Before you ask - no, you can't just mirror the artwork. Right-handed characters would become left-handed, Japan would have people driving on the wrong side of the road, all signs and writing would be backwards, etc.
Actually, this is exactly what is done in most cases - and it is certainly done in all of Shirow's works that have been pubished in Enlgish (yes I have most of them and have been a fan of his work for years). Shirow is unusual as far as the fact that he does most of the artwork conversion himself for these releases (mostly changing the shape and size of the dialog "bubbles", but he does other stuff too).
But, the artwork is, in fact, mirrored, and right-handed people do indeed wind up using their left hands for everything.
If "Show Preview Pane" is checked (don't know if it's the default), an Outlook virus can run.
Yes it is the default. And there has been a patch for this available FOR TWO YEARS!!!
I'm hardly a M$ apologist but it just drives me up the friggin' wall everytime someone brings this up. TWO YEARS here people. In fact, when installing MS Office, VB Scripting support is an optional component, though it is selected on by default.
With W32.Klez.E@mm, the message itself, and not the attachment, causes the infection
Sorry, but that's just as silly as claiming that jpeg's are able to execute code. And just as incorrect. From SARC
Distribution:
* Subject of email: Random subject
* Name of attachment: Randomly named file with.bat,.exe,.pif or.scr extension
No, it would appear that the klez variants are simply exploiting the same unplugged holes that all the others do. Nothing remarkable to see here, folks.
The truth of the matter, is that while Microsoft has (admittedly) made some shockingly unsecure products, the greatest danger to security on their systems is just this: The lack of common sense and technical savvy of their userbase. You can plug all the holes you want, but if no one even knows that they're even supposed to patch their systems from time to time, then all that work is done for nothing.
Case in point, I was visiting my mother the other day who was having some problem with her Win98 machine (I forget what). Anyway, while I was there, I ran Windows Update and a few other things. There were a total of 18MB of patches she had not applied. Some of these dated back more than a year! She obviously had no clue that it was even necessary to patch it from time to time.
This is their biggest hurdle, and isn't one easily overcome as frankly, M$ rather relies on non-technically savvy people buying their software. I know I have a choice, but most folks just buy from OEMs and take what it comes with. They're tossed into the fold with a brand new (unsecure) Windows machine and it's never updated once after purchase...
Pay attention to the parent post here - this is excellent advice.
Backups for workstations are difficult and troublesome. I've never seen this work worth a flying turd in any kind of production evironment.
Far and away, your best bet is to migrate everyone to start saving ALL company data on a file server, preferably with some kind of RAID array for redundancy purposes. Again, as the parent post had pointed out, it's a relatively simple process to migrate everyone's "My Documents" and such to some share on your file server. If you're running Win2K, active directory can help out with this tremendously, but poledit for NT should work just fine - you might even be able to get away with something simple in the guise of logon scripts, reg files, etc.
The sacrificial lamb is also good advice - it may seem a little underhanded, but believe you me - your point will be made in a way that will stick to even the "I-can't-be-bothered-to-learn-how" types. Remember, these are tyically the ones who will be the first to crucify you in the event they lose something, and the ones you'll need to make the point across to the most.
As far as physical backups go, if you're pretty well sold on NT as the platform, then BackupExec form Veritas is a great package that I've had excellent results from, but it ain't cheap.
If you can manage to get away with using a Linux/*BSD/whatever running Samba for your file server, you may have some luck with some open source backup software (much more economical, but you will need to hit the books to get it done right without some consultants). They're pretty good from what I hear, but I haven't had much of a chance to play with them.
You'll also want a tape drive and robotic loader for your file server. These ain't cheap either, but believe me you can sell it to the suits as a necessary expense. Unless they don't value their data, that is.
I have a very-muched-loved-yet-altogether-nuts-over-religio n uncle that used to send out his own newsletter giving news from the Christian coalition mindset kind of thing. Used to annoy the hell out of me that he somehow thought that he assumed I wanted to be filled in and take action against evolution being taught in schools and such, but it wasn't worth the confrontation to tell him to STFU.
Well. One of these things he sent me a few years ago was about how the Harry Potter books were teaching our kids satanism and witchcraft and such. Now this thing was sent in all seriousness, with quotes from children (something about sucking Satan's "gigantic black cock", I don't quite recall). Anyway, he was dead serious that this was a problem that all "good christians" should take immediate action against.
Now I would normally just delete these things after getting a good laugh, since I really do like the guy despite this kind of evangelical nonsense. What caught my eye was the link to the article he was quoting from - it was (ta da) from The Onion. I nearly fell out of my chair at work from laughing so hard.
Others here have already pointed out the HUGE cash pile Nintendo is sitting atop, so I won't elaborate on that. (Not quite the size of M$'s cash reserves, but still...)
One thing I think is worth pointing out is that Nintendo has consistently been in the black since Yamauchi-san took control of the company way back when (can't remember the year, but it's been a pretty long time). This is huge and can't possibly be overstated - never, not even once, hsa Nintendo operated at a loss. This is almost unprecedented in the history of business, much less the fickle games market.
Sorry, but Nintendo isn't going anywhere. They've arguably got more of a niche appeal these days, but no one is pushing Nintendo out of the hardware market in this decade, not even the mighty (and I use that term loosely) Micro$oft. I'd even wager just the opposite is much more likely.
Re:Chinese have vision, but vision doesn't cut it.
on
China Plans Moonbase
·
· Score: 1
Uhhh... I hate to flame, but read your history books. China may have been the first to discover gunpowder, but it wasn't used for warfare other than VERY crude seige rockets. Europe adapted firearms technology from the Turks, which in an ironic turn was used to subdue most of east Asia under colonial occupation.
Can someone please explain to me how the above post is "insightful"? Well, perhaps how this is even on-topic?
"You are a typical american..."
I think that about sums up what the author was trying to illustrate - whoever you are, you've just marginalized the entire American populance based on whatever was perceived from whatever media sources you've been exposed to. How do you presume to know how I think? Because I live in the US? I must obviously be some obese Anglo-Christian gun-toting sloth bent on world domination, right? And of course, I ALWAYS agree with the actions my government takes on my behalf around the world.
Maybe you should read the article. I think it might do you some good.
This is a VERY good point that shouldn't be understated - console sales eclipse PC game sales by a HUGE factor. I can't quote exact figures, but something in the neighborhood of 10 to 1 wouldn't surprise me in the least. There's nothing even remotely close to the unit sales of say Metal Gear, Mario, Gran Turismo, et al in the PC arena.
The simple truth, is that most people don't give a crap as to whether there is support for the after-market development community for their games. In many cases, the installation for these alone is too technical, as silly as that may seem. Case in point - I had to help my younger brother install one of the "blood patches" for MOH:AA recently. Despite the (unbelievably) simple instructions for installation, he was clueless what they meant by "place the blood.pk3 file (or whatever it was called) in the "main" directory. It blew his mind that it had to be so "complicated".
Don't get me wrong - I'm as silly as a school girl at a N'Suck autogragh signing when id releases a new title, but I'll be the first to admit I'm hardly the average when it comes to video games.
This raises a very good point on spamming as a means of promotion for business ventures in general - if this "new idea" (ie spamming) was so damn effective, how come this clown is wasting away in relative obscurity, penniless (compared to Amazon's founders, et al, as illustrated above), and banned from practicing his chosen profession?
This moron isn't a revolutionary thinker, or forward thinking business man, as he would love us to believe. He's nothing more than a snake oil salesman, just like the legions of "I'm-gonna-get-rich-quick-off-of-spam" cretins he blazed the trail for.
You've hit the bullseye. While I'd love nothing more than to see Netscape, Sun, et al, pimpslap M$ into the poor house, I have a little trouble welling up any tears for poor Sun and how they've been victimized.
This suit is entirely motivated by profits, and being able to screw M$ in the process makes it all the sweeter to Mr McNealy and crew. The vultures^H^H^H^H^H^H^Hlawyers have been circling this for a while at the smell of fresh opportunity, and I have a hunch this lawsuit would have been pursued whether M$ was acttually held accountable for their actions or not (what a concept).
Then your guitar teacher doesn't have clue one what he's talking about. It's very true that a large part of a player's sound is influenced by individual technique. For example, if you pick up my guitar and play it with the same volume, amp, effects, etc, it will sound subtly different than when I pick it up due to differences in pick technique, fretting technique, and other factors.
However, the acoustic properties of any stringed instrument are determined by a large number of factors, including the type and quality of the wood used, body construction (ie bolt-on, glued-in, or body-through neck construction), the shape of the wood, the neck scale (ie, you'll NEVER EVER EVER get a Les Paul to sound like a Stratocaster due to the shorter neck scale - I don't care HOW many effects you push it through), and string gauge (thickness). In fact, guitars of the same model, year, wood, manufacturing plant, etc will often sound very different from each other simply because of subtle differences in the wood used.
Additionally, the timbre of any wooded instrument will subtly change with age. There's a very good reason that vintage instruments are sought after the way they are, and no, it's not solely because of "collector's value" or for nostalgia's sake - that wood has aged, and the acoustical properties are usually much more subtle and refined than something fresh from the manufacturer. (Of course, and I know this is cliche, they also just don't make 'em like they used to...).
Any player worth his salt will tell you that when shopping for a new guitar, ALWAYS thoroughly check out how it sounds acoustically without any amplification at all. If it doesn't sound good by itself, then it's a WHOLE lot harder to clean it up with amplification and effects.
To give a little background, I used to play professionally and taught both privately and at a private music school in Florida back in the mid-90's to pay the bills. Unfortunately, the business end of the entertainment business rubbed me the wrong way, and I've since been much happier writing code for a living.
Harry from Aint it Cool News had a review of the script earlier this week. From the sounds of it, it looks like Lucas is making up (somewhat) for the TPM debacle. I, for one, am hoping for the best.
Yeah! And then, if someone would just port Visual Basic too... And then maybe some ActiveX holes^H^H^H^Hlibraries! I guess someone will have to figure out how to make all that code always run as root, though...
</sarcasm>
Seriously, I don't mean to flame, but who else here actually likes MFC, or would prefer to use it over... well, ANYTHING else?
I can certainly appreciate the ability to churn out working code quickly, but code bloat and the necessity for distributing runtime binaries has always made it a little too close to VB for my comfort.
I do agree that VC has the IDE part down pat, and Linux sorely needs a development environment of this caliber, if for nothing else than making it more accessible to students/academia/beginners/etc. It's tough to go back to doing EVERYTHING from the command line.
Does anyone here read the article before posting? This is NOT A NEW BUG. If a patch for Win2K was released in Sept 2000, then this is pretty old news.
As for a recall: If they were planning on recalling any processors for this, I somehow doubt they would decide to wait nearly a year and a half to do it. Especially when it is EASILY patched. (Hell, even my bios gives me the option to restrict the processor to using 4KB paging, but that's far from typical.) What surprises me is it took this long for the kernel folks to catch wind of this. From what I remember, the Win2K patch for this was pretty widely publicized, in so far as ntbugtraq and M$'s notification services were involved. I guess no one even remotely involved with the kernel has to use Windows from time to time? Must be nice.
What I think the real question we should be asking is this: If this was known about and addressed (for Windows, at least) in Sept of 2000, HOW ON EARTH WAS THIS BUG NOT ADDRESSED IN THE ATHLON XP/MP CORES? Anyone?
May not be (quite) as bad as it sounds
on
WinXP Security Flaw
·
· Score: 0, Troll
This is certainly another very ugly bit of egg on the face for Redmond, but the article is misleading. For Win98 clients, the only way to be affected by this bug is if they had independently installed the ICS software from WinXP. In WinMe, it is present as an installable option, but is NOT installed by default.
Also, according to the M$ bulletin:
"Standard firewalling practices (specifically, blocking ports 1900 and 5000) could be used to protect corporate networks from Internet-based attacks."
Call me crazy, but any sysadmin interested in keeping his/her job doesn't blindly leave ports open on the firewall. Not that that would help out poor mom and pop who just bought a fancy new Dell because that nice boy Steve on the television told them it was cool, but what can you do? Anyone with any kind of "always on" connection would have to be an idiot to not engage some kind of firewall for their connection. The fact that M$ has a (limited) firewall functionality built into XP is at least a step in the right direction. I haven't played with it, so I don't know whether it installs by default, or requires any kind of real technical knowledge to setup (it's Windows, so my guess is no).
The fact that they can still have holes like these in any code that runs in a priveleged level is simply unforgiveable, though. I mean, isn't it simply a commonly accepted development practice to place safegaurds (ie, using strnlen() as opposed to strlen() or something - it's been a while since I've done any network coding) in any and all buffers receiving any kind of data from any kind of socket connection?
While I agree - the kernel is one of the best in the business for a client OS - it doesn't scale well past 8 or so CPU's. It'll run, but you'll see better results clustering.
Until earlier this year, I worked at IBM Austin on the OS/2 base team, mostly analyzing core dumps and the like. I remember hearing about this there, and was surprised that no one - including anyone in development management - had ever heard of it. While I applaud Security Systems efforts to attempt to market this OS to the public (lets face it - IBM gave up years ago), I'd be very interested to see where this goes from a support perspective. None of the IBM coders who still provide defect support for OS/2 have any involvement in this. If a nasty bug appears in any of the code, IBM isn't likely to fix it, and I'd assume that OS/2 fixpaks won't work with this (last I heard, they were going to charge subscriptions to receive them, anyway). I would assume that SS doesn't have a full code license, as I can't believe M$ would allow anyone a full code license - and FYI, yes they still have a say - even if they completely yanked out the Win-OS/2 code, it's so tightly integrated within PMShell, you'd never be completely free of it as it would most likely require a complete re-write. That's a few million lines of code, large portions of which are entirely in x86 assembly. Hardly a weekend job.;-)
A few corrections: Unless the guys at SS made some substantial modifications to the boot loader (not very likely), the bit about having to boot off of a HPFS partition is blatently false. Os/2 supports boot off of fat, fat32 (with the danidasd freeware fat32 IFS driver - I forget who made it, but VERY nice), or HPFS386 (the filesystem the eBusiness and earlier server versions could utiliza, albeit you had to purchase it as a seperate license). IIRC, JFS partitions were non-bootable, but there were so many problems with the IFS driver, you'd be insane to try it, anyway.
I can also appreciate what the reviewer was mentioning about LVM - while it is extremely powerful and flexible, it is an absolute bitch. In fact, you can't completely get rid of it once installed on a drive without doing a low-level format (at least for the versions that shipped with MCP/ACP - this might have changed since). It was an in-joke with the support staff that a virus (LVM) had made it into the release build.
Anyway, best of luck to these guys. I might consider purchasing it if it weren't so damn much. It'll be interesting to see where this goes, and if there are still enough OS/2 nuts out there to provide a niche market for it.
Slashdot Mirror
Before you ask - no, you can't just mirror the artwork. Right-handed characters would become left-handed, Japan would have people driving on the wrong side of the road, all signs and writing would be backwards, etc.
Actually, this is exactly what is done in most cases - and it is certainly done in all of Shirow's works that have been pubished in Enlgish (yes I have most of them and have been a fan of his work for years). Shirow is unusual as far as the fact that he does most of the artwork conversion himself for these releases (mostly changing the shape and size of the dialog "bubbles", but he does other stuff too).
But, the artwork is, in fact, mirrored, and right-handed people do indeed wind up using their left hands for everything.
If "Show Preview Pane" is checked (don't know if it's the default), an Outlook virus can run.
.bat, .exe, .pif or .scr extension
...
Yes it is the default. And there has been a patch for this available FOR TWO YEARS!!!
I'm hardly a M$ apologist but it just drives me up the friggin' wall everytime someone brings this up. TWO YEARS here people. In fact, when installing MS Office, VB Scripting support is an optional component, though it is selected on by default.
With W32.Klez.E@mm, the message itself, and not the attachment, causes the infection
Sorry, but that's just as silly as claiming that jpeg's are able to execute code. And just as incorrect. From SARC
Distribution:
* Subject of email: Random subject
* Name of attachment: Randomly named file with
No, it would appear that the klez variants are simply exploiting the same unplugged holes that all the others do. Nothing remarkable to see here, folks.
The truth of the matter, is that while Microsoft has (admittedly) made some shockingly unsecure products, the greatest danger to security on their systems is just this: The lack of common sense and technical savvy of their userbase. You can plug all the holes you want, but if no one even knows that they're even supposed to patch their systems from time to time, then all that work is done for nothing.
Case in point, I was visiting my mother the other day who was having some problem with her Win98 machine (I forget what). Anyway, while I was there, I ran Windows Update and a few other things. There were a total of 18MB of patches she had not applied. Some of these dated back more than a year! She obviously had no clue that it was even necessary to patch it from time to time.
This is their biggest hurdle, and isn't one easily overcome as frankly, M$ rather relies on non-technically savvy people buying their software. I know I have a choice, but most folks just buy from OEMs and take what it comes with. They're tossed into the fold with a brand new (unsecure) Windows machine and it's never updated once after purchase
Pay attention to the parent post here - this is excellent advice.
Backups for workstations are difficult and troublesome. I've never seen this work worth a flying turd in any kind of production evironment.
Far and away, your best bet is to migrate everyone to start saving ALL company data on a file server, preferably with some kind of RAID array for redundancy purposes. Again, as the parent post had pointed out, it's a relatively simple process to migrate everyone's "My Documents" and such to some share on your file server. If you're running Win2K, active directory can help out with this tremendously, but poledit for NT should work just fine - you might even be able to get away with something simple in the guise of logon scripts, reg files, etc.
The sacrificial lamb is also good advice - it may seem a little underhanded, but believe you me - your point will be made in a way that will stick to even the "I-can't-be-bothered-to-learn-how" types. Remember, these are tyically the ones who will be the first to crucify you in the event they lose something, and the ones you'll need to make the point across to the most.
As far as physical backups go, if you're pretty well sold on NT as the platform, then BackupExec form Veritas is a great package that I've had excellent results from, but it ain't cheap.
If you can manage to get away with using a Linux/*BSD/whatever running Samba for your file server, you may have some luck with some open source backup software (much more economical, but you will need to hit the books to get it done right without some consultants). They're pretty good from what I hear, but I haven't had much of a chance to play with them.
You'll also want a tape drive and robotic loader for your file server. These ain't cheap either, but believe me you can sell it to the suits as a necessary expense. Unless they don't value their data, that is.
I have a very-muched-loved-yet-altogether-nuts-over-religio n uncle that used to send out his own newsletter giving news from the Christian coalition mindset kind of thing. Used to annoy the hell out of me that he somehow thought that he assumed I wanted to be filled in and take action against evolution being taught in schools and such, but it wasn't worth the confrontation to tell him to STFU.
Well. One of these things he sent me a few years ago was about how the Harry Potter books were teaching our kids satanism and witchcraft and such. Now this thing was sent in all seriousness, with quotes from children (something about sucking Satan's "gigantic black cock", I don't quite recall). Anyway, he was dead serious that this was a problem that all "good christians" should take immediate action against.
Now I would normally just delete these things after getting a good laugh, since I really do like the guy despite this kind of evangelical nonsense. What caught my eye was the link to the article he was quoting from - it was (ta da) from The Onion. I nearly fell out of my chair at work from laughing so hard.
Others here have already pointed out the HUGE cash pile Nintendo is sitting atop, so I won't elaborate on that. (Not quite the size of M$'s cash reserves, but still...)
One thing I think is worth pointing out is that Nintendo has consistently been in the black since Yamauchi-san took control of the company way back when (can't remember the year, but it's been a pretty long time). This is huge and can't possibly be overstated - never, not even once, hsa Nintendo operated at a loss. This is almost unprecedented in the history of business, much less the fickle games market.
Sorry, but Nintendo isn't going anywhere. They've arguably got more of a niche appeal these days, but no one is pushing Nintendo out of the hardware market in this decade, not even the mighty (and I use that term loosely) Micro$oft. I'd even wager just the opposite is much more likely.
Uhhh ... I hate to flame, but read your history books. China may have been the first to discover gunpowder, but it wasn't used for warfare other than VERY crude seige rockets. Europe adapted firearms technology from the Turks, which in an ironic turn was used to subdue most of east Asia under colonial occupation.
Can someone please explain to me how the above post is "insightful"? Well, perhaps how this is even on-topic?
..."
"You are a typical american
I think that about sums up what the author was trying to illustrate - whoever you are, you've just marginalized the entire American populance based on whatever was perceived from whatever media sources you've been exposed to. How do you presume to know how I think? Because I live in the US? I must obviously be some obese Anglo-Christian gun-toting sloth bent on world domination, right? And of course, I ALWAYS agree with the actions my government takes on my behalf around the world.
Maybe you should read the article. I think it might do you some good.
This is a VERY good point that shouldn't be understated - console sales eclipse PC game sales by a HUGE factor. I can't quote exact figures, but something in the neighborhood of 10 to 1 wouldn't surprise me in the least. There's nothing even remotely close to the unit sales of say Metal Gear, Mario, Gran Turismo, et al in the PC arena.
The simple truth, is that most people don't give a crap as to whether there is support for the after-market development community for their games. In many cases, the installation for these alone is too technical, as silly as that may seem. Case in point - I had to help my younger brother install one of the "blood patches" for MOH:AA recently. Despite the (unbelievably) simple instructions for installation, he was clueless what they meant by "place the blood.pk3 file (or whatever it was called) in the "main" directory. It blew his mind that it had to be so "complicated".
Don't get me wrong - I'm as silly as a school girl at a N'Suck autogragh signing when id releases a new title, but I'll be the first to admit I'm hardly the average when it comes to video games.
This raises a very good point on spamming as a means of promotion for business ventures in general - if this "new idea" (ie spamming) was so damn effective, how come this clown is wasting away in relative obscurity, penniless (compared to Amazon's founders, et al, as illustrated above), and banned from practicing his chosen profession?
This moron isn't a revolutionary thinker, or forward thinking business man, as he would love us to believe. He's nothing more than a snake oil salesman, just like the legions of "I'm-gonna-get-rich-quick-off-of-spam" cretins he blazed the trail for.
The floor salespeople at most retail outlets are so unbeleivably incompetent.
Isn't that why they're working in retail in the first place?
Please mod parent up.
Amen.
You've hit the bullseye. While I'd love nothing more than to see Netscape, Sun, et al, pimpslap M$ into the poor house, I have a little trouble welling up any tears for poor Sun and how they've been victimized.
This suit is entirely motivated by profits, and being able to screw M$ in the process makes it all the sweeter to Mr McNealy and crew. The vultures^H^H^H^H^H^H^Hlawyers have been circling this for a while at the smell of fresh opportunity, and I have a hunch this lawsuit would have been pursued whether M$ was acttually held accountable for their actions or not (what a concept).
Then your guitar teacher doesn't have clue one what he's talking about. It's very true that a large part of a player's sound is influenced by individual technique. For example, if you pick up my guitar and play it with the same volume, amp, effects, etc, it will sound subtly different than when I pick it up due to differences in pick technique, fretting technique, and other factors.
...).
However, the acoustic properties of any stringed instrument are determined by a large number of factors, including the type and quality of the wood used, body construction (ie bolt-on, glued-in, or body-through neck construction), the shape of the wood, the neck scale (ie, you'll NEVER EVER EVER get a Les Paul to sound like a Stratocaster due to the shorter neck scale - I don't care HOW many effects you push it through), and string gauge (thickness). In fact, guitars of the same model, year, wood, manufacturing plant, etc will often sound very different from each other simply because of subtle differences in the wood used.
Additionally, the timbre of any wooded instrument will subtly change with age. There's a very good reason that vintage instruments are sought after the way they are, and no, it's not solely because of "collector's value" or for nostalgia's sake - that wood has aged, and the acoustical properties are usually much more subtle and refined than something fresh from the manufacturer. (Of course, and I know this is cliche, they also just don't make 'em like they used to
Any player worth his salt will tell you that when shopping for a new guitar, ALWAYS thoroughly check out how it sounds acoustically without any amplification at all. If it doesn't sound good by itself, then it's a WHOLE lot harder to clean it up with amplification and effects.
To give a little background, I used to play professionally and taught both privately and at a private music school in Florida back in the mid-90's to pay the bills. Unfortunately, the business end of the entertainment business rubbed me the wrong way, and I've since been much happier writing code for a living.
Harry from Aint it Cool News had a review of the script earlier this week. From the sounds of it, it looks like Lucas is making up (somewhat) for the TPM debacle. I, for one, am hoping for the best.
Yeah! And then, if someone would just port Visual Basic too
</sarcasm>
Seriously, I don't mean to flame, but who else here actually likes MFC, or would prefer to use it over
I can certainly appreciate the ability to churn out working code quickly, but code bloat and the necessity for distributing runtime binaries has always made it a little too close to VB for my comfort.
I do agree that VC has the IDE part down pat, and Linux sorely needs a development environment of this caliber, if for nothing else than making it more accessible to students/academia/beginners/etc. It's tough to go back to doing EVERYTHING from the command line.
Does anyone here read the article before posting? This is NOT A NEW BUG. If a patch for Win2K was released in Sept 2000, then this is pretty old news. As for a recall: If they were planning on recalling any processors for this, I somehow doubt they would decide to wait nearly a year and a half to do it. Especially when it is EASILY patched. (Hell, even my bios gives me the option to restrict the processor to using 4KB paging, but that's far from typical.) What surprises me is it took this long for the kernel folks to catch wind of this. From what I remember, the Win2K patch for this was pretty widely publicized, in so far as ntbugtraq and M$'s notification services were involved. I guess no one even remotely involved with the kernel has to use Windows from time to time? Must be nice. What I think the real question we should be asking is this: If this was known about and addressed (for Windows, at least) in Sept of 2000, HOW ON EARTH WAS THIS BUG NOT ADDRESSED IN THE ATHLON XP/MP CORES? Anyone?
This is certainly another very ugly bit of egg on the face for Redmond, but the article is misleading. For Win98 clients, the only way to be affected by this bug is if they had independently installed the ICS software from WinXP. In WinMe, it is present as an installable option, but is NOT installed by default.
Also, according to the M$ bulletin:
"Standard firewalling practices (specifically, blocking ports 1900 and 5000) could be used to protect corporate networks from Internet-based attacks."
Call me crazy, but any sysadmin interested in keeping his/her job doesn't blindly leave ports open on the firewall. Not that that would help out poor mom and pop who just bought a fancy new Dell because that nice boy Steve on the television told them it was cool, but what can you do? Anyone with any kind of "always on" connection would have to be an idiot to not engage some kind of firewall for their connection. The fact that M$ has a (limited) firewall functionality built into XP is at least a step in the right direction. I haven't played with it, so I don't know whether it installs by default, or requires any kind of real technical knowledge to setup (it's Windows, so my guess is no).
The fact that they can still have holes like these in any code that runs in a priveleged level is simply unforgiveable, though. I mean, isn't it simply a commonly accepted development practice to place safegaurds (ie, using strnlen() as opposed to strlen() or something - it's been a while since I've done any network coding) in any and all buffers receiving any kind of data from any kind of socket connection?
While I agree - the kernel is one of the best in the business for a client OS - it doesn't scale well past 8 or so CPU's. It'll run, but you'll see better results clustering.
Until earlier this year, I worked at IBM Austin on the OS/2 base team, mostly analyzing core dumps and the like. I remember hearing about this there, and was surprised that no one - including anyone in development management - had ever heard of it. While I applaud Security Systems efforts to attempt to market this OS to the public (lets face it - IBM gave up years ago), I'd be very interested to see where this goes from a support perspective. None of the IBM coders who still provide defect support for OS/2 have any involvement in this. If a nasty bug appears in any of the code, IBM isn't likely to fix it, and I'd assume that OS/2 fixpaks won't work with this (last I heard, they were going to charge subscriptions to receive them, anyway). I would assume that SS doesn't have a full code license, as I can't believe M$ would allow anyone a full code license - and FYI, yes they still have a say - even if they completely yanked out the Win-OS/2 code, it's so tightly integrated within PMShell, you'd never be completely free of it as it would most likely require a complete re-write. That's a few million lines of code, large portions of which are entirely in x86 assembly. Hardly a weekend job. ;-)
A few corrections: Unless the guys at SS made some substantial modifications to the boot loader (not very likely), the bit about having to boot off of a HPFS partition is blatently false. Os/2 supports boot off of fat, fat32 (with the danidasd freeware fat32 IFS driver - I forget who made it, but VERY nice), or HPFS386 (the filesystem the eBusiness and earlier server versions could utiliza, albeit you had to purchase it as a seperate license). IIRC, JFS partitions were non-bootable, but there were so many problems with the IFS driver, you'd be insane to try it, anyway.
I can also appreciate what the reviewer was mentioning about LVM - while it is extremely powerful and flexible, it is an absolute bitch. In fact, you can't completely get rid of it once installed on a drive without doing a low-level format (at least for the versions that shipped with MCP/ACP - this might have changed since). It was an in-joke with the support staff that a virus (LVM) had made it into the release build.
Anyway, best of luck to these guys. I might consider purchasing it if it weren't so damn much. It'll be interesting to see where this goes, and if there are still enough OS/2 nuts out there to provide a niche market for it.
... at http://www.movie-list.com/s/starwars2.shtml, in case anyone is having any problems (or wants it in mpeg ;-)