For the first part of your question, you can install debug versions of Windows. These are known as checked builds. They don't have any compiler optimization and add a lot of internal checks to help identify issues when writing drivers. In particular they do extra parameter validation. The retail builds (known as free builds) basically trust kernel-mode code to be written properly, so each function doesn't check all of its parameters for validity.
I assume it's easy to boot checked builds into a mode that accepts unsigned drivers, since that is what the build is designed to test.
In this case 'cross-platform' means Windows and Mac OS X. In addition, since the platform is really your web browser, it supports IE, Firefox, and Safari. See the download page for details.
For future reference, just uncheck the box next to "Delete meeting request from Inbox when responding". Options > Email Options > Advanced Email Options (at least in Outlook 2007, I don't have any earlier versions handy).
DEP allows programs to create and execute code at run time. However, they must be sure to specify that the memory is executable. This is not the default when DEP is turned on for a program, so it'll break applications that assumed all memory is executable.
They aren't going to keep it from everyone else, since they've included the Home Use Program in Software Assurance for years. See the SA site for more details. Among the other benefits that most people don't know about are things like the fact that companies with 1500+ licenses can access the Windows source at no cost for use in troubleshooting, debugging, and analyzing security.
Furthermore, all four of the supplied links were written before July 10th. In other words, none of those four have anything to do with the latest updates to Vista.
Wasn't this E3 about a much more limited audience? In other words, if the crowds are primarily press, are you really surprised that they didn't cheer like crazy? If I was there covering it for my website/magazine/whatever, I would be taking notes as fast as I could, not clapping to everything that was said. That said, I got the distinct impression the audience was more lively than you could here on the streaming video feed.
On another note; I found it interesting that Microsoft seems to be going after Nintendo with this E3. SceneIt and the Disney deal (as well as the new Viva Pinata games) seem directly targeted at Nintendo. It'll be interesting to see whether they can get enough publicity on these to make a difference.
Which EULA would that be? I just read through the Windows Vista license and the Office 2007 license and neither included the clause you are describing. They mention in passing that updates to the software may require you to agree to an updated license, but that's different from changing their website (and I don't think anything that gets pushed out as an automatic update will include a revised license).
Microsoft owns a facility in Humacao, Puerto Rico, that manufactures all of the optical media for distribution in the Americas. So an extra run of the Asian-market DVDs manufactured elsewhere would be obviously illegitimate, since they would have the wrong hologram for sale in North or South America (there is a Puerto Rico hologram on the bottom of an American Vista or Office 2007 DVD).
You seem to be using a non-standard definition of an algorithm (programs are a superset of algorithms, the primary difference being that algorithms must terminate while programs may or may not). There's no reason an algorithm can't take somebody's skin color as an input and do something based on that input.
Anyway, I think the only way an algorithm (or program) would be considered defamatory is if you didn't precisely specify what the output meant. For example, if your algorithm said white lawyers got a value of 1 and black lawyers had a value of 0. The reality is that your algorithm tells you the skin color of a particular lawyer. If you presented that information as being the quality of the lawyer (1 being good and 0 being bad), you are defaming black lawyers. So I think the website would be fine, as long as they explained exactly how their ranking was calculated and presented it as nothing more than the result of that particular calculation.
Find me anything from Microsoft that claims Vista (or any other product) is secure. It turns out that making the claim that any piece of software is secure will result in a lawsuit as soon as somebody discovers a single vulnerability. This is why you see phrases like "safer", "more secure", and "helps provide security". These phrases emphasize the degree of security, not some binary concept (if you insist on a binary concept, you may as well assume that no non-trivial software is secure).
That bin is in the lobby of the Zune building, which is not located on Microsoft's main campus. It's a few miles away, and it's not really somewhere that random Microsoft employees would go. If I had to guess, somebody on the team put it together as a joke, not as a real way of getting rid of iPods.
Alternatively, from the main menu, select Prepare -> Inspect Document. That will check for "Comments, Revisions, Versions, and Annotations", "Document Properties and Personal Information", "Custom XML Data", "Headers, Footers, and Watermarks", "Hidden Text" (you choose which ones you want to look for and it will report.
It doesn't show you the exact text that it found, but does let you remove all instances of each category. The idea is that you have a document that you actually edit and then use this tool on the copy you intend to distribute.
Engadget wasn't really tricked here. They reported on an email that actually was sent to Apple employees and was forwarded by a real Apple employee to engadget (and it sounds like this employee has been a reliable source in the past). That is about the best source you could have short of an official press release.
The real story is that somebody managed to fool some number of Apple employees into believing the fake memo. It's hard to say much more without some more details (was the From: header spoofed, or was it just good enough to make it past a casual glance?). Why aren't official confidential memos signed by a closely guarded private key? That way employees would know unsigned memos are quite possibly fake.
Maine seems to be doing an excellent job getting people to register to vote (105.96% of the voting-age population). I assume the problem is that the Census Bureau is providing an estimate, which seems to be at best accurate to +/- 6%, and most likely worse than that.
Exhaustive QA means that you tried every possible case. Any state that the computer could possibly be in you must have tested. Any possible combination of hardware and drivers must be tested. In other words, Microsoft would have to test more combinations than will ever exist in the wild. If your system has more than 8 bytes of memory, good luck testing all possible combinations.
So your test plan can't be "exhaustive" (he was using the definition: "treating all parts or aspects without omission"). Instead you try to test as many aspects as you reasonably can. This is what Microsoft does for its tests.
It was delayed largely because they reset the project in late 2004. The original Longhorn was based off of the XP codebase. When they reset development they started from the Windows 2003 codebase (which was based off of the XP codebase). At no point did they claim that they were starting from scratch.
Many of the compatibility problems are related to fixing bugs in the OS. Any time you change the behavior of the operating system you risk breaking some piece of code that relied on the old behavior. Notice that they fixed all of the known security bugs in XP, even though they haven't released patches for XP. With Vista, they can break compatibility to fix security flaws. Breaking apps that currently work on XP would cause major problems for companies.
A banned API is one that is likely to cause security vulnerabilities. There are replacements for most of them that are less likely to have problems, but they aren't part of the official C standard library.
Microsoft's build tools will treat any calls to banned APIs as errors. They aren't removed from the system because they are used by many existing applications. For example, both strcpy and strncpy are banned at Microsoft. Yet many people have been using strncpy as a replacement for strcpy, so it needs to be in the CRT library.
Vista just asks me for my password. I haven't seen this cancel or allow prompt in months. When I need admin access for a task I have to type in an admin password. The kinds of tasks that require admin access in Vista seem to be more or less the same as those in Linux that require root.
Basically, the behavior you are seeing is that you are taking a shortcut and running as root all the time. Any time you actually need to be an admin it'll ask for your permission, but not require a password, since you already logged on as an admin. You really shouldn't be running in this mode. I tend to name the first account "Admin" and immediately create my own user account. I never directly log in as Admin, just like I never have a full KDE session as root.
I think the main situation where people are seeing these prompts unexpectedly is with hard drives that were configured under XP to be writable only by admins. If you don't change the permissions before using Vista, standard users won't have write access. You'll run into the same problem pretty easily under Linux (mounting a drive with every file owned by root with 0755 permissions).
I think there are two main motivations for the point systems. The first is that credit card companies have a per transaction fee that is around $0.25 - $0.35. This is really significant when you want to have multiple transactions around $1 - $2 each. By having you purchase points in increments of at least $5, they only pay the transaction fee once for a series of transactions. Apple does something similar with iTunes: they collect somewhere between one and three days worth of purchases and submit them together as a single transaction, hoping you buy more than just a single $0.99 track (I've never used iTunes, so this is a summary of what I've read about its behavior).
The other reason for the points system is to be able to set a single global price for content. I can post a piece of content for 800 points and tell people about that without having to convert it to a whole bunch of other currencies. Microsoft then sells points at some constant exchange rate for each country. This keeps content prices from fluctuating everywhere outside the US (compared to making the content $10 USD and having the exchange rate vary).
Word will give you a message box indicating a malformed document. The problem here is that the document isn't detected as being malformed before raising an unhandled exception. This is a bug that they admit exists and should be checked for.
All they are claiming is that it is not a security flaw. The exception is raised because there is an issue that might cause a security flaw had the exception not been raised. Since the exception was unexpected, there is no secure way of handling it except to shut down as quickly as possible. Any other response runs the risk of introducing a new security vulnerability. This would be worse than the original bug.
And in case the first response was that all possible locations of exceptions be checked, this simply isn't realistic. For example, every single arithmetic operation can cause an exception. Consider the fact that in C, "(a + b) + c" is not necessarily the same as "a + (b + c)". This is a trivial example, so if you don't immediately spot why, then you probably have written code with integer overflow errors. The only practical option is to include error checking where you expect errors to be first detected. If you miss a case, you'll end up with a bug. If you are using a safe integer class, an exception will be thrown on overflow. Since you weren't expecting it, your program will shutdown. If you weren't using a safe integer class, you'll have a potential security vulnerability.
That is why Microsoft considers these issues to be bugs in Word. All Microsoft said is that these aren't security bugs. It's fairly likely that the issue is something like an integer overflow using the SafeInt classes. In other words, an exception is thrown before a security vulnerability could occur. This exception is not handled because the programmer didn't expect an overflow. The correct thing to do when you have an unexpected exception is to bring down the program as fast as possible.
A global exception handler can't possibly know how to recover from any conceivable error, so it doesn't try to handle them. Incorrectly handling an unexpected exception will *introduce* security vulnerabilities that wouldn't have been there had you let the program be killed by an unhandled exception.
One of the things I can't stand about XP compared to Vista is the inability to diagnose problems on XP. A user complains about there laptop taking a long time to go into standby: how do you fix the problem? On Vista you open the performance tools and it'll list the likely candidates. For more detailed timing information you open up the performance logs and all drivers, services, and programs that caused delays will be listed.
Once a day the disk is busy for 15 minutes: what files are being accessed and which process is causing the issue? Open the resource monitor and you'll see all of the I/O operations and be able to determine the PID of the process responsible. Chances are it is a service hosted by svchost. Which service is it? Vista's task manager will show you which services are hosted within which processes.
A user complains about random crashes that started about a week ago. Use the stability chart to see which programs are crashing, when the issue started happening, and what changes were made to the system on that date.
Personally, Vista has been far more stable on my computer than XP or Linux (been running RTM for about four months now). But when there is a problem, it has been considerably easier to diagnose and solve on Vista than it was with XP or Linux. In particular, I have a much higher degree of confidence that I can solve other people's computer problems by sitting down at their computer and using the built in tools.
Yes, it sells the Wii. But does it sell games? Out of all the people I know who own/play the Wii, very few have played anything other than Wii Sports. Most of them have spent many hours playing this particular game. I've seen people buy the Wii and not bother to buy any other games for months.
If you look at the software sales data, the only company whose games are selling well for the Wii is Nintendo. By all accounts the hardware is selling faster than the Xbox 360, but the software isn't. It's almost as if Nintendo created the single game that people want to play on the Wii (and they're willing to pay $250 to play it).
Slashdot Mirror
For the first part of your question, you can install debug versions of Windows. These are known as checked builds. They don't have any compiler optimization and add a lot of internal checks to help identify issues when writing drivers. In particular they do extra parameter validation. The retail builds (known as free builds) basically trust kernel-mode code to be written properly, so each function doesn't check all of its parameters for validity.
I assume it's easy to boot checked builds into a mode that accepts unsigned drivers, since that is what the build is designed to test.
In this case 'cross-platform' means Windows and Mac OS X. In addition, since the platform is really your web browser, it supports IE, Firefox, and Safari. See the download page for details.
For future reference, just uncheck the box next to "Delete meeting request from Inbox when responding". Options > Email Options > Advanced Email Options (at least in Outlook 2007, I don't have any earlier versions handy).
DEP allows programs to create and execute code at run time. However, they must be sure to specify that the memory is executable. This is not the default when DEP is turned on for a program, so it'll break applications that assumed all memory is executable.
They aren't going to keep it from everyone else, since they've included the Home Use Program in Software Assurance for years. See the SA site for more details. Among the other benefits that most people don't know about are things like the fact that companies with 1500+ licenses can access the Windows source at no cost for use in troubleshooting, debugging, and analyzing security.
Furthermore, all four of the supplied links were written before July 10th. In other words, none of those four have anything to do with the latest updates to Vista.
Wasn't this E3 about a much more limited audience? In other words, if the crowds are primarily press, are you really surprised that they didn't cheer like crazy? If I was there covering it for my website/magazine/whatever, I would be taking notes as fast as I could, not clapping to everything that was said. That said, I got the distinct impression the audience was more lively than you could here on the streaming video feed.
On another note; I found it interesting that Microsoft seems to be going after Nintendo with this E3. SceneIt and the Disney deal (as well as the new Viva Pinata games) seem directly targeted at Nintendo. It'll be interesting to see whether they can get enough publicity on these to make a difference.
Which EULA would that be? I just read through the Windows Vista license and the Office 2007 license and neither included the clause you are describing. They mention in passing that updates to the software may require you to agree to an updated license, but that's different from changing their website (and I don't think anything that gets pushed out as an automatic update will include a revised license).
Microsoft owns a facility in Humacao, Puerto Rico, that manufactures all of the optical media for distribution in the Americas. So an extra run of the Asian-market DVDs manufactured elsewhere would be obviously illegitimate, since they would have the wrong hologram for sale in North or South America (there is a Puerto Rico hologram on the bottom of an American Vista or Office 2007 DVD).
You seem to be using a non-standard definition of an algorithm (programs are a superset of algorithms, the primary difference being that algorithms must terminate while programs may or may not). There's no reason an algorithm can't take somebody's skin color as an input and do something based on that input.
Anyway, I think the only way an algorithm (or program) would be considered defamatory is if you didn't precisely specify what the output meant. For example, if your algorithm said white lawyers got a value of 1 and black lawyers had a value of 0. The reality is that your algorithm tells you the skin color of a particular lawyer. If you presented that information as being the quality of the lawyer (1 being good and 0 being bad), you are defaming black lawyers. So I think the website would be fine, as long as they explained exactly how their ranking was calculated and presented it as nothing more than the result of that particular calculation.
Microsoft publishes a list of trademarks. As you guessed, Windows is a registered trademark and Windows Vista is considered a trademark.
Find me anything from Microsoft that claims Vista (or any other product) is secure. It turns out that making the claim that any piece of software is secure will result in a lawsuit as soon as somebody discovers a single vulnerability. This is why you see phrases like "safer", "more secure", and "helps provide security". These phrases emphasize the degree of security, not some binary concept (if you insist on a binary concept, you may as well assume that no non-trivial software is secure).
That bin is in the lobby of the Zune building, which is not located on Microsoft's main campus. It's a few miles away, and it's not really somewhere that random Microsoft employees would go. If I had to guess, somebody on the team put it together as a joke, not as a real way of getting rid of iPods.
Alternatively, from the main menu, select Prepare -> Inspect Document. That will check for "Comments, Revisions, Versions, and Annotations", "Document Properties and Personal Information", "Custom XML Data", "Headers, Footers, and Watermarks", "Hidden Text" (you choose which ones you want to look for and it will report.
It doesn't show you the exact text that it found, but does let you remove all instances of each category. The idea is that you have a document that you actually edit and then use this tool on the copy you intend to distribute.
Engadget wasn't really tricked here. They reported on an email that actually was sent to Apple employees and was forwarded by a real Apple employee to engadget (and it sounds like this employee has been a reliable source in the past). That is about the best source you could have short of an official press release.
The real story is that somebody managed to fool some number of Apple employees into believing the fake memo. It's hard to say much more without some more details (was the From: header spoofed, or was it just good enough to make it past a casual glance?). Why aren't official confidential memos signed by a closely guarded private key? That way employees would know unsigned memos are quite possibly fake.
Maine seems to be doing an excellent job getting people to register to vote (105.96% of the voting-age population). I assume the problem is that the Census Bureau is providing an estimate, which seems to be at best accurate to +/- 6%, and most likely worse than that.
Exhaustive QA means that you tried every possible case. Any state that the computer could possibly be in you must have tested. Any possible combination of hardware and drivers must be tested. In other words, Microsoft would have to test more combinations than will ever exist in the wild. If your system has more than 8 bytes of memory, good luck testing all possible combinations.
So your test plan can't be "exhaustive" (he was using the definition: "treating all parts or aspects without omission"). Instead you try to test as many aspects as you reasonably can. This is what Microsoft does for its tests.
It was delayed largely because they reset the project in late 2004. The original Longhorn was based off of the XP codebase. When they reset development they started from the Windows 2003 codebase (which was based off of the XP codebase). At no point did they claim that they were starting from scratch.
Many of the compatibility problems are related to fixing bugs in the OS. Any time you change the behavior of the operating system you risk breaking some piece of code that relied on the old behavior. Notice that they fixed all of the known security bugs in XP, even though they haven't released patches for XP. With Vista, they can break compatibility to fix security flaws. Breaking apps that currently work on XP would cause major problems for companies.
A banned API is one that is likely to cause security vulnerabilities. There are replacements for most of them that are less likely to have problems, but they aren't part of the official C standard library.
Microsoft's build tools will treat any calls to banned APIs as errors. They aren't removed from the system because they are used by many existing applications. For example, both strcpy and strncpy are banned at Microsoft. Yet many people have been using strncpy as a replacement for strcpy, so it needs to be in the CRT library.
Vista just asks me for my password. I haven't seen this cancel or allow prompt in months. When I need admin access for a task I have to type in an admin password. The kinds of tasks that require admin access in Vista seem to be more or less the same as those in Linux that require root.
Basically, the behavior you are seeing is that you are taking a shortcut and running as root all the time. Any time you actually need to be an admin it'll ask for your permission, but not require a password, since you already logged on as an admin. You really shouldn't be running in this mode. I tend to name the first account "Admin" and immediately create my own user account. I never directly log in as Admin, just like I never have a full KDE session as root.
I think the main situation where people are seeing these prompts unexpectedly is with hard drives that were configured under XP to be writable only by admins. If you don't change the permissions before using Vista, standard users won't have write access. You'll run into the same problem pretty easily under Linux (mounting a drive with every file owned by root with 0755 permissions).
I think there are two main motivations for the point systems. The first is that credit card companies have a per transaction fee that is around $0.25 - $0.35. This is really significant when you want to have multiple transactions around $1 - $2 each. By having you purchase points in increments of at least $5, they only pay the transaction fee once for a series of transactions. Apple does something similar with iTunes: they collect somewhere between one and three days worth of purchases and submit them together as a single transaction, hoping you buy more than just a single $0.99 track (I've never used iTunes, so this is a summary of what I've read about its behavior).
The other reason for the points system is to be able to set a single global price for content. I can post a piece of content for 800 points and tell people about that without having to convert it to a whole bunch of other currencies. Microsoft then sells points at some constant exchange rate for each country. This keeps content prices from fluctuating everywhere outside the US (compared to making the content $10 USD and having the exchange rate vary).
Word will give you a message box indicating a malformed document. The problem here is that the document isn't detected as being malformed before raising an unhandled exception. This is a bug that they admit exists and should be checked for.
All they are claiming is that it is not a security flaw. The exception is raised because there is an issue that might cause a security flaw had the exception not been raised. Since the exception was unexpected, there is no secure way of handling it except to shut down as quickly as possible. Any other response runs the risk of introducing a new security vulnerability. This would be worse than the original bug.
And in case the first response was that all possible locations of exceptions be checked, this simply isn't realistic. For example, every single arithmetic operation can cause an exception. Consider the fact that in C, "(a + b) + c" is not necessarily the same as "a + (b + c)". This is a trivial example, so if you don't immediately spot why, then you probably have written code with integer overflow errors. The only practical option is to include error checking where you expect errors to be first detected. If you miss a case, you'll end up with a bug. If you are using a safe integer class, an exception will be thrown on overflow. Since you weren't expecting it, your program will shutdown. If you weren't using a safe integer class, you'll have a potential security vulnerability.
That is why Microsoft considers these issues to be bugs in Word. All Microsoft said is that these aren't security bugs. It's fairly likely that the issue is something like an integer overflow using the SafeInt classes. In other words, an exception is thrown before a security vulnerability could occur. This exception is not handled because the programmer didn't expect an overflow. The correct thing to do when you have an unexpected exception is to bring down the program as fast as possible.
A global exception handler can't possibly know how to recover from any conceivable error, so it doesn't try to handle them. Incorrectly handling an unexpected exception will *introduce* security vulnerabilities that wouldn't have been there had you let the program be killed by an unhandled exception.
One of the things I can't stand about XP compared to Vista is the inability to diagnose problems on XP. A user complains about there laptop taking a long time to go into standby: how do you fix the problem? On Vista you open the performance tools and it'll list the likely candidates. For more detailed timing information you open up the performance logs and all drivers, services, and programs that caused delays will be listed.
Once a day the disk is busy for 15 minutes: what files are being accessed and which process is causing the issue? Open the resource monitor and you'll see all of the I/O operations and be able to determine the PID of the process responsible. Chances are it is a service hosted by svchost. Which service is it? Vista's task manager will show you which services are hosted within which processes.
A user complains about random crashes that started about a week ago. Use the stability chart to see which programs are crashing, when the issue started happening, and what changes were made to the system on that date.
Personally, Vista has been far more stable on my computer than XP or Linux (been running RTM for about four months now). But when there is a problem, it has been considerably easier to diagnose and solve on Vista than it was with XP or Linux. In particular, I have a much higher degree of confidence that I can solve other people's computer problems by sitting down at their computer and using the built in tools.
Yes, it sells the Wii. But does it sell games? Out of all the people I know who own/play the Wii, very few have played anything other than Wii Sports. Most of them have spent many hours playing this particular game. I've seen people buy the Wii and not bother to buy any other games for months.
If you look at the software sales data, the only company whose games are selling well for the Wii is Nintendo. By all accounts the hardware is selling faster than the Xbox 360, but the software isn't. It's almost as if Nintendo created the single game that people want to play on the Wii (and they're willing to pay $250 to play it).