Once they've got that full adoption, or at least close enough to have control, what happens to backward compatibility? my guess is that it goes out the window.
Every TV machine has completely different keys. All TC data is encrypted to a key that only exists on that single machine. A backup program can duplicate encrypted data, but the only thing it can do is put it back onto the exact computer you got it from. Try to put it on another machine and it's unreadable garbage.
And I expect with no way to sort out non-TC files from TC-encrypted files. That's what bothers me -- if you backed up your non-TC files from a TC system, how do you restore those non-TC files to another system in the event that the first system dies? Tell me if I'm wrong, but my guess is that you can't, because a backup won't differentiate data file "ownership".
I suppose one could do separate backups for TC and non-TC files, but if you have to go to that much trouble, might as well have a non-TC system for those files in the first place, and be sure that the TC OS won't go awry and assign them the wrong system attribute (or whatever they call it), thus removing them from your control (presumably this is a one-way trip, too).
BTW do you mind if I dump all your slashdot comments re TC (most of which I've archived) into One Big Rant and put 'em on one of my sites, to make it easier to point folk at the discussion? (Since it's been a lot more informative than just reading the official info.)
But if the TC chip dies and takes the OS with it, and maybe the filesystem with it for that matter (if you want to extend this to worst-case, a TC OS ought to require an encrypted filesystem, which in turn requires said TC to be visible)... NOW what about your files, even your unlocked files? How the hell do you recover them without the original TC keys?
That's what I was getting at re why old hardware may develop irreplaceable value -- I have a hard time imagining a TC system allowing a non-TC backup program to operate, and backups typically compress files... and if it's a TC backup program, you can bet will it require the same TC system for restore to work (we wouldn't want someone restoring *restricted* files to a [gasp] different PC, now would we?) Or if you backup to some species of optical disk (CDR/DVD etc), it may require TC-applied DRM on the disk to prevent you from archiving files that it has decreed are one-system-only.
I can easily see "unlocked" files getting caught up in that sort of scenario; I just can't bring myself to trust it to never ever eat my data.
I've had to rescue a client's data files from a simple "fake bad sector transferred from floppy to HD" type of copy protection; even tho the files were there and not "harmed", they could not be backed up normally (you couldn't even PKZIP the directory), as the fake bad sector FUBAR'd backups of any sort. ISTM that a TC system could have much the same effect (only that they'd probably be lost forever) on nominally-unlocked files vs backups and/or hardware failures and/or OS/filesystem corruption.
(Gah, a person could get out of breath just *reading* that last paragraph:)
Not the story I saw originally, but thanks for the reference, with more details.
A post somewhere below yours there says,
"Also, how will the router check the security of devices where desktop security doesn't apply,
like routers, printers, proxy servers, PDAs, or heck, even a promiscuous traffic logger?
"Access to 'HP LaserJet 8000' on 10.16.2.88 denied. The Cisco DRM system has determined that this host listens to ports (80/tcp, 135/tcp, 515/tcp), but does not run approved virus protection software." Yes, I can imagine explaining that to a vice president at 7am...
That's a good point too -- what about all those unTrusted but networkable devices, such as that NNN-many-at-$15,000-a-crack printer investment some corporate department doesn't want to have to replace?
Search for all the posts about it by Alsee (both in current and prior discussions), whom I've concluded is better-informed about the topic and its technical and social ramifications than anyone else hereabouts.
Back when WinXP was new, M$ posted on their site a list of requirements for hardware to be "XP certified" or whatever they call it. One of the items was that the BIOS was *not* allowed to be user-accessable.
This particular criterion doesn't seem to have found much enforcement, but as you can see the concept was already there some time back.
I'll tell you one reason to hang onto that non-TC hardware: THAT is where my data I can't live without will reside. Where *I* can have my way with it however I please. If the price of keeping my critical data *MINE* is using primitive (and unTrusted) software that barely does the job, that is still better than the scenario engendered by "TC chip failed, chip company out of business, data lost forever?? aw, so sad..."
I vaguely recall reading that *current* Cisco routers already have TC in place, and it need merely be activated. Anyone remember/know more about that? (I think it was discussed on./. a while back.)
I would have phrased that as "There is absolutely no reason to hold onto old hardware UNLESS you *don't* expect that old hardware to interact with any TC hardware, TC software, or other TC environments."
And I think that is the objective of the parent post; indeed, of myself: yeah, to interact with the TC world, one will need at least ONE system comprised of TC hardware/software. But if old software is no longer trusted, and if I still need to use that older software, I'll need an environment in which to use it, even if that hardware can't interact outside of an "all old hardware" environment. And *for that purpose*, a person might as well have the most advanced non-TC hardware available.
It does occur to me that the few stubb-- er, freethinking souls clinging to the non-TC world may wind up resorting to totally private networks that don't rely on per-se internet access (akin to the setups that were common for wider-than-local access in BBSing's heyday), and to keeping those activities totally separate from their TC-approved access and systems.
Private individuals can afford to make such a choice, and for us it can be practical to maintain both TC systems for standard internet access and for TC software, and pre-TC systems (and WAN-like systems like old-time BBSs), if only to preserve some personal freedom of choice. I can easily imagine many slashdotters doing this (some for practical reasons, others for sheer tinfoil-clad perversity).
Of course, business won't have such luxuries, since business *has* to interact with the mainstream world. How long do you think it'll take for TC to come back and bite them on the ass?
When some companies (Intuit and AutoDesk leap to mind) are already doing their best to force upgrades whether users need it or not... what are we *supposed* to think are the uses "Trusted Computing" will be put to? One obvious use is to make good and damned sure that you MUST buy an upgrade at the very least every time you upgrade your CPU, because the old version is now "untrusted" and will no longer run.
Yes, it sounds paranoid. But it's the direction the market has been heading for some time, and TC just makes their desires more likely to come true.:(
Read Alsee's comments... in prior discussions with this worthy, I became convinced he has TC pegged dead on.
I reached this conclusion from watching the situation for over 40 years... there is no real logic to the "war on drugs" unless there is indeed a money flow involved.
And yes, it certainly is in the alcohol/tobacco/pharmaceuticals best interests to keep everything else illegal, effectively suppressing that market. But since people still widely obtain and use the illegal drugs, merely suppressing them doesn't benefit the Big 3 to anywhere near the market value of the illegal stuff. So I asked myself... who most benefits? the bulk wholesalers of illegal stuff, of course.
Mr.Kodak is obviously in charge of their patent dept.;)
Does Kodak have any prior history of Profit-by-Lawsuit, or is this a new turn for them?
Re:If only someone would have told me in time!
on
Coffee is Addictive
·
· Score: 1
To clear up a common misunderstanding:
Addiction is not the NEED for something. Rather, addiction is the *inability to function without it*.
Re:The War on Drugs funds Terrorists
on
Coffee is Addictive
·
· Score: 3, Interesting
I've long contended that the primary lobbyists behind anti-drug laws and the "war on drugs" are *the drug lords themselves* -- to keep prices artificially high through artificial scarcity, thus maintaining their lucrative revenue stream. (If there are terrorists funded by same, it's no doubt incidental, in that they just happen to be the handiest and cheapest source point for the raw materials.)
This of course leads to increased local crime as junkies are forced to steal to support their habit, and gang wars as local dealers protect their turf.
Legalise drugs, and these problems will largely go away. Plus the effects in society can then be handled the same way as alcohol problems (including application of DWI/DUI laws for the safety of others), without needlessly ruining lives, as prosecution for victimless crimes now often does.
Furthermore, if legalized, regulated, and taxed in the same way cigarettes and alcohol are, that's a HUGE tax base just waiting to be used, that would not negatively impact anyone other than those who actually use the product. And it might slow the increases on other taxes (such as sales, income, and property taxes) that DO impact everyone.
Not to mention the positive public health impacts: no more need to share dirty equipment, better quality control so fewer adverse reactions/side effects, etc.
"If I need something done and you do it without being asked then I will be gratefull. If I ask you to do something and you do it then I will thank you. If I have to keep nagging you for years to do something and then finally you do it in a half-assed way then I am going to think your a fucking asshole."
As you say this is pretty much normal human behaviour; opensource developers, who often suffer from that last condition, should also take note.
Scalability and reliability are not *necessarily* related to one another -- my pickup truck is very reliable, but if the object is to haul 40 ton loads, well, that pickup truck doesn't scale worth a damn.:)
IOW, your point would have been better said as "use the right tool for the job." I remember Hotmail as it was on BSD, and yeah, it was just plain knotheaded of M$ to force their own dog food on an application it wasn't designed to handle. They should have used the right tool for the job, and if that wasn't Win2K, tough shit for the marketing dept. As it is, yeah, it demonstrates that Win2K can do the job -- if you've got all day to wait for it. Not exactly the impression they intended to give!
Just last night I happened across a site that acted like it was being served off some rickety old 386 on dialup. Being curious, I looked up the host on Netcraft, and was amazed to see it was running on linux/apache on a commercial host. If I were to take that one example as the rule, I'd conclude that linux/apache were slow as molasses. But since I know better, I have to presume that this host is simply overloaded. (Funny thing, this outfit's home server, running on BSD, is swift as can be. False advertising?:)
Actually, I don't think M$ wants to be *seen* as anything other than good. But regardless of what they may want as a whole, I think their decisions about when to ship products too often reflects the old tagline:
"It compiles? the first screen came up?? Ship it!!"
IOW, grabbing market opportunity NOW in preference to getting things wholly right a little later. Of course, the short shelf life (natural or artificially generated) of many products exacerbates the problem.
I believe you're right re IBM's desire to regain the crown. And that they do indeed view a million ponds as a million opportunities to be jumped into. Whereas M$ would view 'em as a million competitors to be drained and disposed of; in their view, There Can Be Only One.
Good point. Frex, a friend uses an ancient DOS-based router (which runs on any piece of crap) that only does one thing. There is no way to get it to do anything else, because the capability simply isn't there. It knows a handful of CLI commands and will only respond to extremely limited parameters (like yes/no). Trying to hack into it is an exercise in frustration -- at best you get a naked unresponsive prompt for your efforts. Conversely, if the thing was also a webserver and a locksmith and a VCR, there'd be all sorts of points where one could try to tease a vulnerability out of the interface.
Now that you mention it... military intelligence is largely about your need to know. If you don't NEED to know it, you don't GET to know it (unless the system fucks up, which would be a bug:) The less you know, the less of a security risk you are. If you're a grunt who only knows the target is thataway, you're not worth "hacking into". So you can drop grunts anywhere and not worry about the enemy using their knowledge [vulnerabilities] against you, cuz there ain't none. At worst it might crash the system (kill 'em).
Weird but insightful interpretation of Cartoon Physics:)
OR to rephrase it, "Always blame the current biggest target -- because no matter how good they are, anything that big is gonna overlook or screw up *something*!" And M$ has painted a target on themselves with their abuse-of-monopoly behaviour.
I think you're right that a lot of it is about control. M$'s notion of control is to make everyone use M$ stuff. IBM's notion of control is, as you say, to extend their scope. M$ tries to drain every pond other than their own; IBM tries to stock all the other ponds with their own fish. Both are about control, but the style is markedly different.
[grin] Better yet, my antique WFWG (Win3.11) setup, which required neither a firewall nor any particular caution, and was used 5 years online without a single intrusion (finally retired after 7 rock-stable years of hard use). Security through braindeadness.:)
Sometimes you gotta wonder about M$... I think the coding teams probably DO care about security (and tear their hair out regularly as vulnerabilities are discovered despite their best efforts). But it's likely several things: M$ tries to evolve their software toward consumer demand, and that usually means the glitz that sells is more important, at least to the marketing types who drive business these days, than the back-end stuff only geeks know about (like weeding out every buffer overflow in 50 kazillion lines of code -- yeah, right!) Second, the codebase is just too big for ANYONE, no matter how good, to get everything right, and I suspect often suffers from both it's-still-half-baked-but-marketing-said-ship-it, and Too-Many-Cooks-who-never-met-one-another.
Frex, that major vulnerability in XP's SP2 (http://www.pcwelt.de/know-how/extras/103039/ -- has there been a/. story about that yet?) which apparently was also in Win95. Was it the same TYPE of error, or was it an old chunk of Win95 codebase that happened to find the right conditions to resurface as a problem?
I know about both IE's half-loaded-all-the-time and Moz's systray thing... Moz still starts slow, tho that does improve matters if one can use it. (It's too much of a resource hog to do that on any non-NT Windows.) That's why I only mentioned startup in passing, cuz there's no good way to compare 'em, given IE's native cheat. -- But I was still amazed and disappointed at how slow Moz is at rendering stuff... even given guaranteed equal LOAD times, like pages from local disk.:(
I haven't looked at Firefox in a couple versions, tho I suppose I should do so again, since I actively discourage my clients from using IE.
I suppose I could do with browsers what I do with modems... "You can use any one you want, but I'll only support [brand of MY choice]". Makes 'em switch every time!
Unfortunately, I've noticed the same thing -- on my lowly P3-550/Win98, Moz 1.5 is WAAAAY slower at rendering pages, both text and images, than are IE5 and NS3 (the latter being my everyday browser). On my near-identical WinXP box, same thing -- Moz 1.5 renders pages much slower than IE6 or NS 3/4/6.0. (Both boxes have 1GB of RAM, so THAT is not the issue. And we won't even look at relative startup times.. egads!!) Oddly, Firefox was even slower than Mozilla.
I have no idea why this would be, and was both surprised and disappointed at the discovery. Especially since I detest IE..!!
Someone with a faster machine might not see the difference, tho. And I've noticed there is often a serious chunk of wishful thinking when FOSS is involved, which does nothing toward improving FOSS software. You gotta admit your bugs exist before you can fix 'em.
This file also crashed Netscape 3.04 on Win98, in fact it BSOD'd the system (a very rare event).
I tried viewing it with QuickPictureViewer (an old DOS viewer) and in its B/W preview, it shows the file as corrupted all to hell, and won't do the full display at all.
Every TV machine has completely different keys. All TC data is encrypted to a key that only exists on that single machine. A backup program can duplicate encrypted data, but the only thing it can do is put it back onto the exact computer you got it from. Try to put it on another machine and it's unreadable garbage.
And I expect with no way to sort out non-TC files from TC-encrypted files. That's what bothers me -- if you backed up your non-TC files from a TC system, how do you restore those non-TC files to another system in the event that the first system dies? Tell me if I'm wrong, but my guess is that you can't, because a backup won't differentiate data file "ownership".
I suppose one could do separate backups for TC and non-TC files, but if you have to go to that much trouble, might as well have a non-TC system for those files in the first place, and be sure that the TC OS won't go awry and assign them the wrong system attribute (or whatever they call it), thus removing them from your control (presumably this is a one-way trip, too).
BTW do you mind if I dump all your slashdot comments re TC (most of which I've archived) into One Big Rant and put 'em on one of my sites, to make it easier to point folk at the discussion? (Since it's been a lot more informative than just reading the official info.)
But if the TC chip dies and takes the OS with it, and maybe the filesystem with it for that matter (if you want to extend this to worst-case, a TC OS ought to require an encrypted filesystem, which in turn requires said TC to be visible) ... NOW what about your files, even your unlocked files? How the hell do you recover them without the original TC keys?
... and if it's a TC backup program, you can bet will it require the same TC system for restore to work (we wouldn't want someone restoring *restricted* files to a [gasp] different PC, now would we?) Or if you backup to some species of optical disk (CDR/DVD etc), it may require TC-applied DRM on the disk to prevent you from archiving files that it has decreed are one-system-only.
:)
That's what I was getting at re why old hardware may develop irreplaceable value -- I have a hard time imagining a TC system allowing a non-TC backup program to operate, and backups typically compress files
I can easily see "unlocked" files getting caught up in that sort of scenario; I just can't bring myself to trust it to never ever eat my data.
I've had to rescue a client's data files from a simple "fake bad sector transferred from floppy to HD" type of copy protection; even tho the files were there and not "harmed", they could not be backed up normally (you couldn't even PKZIP the directory), as the fake bad sector FUBAR'd backups of any sort. ISTM that a TC system could have much the same effect (only that they'd probably be lost forever) on nominally-unlocked files vs backups and/or hardware failures and/or OS/filesystem corruption.
(Gah, a person could get out of breath just *reading* that last paragraph
A post somewhere below yours there says,
"Also, how will the router check the security of devices where desktop security doesn't apply, like routers, printers, proxy servers, PDAs, or heck, even a promiscuous traffic logger?
"Access to 'HP LaserJet 8000' on 10.16.2.88 denied. The Cisco DRM system has determined that this host listens to ports (80/tcp, 135/tcp, 515/tcp), but does not run approved virus protection software." Yes, I can imagine explaining that to a vice president at 7am...
That's a good point too -- what about all those unTrusted but networkable devices, such as that NNN-many-at-$15,000-a-crack printer investment some corporate department doesn't want to have to replace?
Search for all the posts about it by Alsee (both in current and prior discussions), whom I've concluded is better-informed about the topic and its technical and social ramifications than anyone else hereabouts.
Back when WinXP was new, M$ posted on their site a list of requirements for hardware to be "XP certified" or whatever they call it. One of the items was that the BIOS was *not* allowed to be user-accessable.
This particular criterion doesn't seem to have found much enforcement, but as you can see the concept was already there some time back.
I'll tell you one reason to hang onto that non-TC hardware: THAT is where my data I can't live without will reside. Where *I* can have my way with it however I please. If the price of keeping my critical data *MINE* is using primitive (and unTrusted) software that barely does the job, that is still better than the scenario engendered by "TC chip failed, chip company out of business, data lost forever?? aw, so sad..."
I vaguely recall reading that *current* Cisco routers already have TC in place, and it need merely be activated. Anyone remember/know more about that? (I think it was discussed on ./. a while back.)
I would have phrased that as "There is absolutely no reason to hold onto old hardware UNLESS you *don't* expect that old hardware to interact with any TC hardware, TC software, or other TC environments."
And I think that is the objective of the parent post; indeed, of myself: yeah, to interact with the TC world, one will need at least ONE system comprised of TC hardware/software. But if old software is no longer trusted, and if I still need to use that older software, I'll need an environment in which to use it, even if that hardware can't interact outside of an "all old hardware" environment. And *for that purpose*, a person might as well have the most advanced non-TC hardware available.
It does occur to me that the few stubb-- er, freethinking souls clinging to the non-TC world may wind up resorting to totally private networks that don't rely on per-se internet access (akin to the setups that were common for wider-than-local access in BBSing's heyday), and to keeping those activities totally separate from their TC-approved access and systems.
Private individuals can afford to make such a choice, and for us it can be practical to maintain both TC systems for standard internet access and for TC software, and pre-TC systems (and WAN-like systems like old-time BBSs), if only to preserve some personal freedom of choice. I can easily imagine many slashdotters doing this (some for practical reasons, others for sheer tinfoil-clad perversity).
Of course, business won't have such luxuries, since business *has* to interact with the mainstream world. How long do you think it'll take for TC to come back and bite them on the ass?
When some companies (Intuit and AutoDesk leap to mind) are already doing their best to force upgrades whether users need it or not ... what are we *supposed* to think are the uses "Trusted Computing" will be put to? One obvious use is to make good and damned sure that you MUST buy an upgrade at the very least every time you upgrade your CPU, because the old version is now "untrusted" and will no longer run.
:(
Yes, it sounds paranoid. But it's the direction the market has been heading for some time, and TC just makes their desires more likely to come true.
Read Alsee's comments... in prior discussions with this worthy, I became convinced he has TC pegged dead on.
An ugly peek into our future... so what is the last Intel CPU that you'd consider TC-free??
I reached this conclusion from watching the situation for over 40 years... there is no real logic to the "war on drugs" unless there is indeed a money flow involved.
And yes, it certainly is in the alcohol/tobacco/pharmaceuticals best interests to keep everything else illegal, effectively suppressing that market. But since people still widely obtain and use the illegal drugs, merely suppressing them doesn't benefit the Big 3 to anywhere near the market value of the illegal stuff. So I asked myself... who most benefits? the bulk wholesalers of illegal stuff, of course.
Mr.Kodak is obviously in charge of their patent dept. ;)
Does Kodak have any prior history of Profit-by-Lawsuit, or is this a new turn for them?
To clear up a common misunderstanding:
Addiction is not the NEED for something. Rather, addiction is the *inability to function without it*.
I've long contended that the primary lobbyists behind anti-drug laws and the "war on drugs" are *the drug lords themselves* -- to keep prices artificially high through artificial scarcity, thus maintaining their lucrative revenue stream. (If there are terrorists funded by same, it's no doubt incidental, in that they just happen to be the handiest and cheapest source point for the raw materials.)
This of course leads to increased local crime as junkies are forced to steal to support their habit, and gang wars as local dealers protect their turf.
Legalise drugs, and these problems will largely go away. Plus the effects in society can then be handled the same way as alcohol problems (including application of DWI/DUI laws for the safety of others), without needlessly ruining lives, as prosecution for victimless crimes now often does.
Furthermore, if legalized, regulated, and taxed in the same way cigarettes and alcohol are, that's a HUGE tax base just waiting to be used, that would not negatively impact anyone other than those who actually use the product. And it might slow the increases on other taxes (such as sales, income, and property taxes) that DO impact everyone.
Not to mention the positive public health impacts: no more need to share dirty equipment, better quality control so fewer adverse reactions/side effects, etc.
[/rant]
Haha! When I saw the headline, that was my very first thought too :)
:)
Um... if BSD is dying, and Windows contains BSD code, what does this mean?
"If I need something done and you do it without being asked then I will be gratefull. If I ask you to do something and you do it then I will thank you. If I have to keep nagging you for years to do something and then finally you do it in a half-assed way then I am going to think your a fucking asshole."
As you say this is pretty much normal human behaviour; opensource developers, who often suffer from that last condition, should also take note.
Scalability and reliability are not *necessarily* related to one another -- my pickup truck is very reliable, but if the object is to haul 40 ton loads, well, that pickup truck doesn't scale worth a damn. :)
:)
IOW, your point would have been better said as "use the right tool for the job." I remember Hotmail as it was on BSD, and yeah, it was just plain knotheaded of M$ to force their own dog food on an application it wasn't designed to handle. They should have used the right tool for the job, and if that wasn't Win2K, tough shit for the marketing dept. As it is, yeah, it demonstrates that Win2K can do the job -- if you've got all day to wait for it. Not exactly the impression they intended to give!
Just last night I happened across a site that acted like it was being served off some rickety old 386 on dialup. Being curious, I looked up the host on Netcraft, and was amazed to see it was running on linux/apache on a commercial host. If I were to take that one example as the rule, I'd conclude that linux/apache were slow as molasses. But since I know better, I have to presume that this host is simply overloaded. (Funny thing, this outfit's home server, running on BSD, is swift as can be. False advertising?
Actually, I don't think M$ wants to be *seen* as anything other than good. But regardless of what they may want as a whole, I think their decisions about when to ship products too often reflects the old tagline:
"It compiles? the first screen came up?? Ship it!!"
IOW, grabbing market opportunity NOW in preference to getting things wholly right a little later. Of course, the short shelf life (natural or artificially generated) of many products exacerbates the problem.
I believe you're right re IBM's desire to regain the crown. And that they do indeed view a million ponds as a million opportunities to be jumped into. Whereas M$ would view 'em as a million competitors to be drained and disposed of; in their view, There Can Be Only One.
Good point. Frex, a friend uses an ancient DOS-based router (which runs on any piece of crap) that only does one thing. There is no way to get it to do anything else, because the capability simply isn't there. It knows a handful of CLI commands and will only respond to extremely limited parameters (like yes/no). Trying to hack into it is an exercise in frustration -- at best you get a naked unresponsive prompt for your efforts. Conversely, if the thing was also a webserver and a locksmith and a VCR, there'd be all sorts of points where one could try to tease a vulnerability out of the interface.
:) The less you know, the less of a security risk you are. If you're a grunt who only knows the target is thataway, you're not worth "hacking into". So you can drop grunts anywhere and not worry about the enemy using their knowledge [vulnerabilities] against you, cuz there ain't none. At worst it might crash the system (kill 'em).
:)
Now that you mention it... military intelligence is largely about your need to know. If you don't NEED to know it, you don't GET to know it (unless the system fucks up, which would be a bug
Weird but insightful interpretation of Cartoon Physics
OR to rephrase it, "Always blame the current biggest target -- because no matter how good they are, anything that big is gonna overlook or screw up *something*!" And M$ has painted a target on themselves with their abuse-of-monopoly behaviour.
I think you're right that a lot of it is about control. M$'s notion of control is to make everyone use M$ stuff. IBM's notion of control is, as you say, to extend their scope. M$ tries to drain every pond other than their own; IBM tries to stock all the other ponds with their own fish. Both are about control, but the style is markedly different.
PS. Check out today's Cringely http://www.pbs.org/cringely/pulpit/pulpit20040923. html re why M$ is suddenly more interested in security. I think he's got a valid (and scary) point about how security can be misused.
[grin] Better yet, my antique WFWG (Win3.11) setup, which required neither a firewall nor any particular caution, and was used 5 years online without a single intrusion (finally retired after 7 rock-stable years of hard use). Security through braindeadness. :)
/. story about that yet?) which apparently was also in Win95. Was it the same TYPE of error, or was it an old chunk of Win95 codebase that happened to find the right conditions to resurface as a problem?
Sometimes you gotta wonder about M$... I think the coding teams probably DO care about security (and tear their hair out regularly as vulnerabilities are discovered despite their best efforts). But it's likely several things: M$ tries to evolve their software toward consumer demand, and that usually means the glitz that sells is more important, at least to the marketing types who drive business these days, than the back-end stuff only geeks know about (like weeding out every buffer overflow in 50 kazillion lines of code -- yeah, right!) Second, the codebase is just too big for ANYONE, no matter how good, to get everything right, and I suspect often suffers from both it's-still-half-baked-but-marketing-said-ship-it, and Too-Many-Cooks-who-never-met-one-another.
Frex, that major vulnerability in XP's SP2 (http://www.pcwelt.de/know-how/extras/103039/ -- has there been a
I know about both IE's half-loaded-all-the-time and Moz's systray thing... Moz still starts slow, tho that does improve matters if one can use it. (It's too much of a resource hog to do that on any non-NT Windows.) That's why I only mentioned startup in passing, cuz there's no good way to compare 'em, given IE's native cheat. -- But I was still amazed and disappointed at how slow Moz is at rendering stuff... even given guaranteed equal LOAD times, like pages from local disk. :(
I haven't looked at Firefox in a couple versions, tho I suppose I should do so again, since I actively discourage my clients from using IE.
I suppose I could do with browsers what I do with modems... "You can use any one you want, but I'll only support [brand of MY choice]". Makes 'em switch every time!
Unfortunately, I've noticed the same thing -- on my lowly P3-550/Win98, Moz 1.5 is WAAAAY slower at rendering pages, both text and images, than are IE5 and NS3 (the latter being my everyday browser). On my near-identical WinXP box, same thing -- Moz 1.5 renders pages much slower than IE6 or NS 3/4/6.0. (Both boxes have 1GB of RAM, so THAT is not the issue. And we won't even look at relative startup times.. egads!!) Oddly, Firefox was even slower than Mozilla.
I have no idea why this would be, and was both surprised and disappointed at the discovery. Especially since I detest IE..!!
Someone with a faster machine might not see the difference, tho. And I've noticed there is often a serious chunk of wishful thinking when FOSS is involved, which does nothing toward improving FOSS software. You gotta admit your bugs exist before you can fix 'em.
This file also crashed Netscape 3.04 on Win98, in fact it BSOD'd the system (a very rare event).
I tried viewing it with QuickPictureViewer (an old DOS viewer) and in its B/W preview, it shows the file as corrupted all to hell, and won't do the full display at all.