Bottom line - the more people use Firefox, the more people look for bugs and vulnerabilities, the more people find them. The same thing happened with IE.
But, how can that be ? We are constantly being told marketshare is irrelevant !
When I start hearing on slashdot that the $500-700 walmart PCs are running Vista o.k. to comfortablly then I'll recommend folks to buy it. I've heard a very wide range of opinions, but it seems to be make sure you have the RAM and CPU to handle vista. I don't think that's at the $500-700 price point, yet.
$500 at Dell buys you a PC with a Sempron 3400+, 1G RAM and an x1300 video card (although no monitor). Vista will run fine on that. Another $130 bumps to to 2G RAM and into the realms of "fast".
I wonder how he arrives at that? If the program already existed, and Vista didn't, and MS wrote Vista with backward compatibility in mind (did they?) it's hardly the app vendor's fault. But even if MS didn't care about backward compatibility, that's not the app vendor's fault. They can't write programs to an OS that hasn't been written! So this was just a goofy statement.
It's an accurate statement because a massive proportion of developers don't write their applications to the documented APIs or using recommended best practices. So they write their applications with things like hard-coded directory paths (eg: C:\Program Files), try to write data to places they should (dumping errors to something like c:\error.log is a common favourite), reverse-engineer some API (rather than actually reading the documentation) or rely on buggy behaviour (rather that reading the documentation and doing it properly).
For example: no Windows application written since about 1998 has any excuse for needlessly requiring Administrator privileges to run. Yet many - probably most - of them do. That is 100% the fault of the software developers and there's only so much that can be done to retain compatibility without making too many sacrifices in other areas.
Photoshop is 'cmd-space+p+h+enter' and it is open." Actually, it's cmd-space+p+h+[down arrow]+enter. I'm waiting for Leopard when it will finally just select the top item for me.
That's not what you said the first time. You said 95% of them didn't have a PC capable of running Vista.
But as anyone with less an A+ cert knows the minimum requirements aren't actually enough to run the program productively. They always complain how slow XP is, even though they more than exceed its min requirements. Take a look at Dells little chart, you'll notice that the recommended is a dual core chip, none of my friends will ever buy one of those things.
Sure they will. In 12 months, it'll be practically impossible to buy a computer that *doesn't* have multiple cores.
Their computers are closer to Vista "capable" so they'll only be able to, and I quote, " Booting the Operating System, without running applications or games." So don't tell me Vista doesn't have ridiculous hardware requirements.
It doesn't. Vista is quite usable on a ~1Ghz P3 with 1GB RAM and a US$30 Aero-capable video card. Basically any PC up to about 7 years old should be able to run Vista with modest upgrades, and anything except budget machines up to about 5 years old should be good to go right off the bat.
This is hardly unreasonable. It's no different to other contemporary OSes delivering similar functionality.
Maybe 95% of your friends have PCs that don't meet those specs, but if that's the case, it's highly likely they wouldn't able to afford an OS upgrade _anyway_, or wouldn't be interested in an OS like Vista, so the whole argument is moot.
Vista's hardware requirements aren't even *close* to being "ridiculous". A new sub-US$500 PC will run it without a problem.
P3 is not enough to work with Vista comfortably even with Aero and all the bells & whistles disabled, sorry.
A ~1Ghz P3 with 1GB+ RAM and an Aero-capable video card is quite capable of running Vista. Heck, I've installed it on a 500Mhz P3 laptop with 568M RAM and it was still usable for basic tasks.
Incidentally, if your video card is capable of supporting Aero (and if it isn't, the $30 is well spent) disabling it will actually make the whole machine _slower_.
You are technically correct-- Microsoft's ReadyBoost isn't quite swap.
It's not really anything like swap at all. Swap is for holding memory pages that cannot fit into physical RAM. ReadyBoost is for making hard disk access faster.
It's more like a hard drive cache to speed up random accesses to and from the disk. Typically these I/O caches are kept in memory, but I guess using a flash key would allow you to have a bigger (although slower) I/O cache.
In Windows there is *also* the "memory" cache. The point of ReadyBoost is an additional level of caching on top of that. Think of it like the multilevel caching that happens with CPUs:
I remember saying [...] that people would spend more money on software than on hardware. We certainly haven't passed that milestone by quite a margin.
We passed it long ago - especially once you move outside the realm of commodity consumer software. We have a whole office here full of AU$2000 PCs running software that has an AU$10,000 per-seat licensing cost.
Heck, even our RHAS licenses cost us more over the lifetime of the machine than the hardware itself, for most machines.
IMHO, if you don't have a working project that I can download for free, install on my own hardware, and get working without having to hack the source code in a major way, you're not really an open source project.
Translation: if you're trying to make money off it, it's not Open Source.
What again was disk cache in main memory supposed to do?
Caching.
What, you've never heard of multi-level caching ? It's one of the main reasons computers today are as fast as they are.
This is for small frequently-WRITTEN files.
No, it's for reads. Caching _writes_ via a device that could potentially disappear at any instant would be foolish (arguably, caching writes at all on a system that isn't at the very least on a UPS is foolish, but most people prefer the higher performance).
Why are most terrorist groups claiming grievences that are long dead history?
Because it allows them to take the easy way out and lay the blame for their currently fucked-up situations at the feet of others, rather than doing the hard work to fix it themselves.
The only time people advance socially, culturally, artistically and technologically, is when they spend more time trying to remedy the problems in their lives themselves than they do tring to use others as scapegoats.
Yea, that what I was wondering what the point of using a USB device as RAM?
This is not what ReadyBoost does.
The only reason I can think of is Vista's ridiculous hardware requirements.
They're not "ridiculous".
They know at least 60% of computer users(I know 95% of my friends don't) don't even have a system that could handle Vista so they came up with this half baked "solution" which doesn't even really work well.
95% of your friends don't have a PC with at least a Pentium 3 and a gigabyte of RAM ?
My claim is that there exist *some* works that would not have been made but for copyright, and every honest person already accepts this.
A claim you haven't even produced a sound argument to support, let alone actual evidence.
Take any 20th century Hollywood movie. (The time, not the studio.)
Are you seriously trying to argue the sole reason people go to the cinemas to watch movies and buy DVDs is because of _copyright law_ ? That doesn't even pass the laugh test.
I justify this on the claim that copyright as such does not hurt any copyright-free revenue method. See the several times I have demonstrated this.
Your have _not_ justified this claim. You have waved your hands and proclaimed "because I say so", but that's not evidence.
Correction: monopolies are economic bad news iff they induce an economic inefficiency. That clearly does not apply to goods that only exist because of an act of the monopolist.
You have yet to offer proof of such works and, more importantly, that such works' value outweights the negative impacts of copyright.
That would imply that a monopoly on your own labor (i.e. prohibition of slavery) is "economic bad news".
You're trying to equate the criminalisation of slavery with monopoly-related laws ? Now you're just trolling.
As for whether copyright is "created and enforced by the State", that's only true to the extent that any property right, including that in your labor is created and enforced by the State. If one requires/doesn't require the state, the other requires/doesn't require the State.
Except copyright is wholely and solely a legal fiction. Physical property law at least has a grounding in the real world (or "natural law", if you prefer).
So, it discourages work beyond the work that they only created because of copyright? Well, without copyright, you don't get the first one.
Again with the unproved assumption. You can't use an unproven assumption to support a subsequent argument.
Only to the extent that it fails to shift the cost onto violators, which all laws should be expected to do in the first place.
No, it generates such overheads because of the inherent aspects of trying to use the law to artificially impose scarcity on a good with infinite supply. You could loosely compare it to, say, the overheads of anti-prostitution laws, or the overheads endured by various tariffs and/or subsidies that are used to artificially manipulate market forces.
So, you still haven't listed one.
I've listed three.
They're entirely relevant.
No, they're not. Or are you trying to argue that "copyright" has no problems because of implementation flaws, despite every implementation exhibiting the same problems ?
Sure, because -- let me guess -- you removed the alienability of copyright bundle. ("All the revenues should go to the artist, man, not the distributor!") Why you think removing the utility of the rights an artist have under copyright would make the rights more valuable is beyond me.
No, because I tied the copyright term to both the popularity of a work (more popular works exit copyright protection sooner) and - more crudely - the time take to create it (the longer it takes, the longer the work is in copyright).
(I also made copyright an opt-in, rather than automatic, protection - but that's not really relevant to this aspect.)
My system means popular, highly profitable works leave the copyright system - and its protections - quickly, so content creators are compelled to continue producing works. Ie: they actually have to _continually be productive_ like basically every other class of worker to survive.
My intellectual opponents here go beyond lacking data; they don't describe a scenario in which favorable data would exist.
The irony here is nearly suffocating.
Yes, I have, see above, and every post leading up to
In MS-environment, _every_ program_ _must have_ (major) write-access to registry and system directories -> UAC every time you try to install or change anything. That's a _big_ difference. Like 1 to 100.
The idea that every program may write whatever they want in registry is outrageous. Only an idiot could design something like that.
You have absolutely no idea what you are talking about.
Yes, Cutler was the main designer of both. But that doesn't mean he actually managed to carry over the benefits of VMS. Had you actually ever used VMS, you'd know that it trumps the security of Windows NT hundreds of times over.
How ? Please give details.
They are virtually nothing alike. VMS does a great job of providing a secure multi-user operating system, while Windows NT does not (as is shown by the numerous exploits).
An incredibly poor "justification". VMS and Windows NT have user demographics worlds apart.
Your argument is akin to saying the fact that proportionally more black people are in gaol, is evidence that their skin colour turns them into criminals.
The main problem Cutler had with Windows NT was maintaining backwards compatibility with Windows 3.x and MS-DOS.
How so ? How does it negatively impact security, given it's implemented via user space code ?
Another problem was that Windows NT was initially designed to be a single-user operating system, thus the security system was designed with this in mind. Its multi-user capabilities were tacked on years later. Systems like VMS and UNIX, on the other hand, were built from the ground-up as multi-user systems, and thus took into consideration the security needs of such usage patterns.
Windows NT was designed from day one to be multiuser, according to every shred of documented evidence, including Cutler himself. What is the basis for your claim ?
(Incidentally, UNIX *was* initially a single-user system. The "multiuser" part was tacked on afterwards.)
If you stopped reading after this sentence, then you missed the reason why the author made the statement.
I alread know why he made it - ignorance.
Oh, by the way he's 100% correct in what he said. The OS integration that IE4-6 employs makes any Windows system more vulnerable to malicious code and exploit.
No, it doesn't. It's no different to the "integration" that KDE, GNOME and OS X have with their respective browser components. IE is a shared component loaded on demand to provide certain functionality.
IE does not run with higher privileges. It does not have any special backdoors into the system. It can't do anything that any other similarly exploited application or shared library could do. It's userspace code and executes with the privilege levels of the user running it.
I recommend you give the article another try. If you read the whole thing, you'll see that the author is actually applauding Microsoft's changes to IE7 running on Vista. It isn't perfect, but few things are (even on Linux/Mac/UNIX).
The problem is he's "applauding" them from a position of ignorance.
So, I read on to page 2. After a few paragraphs of biased drivel, we get to this gem:
So you see that, here again, MS's security strategy involves shifting responsibility to the user.
Hmm. Maybe that's because when the user tells the OS to do something that OS has already flagged as a potentially bad idea, it *is* the user's fault ?
The OS has no way of identifying what is and is not malicious code. That's why it asks. The situation is exactly the same on OS X and Linux (actually, it's worse, since 'sudo' typically executes code as root).
But, I'm a generous soul, so we'll give it another chance. Third time lucky, eh ?
Until MS gets it through their thick skulls that a multi-user OS needs a separate admin account and a user account for the owner, and that the owner should be encouraged to work from a regular user account as much as possible, UAC will never work as intended.
Except Vista _does_ have separate "Admin" and "User" accounts, just like OS X and Linux. The only difference is you elevate privileges by clicking a button, rather than typing a password (this is configurable, you can set it to prompt for a password if you want to).
Third strike, he's out. Clearly the author is utterly clueless on the technical aspects of Vista (and Windows in general). Thus, any criticisms of technical details by him, are worse than worthless - they're misleading to others of similar levels of ignorance (like, say, a sizable proportion of Slashdot readers who will subsequently quote this tripe as "fact").
For many of us, that's the problem with the MS monopoly. It's OS development and innovation that those 15 years have passed by, and that's purely because there's been no opportunity for competition.
Which explains why all those other contemporary OSes have similar hardware requirements to deliver similar features, right ? Microsoft's "monopoly" is why OSX, Linux, Solaris, et al have followed the same path ?
The security of Windows has always been built upon such a foundation of shit. That's why it's had so many problems. Instead of drawing from the proven security models of systems like UNIX and VMS, the Windows developers went and rolled their own. And you know what? It was shit. It didn't have a solid theoretical underpinning like the security model of other systems have. It's been over 20 years later, and they still haven't looked to the proven models for inspiration.
Windows has the same "theoretical underpinning" as VMS (hardly surprising, given they're designed by the same person). Which is, I must point out, vastly superior to that of traditional (and most contemporary, at least as commonly configured) UNIXes.
There is little, to nothing, wrong with the "foundation" of Windows.
Bottom line - the more people use Firefox, the more people look for bugs and vulnerabilities, the more people find them. The same thing happened with IE.
But, how can that be ? We are constantly being told marketshare is irrelevant !
What is ReadyBoost doing, then?
Caching disk access.
It's essentially a DIY version of a "hybrid hard disk".
When I start hearing on slashdot that the $500-700 walmart PCs are running Vista o.k. to comfortablly then I'll recommend folks to buy it. I've heard a very wide range of opinions, but it seems to be make sure you have the RAM and CPU to handle vista. I don't think that's at the $500-700 price point, yet.
$500 at Dell buys you a PC with a Sempron 3400+, 1G RAM and an x1300 video card (although no monitor). Vista will run fine on that. Another $130 bumps to to 2G RAM and into the realms of "fast".
Budget PCs run Vista fine, today.
I wonder how he arrives at that? If the program already existed, and Vista didn't, and MS wrote Vista with backward compatibility in mind (did they?) it's hardly the app vendor's fault. But even if MS didn't care about backward compatibility, that's not the app vendor's fault. They can't write programs to an OS that hasn't been written! So this was just a goofy statement.
It's an accurate statement because a massive proportion of developers don't write their applications to the documented APIs or using recommended best practices. So they write their applications with things like hard-coded directory paths (eg: C:\Program Files), try to write data to places they should (dumping errors to something like c:\error.log is a common favourite), reverse-engineer some API (rather than actually reading the documentation) or rely on buggy behaviour (rather that reading the documentation and doing it properly).
For example: no Windows application written since about 1998 has any excuse for needlessly requiring Administrator privileges to run. Yet many - probably most - of them do. That is 100% the fault of the software developers and there's only so much that can be done to retain compatibility without making too many sacrifices in other areas.
He doesn't even honestly talk about the draconian nightmarish DRM infections in Vista.
Probably because, like 99% of people, he'll never, ever have to worry about them.
No way am I going to relinquish my computer rights to Microsoft and the pathetic content providers.
Then don't use DRM encumbered media. Whether or not you are using Vista is irrelevant.
Photoshop is 'cmd-space+p+h+enter' and it is open." Actually, it's cmd-space+p+h+[down arrow]+enter. I'm waiting for Leopard when it will finally just select the top item for me.
Cmd+Enter will open the top item.
95% of my friends meet the minimum requirements.
That's not what you said the first time. You said 95% of them didn't have a PC capable of running Vista.
But as anyone with less an A+ cert knows the minimum requirements aren't actually enough to run the program productively. They always complain how slow XP is, even though they more than exceed its min requirements. Take a look at Dells little chart, you'll notice that the recommended is a dual core chip, none of my friends will ever buy one of those things.
Sure they will. In 12 months, it'll be practically impossible to buy a computer that *doesn't* have multiple cores.
Their computers are closer to Vista "capable" so they'll only be able to, and I quote, " Booting the Operating System, without running applications or games." So don't tell me Vista doesn't have ridiculous hardware requirements.
It doesn't. Vista is quite usable on a ~1Ghz P3 with 1GB RAM and a US$30 Aero-capable video card. Basically any PC up to about 7 years old should be able to run Vista with modest upgrades, and anything except budget machines up to about 5 years old should be good to go right off the bat.
This is hardly unreasonable. It's no different to other contemporary OSes delivering similar functionality.
Maybe 95% of your friends have PCs that don't meet those specs, but if that's the case, it's highly likely they wouldn't able to afford an OS upgrade _anyway_, or wouldn't be interested in an OS like Vista, so the whole argument is moot.
Vista's hardware requirements aren't even *close* to being "ridiculous". A new sub-US$500 PC will run it without a problem.
P3 is not enough to work with Vista comfortably even with Aero and all the bells & whistles disabled, sorry.
A ~1Ghz P3 with 1GB+ RAM and an Aero-capable video card is quite capable of running Vista. Heck, I've installed it on a 500Mhz P3 laptop with 568M RAM and it was still usable for basic tasks.
Incidentally, if your video card is capable of supporting Aero (and if it isn't, the $30 is well spent) disabling it will actually make the whole machine _slower_.
You are technically correct-- Microsoft's ReadyBoost isn't quite swap.
It's not really anything like swap at all. Swap is for holding memory pages that cannot fit into physical RAM. ReadyBoost is for making hard disk access faster.
It's more like a hard drive cache to speed up random accesses to and from the disk. Typically these I/O caches are kept in memory, but I guess using a flash key would allow you to have a bigger (although slower) I/O cache.
In Windows there is *also* the "memory" cache. The point of ReadyBoost is an additional level of caching on top of that. Think of it like the multilevel caching that happens with CPUs:
CPU Core <-> L1 cache <-> L2 cache [<-> L3 cache] <-> RAM
HDD <-> HDD cache [<-> controller cache] <-> ReadyBoost <-> "Memory Cache"
Another way to think of it is a DIY version of those "Hybrid hard disks" with onboard flash.
I remember saying [...] that people would spend more money on software than on hardware. We certainly haven't passed that milestone by quite a margin.
We passed it long ago - especially once you move outside the realm of commodity consumer software. We have a whole office here full of AU$2000 PCs running software that has an AU$10,000 per-seat licensing cost.
Heck, even our RHAS licenses cost us more over the lifetime of the machine than the hardware itself, for most machines.
IMHO, if you don't have a working project that I can download for free, install on my own hardware, and get working without having to hack the source code in a major way, you're not really an open source project.
Translation: if you're trying to make money off it, it's not Open Source.
What again was disk cache in main memory supposed to do?
Caching.
What, you've never heard of multi-level caching ? It's one of the main reasons computers today are as fast as they are.
This is for small frequently-WRITTEN files.
No, it's for reads. Caching _writes_ via a device that could potentially disappear at any instant would be foolish (arguably, caching writes at all on a system that isn't at the very least on a UPS is foolish, but most people prefer the higher performance).
Way has no one came out with a pci based ram disk card with out higher cost of battery back up for use as a high speed temp disk?
They have.
Why are most terrorist groups claiming grievences that are long dead history?
Because it allows them to take the easy way out and lay the blame for their currently fucked-up situations at the feet of others, rather than doing the hard work to fix it themselves.
The only time people advance socially, culturally, artistically and technologically, is when they spend more time trying to remedy the problems in their lives themselves than they do tring to use others as scapegoats.
Yea, that what I was wondering what the point of using a USB device as RAM?
This is not what ReadyBoost does.
The only reason I can think of is Vista's ridiculous hardware requirements.
They're not "ridiculous".
They know at least 60% of computer users(I know 95% of my friends don't) don't even have a system that could handle Vista so they came up with this half baked "solution" which doesn't even really work well.
95% of your friends don't have a PC with at least a Pentium 3 and a gigabyte of RAM ?
Basically, using flash memory for swap. Linux has been able to do this for a long time.
This is not what ReadyBoost is doing.
as one of my Citrix instructors used to say: "it takes citrix or terminal server to make windows multiuser".
Just because your instructor doesn't understand what "multiuser" actually means, doesn't make him right.
You cannot otherwise work *at the same time* on the same machine.
Right. So you think running a telnet server on DOS makes it multiuser ?
My claim is that there exist *some* works that would not have been made but for copyright, and every honest person already accepts this.
A claim you haven't even produced a sound argument to support, let alone actual evidence.
Take any 20th century Hollywood movie. (The time, not the studio.)
Are you seriously trying to argue the sole reason people go to the cinemas to watch movies and buy DVDs is because of _copyright law_ ? That doesn't even pass the laugh test.
I justify this on the claim that copyright as such does not hurt any copyright-free revenue method. See the several times I have demonstrated this.
Your have _not_ justified this claim. You have waved your hands and proclaimed "because I say so", but that's not evidence.
Correction: monopolies are economic bad news iff they induce an economic inefficiency. That clearly does not apply to goods that only exist because of an act of the monopolist.
You have yet to offer proof of such works and, more importantly, that such works' value outweights the negative impacts of copyright.
That would imply that a monopoly on your own labor (i.e. prohibition of slavery) is "economic bad news".
You're trying to equate the criminalisation of slavery with monopoly-related laws ? Now you're just trolling.
As for whether copyright is "created and enforced by the State", that's only true to the extent that any property right, including that in your labor is created and enforced by the State. If one requires/doesn't require the state, the other requires/doesn't require the State.
Except copyright is wholely and solely a legal fiction. Physical property law at least has a grounding in the real world (or "natural law", if you prefer).
So, it discourages work beyond the work that they only created because of copyright? Well, without copyright, you don't get the first one.
Again with the unproved assumption. You can't use an unproven assumption to support a subsequent argument.
Only to the extent that it fails to shift the cost onto violators, which all laws should be expected to do in the first place.
No, it generates such overheads because of the inherent aspects of trying to use the law to artificially impose scarcity on a good with infinite supply. You could loosely compare it to, say, the overheads of anti-prostitution laws, or the overheads endured by various tariffs and/or subsidies that are used to artificially manipulate market forces.
So, you still haven't listed one.
I've listed three.
They're entirely relevant.
No, they're not. Or are you trying to argue that "copyright" has no problems because of implementation flaws, despite every implementation exhibiting the same problems ?
Sure, because -- let me guess -- you removed the alienability of copyright bundle. ("All the revenues should go to the artist, man, not the distributor!") Why you think removing the utility of the rights an artist have under copyright would make the rights more valuable is beyond me.
No, because I tied the copyright term to both the popularity of a work (more popular works exit copyright protection sooner) and - more crudely - the time take to create it (the longer it takes, the longer the work is in copyright).
(I also made copyright an opt-in, rather than automatic, protection - but that's not really relevant to this aspect.)
My system means popular, highly profitable works leave the copyright system - and its protections - quickly, so content creators are compelled to continue producing works. Ie: they actually have to _continually be productive_ like basically every other class of worker to survive.
My intellectual opponents here go beyond lacking data; they don't describe a scenario in which favorable data would exist.
The irony here is nearly suffocating.
Yes, I have, see above, and every post leading up to
In MS-environment, _every_ program_ _must have_ (major) write-access to registry and system directories -> UAC every time you try to install or change anything. That's a _big_ difference. Like 1 to 100.
The idea that every program may write whatever they want in registry is outrageous. Only an idiot could design something like that.
You have absolutely no idea what you are talking about.
Yes, Cutler was the main designer of both. But that doesn't mean he actually managed to carry over the benefits of VMS. Had you actually ever used VMS, you'd know that it trumps the security of Windows NT hundreds of times over.
How ? Please give details.
They are virtually nothing alike. VMS does a great job of providing a secure multi-user operating system, while Windows NT does not (as is shown by the numerous exploits).
An incredibly poor "justification". VMS and Windows NT have user demographics worlds apart.
Your argument is akin to saying the fact that proportionally more black people are in gaol, is evidence that their skin colour turns them into criminals.
The main problem Cutler had with Windows NT was maintaining backwards compatibility with Windows 3.x and MS-DOS.
How so ? How does it negatively impact security, given it's implemented via user space code ?
Another problem was that Windows NT was initially designed to be a single-user operating system, thus the security system was designed with this in mind. Its multi-user capabilities were tacked on years later. Systems like VMS and UNIX, on the other hand, were built from the ground-up as multi-user systems, and thus took into consideration the security needs of such usage patterns.
Windows NT was designed from day one to be multiuser, according to every shred of documented evidence, including Cutler himself. What is the basis for your claim ?
(Incidentally, UNIX *was* initially a single-user system. The "multiuser" part was tacked on afterwards.)
(Be mindful of that irony, it's sharp.)
If you stopped reading after this sentence, then you missed the reason why the author made the statement.
I alread know why he made it - ignorance.
Oh, by the way he's 100% correct in what he said. The OS integration that IE4-6 employs makes any Windows system more vulnerable to malicious code and exploit.
No, it doesn't. It's no different to the "integration" that KDE, GNOME and OS X have with their respective browser components. IE is a shared component loaded on demand to provide certain functionality.
IE does not run with higher privileges. It does not have any special backdoors into the system. It can't do anything that any other similarly exploited application or shared library could do. It's userspace code and executes with the privilege levels of the user running it.
I recommend you give the article another try. If you read the whole thing, you'll see that the author is actually applauding Microsoft's changes to IE7 running on Vista. It isn't perfect, but few things are (even on Linux/Mac/UNIX).
The problem is he's "applauding" them from a position of ignorance.
So, I read on to page 2. After a few paragraphs of biased drivel, we get to this gem:
Hmm. Maybe that's because when the user tells the OS to do something that OS has already flagged as a potentially bad idea, it *is* the user's fault ?
The OS has no way of identifying what is and is not malicious code. That's why it asks. The situation is exactly the same on OS X and Linux (actually, it's worse, since 'sudo' typically executes code as root).
But, I'm a generous soul, so we'll give it another chance. Third time lucky, eh ?
Except Vista _does_ have separate "Admin" and "User" accounts, just like OS X and Linux. The only difference is you elevate privileges by clicking a button, rather than typing a password (this is configurable, you can set it to prompt for a password if you want to).
Third strike, he's out. Clearly the author is utterly clueless on the technical aspects of Vista (and Windows in general). Thus, any criticisms of technical details by him, are worse than worthless - they're misleading to others of similar levels of ignorance (like, say, a sizable proportion of Slashdot readers who will subsequently quote this tripe as "fact").
Try here. Search for "File System and Registry Virtualization".
If you want more details, consult MSDN or Google.
For many of us, that's the problem with the MS monopoly. It's OS development and innovation that those 15 years have passed by, and that's purely because there's been no opportunity for competition.
Which explains why all those other contemporary OSes have similar hardware requirements to deliver similar features, right ? Microsoft's "monopoly" is why OSX, Linux, Solaris, et al have followed the same path ?
The security of Windows has always been built upon such a foundation of shit. That's why it's had so many problems. Instead of drawing from the proven security models of systems like UNIX and VMS, the Windows developers went and rolled their own. And you know what? It was shit. It didn't have a solid theoretical underpinning like the security model of other systems have. It's been over 20 years later, and they still haven't looked to the proven models for inspiration.
Windows has the same "theoretical underpinning" as VMS (hardly surprising, given they're designed by the same person). Which is, I must point out, vastly superior to that of traditional (and most contemporary, at least as commonly configured) UNIXes.
There is little, to nothing, wrong with the "foundation" of Windows.
I just sent a suggestion to Microsoft. A virtual registry/file directory structure stored in each users profile, under the local settings folder.
Congratulations. You've just suggested to Microsoft they do exactly what they've already done in Vista.