Good, without copyright GPL software is no longer necessary and the license is useless.
The GPL is certainly useless without copyright. Whether it's "no longer necessary" depends on whether you believe the GPL exists so you can have free stuff, or source code.
Well Windows apps did for a while have the DLL hell issue. Not sure if they still do.
Er, yeah. That ceased being a real issue back around the 1997-98 timeframe.
But more important I think is the unified package distribution system. packagekit for gnome for example... I only need to get one notice from it that I have software updates. Whereas go to any presentation running a Windows laptop and you'll inevitably see at least one software update, though sometimes several from different apps during the presentation.
The practical difference here is small. Certainly (and clearly) not enough for software developers to funnel all their software distribution through Microsoft (assuming the legal system would even allow them to).
What I'm questioning is not the application providers, but the OS vendors lack of inclusion of a common platform for these issues.
The "platform" exists, it's called Windows Update.
Package management in the rpm sense also means to me easier control for the sysadmin to be able to install/uninstall software. The greatest feature is batch non-interactive installs/upgrades. You simply do not have this with commercial software.
You can absolutely do batch and non-interactive installs with MSI (and other third-party Windows installation systems). Active Directory and Group Policy can do software distribution for anything that's an MSI, and there are third-party solutions for apps without MSI installers.
Without copyright, GPL could be implemented as a contractual agreement. It would loose some of its teeth, but it could still bite.
How much community involvement do you think you'll get if everyone (or their guardian) has to sign a legally-binding contract before they can do anything ?
It still surprises me that this came from the open source community AND that to this day no commercial OS has anything close.
That's because packaging systems exist primarily to address problems that - by and large - don't exist on "commercial OSes": cascading webs of slightly incompatible software versions (ie: "dependency hell") and ease of installation.
The login prompt requires the ctrl-alt-del key combination to be pressed so that the user can be sure that the login prompt is genuine, however, it fails to take into account the architecture of firewire ports, and their ability to directly access memory, hence the existence of firewire dongles that circumvent the login screen and grant Administrator access.
It doesn't "fail to take it into account", because that's not what it's meant for. The secure attention sequence isn't designed to prevent rogue bits of hardware compromising the system, it's designed to prevent the login screen being spoofed by userspace software. Now, you could certainly make an argument that the firewire standard, or at least the implementation (ie: drivers), should be modified so that they don't allow arbitrary access to system memory, but that has nothing to do with how the login prompt (and the security around it) is designed.
Remember, if an attacker has physical access, it's essentially game over. You may as well be arguing Windows security is broken because someone could open up the box and hook up to the memory bus to do whatever they want - it's technically true, but it's not a flaw in Windows security because it's true for every OS running on that hardware.
Programs like Microsoft Office should require hoops being jumped through to run them as Administrator instead of "user"
Why ? How will this be enforced ? Who decides (and how) what qualifies as "Administrator" ?
Remember that Administrator in Windows is not directly analagous to root in UNIX, because Windows has no concept of a superuser. Administrator is just a user with a lot of privileges, not a magic UID that simply circumvents the whole security system.
The big problem with the Microsoft security model is that for the most part, it is in the off position. the UGW security model is archaic compared to what is possible with Microsoft Security, but Software for windows is not developed in an environment where everything runs in a least privilege mode, so a lot of software does not run in that type of environment.
Again, you are conflating one problem (developers not doing the right thing) with another ("security problems" in Windows). The former is not something that has anything to do with Windows security, nor is it something Microsoft really has control over. The latter is the question I'm asking.
Windows has come with a non-Admin user by default for ~3.5 years, and two major releases. The consumer versions of Windows have been completely multiuser for nearly a decade. Even the DOS-based versions of Windows were designed to allow logical separation of user and system data from 1995, and allowed for multiple users from 1998. The time when Microsoft could reasonably be blamed for developers not using least-privilege principles passed before the turn of the century.
If you run all processes in Linux as root, use a six character password and allow remote ssh logins by root, it is not that far from the normal situation under windows. My workstation that I am typing this on has process running as 22 different users. Windows usually has Administrator, System, and one other user that I cannot remember off the top of my head.
Actually it's a long way away. Windows doesn't allow remote access as Administrator by default (or any remote access at all, really, since the firewall is on by default and has been since SP2), and even just getting anonymous file sharing enabled requires jumping a few hoops. To say nothing of the default configuration for Windows for two OS revisions now has been a non-Administrator user (not that this really buys much in the real world, for unmanaged machines), and has always been a non-Administrative user in managed (ie: domain) environments.
Also, those "22 different users" (which is probably a high estimate for a typical desktop, a default Ubuntu install only has 9) almost certainly aren't buying you a lot more than a false sense of securit
I'm not quite sure how you can accuse my logic of being flawed when you start with a premise - "social networking sites are obvious" - to support your conclusion - "social networking sites are obvious".
Probably because I didn't.
Additionally, the facts don't support either your premise or your conclusion... The first social networking sites came out in the early 2000s, and yet web access via mobile phones was pretty rudimentary and not widely available.
But they didn't really explode until later, and the trend was also obvious.
If you really want to make this argument, you first have to prove your premise - "social networking sites are obvious" - to be true, and I don't think IRC is a good candidate, since it lacks almost every feature of social networking except chat. You'd do better pointing to USENET. But it's still a far cry from Friendster.
Huh ? IRC had pretty much all the major features of social networking sites - at least assuming you had a decent client and were in the right channels, of course. Friends, games, content sharing, offline messages, etc.
Another obvious predecessor is BBSes.
First, your example really doesn't apply, because I don't see anyone trying to patent "strip mall + air conditioner".
Second, for the example to apply as a way to show something to be obvious but commercially unsound, all of the elements would have had to exist at the time of the alleged invention, but in your hypothetical, you're suggesting that some of those elements wouldn't have existed. So, yeah... if cheap air conditioners didn't exist, then an invention that relied on cheap air conditioners wouldn't be that obvious, would it?
You seem to be missing the point. Your argument was:
If no one makes it, then either (a) it's not economically valuable, or (b) it's not obvious. And, because someone's making it now, then it's not (a), so it must not have been obvious.
And my point is that the logic isn't sound, because it assumes nothing else changed between when something was obvious to someone (but not commercialised) and when it became commercialised (and thus obvious to everyone). In actual fact a lot can change, which may make something that was previously obvious, but not economically viable, a huge money spinner, and why an argument that essentially boils down to "since no-one made money off it before, it couldn't have been obvious" doesn't stand.
Find evidence that each and every element in the claim existed at the time of invention, and that they could be predictably combined to get the claimed result.
By definition the components must have, otherwise the initial invention couldn't have been created and patented in the first place.
Here's a good explanation of why Linux drives don't need to be defragged regularly. It's a little dated and is an overview, not a technical explanation, but it makes the subject understandable.
However, it's flat-out wrong when applied to any remotely modern version of Windows.
The need to defragment NTFS drives (more accurately, the benefits of doing so) are grossly overstated in the context of typical usage.
If no one makes it, then either (a) it's not economically valuable, or (b) it's not obvious. And, because someone's making it now, then it's not (a), so it must not have been obvious.
Your logic is not sound. "Social networking" sites, for example, are a pretty obvious "invention" (eg: IRC is a pretty clear predecessor). However, until a) the pervasiveness of internet access, and more so b) the pervasiveness of always-available internet access via mobile phones and such, their "economic viability" was severely curtailed.
Just because something is economically viable now, doesn't mean it always was. For some other examples, consider how economically viable most of the businesses in, say, Phoenix would be if it weren't for cheap air conditioners, or how well huge suburban strip malls would survive if it weren't for ridiculously cheap gasoline.
It's really simple to call something obvious in hindsight, but if the idea is commercially valuable, how come no one at the time was doing it until the inventor came along?
Realising something is obvious and having the commercial acumen (or even inclination) - to say nothing of funding - to make a business out of it are very different things.
Because it's a troll. Much like the Slashdot headline and summary.
drsmithy has always shown wilful ignorance of Microsoft's flaws.
I frequently ask the question, yes. But (as has happened again) the responses rarely get any more advanced than "hurr, durr, viruses malware Micro$oft LOLz".
As far as what's lacking from Microsoft's security model, managed software repositories and good updating systems are the most obvious lacks.
Both are present in their security _model_. For what are hopefully obvious reasons, Microsoft can't be the sole provider of software in unmanaged environments (ie: individual end-user systems). For the software they do provide, they have "software repositories" and "updating systems".
In addition, Microsoft's need to leverage it's existing software stack means anyone who actually uses Windows instead of just ticking off feature lists will inevitably have to bypass or disable most of the recent security features.
For example ?
With the virtualisation tech they've bought, they had the opportunity to build an effective sandbox, but chose not to.
Probably because they have vastly more interest in catering to their customer's demands for transparently functioning legacy support (despite common Slashdot mythos).
Interestingly, about the only mainstream example of a common application actually being sandboxed in a standard configuration is on Windows - Internet Explorer.
I'll ask again: what features and capabilities are missing from Windows that make it insecure. Ie: if they were implemented, all (or even most) of the "security problems" Windows has would disappear overnight (or at least within a short period of time). If you'd like to expand that to identify security problems that are _only_ present on Windows, with a technical overview as to why (ie: what security features and capabilities are lacking that make them possible), that would also be very interesting.
How about fixing vulnerabilities when they're found, for starters?
That's not a feature or capability of the OS.
This is what the discussion is about -- MS's refusing to fix a known vulnerability in their newest operating systems.
No, the discussion is about a Slashdot editor's anti-Microsoft troll, since Microsoft haven't said anything like "refusing to fix a known vulnerability".
And that's just for starters, the list is almost endless.
Then you shouldn't have the slightest trouble coming up with, say, 10 examples of features and capabilities missing in Windows that make it insecure.
Also, the thing about "features and capabilities" is that they tend to be a check in the box. Yes, it has a particular feature (check in the box) but its so poorly implemented that you'll need a 3rd party to augment or outright replace it (still a check in the box).
Excuse me, a bank loan to pay for airfares??? I can see where the credit crisis originated. How hard is it to save money (and earn some interest) and then pay for the flight to England?
If you've just been told your Grandmother only has a few weeks to live ? Very hard.
I know Slashdot's editorial standards have dropped, especially when it comes to Anti-Microsoft articles, [...]
That's not really correct. Slashdot has excellent editorial standards when it comes to Anti-Microsoft articles, and have been serving up some of the best ones on the Internet for going on a decade now.
I still love how *nix naturally allows individual services to run under different users [...]
There's nothing "natural" about it. You don't need to go far back in history at all to find the majority of services on a UNIX machine running as root.
Then what *are* you trying to say ? That performing a shutdown via a GUI instead of a command line (or physical switch) was so "innovative" that Apple should have been able to patent it and prevent anyone else from implementing it ? Or simply that we should all be bowing at the feet of Apple because they happened to implement an utterly obvious idea first ?
Those things were distinctly Mac, and Windows95 copied them directly. They even copied the cute little "You may now turn off your computer" screen that Macs had.
So you _are_ trying to argue that no other platform had these features, or anything like them, in the ~1994 timeframe when the Windows 95 GUI was being designed, and therefore Microsoft could only have copied from Apple ?
The similarities between the MacOS and Windows GUIs are at such a high level as to be irrelevant. On a micro level, they are different in just about every way, and certainly every way that's significant.
Commercial platforms tend to address dependency hell by having a small set of standard libs on the system and then bundling everything else with the app - a horribly inefficient system.
Actually it's a fairly large set of standard libraries, and whether it's "inefficient" depends rather dramatically on your definition of "efficient". Personally, I find not having to worry about dependency hell vastly more "efficient".
Slashdot Mirror
Good, without copyright GPL software is no longer necessary and the license is useless.
The GPL is certainly useless without copyright. Whether it's "no longer necessary" depends on whether you believe the GPL exists so you can have free stuff, or source code.
Well Windows apps did for a while have the DLL hell issue. Not sure if they still do.
Er, yeah. That ceased being a real issue back around the 1997-98 timeframe.
But more important I think is the unified package distribution system. packagekit for gnome for example... I only need to get one notice from it that I have software updates. Whereas go to any presentation running a Windows laptop and you'll inevitably see at least one software update, though sometimes several from different apps during the presentation.
The practical difference here is small. Certainly (and clearly) not enough for software developers to funnel all their software distribution through Microsoft (assuming the legal system would even allow them to).
What I'm questioning is not the application providers, but the OS vendors lack of inclusion of a common platform for these issues.
The "platform" exists, it's called Windows Update.
Package management in the rpm sense also means to me easier control for the sysadmin to be able to install/uninstall software. The greatest feature is batch non-interactive installs/upgrades. You simply do not have this with commercial software.
You can absolutely do batch and non-interactive installs with MSI (and other third-party Windows installation systems). Active Directory and Group Policy can do software distribution for anything that's an MSI, and there are third-party solutions for apps without MSI installers.
Without copyright, GPL could be implemented as a contractual agreement. It would loose some of its teeth, but it could still bite.
How much community involvement do you think you'll get if everyone (or their guardian) has to sign a legally-binding contract before they can do anything ?
Ah, I see, so unless *you* would use it, it's a "waste of time".
ReactOS is a "waste of time" because it will never, ever be a genuinely viable alternative to running Windows.
It still surprises me that this came from the open source community AND that to this day no commercial OS has anything close.
That's because packaging systems exist primarily to address problems that - by and large - don't exist on "commercial OSes": cascading webs of slightly incompatible software versions (ie: "dependency hell") and ease of installation.
The login prompt requires the ctrl-alt-del key combination to be pressed so that the user can be sure that the login prompt is genuine, however, it fails to take into account the architecture of firewire ports, and their ability to directly access memory, hence the existence of firewire dongles that circumvent the login screen and grant Administrator access.
It doesn't "fail to take it into account", because that's not what it's meant for. The secure attention sequence isn't designed to prevent rogue bits of hardware compromising the system, it's designed to prevent the login screen being spoofed by userspace software. Now, you could certainly make an argument that the firewire standard, or at least the implementation (ie: drivers), should be modified so that they don't allow arbitrary access to system memory, but that has nothing to do with how the login prompt (and the security around it) is designed.
Remember, if an attacker has physical access, it's essentially game over. You may as well be arguing Windows security is broken because someone could open up the box and hook up to the memory bus to do whatever they want - it's technically true, but it's not a flaw in Windows security because it's true for every OS running on that hardware.
Programs like Microsoft Office should require hoops being jumped through to run them as Administrator instead of "user"
Why ? How will this be enforced ? Who decides (and how) what qualifies as "Administrator" ?
Remember that Administrator in Windows is not directly analagous to root in UNIX, because Windows has no concept of a superuser. Administrator is just a user with a lot of privileges, not a magic UID that simply circumvents the whole security system.
The big problem with the Microsoft security model is that for the most part, it is in the off position. the UGW security model is archaic compared to what is possible with Microsoft Security, but Software for windows is not developed in an environment where everything runs in a least privilege mode, so a lot of software does not run in that type of environment.
Again, you are conflating one problem (developers not doing the right thing) with another ("security problems" in Windows). The former is not something that has anything to do with Windows security, nor is it something Microsoft really has control over. The latter is the question I'm asking.
Windows has come with a non-Admin user by default for ~3.5 years, and two major releases. The consumer versions of Windows have been completely multiuser for nearly a decade. Even the DOS-based versions of Windows were designed to allow logical separation of user and system data from 1995, and allowed for multiple users from 1998. The time when Microsoft could reasonably be blamed for developers not using least-privilege principles passed before the turn of the century.
If you run all processes in Linux as root, use a six character password and allow remote ssh logins by root, it is not that far from the normal situation under windows. My workstation that I am typing this on has process running as 22 different users. Windows usually has Administrator, System, and one other user that I cannot remember off the top of my head.
Actually it's a long way away. Windows doesn't allow remote access as Administrator by default (or any remote access at all, really, since the firewall is on by default and has been since SP2), and even just getting anonymous file sharing enabled requires jumping a few hoops. To say nothing of the default configuration for Windows for two OS revisions now has been a non-Administrator user (not that this really buys much in the real world, for unmanaged machines), and has always been a non-Administrative user in managed (ie: domain) environments.
Also, those "22 different users" (which is probably a high estimate for a typical desktop, a default Ubuntu install only has 9) almost certainly aren't buying you a lot more than a false sense of securit
I'm not quite sure how you can accuse my logic of being flawed when you start with a premise - "social networking sites are obvious" - to support your conclusion - "social networking sites are obvious".
Probably because I didn't.
Additionally, the facts don't support either your premise or your conclusion... The first social networking sites came out in the early 2000s, and yet web access via mobile phones was pretty rudimentary and not widely available.
But they didn't really explode until later, and the trend was also obvious.
If you really want to make this argument, you first have to prove your premise - "social networking sites are obvious" - to be true, and I don't think IRC is a good candidate, since it lacks almost every feature of social networking except chat. You'd do better pointing to USENET. But it's still a far cry from Friendster.
Huh ? IRC had pretty much all the major features of social networking sites - at least assuming you had a decent client and were in the right channels, of course. Friends, games, content sharing, offline messages, etc.
Another obvious predecessor is BBSes.
First, your example really doesn't apply, because I don't see anyone trying to patent "strip mall + air conditioner".
Second, for the example to apply as a way to show something to be obvious but commercially unsound, all of the elements would have had to exist at the time of the alleged invention, but in your hypothetical, you're suggesting that some of those elements wouldn't have existed. So, yeah... if cheap air conditioners didn't exist, then an invention that relied on cheap air conditioners wouldn't be that obvious, would it?
You seem to be missing the point. Your argument was:
If no one makes it, then either (a) it's not economically valuable, or (b) it's not obvious. And, because someone's making it now, then it's not (a), so it must not have been obvious.
And my point is that the logic isn't sound, because it assumes nothing else changed between when something was obvious to someone (but not commercialised) and when it became commercialised (and thus obvious to everyone). In actual fact a lot can change, which may make something that was previously obvious, but not economically viable, a huge money spinner, and why an argument that essentially boils down to "since no-one made money off it before, it couldn't have been obvious" doesn't stand.
Find evidence that each and every element in the claim existed at the time of invention, and that they could be predictably combined to get the claimed result.
By definition the components must have, otherwise the initial invention couldn't have been created and patented in the first place.
Here's a good explanation of why Linux drives don't need to be defragged regularly. It's a little dated and is an overview, not a technical explanation, but it makes the subject understandable.
However, it's flat-out wrong when applied to any remotely modern version of Windows.
The need to defragment NTFS drives (more accurately, the benefits of doing so) are grossly overstated in the context of typical usage.
If no one makes it, then either (a) it's not economically valuable, or (b) it's not obvious. And, because someone's making it now, then it's not (a), so it must not have been obvious.
Your logic is not sound. "Social networking" sites, for example, are a pretty obvious "invention" (eg: IRC is a pretty clear predecessor). However, until a) the pervasiveness of internet access, and more so b) the pervasiveness of always-available internet access via mobile phones and such, their "economic viability" was severely curtailed.
Just because something is economically viable now, doesn't mean it always was. For some other examples, consider how economically viable most of the businesses in, say, Phoenix would be if it weren't for cheap air conditioners, or how well huge suburban strip malls would survive if it weren't for ridiculously cheap gasoline.
It's really simple to call something obvious in hindsight, but if the idea is commercially valuable, how come no one at the time was doing it until the inventor came along?
Realising something is obvious and having the commercial acumen (or even inclination) - to say nothing of funding - to make a business out of it are very different things.
Why is this modded Troll?
Because it's a troll. Much like the Slashdot headline and summary.
drsmithy has always shown wilful ignorance of Microsoft's flaws.
I frequently ask the question, yes. But (as has happened again) the responses rarely get any more advanced than "hurr, durr, viruses malware Micro$oft LOLz".
As far as what's lacking from Microsoft's security model, managed software repositories and good updating systems are the most obvious lacks.
Both are present in their security _model_. For what are hopefully obvious reasons, Microsoft can't be the sole provider of software in unmanaged environments (ie: individual end-user systems). For the software they do provide, they have "software repositories" and "updating systems".
In addition, Microsoft's need to leverage it's existing software stack means anyone who actually uses Windows instead of just ticking off feature lists will inevitably have to bypass or disable most of the recent security features.
For example ?
With the virtualisation tech they've bought, they had the opportunity to build an effective sandbox, but chose not to.
Probably because they have vastly more interest in catering to their customer's demands for transparently functioning legacy support (despite common Slashdot mythos).
Interestingly, about the only mainstream example of a common application actually being sandboxed in a standard configuration is on Windows - Internet Explorer.
I'll ask again: what features and capabilities are missing from Windows that make it insecure. Ie: if they were implemented, all (or even most) of the "security problems" Windows has would disappear overnight (or at least within a short period of time). If you'd like to expand that to identify security problems that are _only_ present on Windows, with a technical overview as to why (ie: what security features and capabilities are lacking that make them possible), that would also be very interesting.
How about fixing vulnerabilities when they're found, for starters?
That's not a feature or capability of the OS.
This is what the discussion is about -- MS's refusing to fix a known vulnerability in their newest operating systems.
No, the discussion is about a Slashdot editor's anti-Microsoft troll, since Microsoft haven't said anything like "refusing to fix a known vulnerability".
And that's just for starters, the list is almost endless.
Then you shouldn't have the slightest trouble coming up with, say, 10 examples of features and capabilities missing in Windows that make it insecure.
If you know that you're grandmother lives on the other side of the Atlantic, you'll probably also know that she will die at some point.
And when you figure out how to predict exactly when, you'll be able to make a lot of money.
Also, the thing about "features and capabilities" is that they tend to be a check in the box. Yes, it has a particular feature (check in the box) but its so poorly implemented that you'll need a 3rd party to augment or outright replace it (still a check in the box).
For example ?
Excuse me, a bank loan to pay for airfares??? I can see where the credit crisis originated. How hard is it to save money (and earn some interest) and then pay for the flight to England?
If you've just been told your Grandmother only has a few weeks to live ? Very hard.
I know Slashdot's editorial standards have dropped, especially when it comes to Anti-Microsoft articles, [...]
That's not really correct. Slashdot has excellent editorial standards when it comes to Anti-Microsoft articles, and have been serving up some of the best ones on the Internet for going on a decade now.
Yeah, Microsoft already has our money. Why would they bother trying to fix the problems? This is the problem with near-monopolies.
Every single patch and update Microsoft has ever released refutes your broken argument.
And all of that just because microsoft refuses to make a secure operating system [...]
Can you outline what features and capabilities of a "secure operating system" are missing from Windows ?
Windows NT adopts the VMS security model, but unfortunately hides it behind a UI that wants to pretend that everything is like DOS.
How so ?
I still love how *nix naturally allows individual services to run under different users [...]
There's nothing "natural" about it. You don't need to go far back in history at all to find the majority of services on a UNIX machine running as root.
No.
Then what *are* you trying to say ? That performing a shutdown via a GUI instead of a command line (or physical switch) was so "innovative" that Apple should have been able to patent it and prevent anyone else from implementing it ? Or simply that we should all be bowing at the feet of Apple because they happened to implement an utterly obvious idea first ?
Those things were distinctly Mac, and Windows95 copied them directly. They even copied the cute little "You may now turn off your computer" screen that Macs had.
So you _are_ trying to argue that no other platform had these features, or anything like them, in the ~1994 timeframe when the Windows 95 GUI was being designed, and therefore Microsoft could only have copied from Apple ?
The similarities between the MacOS and Windows GUIs are at such a high level as to be irrelevant. On a micro level, they are different in just about every way, and certainly every way that's significant.
Only for 32 bit applications. For 16 bit applications it continued using cooperative tasking.
Yes. Just like Windows 95.
Should be Windows 98, of course.
Only for 32 bit applications. For 16 bit applications it continued using cooperative tasking.
Yes. Just like Windows 95.
Commercial platforms tend to address dependency hell by having a small set of standard libs on the system and then bundling everything else with the app - a horribly inefficient system.
Actually it's a fairly large set of standard libraries, and whether it's "inefficient" depends rather dramatically on your definition of "efficient". Personally, I find not having to worry about dependency hell vastly more "efficient".
You apparently are unaware that the Bush Administration spent a lot more money to fight AIDS in Africa then any President before or since.
Of course, most of that funding went into abstinence-only programs, which are at best useless and at worst directly harmful.