Yeah, let's drive the cost of software through the roof. That will solve everything! Companies will employ a lot more people to do testing but will still have to invest in huge insurance policies just in case they miss something. Your next copy of Windows will cost more than a well equipped car.
Yeah, I spent a couple years dancing through the BKDG tweaking a few of those bits a couple of years back. Enough that I have a feeling you and I have worked together IRL. At the very least, your name is very familiar to me...
Given that I've worked for a major CPU company and worked with the BIOS developers on more than one occasion as they debugged problems, I think I can say with some confidence that the modern BIOS is more complex by several orders of magnitude over the primitive BIOS you would find in a PC and AT machine. This explosion in complexity means that it's just not financially possible to fund the development to have a flawless BIOS right out of the gate. There are just too many permutations to consider when developing the system to test them all. And even if you did get a "perfect" BIOS out the door, the chips on the board are so much more complex that they never leave the factory without flaws. Ever. And sometimes you just don't find them until they're in the field and you need to supply a workaround.
You're forgetting social engineering. How many people fall victim to that every day? Someone who doesn't know any better will do whatever their computer tells them to do if you word it correctly.
But I will agree that the user intervention part will significantly reduce the number of incidents.
Even though you can push fixes directly into the processor in that way, there is still a reason to have to patch the BIOS. The CPU microcode pretty much only affects the CPU. The BIOS is there to interface with the rest of the components on the motherboard. And when you need to get around a flaw in your north bridge by supplying different initialization settings, there's pretty much no way to fix that in a CPU microcode push. You have to do it with a BIOS flash.
And HT/QPI.
Hell, you have to get the PCIe buses walked enough to even see the BIOS boot ROM on the south bridge. Not a full initialization but enough to read the contents of the boot ROM into cache and/or RAM.
How else are you going to allow the unwashed masses to do it? Sure, the average/.er can write their own BIOS and key it in by hand. But the average computer user doesn't understand anything more complex than "click on this picture to fix the broken computer thingy".
Granted, the BIOS should be designed to resist this sort of attack. Vulnerabilities in the system trace back to wide open doors that are easily exploited. And that needs to be changed. But with some effort, the system can be designed such that this kind of attack is made very obvious to the user or prevented entirely.
I can give you several reasons why you would want to field load the BIOS. Flaws in processor designs are often worked around by BIOS code and settings. Discovering a flaw in a chip after it is sold to the public is a great reason to be able to update the BIOS with the fix in the field. Hell, there are flaws in BIOS code that don't get discovered until your product is shipped. You need to patch it just like you need to patch any other software. Another good reason is to allow you to upgrade some components in your system without having to buy a new motherboard. A new generation of processor can be dropped into many motherboards out there just by flashing the BIOS and plugging the chip in, assuming socket compatibility is maintained.
Computer systems are vastly more complex now than they were even just 10 years ago. All of the subcomponents on motherboards need a BIOS that tells the CPU where they are and how to run them. Every manufacturer ships processors that have a number of flaws that the BIOS works around. It's the nature of computer systems in the 21st century.
Sure, if we were back in the 90's and still running the pre-PCI architectures, you may have had a point about locking things down. They just didn't need the complexity we have now. But as complexity has been added on top of complexity, we absolutely cannot get by with a locked down BIOS. It just wouldn't work.
Do you have any idea how complex the BIOS code is these days? A lot of the fixes that go into BIOS releases are for the code that runs before you even hear the system beep. You really do need to be able to flash that as fixes come out.
Based on... what? Did you actually watch the presentation (it's a free video stream) or did you simply ready the heavily slanted summary?
Hello pot. I see you've met kettle.
Talk about heavily slanted. A dog and pony show provided for the press is pretty much the textbook definition of heavily slanted. But since you asked, yes I did watch it.
Productivity improvements:
Remote Desktop with support for multiple connections from the same app (essentially a tabbed interface)..
This might be useful to someone. I still don't see how the average user will have any idea what this is for. But I'm sure it's useful somehow.
Improved taskbar support for multi-monitor (span monitors, each part showing only icons for apps present on the monitor in question).
Great. Now I have to go digging around on several task bars to find anything...
Lower base RAM utilization means you don't need powerful hardware or to wait for disk swapping as often.
Yeah, because the operating system is the biggest consumer of RAM in my 16GB system...
Built-in support for re-imaging your box if something goes wrong.
So Microsoft has finally admitted you need to reimage your system every couple of months and is now helping you? How nice of them. I wonder what else they could do to help. Perhaps they could build a system that you don't have to reimage every few months. I know it's a novel concept but they may want to think about giving that a shot.
I've been running another operating system for years, including using their built in update services to upgrade from one version to the next several times, without having to reimage my system once. Why would I want to switch over to an operating system that I have to reimage?
Built-in Hyper-V support, even in client SKUs, makes it extremely easy to run VMs.
This may actually be a useful feature for the few people (a small percentage of the user base) who actually need to do this. But with all the established hypervisors out there, this is really a "Welcome to 2006" moment for Windows. But I'm sure Microsoft has plans to introduce artificial incompatibilities into their system to break functionality in other managers. That way you have to run a Windows based VM manager to get decent performance out of Windows VMs. Microsoft has a history of doing things like that to drive competitors out of business once they finally get around to adding functionality that's already been done better and cheaper by someone else years before.
There's probably many more - enterprise customers have always been a huge part of Microsoft's target market, and I'm sure they still are - but those were specifically demoed today.
If enterprise customers are their target market, why are they pushing a smart phone interface on everyone? Who in the enterprise is going to need a touchscreen interface on their rackmount server?
I missed that part about it being in an app. From TFA:
The familiar Windows desktop, which has been the cornerstone of the operating system since Windows 95, has been effectively demoted to an "app".
Though this sounds like an extra layer that gets in the way of productivity. At least that's my first thought. Hopefully they don't screw things up too badly.
Rush Limbaugh has written several books too. Both of them are accused of misrepresenting the facts in their books.
Gore's books can be seen as proof that he's just profiteering off his political career and time in the spotlight, without actually contributing anything useful to the discussion. Quite the contrary, they can be seen as nothing more than political sensationalism and a misrepresentation of the facts and they detract from the credibility of the environmentalist movement.
I'm sure a lot of people love Al Gore and the message he puts out. But a lot of people follow Sarah Palin too. But popularity, in and of itself, doesn't mean the guy knows what he's talking about.
Seems like the Windows/Star Trek "every other release" rule is still in play. This user interface will be horrible on the business desktop for people who actually want to get real work done. I wonder how many businesses will avoid Windows 8 and wait for 9 to come out?
He doesn't build and sell alternate energy equipment but his investments in the environmental business are well documented. Start with the wiki and follow up on the links in that section.
I took an accounting class in college. That doesn't make me an accountant any more than Al Gore's association with people in one class makes him a scientist.
The public face of "climate change" and "global warming" may have sold out but that doesn't change the fact that a lot of people will just dismiss the entirety of science with the wave of a hand. Those people are the kooks.
I am distrustful of all politicians and believe that all are motivated by selfish interests but all one has to do is look at the companies he owns and has investments in. He makes a lot of money off the environmental movement.
Now, I can't say whether he's a true believer and has invested in what he believes in. I can't say if he's just a slimy politician who is profiteering off his party's political agenda. Probably some of both. But there's no mistaking how he's positioned himself financially.
Slashdot Mirror
Except for the fact that every security product has a plethora of false positives, I might believe your theory
This kind of error is far too obvious to be deliberate. When Microsoft wants to undermine a competitor, they're far more subtle about it.
I'm betting you meant to suggest that the state of security software is pretty wretched these days rather than heap praise on MSSE. Am I right?
Yeah, let's drive the cost of software through the roof. That will solve everything! Companies will employ a lot more people to do testing but will still have to invest in huge insurance policies just in case they miss something. Your next copy of Windows will cost more than a well equipped car.
Now maybe there will be something interesting to use Google+ for...
Yeah, I spent a couple years dancing through the BKDG tweaking a few of those bits a couple of years back. Enough that I have a feeling you and I have worked together IRL. At the very least, your name is very familiar to me...
I can agree with that concept.
Given that I've worked for a major CPU company and worked with the BIOS developers on more than one occasion as they debugged problems, I think I can say with some confidence that the modern BIOS is more complex by several orders of magnitude over the primitive BIOS you would find in a PC and AT machine. This explosion in complexity means that it's just not financially possible to fund the development to have a flawless BIOS right out of the gate. There are just too many permutations to consider when developing the system to test them all. And even if you did get a "perfect" BIOS out the door, the chips on the board are so much more complex that they never leave the factory without flaws. Ever. And sometimes you just don't find them until they're in the field and you need to supply a workaround.
You're forgetting social engineering. How many people fall victim to that every day? Someone who doesn't know any better will do whatever their computer tells them to do if you word it correctly.
But I will agree that the user intervention part will significantly reduce the number of incidents.
Yeah, that's much more secure... ;)
Even though you can push fixes directly into the processor in that way, there is still a reason to have to patch the BIOS. The CPU microcode pretty much only affects the CPU. The BIOS is there to interface with the rest of the components on the motherboard. And when you need to get around a flaw in your north bridge by supplying different initialization settings, there's pretty much no way to fix that in a CPU microcode push. You have to do it with a BIOS flash.
That might work. But I'm not sure how much additional security that buys you. All it does is add an intermediate step.
Yeah, let me know how well that sells to the general public.
"What do you mean I have to open up my computer?!? That's going to void the warranty!!!"
And HT/QPI. Hell, you have to get the PCIe buses walked enough to even see the BIOS boot ROM on the south bridge. Not a full initialization but enough to read the contents of the boot ROM into cache and/or RAM.
And how do you propose the units in the field get fixed? Or do they just need to pitch them and buy new ones?
How else are you going to allow the unwashed masses to do it? Sure, the average /.er can write their own BIOS and key it in by hand. But the average computer user doesn't understand anything more complex than "click on this picture to fix the broken computer thingy".
Granted, the BIOS should be designed to resist this sort of attack. Vulnerabilities in the system trace back to wide open doors that are easily exploited. And that needs to be changed. But with some effort, the system can be designed such that this kind of attack is made very obvious to the user or prevented entirely.
I can give you several reasons why you would want to field load the BIOS. Flaws in processor designs are often worked around by BIOS code and settings. Discovering a flaw in a chip after it is sold to the public is a great reason to be able to update the BIOS with the fix in the field. Hell, there are flaws in BIOS code that don't get discovered until your product is shipped. You need to patch it just like you need to patch any other software. Another good reason is to allow you to upgrade some components in your system without having to buy a new motherboard. A new generation of processor can be dropped into many motherboards out there just by flashing the BIOS and plugging the chip in, assuming socket compatibility is maintained.
Computer systems are vastly more complex now than they were even just 10 years ago. All of the subcomponents on motherboards need a BIOS that tells the CPU where they are and how to run them. Every manufacturer ships processors that have a number of flaws that the BIOS works around. It's the nature of computer systems in the 21st century.
Sure, if we were back in the 90's and still running the pre-PCI architectures, you may have had a point about locking things down. They just didn't need the complexity we have now. But as complexity has been added on top of complexity, we absolutely cannot get by with a locked down BIOS. It just wouldn't work.
Do you have any idea how complex the BIOS code is these days? A lot of the fixes that go into BIOS releases are for the code that runs before you even hear the system beep. You really do need to be able to flash that as fixes come out.
Based on... what? Did you actually watch the presentation (it's a free video stream) or did you simply ready the heavily slanted summary?
Hello pot. I see you've met kettle.
Talk about heavily slanted. A dog and pony show provided for the press is pretty much the textbook definition of heavily slanted. But since you asked, yes I did watch it.
Productivity improvements: Remote Desktop with support for multiple connections from the same app (essentially a tabbed interface)..
This might be useful to someone. I still don't see how the average user will have any idea what this is for. But I'm sure it's useful somehow.
Improved taskbar support for multi-monitor (span monitors, each part showing only icons for apps present on the monitor in question).
Great. Now I have to go digging around on several task bars to find anything...
Lower base RAM utilization means you don't need powerful hardware or to wait for disk swapping as often.
Yeah, because the operating system is the biggest consumer of RAM in my 16GB system...
Built-in support for re-imaging your box if something goes wrong.
So Microsoft has finally admitted you need to reimage your system every couple of months and is now helping you? How nice of them. I wonder what else they could do to help. Perhaps they could build a system that you don't have to reimage every few months. I know it's a novel concept but they may want to think about giving that a shot.
I've been running another operating system for years, including using their built in update services to upgrade from one version to the next several times, without having to reimage my system once. Why would I want to switch over to an operating system that I have to reimage?
Built-in Hyper-V support, even in client SKUs, makes it extremely easy to run VMs.
This may actually be a useful feature for the few people (a small percentage of the user base) who actually need to do this. But with all the established hypervisors out there, this is really a "Welcome to 2006" moment for Windows. But I'm sure Microsoft has plans to introduce artificial incompatibilities into their system to break functionality in other managers. That way you have to run a Windows based VM manager to get decent performance out of Windows VMs. Microsoft has a history of doing things like that to drive competitors out of business once they finally get around to adding functionality that's already been done better and cheaper by someone else years before.
There's probably many more - enterprise customers have always been a huge part of Microsoft's target market, and I'm sure they still are - but those were specifically demoed today.
If enterprise customers are their target market, why are they pushing a smart phone interface on everyone? Who in the enterprise is going to need a touchscreen interface on their rackmount server?
I missed that part about it being in an app. From TFA:
The familiar Windows desktop, which has been the cornerstone of the operating system since Windows 95, has been effectively demoted to an "app".
Though this sounds like an extra layer that gets in the way of productivity. At least that's my first thought. Hopefully they don't screw things up too badly.
Rush Limbaugh has written several books too. Both of them are accused of misrepresenting the facts in their books.
Gore's books can be seen as proof that he's just profiteering off his political career and time in the spotlight, without actually contributing anything useful to the discussion. Quite the contrary, they can be seen as nothing more than political sensationalism and a misrepresentation of the facts and they detract from the credibility of the environmentalist movement.
I'm sure a lot of people love Al Gore and the message he puts out. But a lot of people follow Sarah Palin too. But popularity, in and of itself, doesn't mean the guy knows what he's talking about.
Seems like the Windows/Star Trek "every other release" rule is still in play. This user interface will be horrible on the business desktop for people who actually want to get real work done. I wonder how many businesses will avoid Windows 8 and wait for 9 to come out?
Look here to find more on his significant investment in the climate change businesses.
He doesn't build and sell alternate energy equipment but his investments in the environmental business are well documented. Start with the wiki and follow up on the links in that section.
I took an accounting class in college. That doesn't make me an accountant any more than Al Gore's association with people in one class makes him a scientist.
The public face of "climate change" and "global warming" may have sold out but that doesn't change the fact that a lot of people will just dismiss the entirety of science with the wave of a hand. Those people are the kooks.
I am distrustful of all politicians and believe that all are motivated by selfish interests but all one has to do is look at the companies he owns and has investments in. He makes a lot of money off the environmental movement.
Now, I can't say whether he's a true believer and has invested in what he believes in. I can't say if he's just a slimy politician who is profiteering off his party's political agenda. Probably some of both. But there's no mistaking how he's positioned himself financially.