If Debian is so scalable, why does it take them so much longer than any other OS vendor to simply do a release? How comes the software even in the "unstable" version is so often out of date? If it's so robust, how comes that shortly after their last stable release it was revealed that their entire security infrastructure revolved around one man, and that when he went on holiday the flow of updates simply stopped?
It seems to me that if you wished to advertise Debian, scalability and robustness would be the last qualities you'd choose to highlight. Instead you might want to focus on its dedication to the ideals of free software (that doesn't entice many people to install it though...) or the fact that it runs on so many CPU architectures (hmm... ditto). Actually, I can't think of any compelling reasons for the majority to run Debian directly. I say this even though I use Debian on my own server.... the original reasoning for this was that I felt at least the community was big and stable so there would be a reliable supply of security updates. That was before I found out about the size of their security team and the bandwidth bottlenecks on their servers (eg, Xfree update). After that I found myself wishing I'd installed Red Hat instead.
I guess many people agree with me because these days I see very few people advertising Debian as the Wonder OS that it was promoted as when I first got into Linux. These days people tend to promote it by pointing to the (significantly more popular) operating systems built upon it, like Ubuntu or Knoppix. Of course, it's not exactly great PR to promote yourself as the base for what are effectively (policy and project-wise) forks, but marketing was never Debians strong point...
And buddy icons are a pretty essential feature for any modern IM network/client anyway. It's things like this that the Jabber guys never really understood or targetted... if you look at the JEPs which have actually been formally accepted on top of the core protocol, an RPC framework is one of them, buddy icons are not. I believe the Jabber buddyicon support coming up in GTalk is simply reusing a hack Apple added for iChat.
I'm tired of this discussion. You believe what you want to believe.
One thing: nearly all copy protection systems for games advertise the time taken to crack the game, because game publishers aren't fussed about the difference between taking a year to crack and never being cracked. If you plot revenue brought in by a game then for most it tapers off to almost nothing after less than a year. Generally, if the copy protection holds for a few months then 99% of those who were waiting for a crack will just go out and buy it. So it has succeeded by the game publishers measure.
Yet nonetheless had a web-browser based code execution exploit available just days after 10.4 was released (and there have been others in the past), so that doesn't mean an awful lot. Especially as ActiveX is rarely used as an entrypoint for spyware these days.
doesn't have services running out of the box,
Huh? WTF is LaunchServices if not a service? There's all kinds of crap running in the background of any modern OS, windows, Linux, MacOS - you name it, it's got stuff going on that you can't see.
and doesn't have an unfortunate legacy meaning almost all apps require continual admin access
It has an unfortunately legacy in the form of Objective-C and the InputManager framework that lets you trivially reverse engineer and binary patch running apps. Remember that many of the things 'bots do don't require admin access anyway....
I think many Linux and Mac users are too smug about this whole mess - no existing desktop OS is really cut out for dealing with a world in which software attacks other software on a regular basis, because the threat emerged very recently.
I've explained how WM was cracked along with every single other similar media DRM system, and your satelite providers, smart-cards regardless. It's quite simple. You seemed to just ignore what I said. Did you not understand? In either case you wait 'till this elaborate black box does the decrypting for you (since it must, since that's its purpose), and you capture the data...
Wonderful.... IIRC there weren't many DVDs available for download in the days when you had to point your camcorder at the screen to "copy" it. DRM isn't about absolutes, something you still fail to realise, it's about making it awkward enough that nobody bothers making copies (and/or uploading them). In the case of smartcard DRM this basically means making it expensive enough.
I did your google search, smirking all the while. No surprise, it doesn't give the results you claim, and for the most part says exactly the opposite. It's full of instructions for cracking starforce protected games.
Most of those instructions either don't work, are specific to badly protected games or involve rewiring the internals of your computer - something most potential pirates are not going to bother with. There's no generic software crack for StarForce and never has been. Even if you could decrypt the game content, the crack would be the same size as the original game, posing problems for distribution.
Of course if you're not ignorant of the underlying engineering issues you wouldn't be surprised.
I have excellent knowledge of the underlying engineering issues. I've reverse engineered more than one copy protection system in my time in order to make it run on Wine, and I can absolutely believe the claims I read about StarForce. It's surprising that they managed it, but not too surprising. Of course how well protected the game is depends on how much effort the developers put in...
There are various lists of uncracked games (or games that took a long time to crack), like the one here.
Windows was a desktop operating system, and generally they must be able to do many things rather unlike the equivalent server OS which must be able to do only one or two things but very well.
If you want to compare like with like, you must check Windows against MacOS. Both MacOS Classic and OS X have a very poor track record of security: there have been multiple instant code execution exploits for OS X that can be triggered via a web browser in brand new code, not stuff that was written decades ago. Worse, there are tutorials out on the net showing you have to write programs that, eg, dump the contents of forms on Safari SSL connections - so you can quite easily write spyware that simply sends bank details to the owner.
Windows 3.0?! Ok, if it was a problem back then, why didn't it get fixed when the security environment changed?
There are a large number of 16 bit (ie Win3.0/3.1) apps out there that are still in industrial use. They tend to be obscure things - applications for subtitling TV transmissions, interfacing to medical kit etc. Although it may be hard for you to believe there are no apps out there more than 10 years old in fact there are, and often the computers these apps run on are upgraded to new versions of Windows as time goes by (because it'd be a huge pain to have like 8 versions of Windows in use in a single organisation).
Fixing this flaw does in fact break backwards compatibility, and that means somewhere some random app we've never heard is is broken right about now - of this I am almost certain. That has a cost, and nobody wants to break peoples apps and cause network admins headaches without good reason.
Apple realized that it's legacy code was no good years ago and succesfully ditched it in favor of something more modern, why can't windows do the same?
Apple did no such thing - they maintained a compatibility mode in the OS and more importantly kept the Carbon APIs around mostly complete so legacy code could be ported over very easily. And of course, Apple had hardly any mission-critical apps running on their platform anyway so the pain and cost was much less than it would be for Microsoft.
In fact, Windows does run Windows 3.1 apps in a VM type process these days, it's called a WoW (Windows on Windows) VM, but the integration is so tight most users never even realise it. Except for looking a bit dated the apps continue to run correctly and appear on the same desktop etc. In other words, Microsoft already did what you asked for!
Now it didn't mitigate this vulnerability, because the Microsoft developers who wrote the Windows Image/Fax viewer wanted to support every file format they could, and when supporting WMF was so easy why not do it? They unfortunately didn't get the memo about this being a potential attack vector: this is a failure of corporate communications, and perhaps over-zealous developers, not a failure of operating system design.
As an interesting historical aside, Raymond Chen has said that back in the early days of the Windows 95 project there were in fact two competing approaches to 3.1 compatibility: a VMware type approach where the 16 bit environment ran inside a window box that was in turn running a copy of Windows 3.1.... and the approach they actually ended up using which was based on API thunks. The thunk approach was more complex but had much better integration, much lower resource usage (not running two operating systems on top of each other) and in usability tests came out on top every time. Everybody who tried the tight integration approach preferred it, and MS management felt they couldn't ask users to put up with a very jarring experience - potentially forever, in the case of apps that'd never be ported to Win32.
Windows Media DRM renews itself when faced with a crack, and there hasn't been a working crack for correctly renewed content for nearly a year (when set up correctly media auto-renews itself within days of a patch being posted by Microsoft).
As to games that haven't been cracked, there are long lists on the web. Google "StarForce crack" to find some discussion of this. And these are PC games by the way, not console games.
And if you want to read about satellite TV DRM then go here. It took several iterations to get it right, but there has been no pirate activity since.
And finally, if you're going to make ridiculous assertions like "XBox was cracked by some kid, therefore all hardware security can be cracked by some kid" then go learn about the technology itself. And FWIW xbox and DVD security were not easily cracked, in both cases a huge amount of effort was put into it and it was only possible due to flaws in the systems construction (and in both cases, the next iterations of the respective technologies close those holes).
I'm not saying hardware DRM can never be cracked. I'm saying that when done correctly it's so difficult nobody will bother.
This is idiotic - virtually nobody put DVDs on Kazaa or suprnova back when they only way was to point a VCR at the screen or use some complicated standalone player/laptop re-encoder combination. DRM doesn't have to be perfect to be successful and I never said it did - it just has to make things awkward enough that people buy the content instead of pirating it.
Excellent. We need more economic/social discussion like this. I said in another post that DRM is a symptom and this is the sort of thinking that will really defeat it eventually - eliminate the idea of information as property and DRM becomes pointless.
Now, on this idea specifically, it already exists. The BBC is funded by a license fee, and produces much digital content that is freely available to all UK citizens. There are a few things to bear in mind:
The BBC shows this can work. However it is far from uncontroversial. My own parents were the other day discussing how they feel it's unfair that they pay for the BBC website when they hardly ever use it. They felt that the license fee should only fund TV and radio. I pointed out that they listen to BBC Radio 4 (talk radio) which is very expensive, yet I never do, I only use the website. See - everybody 'consumes' different entertainment, but inevitably people feel they should only pay for what they use. Actually I don't mind the flat license fee, but some people are more right-wing.
The BBC was set up in a different time, in the World War I/II eras, some time before TV even existed. The mood of UK society was much different back then. The economic dominance of the US and its strongly capitalist philosphies, along with the free-market ideologies of Thatcher and New Labour would make it totally impossible to set up today. No chance in hell. You would be laughed at for suggesting that an enormous organisation funded by a TV tax should be set up to compete with the private sector.
The BBCs content is not unrestricted! Their TV transmissions are restricted to the UK by the physics of radio waves, except for things like the world service which are funded by the Foreign Office, and BBC America etc which are partly commercial. DVDs of their TV shows aren't free, and in fact cost as much as regular shows (ie you aren't just paying for the physical media). When they begin streaming video over the internet it'll be IP Geocoded so only UK residents can watch.
This is because the content still has intrinsic value: even though in the UK it's paid for with a flat fee, outside of the country it can still be sold just like normal property can. So it's sold to competing networks rather than put on the internet for free. People like my parents would agree with this, because they would otherwise feel it would be unfair to fund the rest of the worlds entertainment.
In short, it's not a bad idea and has many merits, but is unlikely to gain traction. We need to keep thinking.
You can't use DRM for security, because the whole system is designed around the premise that you are the threat.
You can, and actually a lot of DRM research is going into business applications. Businesses are quite interested in it because it'd help them ensure document security and prevent leaks... right now the ones that need to be careful about such things (list X etc) have strong firewalls and block USB ports with putty, but this is very inconvenient. A strong DRM infrastructure would let them be much more fine grained.
There has never been a functional DRM system, and there never will be, because it is impossible to create one.
This is clearly not true. I can think of several DRM systems that "work":
Latest version of Windows Media hasn't (as far as I know) been cracked for nearly a year. And this is on hardware that totally gives the advantage to the attackers.
Digital Satellite DRM in the UK has never been cracked. The P4 system used by DirecTV does not have a widespread crack and never has.
The StarForce copy protection system for games offers many levels of protection depending on how much work the developers are willing to do. In some cases, it's never been cracked. In other cases it was only cracked months after the game was released (by which point most people have stopped waiting and gone to buy it).
I see a lot of crap going around about how DRM can never work because you have to give users both lock and key. This is based on an unfounded assumption - namely that the user can get the key out of the system easily. In all successful DRM systems I've seen the key is so well protected most users cannot ever hope to do it (and in systems where the hardware was designed to prevent it, it's damn near impossible).
Now, if people really believe DRM is the devil etc, please explain to me how to solve the problem of 99% of 'young people' just download movies, TV and music off the net whenever they want without paying for it? I mean DRM is costly to develop and maintain, but otherwise rational businesses do it because the cost is far lower than having your customers just walk into the shop and walk out with whatever they want. DRM is a symptom of a deeper problem, which is mostly economic and social. Don't like DRM? Me neither. So let's figure out an economic or social solution!
Really? I use a SonyEricsson W800i phone, which has a reasonably decent MP3/AAC player app built in, and it works well. Not as much storage as an iPod but the convenience of having one (small/light) device with excellent battery life outweighs that for me. Especially as I can easily swap music in/out - it just appears as a USB mass storage device so there's no dumb games with needing to use iTunes to put music on there.
I think if Apple did this, it'd be a smart move. iPods are great and all but the phone manufacturers aren't standing still. SonyEricsson specifically has been making very slick and pretty UI lately, full of MacOS style transitions and animations. I think the majority will find what I've found: namely, that it's nicer to just have one device that does everything especially if it's got a good UI.
And in relation to the grandparents post, I don't find it awkward having them combined. If the phone rings whilst I'm listening to music it just switches off the music until I finish the call. Nothing to it.
It's based on Qt, which doesn't use the native rendering APIs on the Mac, hence the old style and slightly odd rendering glitches.
That said, I find it rich that Mac users whinge when getting ports of Windows apps yet when Apple ports Mac apps to Windows blatant HIG/toolkit violations are the order of the day. *cough* QuickTime *cough*
That works for a while. Once any alternative becomes popular, unless it was designed specifically to resist malicious software (and no shipping desktop ready OS today is) then it'll just have the same problems. Malware authors these days react *very* fast. So I don't think this is a solution I'd push strongly.
Trillian isn't that wonderful. It has even worse usability problems than the official MSN client does. Sure it looks a load better, but it took me about 10 mins to figure out how to change my MSN display name (answer: click on the mail icon). Meanwhile I went up about 6 blind alleys, and got very frustrated.
Trillian is many things, but clean and usable UI it is not.
The Mono VM isn't all that great performance wise, from what I've seen. Suns Mustang VM implements many optimisations Mono does not, as does (it seems) MS.NET
And in the open source VM landscape, LLVM has a much more robust and well documented framework for writing new optimisations (it already has many that Mono does not). I've talked to the LLVM guys, quite a few of whom are compiler specialists or have spent many years writing compilers, and they don't have a high opinion of the Mono VM.
That said, the VM is only a small part of what makes Mono cool. So don't get me wrong. I'm not complaining. But to say "it's the only one that performs well" is rather misleading.
Not exactly. The reason Wine is hard and Mono is less hard, is because there's a metric ton of Win32 apps out there that people want to use and not very many.NET apps. Binary compatibility is HARD no matter what platform you use, and with Wine the result of not having it is very visible, your apps crash. With Mono it's not so visible because I'd bet 99% of the people who've used Mono have used it with apps built for it specifically - not for running Windows.NET apps.
In fact, in the past I have tried running libraries and programs designed for Windows.NET on Mono, and they have failed every single time. Last time around I wrote a patch to fill in a missing piece actually.
I can guarantee, if there were actually apps or games out there written in pure.NET that people cared about, you'd see Mono having the same problems. Hell, they have the same problems anyway, I've seen more than one developer bitch about how they upgraded Mono or the toolchain and their app broke, usually due to lousy backwards compatibility and QA on the part of the Mono team! And that's compatibility with itself!
Hell yes, I'll take the opportunity to pimp Foxit reader too. Great, great software.
The nice thing about Foxit (apart from the instant rendering and startup) is that they went out of their way to make it look identical to the regular Adobe Reader. There is even a little advert bar that amusingly can be switched off in the view menu.
The company behind it make a PDF rendering component for Windows, which I guess is how they make money. The basic version of Foxit is free (but not libre).
That's true, but remember that they are ad-free. So the cost of the progams on TV is subsidised by the adverts - and I know I would be happy to pay a bit more to get rid of those horrid things.
What you're thinking of is called address space layout randomization, and is implemented on Linux since some time ago (if you're a RH/Fedora user). There are commercial packages which add it to Windows, but AFAIK they carry a heavy performance penalty as the Win32 PE file format requires something called "rebasing" to move it around inside the address space. That requires binary patching of the in-memory DLL image by the linker, which makes them non-shareable, which increases memory consumption dramatically.
Now, you could ask, why don't Microsoft improve the PE format so it works more like ELF, use the new format for their own system DLLs and then randomize them. And you'd have an interesting question - I don't know why not. Presumably it's considered very difficult, I know that a few Microsoft employees have mentioned they hate touching very low level code like the linker because so few people understand it these days and it's so easy to break things.
FWIW I've spent several years as a Wine developer, and I definitely consider it to be emulation.
That said, this story is just a lot of scaremongering from ZDNet. Sure, you could be hacked through this if you run IE in Wine and use it as a general web browser (which I doubt anybody does), but the damage would be limited to the virtual Windows environment which can be blown away and reset in 20 seconds. It's not like the reinstall from scratch job a real Windows would require. Wine also ignores any startup entries software may install.
Still, it should be fixed, probably in the same way that MS did it. And in fact Marcus has already posted a patch that would do this, so I expect it'll be fixed soon enough.
Slashdot Mirror
This sort of thing reminds me of Joel Spolski's opinion on advertising:
The idea of advertising is to lie without getting caught. Most companies, when they run an advertising campaign, simply take the most unfortunate truth about their company, turn it upside down ("lie"), and drill that lie home
If Debian is so scalable, why does it take them so much longer than any other OS vendor to simply do a release? How comes the software even in the "unstable" version is so often out of date? If it's so robust, how comes that shortly after their last stable release it was revealed that their entire security infrastructure revolved around one man, and that when he went on holiday the flow of updates simply stopped?
It seems to me that if you wished to advertise Debian, scalability and robustness would be the last qualities you'd choose to highlight. Instead you might want to focus on its dedication to the ideals of free software (that doesn't entice many people to install it though ...) or the fact that it runs on so many CPU architectures (hmm ... ditto). Actually, I can't think of any compelling reasons for the majority to run Debian directly. I say this even though I use Debian on my own server .... the original reasoning for this was that I felt at least the community was big and stable so there would be a reliable supply of security updates. That was before I found out about the size of their security team and the bandwidth bottlenecks on their servers (eg, Xfree update). After that I found myself wishing I'd installed Red Hat instead.
I guess many people agree with me because these days I see very few people advertising Debian as the Wonder OS that it was promoted as when I first got into Linux. These days people tend to promote it by pointing to the (significantly more popular) operating systems built upon it, like Ubuntu or Knoppix. Of course, it's not exactly great PR to promote yourself as the base for what are effectively (policy and project-wise) forks, but marketing was never Debians strong point ...
And buddy icons are a pretty essential feature for any modern IM network/client anyway. It's things like this that the Jabber guys never really understood or targetted ... if you look at the JEPs which have actually been formally accepted on top of the core protocol, an RPC framework is one of them, buddy icons are not. I believe the Jabber buddyicon support coming up in GTalk is simply reusing a hack Apple added for iChat.
One thing: nearly all copy protection systems for games advertise the time taken to crack the game, because game publishers aren't fussed about the difference between taking a year to crack and never being cracked. If you plot revenue brought in by a game then for most it tapers off to almost nothing after less than a year. Generally, if the copy protection holds for a few months then 99% of those who were waiting for a crack will just go out and buy it. So it has succeeded by the game publishers measure.
Yet nonetheless had a web-browser based code execution exploit available just days after 10.4 was released (and there have been others in the past), so that doesn't mean an awful lot. Especially as ActiveX is rarely used as an entrypoint for spyware these days.
Huh? WTF is LaunchServices if not a service? There's all kinds of crap running in the background of any modern OS, windows, Linux, MacOS - you name it, it's got stuff going on that you can't see.
It has an unfortunately legacy in the form of Objective-C and the InputManager framework that lets you trivially reverse engineer and binary patch running apps. Remember that many of the things 'bots do don't require admin access anyway ....
I think many Linux and Mac users are too smug about this whole mess - no existing desktop OS is really cut out for dealing with a world in which software attacks other software on a regular basis, because the threat emerged very recently.
Wonderful .... IIRC there weren't many DVDs available for download in the days when you had to point your camcorder at the screen to "copy" it. DRM isn't about absolutes, something you still fail to realise, it's about making it awkward enough that nobody bothers making copies (and/or uploading them). In the case of smartcard DRM this basically means making it expensive enough.
I did your google search, smirking all the while. No surprise, it doesn't give the results you claim, and for the most part says exactly the opposite. It's full of instructions for cracking starforce protected games.
Most of those instructions either don't work, are specific to badly protected games or involve rewiring the internals of your computer - something most potential pirates are not going to bother with. There's no generic software crack for StarForce and never has been. Even if you could decrypt the game content, the crack would be the same size as the original game, posing problems for distribution.
Of course if you're not ignorant of the underlying engineering issues you wouldn't be surprised.
I have excellent knowledge of the underlying engineering issues. I've reverse engineered more than one copy protection system in my time in order to make it run on Wine, and I can absolutely believe the claims I read about StarForce. It's surprising that they managed it, but not too surprising. Of course how well protected the game is depends on how much effort the developers put in ...
There are various lists of uncracked games (or games that took a long time to crack), like the one here.
If you want to compare like with like, you must check Windows against MacOS. Both MacOS Classic and OS X have a very poor track record of security: there have been multiple instant code execution exploits for OS X that can be triggered via a web browser in brand new code, not stuff that was written decades ago. Worse, there are tutorials out on the net showing you have to write programs that, eg, dump the contents of forms on Safari SSL connections - so you can quite easily write spyware that simply sends bank details to the owner.
There are a large number of 16 bit (ie Win3.0/3.1) apps out there that are still in industrial use. They tend to be obscure things - applications for subtitling TV transmissions, interfacing to medical kit etc. Although it may be hard for you to believe there are no apps out there more than 10 years old in fact there are, and often the computers these apps run on are upgraded to new versions of Windows as time goes by (because it'd be a huge pain to have like 8 versions of Windows in use in a single organisation).
Fixing this flaw does in fact break backwards compatibility, and that means somewhere some random app we've never heard is is broken right about now - of this I am almost certain. That has a cost, and nobody wants to break peoples apps and cause network admins headaches without good reason.
Apple realized that it's legacy code was no good years ago and succesfully ditched it in favor of something more modern, why can't windows do the same?
Apple did no such thing - they maintained a compatibility mode in the OS and more importantly kept the Carbon APIs around mostly complete so legacy code could be ported over very easily. And of course, Apple had hardly any mission-critical apps running on their platform anyway so the pain and cost was much less than it would be for Microsoft.
In fact, Windows does run Windows 3.1 apps in a VM type process these days, it's called a WoW (Windows on Windows) VM, but the integration is so tight most users never even realise it. Except for looking a bit dated the apps continue to run correctly and appear on the same desktop etc. In other words, Microsoft already did what you asked for!
Now it didn't mitigate this vulnerability, because the Microsoft developers who wrote the Windows Image/Fax viewer wanted to support every file format they could, and when supporting WMF was so easy why not do it? They unfortunately didn't get the memo about this being a potential attack vector: this is a failure of corporate communications, and perhaps over-zealous developers, not a failure of operating system design.
As an interesting historical aside, Raymond Chen has said that back in the early days of the Windows 95 project there were in fact two competing approaches to 3.1 compatibility: a VMware type approach where the 16 bit environment ran inside a window box that was in turn running a copy of Windows 3.1 .... and the approach they actually ended up using which was based on API thunks. The thunk approach was more complex but had much better integration, much lower resource usage (not running two operating systems on top of each other) and in usability tests came out on top every time. Everybody who tried the tight integration approach preferred it, and MS management felt they couldn't ask users to put up with a very jarring experience - potentially forever, in the case of apps that'd never be ported to Win32.
As to games that haven't been cracked, there are long lists on the web. Google "StarForce crack" to find some discussion of this. And these are PC games by the way, not console games.
And if you want to read about satellite TV DRM then go here. It took several iterations to get it right, but there has been no pirate activity since.
And finally, if you're going to make ridiculous assertions like "XBox was cracked by some kid, therefore all hardware security can be cracked by some kid" then go learn about the technology itself. And FWIW xbox and DVD security were not easily cracked, in both cases a huge amount of effort was put into it and it was only possible due to flaws in the systems construction (and in both cases, the next iterations of the respective technologies close those holes).
I'm not saying hardware DRM can never be cracked. I'm saying that when done correctly it's so difficult nobody will bother.
This is idiotic - virtually nobody put DVDs on Kazaa or suprnova back when they only way was to point a VCR at the screen or use some complicated standalone player/laptop re-encoder combination. DRM doesn't have to be perfect to be successful and I never said it did - it just has to make things awkward enough that people buy the content instead of pirating it.
So you never bought a DVD or a copy protected computer game (including console games) in your entire life?
Now, on this idea specifically, it already exists. The BBC is funded by a license fee, and produces much digital content that is freely available to all UK citizens. There are a few things to bear in mind:
This is because the content still has intrinsic value: even though in the UK it's paid for with a flat fee, outside of the country it can still be sold just like normal property can. So it's sold to competing networks rather than put on the internet for free. People like my parents would agree with this, because they would otherwise feel it would be unfair to fund the rest of the worlds entertainment.
In short, it's not a bad idea and has many merits, but is unlikely to gain traction. We need to keep thinking.
You can, and actually a lot of DRM research is going into business applications. Businesses are quite interested in it because it'd help them ensure document security and prevent leaks ... right now the ones that need to be careful about such things (list X etc) have strong firewalls and block USB ports with putty, but this is very inconvenient. A strong DRM infrastructure would let them be much more fine grained.
This is clearly not true. I can think of several DRM systems that "work":
I see a lot of crap going around about how DRM can never work because you have to give users both lock and key. This is based on an unfounded assumption - namely that the user can get the key out of the system easily. In all successful DRM systems I've seen the key is so well protected most users cannot ever hope to do it (and in systems where the hardware was designed to prevent it, it's damn near impossible).
Now, if people really believe DRM is the devil etc, please explain to me how to solve the problem of 99% of 'young people' just download movies, TV and music off the net whenever they want without paying for it? I mean DRM is costly to develop and maintain, but otherwise rational businesses do it because the cost is far lower than having your customers just walk into the shop and walk out with whatever they want. DRM is a symptom of a deeper problem, which is mostly economic and social. Don't like DRM? Me neither. So let's figure out an economic or social solution!
I think if Apple did this, it'd be a smart move. iPods are great and all but the phone manufacturers aren't standing still. SonyEricsson specifically has been making very slick and pretty UI lately, full of MacOS style transitions and animations. I think the majority will find what I've found: namely, that it's nicer to just have one device that does everything especially if it's got a good UI.
And in relation to the grandparents post, I don't find it awkward having them combined. If the phone rings whilst I'm listening to music it just switches off the music until I finish the call. Nothing to it.
That said, I find it rich that Mac users whinge when getting ports of Windows apps yet when Apple ports Mac apps to Windows blatant HIG/toolkit violations are the order of the day. *cough* QuickTime *cough*
That works for a while. Once any alternative becomes popular, unless it was designed specifically to resist malicious software (and no shipping desktop ready OS today is) then it'll just have the same problems. Malware authors these days react *very* fast. So I don't think this is a solution I'd push strongly.
Trillian is many things, but clean and usable UI it is not.
And in the open source VM landscape, LLVM has a much more robust and well documented framework for writing new optimisations (it already has many that Mono does not). I've talked to the LLVM guys, quite a few of whom are compiler specialists or have spent many years writing compilers, and they don't have a high opinion of the Mono VM.
That said, the VM is only a small part of what makes Mono cool. So don't get me wrong. I'm not complaining. But to say "it's the only one that performs well" is rather misleading.
Not at all - try doing anything non-trivial with System.Drawing and you'll hit the same problem. And don't even *think* about Managed DirectX!
That's for desktop stuff of course. For server-side stuff, it's probably pretty complete.
In fact, in the past I have tried running libraries and programs designed for Windows .NET on Mono, and they have failed every single time. Last time around I wrote a patch to fill in a missing piece actually.
I can guarantee, if there were actually apps or games out there written in pure .NET that people cared about, you'd see Mono having the same problems. Hell, they have the same problems anyway, I've seen more than one developer bitch about how they upgraded Mono or the toolchain and their app broke, usually due to lousy backwards compatibility and QA on the part of the Mono team! And that's compatibility with itself!
The nice thing about Foxit (apart from the instant rendering and startup) is that they went out of their way to make it look identical to the regular Adobe Reader. There is even a little advert bar that amusingly can be switched off in the view menu.
The company behind it make a PDF rendering component for Windows, which I guess is how they make money. The basic version of Foxit is free (but not libre).
That's true, but remember that they are ad-free. So the cost of the progams on TV is subsidised by the adverts - and I know I would be happy to pay a bit more to get rid of those horrid things.
Now, you could ask, why don't Microsoft improve the PE format so it works more like ELF, use the new format for their own system DLLs and then randomize them. And you'd have an interesting question - I don't know why not. Presumably it's considered very difficult, I know that a few Microsoft employees have mentioned they hate touching very low level code like the linker because so few people understand it these days and it's so easy to break things.
That said, this story is just a lot of scaremongering from ZDNet. Sure, you could be hacked through this if you run IE in Wine and use it as a general web browser (which I doubt anybody does), but the damage would be limited to the virtual Windows environment which can be blown away and reset in 20 seconds. It's not like the reinstall from scratch job a real Windows would require. Wine also ignores any startup entries software may install.
Still, it should be fixed, probably in the same way that MS did it. And in fact Marcus has already posted a patch that would do this, so I expect it'll be fixed soon enough.