That is good, there is a good security model in the basis of both.NET & NT, the problem is that the defualt permissions were always too lax, resulting in unsecure default installations, which not many bother/or had the knowledge to change. That is a re-assuring.
Think about outputting data from DB to a table. That can very easily became big. IE handles that rather well, as well as handling complex, big (400KB) documents well enough. My experiance with NS & Mozilla (not lately, though) shows that even on simple & small pages, they have problems, usually the fatal kind.
Yes, you can do that using Javascript. (Well, JScript, actually, but that is close enough to be nearly meaningless.) Hell, you can write ILOVEU in REXX, and it would work just as well as the original, if the pharser was installed.
And exactly what prevents you from taking out the function that checks the dungle? It would require a dungle with a couple of vital parts of the program to work, and even then, assuming you've one legal copy, you could probably find a way to copy from it. A useful way would require telling the CPU to fetch the instructions from the dungle, with no way for instructions outside the dungle being able to read into the dungle's adress space, only to jump into it and start executing.
Raise the pay checks, then, god knows that they can afford it. Never mind the fact that stock options doesn't matter that much today. MSFT stock did a dive when dot com busted, went from ~120$ to about third that much in a couple of months, no it keep floating on the verge 60$ for quite some time.
I know that I certainly does it, most computer programmers do it often, if they don't talk English as a first language, it's just too painful to talk about technical terms in non-english, because that is what we all learned it on.
Actually, the Ariane 501 is one case where the system worked, it wasn't designed for this type of rocket, and when it noticed that the rocket didn't behave properly, it self-destruct, *that* was the proper thing to do, under the circumstances.
The Mars orbiter and the auto pilot are certainly two points that makes it clear that there is no bug-free software. It's interesting to note, though, that what they missed was not some dangling pointer, or overflow or something which is common on most software, that was a usage bug, not a "trying-to-be-smart" bug, which is why it's quite so funny one.
BTW, out of the above mentioned 5 ways to disable the auto pilot, how many of them are completely manual?
Google *does* accept money for putting links. The difference is that Google does it in a straight forward way, and marks those links as "Sponsored links". You can buy a link on the search of a word for a fairly low price. See http://www.google.com/ads/ for the detials.
Well, he might just decide to drop the price of the share short-term, for the long term profits, and in the mean time, buy some more shares himself, at the lower price.
It requires a (free) registration, but it's quite good, it carries a good portion of the hirercy, and usually updates quickly enough. But on general, yes, free (of any good) NTTP services are *rare*. I'd to resort to using my ISP's NTTP service because of this, which is sub-optimal at best.
> WRONG! The Code that act's as the autopilot for aircraft is bug-free.. it has to.. The Code that controlls the flight path of a nuclear weapon is bug-fre... it has to. The Software that launches the space shuttle is bug-free.... it has to.. ANY software that runs the life support equipment in any hospital is bug free... it has to...
Actually, you are wrong in your examples, and may be correct in your assesement. Let's take the shace shuttle example, shall we? Bug-freedom is achieved by: A> Highly rigid quality assurance. Un-feasable for any non-life-critical situation, due to extremely high cost. B> Two independent, different, systems, that checks each others constantly. Those system have both different software and hardware (and possibly a design phylosophy), so a bug in the same place is highly unlikely.
Face it, bug-free software is possible, but once you get beyond notepad level, you are going to have to face the problem of getting the money to fix all the problems is greater (often *much* greater) than you will get, not to mention the *time* it takes to get such checks made.
> I really hate it when programs I have to use are entirely GUI-based. I want to automate as much as possible, and having the ability to create a simple shell-script for doing what I want is really useful. Not that I don't appreciate having a nice gui, I really do.
> But whenever you add functionality to a program, ask yourself the question: "Could this be thought to be even remotely useful for someone to use from a shell script?" If the answer to that question is "yes", then make it available from the command-line as well. An example of software that really doesn't follow this guideline is most installation programs. Most sysadmins do not appreciate sitting in front of 10's or 100's of computers pushing "Next" and "Finish".
Well, you've got the wrong impression, you've this ability in windows for a very long time, it's called window shell host scripting, there isn't much in windows that you can't do with it. And it's certainly true for all the installation programs that I'm familiar with.
They don't *have* 20 (actually 50) words for snow.
They have specification of snow.
Soft snow, hard snow, dangerous snow, etc.
It's like saying that we have 1000's of words for dog, because there is a word for each race.
SE_TCB_NAME & SE_CHANGE_NOTIFY_NAME privileges are needed for Win2K (no longer needed in XP) in order to call LogonUser().
Those two priveleges doesn't justify having IIS running as SYSTEM.
Actually, it's usually not an implementation problem, but of a configuration problem.
IIS's add-ons are the only major applications that suffer from constant problems in Windows, and most of those problems could be avoided if only they had a better configuration.
They are improving in this too, withness the ASP.NET configuration.
Bullshit!
I don't like raw Win32 myself, as it based on C, an un-type-safe language, and it shows in the API a *lot*.
But, there is *nothing* that prevents them from creating a new API, and keeping Win32 in a frozen status, in fact, that is what they did in.NET, (only they built.NET on top of Win32, to have 9x support).
I would've used the NT's design for sub-systems, which lends itself very easily to do something like this.
> You mean the OS is supposed to catch mistakes from beta video hardware before it triggers a crash?
Haven't look at it for a long time, but IIRC, that is exactly what Windows is doing when it catches some mistakes in a driver.
Blue Screening is just a much better option than trying to fix it, as the system has no idea what the intention was, or how to fix it.
Considerring that it's such a low-level code, it has no way to recover from the error, so it doesn't the last thing it can and tells the user about it, and closes itself down.
It's actually rare for Windows to *crash* for real.
Oh? Really?
Care to dicuss about it?
What, exactly, are the problems with Windows security *Model*?
Not the implementation, but the model itself.
I would be very interested to hear you try to find some.
You might be able to throw some slum on Windows' structure, and even that is arguable, but defaintly not on the security model.
Actually, they *have* already improved many things.
You've to understand that much of the difference between Windows & *nix security isn't in the coding quality. I think that MS code-quality is superior, but they suffer one critical flaw in their thinking that kept tripping them.
Running thinks as SYSTEM! Especially IIS.
I can't help saying how *stupid* this is.
It's worse than running things as root, because SYSTEM isn't *needed* for about 90% of the things that they used it for.
It was just more convenient to use SYSTEM rather than some other account because it bypass all security checkings.
And NT's security systems allows you to define the permissions so you don't need super-user powers to do this.
Thus, a bug in the code will give complete control over the machine.
ASP.NET has finally understood it, and they are now running as MACHINE (less-privilege user) which may cause some trouble for the ASP coder, but will grant much better security.
Another problem is taking the approach of everything is on as default, when it should be exactly opposite, or, much better, everything off until it's called.
Slashdot Mirror
That is good, there is a good security model in the basis of both .NET & NT, the problem is that the defualt permissions were always too lax, resulting in unsecure default installations, which not many bother/or had the knowledge to change.
That is a re-assuring.
Think about outputting data from DB to a table.
That can very easily became big.
IE handles that rather well, as well as handling complex, big (400KB) documents well enough.
My experiance with NS & Mozilla (not lately, though) shows that even on simple & small pages, they have problems, usually the fatal kind.
Yes, you can do that using Javascript. (Well, JScript, actually, but that is close enough to be nearly meaningless.)
Hell, you can write ILOVEU in REXX, and it would work just as well as the original, if the pharser was installed.
TINSTAFL is a favoraite of mine.
AAAAAAA -- All-American Association Against Acronym Abuse Anonymous, too.
EEETLA -- Enhanced Expanded Extended Three Letter Acronym, is also nice.
And exactly what prevents you from taking out the function that checks the dungle?
It would require a dungle with a couple of vital parts of the program to work, and even then, assuming you've one legal copy, you could probably find a way to copy from it.
A useful way would require telling the CPU to fetch the instructions from the dungle, with no way for instructions outside the dungle being able to read into the dungle's adress space, only to jump into it and start executing.
I know that it will probably terrify you, but:
A> Go outside.
B> Find the local police foresnic department.
C> Ask.
Raise the pay checks, then, god knows that they can afford it. Never mind the fact that stock options doesn't matter that much today.
g &m ode=basics&symbol=MSFT%60&selected=MSFT%60&chart=5 &elem=0
MSFT stock did a dive when dot com busted, went from ~120$ to about third that much in a couple of months, no it keep floating on the verge 60$ for quite some time.
http://quotes.nasdaq.com/quote.dll?page=chartin
I didn't heard about a lot of employees quiting then, and they would certainly won't quit now.
I know that I certainly does it, most computer programmers do it often, if they don't talk English as a first language, it's just too painful to talk about technical terms in non-english, because that is what we all learned it on.
Actually, the Ariane 501 is one case where the system worked, it wasn't designed for this type of rocket, and when it noticed that the rocket didn't behave properly, it self-destruct, *that* was the proper thing to do, under the circumstances.
The Mars orbiter and the auto pilot are certainly two points that makes it clear that there is no bug-free software.
It's interesting to note, though, that what they missed was not some dangling pointer, or overflow or something which is common on most software, that was a usage bug, not a "trying-to-be-smart" bug, which is why it's quite so funny one.
BTW, out of the above mentioned 5 ways to disable the auto pilot, how many of them are completely manual?
Google *does* accept money for putting links.
The difference is that Google does it in a straight forward way, and marks those links as "Sponsored links".
You can buy a link on the search of a word for a fairly low price.
See http://www.google.com/ads/ for the detials.
Well, he might just decide to drop the price of the share short-term, for the long term profits, and in the mean time, buy some more shares himself, at the lower price.
http://pubnews.netcom.net.uk/
It requires a (free) registration, but it's quite good, it carries a good portion of the hirercy, and usually updates quickly enough.
But on general, yes, free (of any good) NTTP services are *rare*.
I'd to resort to using my ISP's NTTP service because of this, which is sub-optimal at best.
> WRONG! The Code that act's as the autopilot for aircraft is bug-free.. it has to.. The Code that controlls the flight path of a nuclear weapon is bug-fre... it has to. The Software that launches the space shuttle is bug-free.... it has to.. ANY software that runs the life support equipment in any hospital is bug free... it has to...
Actually, you are wrong in your examples, and may be correct in your assesement.
Let's take the shace shuttle example, shall we? Bug-freedom is achieved by:
A> Highly rigid quality assurance. Un-feasable for any non-life-critical situation, due to extremely high cost.
B> Two independent, different, systems, that checks each others constantly. Those system have both different software and hardware (and possibly a design phylosophy), so a bug in the same place is highly unlikely.
Face it, bug-free software is possible, but once you get beyond notepad level, you are going to have to face the problem of getting the money to fix all the problems is greater (often *much* greater) than you will get, not to mention the *time* it takes to get such checks made.
> I really hate it when programs I have to use are entirely GUI-based. I want to automate as much as possible, and having the ability to create a simple shell-script for doing what I want is really useful. Not that I don't appreciate having a nice gui, I really do.
> But whenever you add functionality to a program, ask yourself the question: "Could this be thought to be even remotely useful for someone to use from a shell script?" If the answer to that question is "yes", then make it available from the command-line as well. An example of software that really doesn't follow this guideline is most installation programs. Most sysadmins do not appreciate sitting in front of 10's or 100's of computers pushing "Next" and "Finish".
Well, you've got the wrong impression, you've this ability in windows for a very long time, it's called window shell host scripting, there isn't much in windows that you can't do with it.
And it's certainly true for all the installation programs that I'm familiar with.
Well, maybe it's because it's an I/O issue, and, especially on networks, that isn't something that you can accurately predict?
Are you talking about CFront, by any chance?
They don't *have* 20 (actually 50) words for snow.
They have specification of snow.
Soft snow, hard snow, dangerous snow, etc.
It's like saying that we have 1000's of words for dog, because there is a word for each race.
Win9x does it because it allows applications to write over kernel data structure, and isn't relevent to the discussion.
Win2K does it only in situation where linux would kernel panic.
SE_TCB_NAME & SE_CHANGE_NOTIFY_NAME privileges are needed for Win2K (no longer needed in XP) in order to call LogonUser().
Those two priveleges doesn't justify having IIS running as SYSTEM.
Either that or the Linux kernel :-)
Seriously though, the above description fits roughly 90% of the applications that most linux elite loves so much.
Actually, it's usually not an implementation problem, but of a configuration problem.
IIS's add-ons are the only major applications that suffer from constant problems in Windows, and most of those problems could be avoided if only they had a better configuration.
They are improving in this too, withness the ASP.NET configuration.
Bullshit! .NET, (only they built .NET on top of Win32, to have 9x support).
I don't like raw Win32 myself, as it based on C, an un-type-safe language, and it shows in the API a *lot*.
But, there is *nothing* that prevents them from creating a new API, and keeping Win32 in a frozen status, in fact, that is what they did in
I would've used the NT's design for sub-systems, which lends itself very easily to do something like this.
> You mean the OS is supposed to catch mistakes from beta video hardware before it triggers a crash?
Haven't look at it for a long time, but IIRC, that is exactly what Windows is doing when it catches some mistakes in a driver.
Blue Screening is just a much better option than trying to fix it, as the system has no idea what the intention was, or how to fix it.
Considerring that it's such a low-level code, it has no way to recover from the error, so it doesn't the last thing it can and tells the user about it, and closes itself down.
It's actually rare for Windows to *crash* for real.
Oh? Really?
Care to dicuss about it?
What, exactly, are the problems with Windows security *Model*?
Not the implementation, but the model itself.
I would be very interested to hear you try to find some.
You might be able to throw some slum on Windows' structure, and even that is arguable, but defaintly not on the security model.
Actually, they *have* already improved many things.
You've to understand that much of the difference between Windows & *nix security isn't in the coding quality. I think that MS code-quality is superior, but they suffer one critical flaw in their thinking that kept tripping them.
Running thinks as SYSTEM! Especially IIS.
I can't help saying how *stupid* this is.
It's worse than running things as root, because SYSTEM isn't *needed* for about 90% of the things that they used it for.
It was just more convenient to use SYSTEM rather than some other account because it bypass all security checkings.
And NT's security systems allows you to define the permissions so you don't need super-user powers to do this.
Thus, a bug in the code will give complete control over the machine.
ASP.NET has finally understood it, and they are now running as MACHINE (less-privilege user) which may cause some trouble for the ASP coder, but will grant much better security.
Another problem is taking the approach of everything is on as default, when it should be exactly opposite, or, much better, everything off until it's called.