Then why call it a bandaid ? It's not, it's part of a layered defense against malicious code.
What would a "non-bandaid" solution look like ? This:
Another security model is "deny by default" with a list of the things that are allowed. If it isn't on the list it isn't allowed to run or if it isn't on the list of things allowed to communicate it is not allowed to communicate.
Is ultimately useless so long as an ignorant end user can decide what is or is not on the whitelist.
Your final point is quite fortunately also incorrect but I am baffled as to how you can be so unobservant as to make it at all.
What's changed ? UAC is mostly about a better UI to existing functionality and a change to the default configuration of a certain subset of machines. ASLR and DEP are semantic changes enabled by hardware.
To sum up, instead of the virus scanner acting as a bandaid and list of bad stuff you instead have a list of what is allowed so that only the good stuff runs. It's not an "equivalent function". It instead removes the need for a virus scanner.
I think you misunderstand the point of AV software. It's not there to prevent things from running as a part of security policy, it's there to prevent things from running once your security policy has been circumvented.
So long as unmanaged computers exist, AV will always have its place because there are always going to be people prepared to "run this to see b00bies".
Incidentally, there's not really anything different about Windows' 7 security model as opposed to earlier versions of NT, all the way back to the 3.1. UAC is almost entirely a matter of user interface improvement.
Not really. Every office I've ever worked in always had Office and at least a couple of other mission critical applications along with it. Be it Quickbooks with various plugins, photoshop, endicia, the ups app for shipping, etc. Office and ie are nothing on arm without the rest of the third party gang along for the ride.
The target platform here is not fully-functional desktop PCs with ARM processors, it's tablets and other appliance-style devices.
It's too little, too late. Even if Microsoft was able to get "true" Windows working perfectly on arm, what about all the 3rd party apps? What about Office? Outlook? Anything that matters in the Microsoft ecosystem?
Well, they *own* Office, so that shouldn't be too much of a problem. IE is obviously already working. Between those two they've probably covered the requirements of something like 40-50% of users.
So I wouldn't doubt they've kept a division of MSR going with an up to date portable version of the NT code base. what I don't see how they can keep from getting bit in the ass on is if they name it Windows people are gonna expect Windows apps to work which of course they most assuredly WON'T, not without a recompile that most companies simply won't do.
There does not (yet, I suppose, but it's hard to see this changing) seem to be much interest in ARM for "non-appliances". People don't expect their OS X apps to run on their iPad, likewise they won't expect some random Windows application to run on whatever tablets/phones/appliances end up running "ARMWin", or whatever it gets called.
For instance, if my car was found near a crime scene at the time of the crime. I have to somehow PROVE i wasn't the one doing it.
Yes. This is commonly referred to as "police investigation". It's a fairly fundamental part of a) their jobs and b) solving crimes.
Note that if you become a suspect you will need an alibi, regardless of whether the number plate was seen on a camera, or recorded by an officer searching the surrounding area on foot with his Mk. 1 eyeballs.
The presumption of innocence does not mean you can't be suspected. It just means you can't be convicted without evidence.
And then we have the massive resistance of USians towards Diesels in cars.
Which is somewhat ironic, because from what I've seen the American driving style includes a lot of hard acceleration from standing starts - perfect for a high-torque diesel engine.
A performance comparison that measures pointless things like install times and number of clicks ? That has no serious explanation of the methodologies and whose authors have so little technical understanding they say things like "obviously Windows does have to worry about some things that Linux doesn't, namely DRM checks [...]" ? The only benchmark there that's even remotely meaningful and believable is the Python one.
What documentation do you find lacking on MSDN ?
Ext3 does fragment. It also lacks features like transactions, encryption and compression, which since fragmentation has no meaningful performance impact outside of corner cases, are _vastly_ more useful.
Windows's sudo equivalent is UAC. Its su equivalent is RunAs.
Ignoring that similarly featureful (or at least as much as it can be, given its less capable display system) Linux systems have essentially identical requirements, when even the cheapest bottom of the barrel PC is fast enough, it's irrelevant.
Someone who starts an article about the Registry talking about reverse-engineering its format rather than using the published APIs, clearly has an ax to grind.
Do not conflate "booting without a GUI" as "modular".
He certainly isn't a righty, he endorsed Obama for POTUS.
Obama (and the Democrats) are right wing, so that doesn't really say much. The fact they're marginally less right wing than the Republicans doesn't make them left wing.
There's basically no left-wing politics in the US. There's probably a handful of people who really do want to implement progressive policies like a decent welfare system, publicly funded healthcare and high taxes for the super-rich, but they're basically impotent. Which is why when US politics nods in the direction of those sorts of things, the actual outcome is just more money funnelled towards the richest 0.01% of the population at the cost of services that the poorest 25% rely on to survive.
His news organizations are more tabloid sensationalist than right.
His news organisations are pushing right-wing agendas the world over and have been a major reason why so many countries now have centre and centre-right parties in power doing exactly the same things there that they are in the US (dismantling public services, destroying the middle class and reducing the working class to peasants).
And Fox certainly isn't immune from influence, they just sacked Beck for pissing off the Saudis (who own a nice chunk of News Corp.) and did it fast. Beck started promoting a 'very special episode' on Monday to expose an organized threat to Israel scheduled to have aired Friday. Thursday was apparently his final episode. On Friday they expanded Special Report across the first airing and put RedEye on top of the repeat slot.
Ah, I see the problem. You're someone who takes Glen Beck seriously.
However, we have better healthcare in terms of curing people who are sick or injured, per capita, than those other countries. We pay more for a better system.
No, you don't. A few outliers who are unfeasibly rich, or have obscure ailments [and are insured] might get better care. The other 99.999% of the population get worse care (if they get it at all) at higher prices and with worse outcomes than anywhere else in the civilised world.
Then test and reproduce the big bang for me. Evolve a field mouse to an elephant. Recreate the moon. Make a star from scratch, complete with planets. Create matter from raw energy. Show me the curvature of space/time and recreate it in a lab. Prove that a space traveler does not age when traveling at the speed of light...
"Is your hypothesis testable" and "can you test your hypothesis right now" are two different things.
Good, because saying the reactor is fixed and there is no concern would be absolutely fucking ludicrous, wouldn't it? I wonder how much plane tickets to Japan are right now? I'd love to get the Pollyanna nuclear cheerleaders here a ticket to Japan, so they can check out the damage for themselves and report back to us, if they survive. It's no problem, right? Perfectly safe.
Nothing is perfectly safe.
Measuring across the entire lifetime, nuclear is still the safest form of power generation we have. The only other one that comes close is Hydro.
There is nothing in any of the shows where they connect to a local satellite and zoom in on someone taking a crap because they know precisely where they are or what they bought at the store.
Er, what ? They snatch people off random places on the planet (or in space) with transporters all the time !
The spoken word is just an auditory CLI. We operate those around us via commands (and requests, and interrogatives, but you get the idea) every day. I expect you'd find it quite unusual if someone tried to get you to do something just by pointing and clicking.
Most people understand that body language and intonation are critical parts of effective communication.
(Not to mention the problems of giving commands to someone who doesn't speak the same language as you.)
Management of those workstations is not what's holding Linux back [...]
Yes, it is (well, it's not the only thing, but it's a big thing). There is no set of standardised, simple tools for centrally managing Linux desktops (or servers, for that matter). Even *Red Hat* doesn't have anything remotely comparable to Group Policy, for fuck's sake. It boggles the mind.
Every Linux sysadmin out there with multiple machines has to - to varying degrees - reinvent the wheel and roll his own toolset for centrally managing Linux machines. The amount of wasted productivity this represents is phenomenal. Nor is that going to change any time soon - your average Linux admin is *proud* of the fact he had to DIY his own management infrastructure and considers anyone that doesn't do it anywhere from lazy to incompetent.
(And if it isn't, please, please, please take the bus, train, or trolley. If you don't enjoy driving, you're not going to be paying attention, which, frankly, makes you part of the problem.)
I know plenty of people who drive for "fun" but do it dangerously and don't pay the necessary attention. I also know plenty of people who have no interest in driving for the sake of driving, but are careful and attentive because they understand that's how you should act with a couple of tons of metal under your control.
The problem with driverless cars is not that they're going to be unsafe, but that they're basically useless. We HAVE means of transporting people so that they don't have to pay attention already.
Except they're more expensive and less convenient. Your same line of reasoning concludes: why have cabs when we already have buses and trains ?
And yet we still own cars. Why? Because they're _fun_. Who's going to drop US$50,000 on a car that they don't get to drive?
The vast majority of people for whom cars are a tool to get from A to B, and not a leisure pursuit ? I drive for fun on weekends. All the other trips involve wasting my valuable time sitting on roads full of other cars. A car that drove itself to work and back every day would be _awesome_.
I credit, almost entirely, the monoculture that was Microsoft, for the rise of Linux.
Really ? Because it's not like Linux was being used for tasks that Windows would frequently have been seriously considered for.
Linux was displacing commercial UNIX systems (Solaris, et al). Windows was displacing Novell servers in SMBs. These are mostly distinct and separate markets.
IE has always been terrible. Perhaps when Netscape was just starting out, IE may have been somewhat better from a UI standpoint only, with fancy hooks into the OS of the day [...]
You clearly have no idea what you're talking about.
Maybe you should look up the cost of living (food, utilities, transport, etc...) in the D.C. area (like many metro areas, it isn't cheap) and then consider a Congressman has to maintain a residence both in D.C. *and* in his home district.
There isn't a city anywhere in the *world* you couldn't maintain a comfortable standard of living in, with an income of $174k, and even "expensive" US cities are still quite a bit cheaper than expensive cities everywhere else.
That's before including all the benefits politicians get as well, that probably makes $250k a more realistic number to use when comparing to a normal working stiff's measure of income.
Anyone claiming to be "struggling" on such an income is disgusting to behold.
Slashdot Mirror
Then why call it a bandaid ? It's not, it's part of a layered defense against malicious code.
What would a "non-bandaid" solution look like ? This:
Is ultimately useless so long as an ignorant end user can decide what is or is not on the whitelist.
What's changed ? UAC is mostly about a better UI to existing functionality and a change to the default configuration of a certain subset of machines. ASLR and DEP are semantic changes enabled by hardware.
You might not be able to return it, but I'm sure you could *exchange* it for another identical piece of software.
I think you misunderstand the point of AV software. It's not there to prevent things from running as a part of security policy, it's there to prevent things from running once your security policy has been circumvented.
So long as unmanaged computers exist, AV will always have its place because there are always going to be people prepared to "run this to see b00bies".
Incidentally, there's not really anything different about Windows' 7 security model as opposed to earlier versions of NT, all the way back to the 3.1. UAC is almost entirely a matter of user interface improvement.
Please explain what "security system" performs an equivalent function to a virus scanner.
The target platform here is not fully-functional desktop PCs with ARM processors, it's tablets and other appliance-style devices.
Well, they *own* Office, so that shouldn't be too much of a problem. IE is obviously already working. Between those two they've probably covered the requirements of something like 40-50% of users.
There does not (yet, I suppose, but it's hard to see this changing) seem to be much interest in ARM for "non-appliances". People don't expect their OS X apps to run on their iPad, likewise they won't expect some random Windows application to run on whatever tablets/phones/appliances end up running "ARMWin", or whatever it gets called.
It has had for nearly twenty years. Fifteen if you only want to start counting from NT4. The problem isn't the lack of OS capability.
Apparently it is. Just look at the negative commentary in Slashdot about UAC, from people who should know better.
Yes. This is commonly referred to as "police investigation". It's a fairly fundamental part of a) their jobs and b) solving crimes.
Note that if you become a suspect you will need an alibi, regardless of whether the number plate was seen on a camera, or recorded by an officer searching the surrounding area on foot with his Mk. 1 eyeballs.
The presumption of innocence does not mean you can't be suspected. It just means you can't be convicted without evidence.
Nothing. It's what prevents you from being convicted without evidence, not for being suspected with evidence.
Which is somewhat ironic, because from what I've seen the American driving style includes a lot of hard acceleration from standing starts - perfect for a high-torque diesel engine.
A performance comparison that measures pointless things like install times and number of clicks ? That has no serious explanation of the methodologies and whose authors have so little technical understanding they say things like "obviously Windows does have to worry about some things that Linux doesn't, namely DRM checks [...]" ? The only benchmark there that's even remotely meaningful and believable is the Python one.
What documentation do you find lacking on MSDN ?
Ext3 does fragment. It also lacks features like transactions, encryption and compression, which since fragmentation has no meaningful performance impact outside of corner cases, are _vastly_ more useful.
Windows's sudo equivalent is UAC. Its su equivalent is RunAs.
Ignoring that similarly featureful (or at least as much as it can be, given its less capable display system) Linux systems have essentially identical requirements, when even the cheapest bottom of the barrel PC is fast enough, it's irrelevant.
Someone who starts an article about the Registry talking about reverse-engineering its format rather than using the published APIs, clearly has an ax to grind.
Do not conflate "booting without a GUI" as "modular".
Why should I give you an example ? The information is freely available, taught at universities and/or indexed by Google.
Which really highlights your ignorance. *By far* the largest volume of changes in Windows are invisible to the end user.
Obama (and the Democrats) are right wing, so that doesn't really say much. The fact they're marginally less right wing than the Republicans doesn't make them left wing.
There's basically no left-wing politics in the US. There's probably a handful of people who really do want to implement progressive policies like a decent welfare system, publicly funded healthcare and high taxes for the super-rich, but they're basically impotent. Which is why when US politics nods in the direction of those sorts of things, the actual outcome is just more money funnelled towards the richest 0.01% of the population at the cost of services that the poorest 25% rely on to survive.
His news organisations are pushing right-wing agendas the world over and have been a major reason why so many countries now have centre and centre-right parties in power doing exactly the same things there that they are in the US (dismantling public services, destroying the middle class and reducing the working class to peasants).
Ah, I see the problem. You're someone who takes Glen Beck seriously.
No, you don't. A few outliers who are unfeasibly rich, or have obscure ailments [and are insured] might get better care. The other 99.999% of the population get worse care (if they get it at all) at higher prices and with worse outcomes than anywhere else in the civilised world.
Great googly moogly. By what _possible_ measure are people like Rupert Murdoch "lefties" ?
"Is your hypothesis testable" and "can you test your hypothesis right now" are two different things.
Nothing is perfectly safe.
Measuring across the entire lifetime, nuclear is still the safest form of power generation we have. The only other one that comes close is Hydro.
Er, what ? They snatch people off random places on the planet (or in space) with transporters all the time !
Most people understand that body language and intonation are critical parts of effective communication.
(Not to mention the problems of giving commands to someone who doesn't speak the same language as you.)
Yes, it is (well, it's not the only thing, but it's a big thing). There is no set of standardised, simple tools for centrally managing Linux desktops (or servers, for that matter). Even *Red Hat* doesn't have anything remotely comparable to Group Policy, for fuck's sake. It boggles the mind.
Every Linux sysadmin out there with multiple machines has to - to varying degrees - reinvent the wheel and roll his own toolset for centrally managing Linux machines. The amount of wasted productivity this represents is phenomenal. Nor is that going to change any time soon - your average Linux admin is *proud* of the fact he had to DIY his own management infrastructure and considers anyone that doesn't do it anywhere from lazy to incompetent.
I know plenty of people who drive for "fun" but do it dangerously and don't pay the necessary attention. I also know plenty of people who have no interest in driving for the sake of driving, but are careful and attentive because they understand that's how you should act with a couple of tons of metal under your control.
Except they're more expensive and less convenient. Your same line of reasoning concludes: why have cabs when we already have buses and trains ?
The vast majority of people for whom cars are a tool to get from A to B, and not a leisure pursuit ? I drive for fun on weekends. All the other trips involve wasting my valuable time sitting on roads full of other cars. A car that drove itself to work and back every day would be _awesome_.
Really ? Because it's not like Linux was being used for tasks that Windows would frequently have been seriously considered for.
Linux was displacing commercial UNIX systems (Solaris, et al). Windows was displacing Novell servers in SMBs. These are mostly distinct and separate markets.
You clearly have no idea what you're talking about.
There isn't a city anywhere in the *world* you couldn't maintain a comfortable standard of living in, with an income of $174k, and even "expensive" US cities are still quite a bit cheaper than expensive cities everywhere else.
That's before including all the benefits politicians get as well, that probably makes $250k a more realistic number to use when comparing to a normal working stiff's measure of income.
Anyone claiming to be "struggling" on such an income is disgusting to behold.