The reason the figures are similar to previous major OS releases is that computer vendors don't really have a choice but to accept what MS is willing to sell them. It's not consumers that MS is putting the hard sell on, it's the manufacturers. The same has happened with every previous release of Windows, that's why the sales figures look similar.
What would be an interesting statistic is how many people have bought computers that came with Vista preinstalled and wiped it out to install XP (or the alternative OS of your choice). Even though a lot of people don't have the technical capability to do such a thing, most do know at least 1 person who does.
I can't believe this is even an issue. I've been mounting everything noatime on my BSD systems for ages. The only thing I can think that it might possibly be used for are scripts that purge/tmp of files that haven't been accessed in a while. Even for that, ctime or mtime isn't a bad compromise.
Bit of trivia -- NTFS does the exact same thing with regards to access times. There's a registry entry to disable it buried somewhere deep that I don't remember at the moment, but if you're stuck on Windows it might be worth looking up to improve I/O performance.
This is how I read what you posted:
Thankfully, neutral language has evolved enough redundancy to provide for frilly ribald error correction. Hmm, seems there's still some margin for error.
The bad guy figures out where the pointer is pointing and writes his code at that location. The next time the pointer is called the bad code is executed. (emphasis mine)
Why is this suddenly a major security issue and what am I missing? The bad guy typically has no control over where the pointer is pointing (that's determined by the memory management library). The bad guy also cannot write whatever he wants into arbitrary memory locations. If he could, he would already have complete control over the process and wouldn't need to exploit anything.
That's why this type of problem has typically been considered nearly impossible to exploit. There's too many variables that the attacker can't control (and memory management can be near downright non-deterministic if there's enough allocation / deallocation of various sized blocks going on). I'm very interested to see what they came up with. My guess is that it's something that can only apply in specific circumstances; i.e. a buffer for incoming data is allocated in a spot that used to be occupied by something else, and the design of the program makes it happen consistently.
And the American wizards are not mentioned at all, because they haven't joined the fight yet. They think that Voldemort will probably win, and they can do business with him. They've got a war of their own with Red Court vampires to worry about, not to mention those necromancers who tore up Chicago.
His cloak is uber just because the spell doesn't wear off over time as happens to other invisibility cloaks.
I think she tried to make it pretty clear that the story about the items being given to the 3 brothers by Death himself was just that -- a fairy tale. The wand wasn't unbeatable in a duel; it just focused and amplified magical energy more efficiently than other wands. The stone didn't really bring back the dead, but rather an echo -- much like the various ghosts / paintings / mirror of erised do, but perhaps a stronger one. The cloak wasn't a perfect cloak, it was better than most, but could still be penetrated by very powerful magic.
As far as we know, Mad-eye's magical eye was unique. Given that he was a member of the Order, Dumbledore, who had studied the cloak and apparently found a way to see through it, may have shared his secret with Mad-eye.
Even the part about having to kill the previous owner of the wand to fully master it turned out to not be completely accurate. Sure, killing whoever has it is one way to do it, but the other ways don't make for as interesting of a legend to pass down.
Another nice thing about ordering pizza from a website is that if you have a coupon or other discounted price, they never question it on web orders. Over the phone sometimes they forget to enter it, or when you get there they stare at it suspiciously like they think you're trying to scam them -- which I'm sure some people do in the age of high quality printers -- or you have to argue about ambiguous expiration dates or combinations of multiple discounts, etc.
When it comes to Internet orders, however, the person at the register just does whatever the computer tells them to and doesn't bat an eye. If it says to give me the pizza for free (thank you frequent diner program!), then that's what they do, no second guessing. And you get to see what the total will be up front before you commit to the order.
That's on my dev box which has everything under the sun that might be needed. My laptop which is more for just normal use only has around 600 or so.
It used to be a lot less with xorg 6.9 when there were 6 or 7 mega packages. Now with 7.2 it's something like 100 just for X because every protocol and driver is in its own little package.
So, subtract 1 for nvidia-driver. Subtract 1 for linux-flashplugin. Subtract 1 for acroread7. That's still a helluva lot of open-sores software... I hope the BSA doesn't come after me!!!
I think that's one of the reasons that aircraft fuel is usually measured by mass. Well technically they cheat and use weight, but even that is still subject to much less variation than volume.
What's even funnier are on some web sites where you have to agree to some EULA-style agreement first. They'll have a "click here to read" link that pops it up in another window, a check box that you've read it and agree, and an OK button. I just check the box and hit 'OK' without ever reading it. Their web server has PROOF that I never read the EULA and couldn't possibly agree to it, and they let me in anyway. Can't wait for one of them to try to enforce it.
Inkscape is an awesome vector art program for design work. I was a huge CorelDRAW fan when I used to use Windows and find Inkscape to be just as easy to use if not sometimes easier / more powerful. Illustrator always seemed clunky in comparison.
For a while Inkscape was missing some necessary features, but development has progressed quite fast and they now exist. Things like blur and the duplicate-along-a-path tool. Inkscape's myriad of flexible clipping options is enough to make users of other software jealous.
Though while it's great for web design and on-screen work (like icons and such), it's not so great for print work. Lack of Pantone colors and an easy way to do separations pretty much kills it for serious print work. That said, I have done print work with Inkscape before, but had to hack up some custom software in order to split out separations and map them to the Pantone colors I was using. Even then the on-screen version didn't quite match the colors, but that was okay because I expected it and knew what color the final product would be. I doubt a professional graphics designer would be so forgiving, however.
The only other problem I've had with Inkscape is that sometimes things aren't as precise as I would prefer. That is, sometimes at high zoom levels I find that objects aren't quite where I expect them to be, usually because of differences in the stroke width and whether or not the outline is considered part of the object in regards to snapping, etc. This has only presented a problem for me only once, when pre-visualizing some quilt patterns for my SO -- lots of geometric shapes that need to interlock perfectly. I had used AutoCAD for the task before, which was very precise for the design but doesn't give a good idea of color and patterns;)
> One major danger that GPLv3.1 will block is Googlization. Googlization means services contain > GPL-covered software that you can't change, because the product is never published and so no > source code has to be provided.
This was actually up for GPLv3, but meet too much resistance through the review process. ISTM that this would be unenforcible anyway, as parties like Google aren't actually distributing anything. The only way to do it would be to turn the GPL into a form of EULA, which most open-source people tend to loathe.
This is kind of silly, as the tools where this could actually be enforced (like GCC and Bison where non-trivial GPL'ed code is usually included in the result) has specific exceptions to allow "GPL-less compiling". For Bison, this exception was added recently. IMNSHO, this is why GCC and related development tools should be BSD or MIT licensed, like TCP/IP or X11. What's the point of using the GPL if you have to make exception after exception?
Actually, only your first suggestion had any basis in reality. The rest seemed made up with the sole purpose of spreading fear, uncertainty and doubt about the future of the GPL. I prefer to see the grandparent post as satire rather than FUD, but to each his own.
BLOBisation" is either no problem at all (legally *OR* philosophically) or already illegal by the GPLv2 (even though companies like Nvidia and ATI ignore this). It's the former -- they take advantage of a loophole in the way copyright in general works (not the GPL). They distribute their binary blob by itself, along with some glue code under a proprietary license. It's the end user who links the blob to his (GPL) kernel. It may seem like the end user is the one violating the GPL, but really he's not so long as no distribution is taking place.
The only time this could result in a GPL violation is when a third party distributes the blob and loads it automatically (even this is possibly debatable, but I think it could be won in court). A few Linux distributions are guilty of this. But it's they who are ignoring the GPL, not ATI/Nvidia.
<meta>Not that I like binary blobs very much, but wanted to clarify the legal basis for them. IANALBIPOOTV, yada yada.</meta>
(Of course, Windows XP implements it just fine, but a lot of software makes sure to break it, so no one twist my words in that direction please)
Well, in general it's implemented okay, but Windows does have a few pretty stupid design choices. Example: the default web browser being a system-wide setting rather than a per-user one (I think they finally fixed that in Vista, sort of).
The worst is file associations. There's three places they could be set: the system-wide Classes key, the per-user Classes key, and HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts.
The two Classes keys are actually a pretty decent idea -- you have the system one, then you have the per-user one that overlays that. When you look at HKEY_CLASSES_ROOT what you actually see is the result of that overlay. Any user settings override the system ones. Unfortunately, they screwed up in that the shell doesn't know how to set per-user file associations, so the nifty per-user Classes key goes almost completely unused unless you edit it by hand. How it _should_ have worked would be for writes to HKCR to get redirected to your user one, especially if you don't have permissions to modify the system one.
To top it off, in order to work around the "problem", the Explorer shell keeps its own set of file associations on a per-user basis. When you do "always open with this application", it sets it in Explorer's private association list (but not in either of the Classes keys), so it seems to work at first until some other program tries to open/edit that file type and you get the old association instead. Stupid, stupid. Classic case of the UI team not communicating with the kernel and core OS teams.
That being said, I agree that the majority of the issues are the result of application design that still assumes the Windows 95 scheme of all applications having access to everything and no user-specific settings.
I'm really surprised there's only one post with this, it's the first thing that popped into my head as well (I had to do a double take because that's what I thought it said at first!)
If they start encasing circuit boards in epoxy then there is little doubt that people will soon be taking hammers and chisels to their HD-DVD players. So what you're saying is that soon, possession of a hammer will not only be proof that you're a terrorist planning to shoot up a school, but also an intellectual property pirate!
It's far worse than that! Don't you know that he's the leader of the terrorist group calling themselves "Dumbledore's Army"? They're plotting to overthrow the Ministry of Magic!
The thing is, if you let all these overreactions run rampant people start being afraid for fear of falling under one of these reactions. Hell, even now people are saying "well hey, in these days," (ie. The Post 9-11 World (tm)), "we have to react differently, and we have to teach our kids not to be suspicious." One of the posts in TFA responds to this mentality with a quite excellent point. I too have heard people talking about the "Post 9-11 World" quite a lot, and it saddens me. Every time I hear someone say that, it remind me that the terrorists have, in fact, already won.
Slashdot Mirror
I've got 3 letters for you: O E M
The reason the figures are similar to previous major OS releases is that computer vendors don't really have a choice but to accept what MS is willing to sell them. It's not consumers that MS is putting the hard sell on, it's the manufacturers. The same has happened with every previous release of Windows, that's why the sales figures look similar.
What would be an interesting statistic is how many people have bought computers that came with Vista preinstalled and wiped it out to install XP (or the alternative OS of your choice). Even though a lot of people don't have the technical capability to do such a thing, most do know at least 1 person who does.
Must be the new and improved rewritten IP stack with patented SmartARP(tm) technology.
Good thing they got rid of that old BSD-derived stack.
Damn, hit submit too fast. That was supposed to be 'insomnia'
The same thing as when you play any coldplay song, it cures your insomniac.
Aha! That's it. The last time I did that was on Windows 2000 Server and I remember using the registry key to do it. fsutil must be new (XP?)
I can't believe this is even an issue. I've been mounting everything noatime on my BSD systems for ages. The only thing I can think that it might possibly be used for are scripts that purge /tmp of files that haven't been accessed in a while. Even for that, ctime or mtime isn't a bad compromise.
Bit of trivia -- NTFS does the exact same thing with regards to access times. There's a registry entry to disable it buried somewhere deep that I don't remember at the moment, but if you're stuck on Windows it might be worth looking up to improve I/O performance.
That's why this type of problem has typically been considered nearly impossible to exploit. There's too many variables that the attacker can't control (and memory management can be near downright non-deterministic if there's enough allocation / deallocation of various sized blocks going on). I'm very interested to see what they came up with. My guess is that it's something that can only apply in specific circumstances; i.e. a buffer for incoming data is allocated in a spot that used to be occupied by something else, and the design of the program makes it happen consistently.
Oh, wait, wrong Harry....
His cloak is uber just because the spell doesn't wear off over time as happens to other invisibility cloaks.
I think she tried to make it pretty clear that the story about the items being given to the 3 brothers by Death himself was just that -- a fairy tale. The wand wasn't unbeatable in a duel; it just focused and amplified magical energy more efficiently than other wands. The stone didn't really bring back the dead, but rather an echo -- much like the various ghosts / paintings / mirror of erised do, but perhaps a stronger one. The cloak wasn't a perfect cloak, it was better than most, but could still be penetrated by very powerful magic.
As far as we know, Mad-eye's magical eye was unique. Given that he was a member of the Order, Dumbledore, who had studied the cloak and apparently found a way to see through it, may have shared his secret with Mad-eye.
Even the part about having to kill the previous owner of the wand to fully master it turned out to not be completely accurate. Sure, killing whoever has it is one way to do it, but the other ways don't make for as interesting of a legend to pass down.
Another nice thing about ordering pizza from a website is that if you have a coupon or other discounted price, they never question it on web orders. Over the phone sometimes they forget to enter it, or when you get there they stare at it suspiciously like they think you're trying to scam them -- which I'm sure some people do in the age of high quality printers -- or you have to argue about ambiguous expiration dates or combinations of multiple discounts, etc.
When it comes to Internet orders, however, the person at the register just does whatever the computer tells them to and doesn't bat an eye. If it says to give me the pizza for free (thank you frequent diner program!), then that's what they do, no second guessing. And you get to see what the total will be up front before you commit to the order.
That's on my dev box which has everything under the sun that might be needed. My laptop which is more for just normal use only has around 600 or so.
It used to be a lot less with xorg 6.9 when there were 6 or 7 mega packages. Now with 7.2 it's something like 100 just for X because every protocol and driver is in its own little package.
Why do I need this software? It's easy enough to figure out without downloading random stuff from the internet.
$ uname -rs
FreeBSD 7.0-CURRENT
$ pkg_info | wc -l
1630
So, subtract 1 for nvidia-driver. Subtract 1 for linux-flashplugin. Subtract 1 for acroread7. That's still a helluva lot of open-sores software... I hope the BSA doesn't come after me!!!
I think that's one of the reasons that aircraft fuel is usually measured by mass. Well technically they cheat and use weight, but even that is still subject to much less variation than volume.
What's even funnier are on some web sites where you have to agree to some EULA-style agreement first. They'll have a "click here to read" link that pops it up in another window, a check box that you've read it and agree, and an OK button. I just check the box and hit 'OK' without ever reading it. Their web server has PROOF that I never read the EULA and couldn't possibly agree to it, and they let me in anyway. Can't wait for one of them to try to enforce it.
I have to wonder how it compares to this, both in price and in capabilities. (see the 'more images' link for pics of the inside).
I don't know who came up with the idea first.
Inkscape is an awesome vector art program for design work. I was a huge CorelDRAW fan when I used to use Windows and find Inkscape to be just as easy to use if not sometimes easier / more powerful. Illustrator always seemed clunky in comparison.
;)
For a while Inkscape was missing some necessary features, but development has progressed quite fast and they now exist. Things like blur and the duplicate-along-a-path tool. Inkscape's myriad of flexible clipping options is enough to make users of other software jealous.
Though while it's great for web design and on-screen work (like icons and such), it's not so great for print work. Lack of Pantone colors and an easy way to do separations pretty much kills it for serious print work. That said, I have done print work with Inkscape before, but had to hack up some custom software in order to split out separations and map them to the Pantone colors I was using. Even then the on-screen version didn't quite match the colors, but that was okay because I expected it and knew what color the final product would be. I doubt a professional graphics designer would be so forgiving, however.
The only other problem I've had with Inkscape is that sometimes things aren't as precise as I would prefer. That is, sometimes at high zoom levels I find that objects aren't quite where I expect them to be, usually because of differences in the stroke width and whether or not the outline is considered part of the object in regards to snapping, etc. This has only presented a problem for me only once, when pre-visualizing some quilt patterns for my SO -- lots of geometric shapes that need to interlock perfectly. I had used AutoCAD for the task before, which was very precise for the design but doesn't give a good idea of color and patterns
> GPL-covered software that you can't change, because the product is never published and so no
> source code has to be provided.
This was actually up for GPLv3, but meet too much resistance through the review process. ISTM that this would be unenforcible anyway, as parties like Google aren't actually distributing anything. The only way to do it would be to turn the GPL into a form of EULA, which most open-source people tend to loathe. This is kind of silly, as the tools where this could actually be enforced (like GCC and Bison where non-trivial GPL'ed code is usually included in the result) has specific exceptions to allow "GPL-less compiling". For Bison, this exception was added recently. IMNSHO, this is why GCC and related development tools should be BSD or MIT licensed, like TCP/IP or X11. What's the point of using the GPL if you have to make exception after exception? Actually, only your first suggestion had any basis in reality. The rest seemed made up with the sole purpose of spreading fear, uncertainty and doubt about the future of the GPL. I prefer to see the grandparent post as satire rather than FUD, but to each his own.
The only time this could result in a GPL violation is when a third party distributes the blob and loads it automatically (even this is possibly debatable, but I think it could be won in court). A few Linux distributions are guilty of this. But it's they who are ignoring the GPL, not ATI/Nvidia.
<meta>Not that I like binary blobs very much, but wanted to clarify the legal basis for them. IANALBIPOOTV, yada yada.</meta>
Well, actually since the Wii's controller uses bluetooth for the wireless communication, with the right drivers it can be used with a PC.
I doubt any mainstream game would ever require / use one, but it's fun for homebrew stuff anyway.
(Of course, Windows XP implements it just fine, but a lot of software makes sure to break it, so no one twist my words in that direction please)
p lorer\FileExts.
Well, in general it's implemented okay, but Windows does have a few pretty stupid design choices. Example: the default web browser being a system-wide setting rather than a per-user one (I think they finally fixed that in Vista, sort of).
The worst is file associations. There's three places they could be set: the system-wide Classes key, the per-user Classes key, and HKCU\Software\Microsoft\Windows\CurrentVersion\Ex
The two Classes keys are actually a pretty decent idea -- you have the system one, then you have the per-user one that overlays that. When you look at HKEY_CLASSES_ROOT what you actually see is the result of that overlay. Any user settings override the system ones. Unfortunately, they screwed up in that the shell doesn't know how to set per-user file associations, so the nifty per-user Classes key goes almost completely unused unless you edit it by hand. How it _should_ have worked would be for writes to HKCR to get redirected to your user one, especially if you don't have permissions to modify the system one.
To top it off, in order to work around the "problem", the Explorer shell keeps its own set of file associations on a per-user basis. When you do "always open with this application", it sets it in Explorer's private association list (but not in either of the Classes keys), so it seems to work at first until some other program tries to open/edit that file type and you get the old association instead. Stupid, stupid. Classic case of the UI team not communicating with the kernel and core OS teams.
That being said, I agree that the majority of the issues are the result of application design that still assumes the Windows 95 scheme of all applications having access to everything and no user-specific settings.
I'm really surprised there's only one post with this, it's the first thing that popped into my head as well (I had to do a double take because that's what I thought it said at first!)
It's far worse than that! Don't you know that he's the leader of the terrorist group calling themselves "Dumbledore's Army"? They're plotting to overthrow the Ministry of Magic!