsoft is AFRAID to make big changes to the API because they do not want to lose the customers who are going to ditch Microsoft the next time they upgrade their software.
Please actually read the post, it's ActiveX that's the problem, and ActiveX is very much still there.
ActiveX is a security abomination, the entire concept of it is just completely bogus.
IBM has managed to evolve their mainframe operating system over the years quite nicely. They have compatibility layers so old code runs fine. New code can run closer to native and ignore the limitations of the older APIs.
This sort of thing is done all the time by other vendors, but Microsoft can't seem to figure out how to do it right.
How do you propose for Microsoft to "convince" developers to clean up API calls if the developers simply ignore them?
Let the application fail. It crashes and burns. This is a good thing. The developers will fix it.
Operating systems and applications by necessity need to be moving targets. Security requirements change over time as applications change. Operating systems need to be able to adapt, which means the applications need to adapt.
And by the way, the Win32 API NEVER ran on anything less than a 386, so your argument falls flat altogether.
Saying they did not have a choice might be insightful if it were correct.
Apple could have made the same "excuses" about 6502 compatibility or 68000 compatibility or PPC compatibility, but they always managed to find ways to smooth over the transition. Microsoft could have done similar things.
Apple can convince developers to switch processors, why can't Microsoft convince developers to clean up API calls?
Ha ha ha if you think the online poker folks are going to release their source code so that we can see if these steps are being taken.
Why not just get hibernate to work well and do that?
There is a lot of CPU chewed in the booting process and you can only do so much to speed it up.
Towns already run their own water pipes, sewer pipes, fire alarm systems, roads, etc. What is one more cable?
I call BS if you say running fiber takes more expertise than running water and sewer pipes. Electrons can go uphill of their own accord, water needs help.