It's a review of the limited winHEC build
on
Longhorn Preview
·
· Score: 4, Informative
Build 5048 was 'released' at WinHEC so that the hardware manufacturers could begin writing drivers under LH's updated driver architecture. This build was not intended to showcase any particular feature of Longhorn, in fact many were removed from the build (including the new 3d interface). The purpose was to provide a shell platform where they could verify their drivers, that is all.
I wouldn't give creedence to any LH review until the upcoming Beta in late August.
When was the last time you used windows? Honestly, the NT4->2000->XP->2003 generation of Windows has everything you outline and more.
Except that windows, as far as I know, doesn't seperate group and user concepts
Windows has groups and users. On top of that, windows has a robust system of ACLs for every resource on your machine. Unlike a unix filesystem model where you are limited to permission for 1 owner, permission for 1 user, and permissions for 1 group, in Windows you can have an arbitrary number of groups and users attached to a resource (say, a file, folder, a registry key, control panel, who can log in and who cant, the event log, IIS configuration, etc...) each with its own security directive.
Want a restricted run mode? Remove the user from the Administrator group. Done.
Almost 99% of all spyware/virus/security issues on Windows come down to the fact that everyone runs as root. That doesn't mean that you can't not run as root. I've been doing it since 2003 and have no problems. For the odd app that's stupidly programmed I just 'run as...' Administrator, which is similar to sudo executing an app.
Insightful, except for the fact that I'm a developer on Longhorn, and I have to spend endless hours pouring through my designs with security groups within Microsoft. And once my component is ready, the source is shipped to the security group for one final run through for vulnerabilities.
While it may be nice to think these conspiracy theories that we purposefully put in vulnerabilities, the fact is that at least since 2003 MS has kicked itself into shape and now has security as the top priority. We're actually seeing for the first time security concerns trumping 'user friendliness', which is great. Anyway, we have too many eyes from different groups going through oru designs and actual code for people to make such shady business decisions.
Where does that "impenetrable" quote come from? MS has pretty openly stated that they know that protection mechanisms like Activation can, and will, be cracked. They have been pretty clear that these mechanisms are in place more for the hobbyist or mom-and-pop user, than the people that would actively seek out cracks/pirate software.
Something that immediately comes to mind is windows update. For example, XP SP2 weighed in at a hefty 250mb. Distributing it must have cost millions in bandwidth alone. If the auto-update agent did bit-torrent like P2P they could seed a couple of thousand machines with SP2 and let the distributed protocol take over.
Has Mr. Cohen ever read research papers before? If so, and his response is always this way, then he must be a very angry man!:) Research papers are often just algorithms and simulations. Especially when it comes to large scale networking research. Welcome to the world of academia, where it's not about the code or real life performance, but how your stuff holds up to mathematical analysis.
It would be nice. But lets be realistic, MS isn't the only group out to expand market share.
The Linux community was excited to lend a hand to China's Linux distribution. Similarly, google censorssearches in the same country. For corporations, economics will almost always win out over politics.
You aren't going to get a senior developer position straight out of a Masters with no job experience. Senior positions usually require 5 years job experience at least. I'd be wary of any company that would place you as a senior anything.
Aim for an entry level developer position, and be happy that you masters will gain you probably a 10-20% higher starting salary. A job is as challenging as you make it, so if you really are a smart guy you'll rise the ranks fairly quickly. But don't expect to get leadership positions without proving your self first.
And don't go into interviews with a chip on your shoulder about your Masters. I have a CS Masters, so do many of the people I work with, and while it made my job search a little easier, I still had to go through tough interviews for the dev position I'm in now.
Any idea why Dell dropped Web Objects in favor of an Asp.Net system? It can't have been a small move, which would involve not only recoding their app, but moving to win2k3 servers.
I'm not sure why people keep saying it is. IE is an application like any other application. It runs in the user's context. It doesn't have any process running in the kernel. IE exploits are only as harmful as any other process running under the logged in user. This is why I run my login account as limited user, not administrator, so that and IE exploit (or firefox, whatever), doesn't hose my system.
That said, IE does allow itself to be instantiated within other processes, which is where the problem emerges when trying to uninstall. Many apps, not limited to those bundled with Windows, use this feature to display web content within their application. IE, in essence, placed itself as a codec of sorts. Just like you can't play DiVX without some sort of DiVX codec installed, some web enabled apps cannot function without IE installed. It may be an underhanded way of keeping a foothold on the Windows platform, but it add some value to a developer.
This statistic is a good thing, both for MS and for the Linux community. It means that soon, there will be large swaths of companies running an OS that is not officially supported. Unless their IT department likes to live dangerously, they have to migrate to a supported OS. In all likelyhood, this will mean a huge surge in XP SP2 adoption. But it could also be an opportunity for the Linux community to provide a viable alternative.
The timing is kind of screwed up for LH... As much as it has been delayed, it has a ton of interesting stuff under the hood, particularly when it comes to security. But I don't think any company will hold off an upgrade for a year.
Miyazaki may be an ubelievably great artist, but his movies will not bring in hundreds of millions of dollars in movie sales, and billions in merchandizing. Therefore, no, Disney won't consider Miyazaki, or his approach, a significant asset to the company as a whole.
I don't quite understand your objection... How are you supposed to fix an issue if you don't repro it first? And you object to them making a plan for the development, testing and deployment of the patch? Are you a developer?
It extends the bash idea such that instead of piping strings between commands, you actually pass around objects.
So if you execute something like
c:\> list processes | analyze
the analyze script, written in C#, would receive an object for every process, with all the member variables and functions inherent in a Process object.
I believe they have video demos of this on the MSDN website.
It was a pretty neat idea. Not sure if '5 years ahead of linux', but definitely more full featured. That's not so say someone couldn't just write another shell to match this. Maybe 6-12 months ahead?:)
But this is not a feature of Firefox or Safari, now is it? It is a side effect of the fact that linux users are tech-saavy and know how stupid it is tu run as root all the time.
Linux programs are designed you can get all features without being root. Windows programs are not.
Apart from little shareware/freeware utilities most mature software works as a limited user (LUA) under Windows. I've been running my desktop this way since win2k, and haven't had any problems with productivity. It's really not that hard to develop an application that doesn't write to system folders or the system portion of the registry.
Yeah, this is what they are doing in LH, and what I understand OSX does. You are logged in as Admin, but your apps run limited unless they require higher priviledges, which fires off a prompt to the user.
Right now in XP/2k/NT4 you can run your account as a limited user without much hassle (games don't like it), but doing runas often is sometimes a pain (having to re-enter credentials), so some people often leave a command prompt window open that was runas the administrator, and you can fire off processes from there, kind of like a sudo.
That's one comment I never understand. Why would it be suicide for Apple to allow OSX to boot on any PC? Wouldn't they make far more money selling millions of copies of OSX than selling millions of desktops?
I think moving OSX to the general PC platform would be a genius move, assuming they can handle all the hardware configurations gracefully. This is the only way, IMHO, that OSX could really make a dent in Windows' market share. Right now, to switch they have to get rid of their current hardware AND software, and those are some pretty big steps. It seems like OSX x86 has the possibility of running Windows apps through something like WINE. Take out the custom hardware and now it's not that huge of a deal for someone to switch to OSX.
Yup, you can run any app under other credentials using runas. The syntax is
runas/u:Username command
It will pop-up a dialog to enter the password of the user, then run the command if the credentials are correct.
This is how us people who run as limited user get by. If you need to admin the machine, but don't want to fast user switch, you can right click the shortcut, and select 'runas'.
There's a difference. Server 2003 runs IE as Administrator, then locks IE down to the point where it is unusable. It didn't take too long for people to figure out this isn't the right way. So instead, IE will be left as open as it is in XP SP2 (which is decently protected, at this point), but the process will not run with Administrator rights.
...just some of the key features of Firefox and Safari?
What are you talking about? When you run Firefox under an Administrator account, it runs as an Administrator. In linux if you run Firefox as root, it runs as root. Neither provide any sort of explicit protection against this environment. Or am I missing something here?
If you run your windows desktop account as a limited user (not an Administrator), then IE6/5/4 and all other browsers on the market today run as a least priviledged process.
While LH will default to setting up accounts as limited users and not administrator, for those who run as Administrator, most applications will run as lower priviledged processes anyway, unless the priviledges are explicitly elevated by the user.
Slashdot Mirror
Build 5048 was 'released' at WinHEC so that the hardware manufacturers could begin writing drivers under LH's updated driver architecture. This build was not intended to showcase any particular feature of Longhorn, in fact many were removed from the build (including the new 3d interface). The purpose was to provide a shell platform where they could verify their drivers, that is all.
I wouldn't give creedence to any LH review until the upcoming Beta in late August.
When was the last time you used windows? Honestly, the NT4->2000->XP->2003 generation of Windows has everything you outline and more.
Except that windows, as far as I know, doesn't seperate group and user concepts
Windows has groups and users. On top of that, windows has a robust system of ACLs for every resource on your machine. Unlike a unix filesystem model where you are limited to permission for 1 owner, permission for 1 user, and permissions for 1 group, in Windows you can have an arbitrary number of groups and users attached to a resource (say, a file, folder, a registry key, control panel, who can log in and who cant, the event log, IIS configuration, etc...) each with its own security directive.
Want a restricted run mode? Remove the user from the Administrator group. Done.
Almost 99% of all spyware/virus/security issues on Windows come down to the fact that everyone runs as root. That doesn't mean that you can't not run as root. I've been doing it since 2003 and have no problems. For the odd app that's stupidly programmed I just 'run as...' Administrator, which is similar to sudo executing an app.
Insightful, except for the fact that I'm a developer on Longhorn, and I have to spend endless hours pouring through my designs with security groups within Microsoft. And once my component is ready, the source is shipped to the security group for one final run through for vulnerabilities.
While it may be nice to think these conspiracy theories that we purposefully put in vulnerabilities, the fact is that at least since 2003 MS has kicked itself into shape and now has security as the top priority. We're actually seeing for the first time security concerns trumping 'user friendliness', which is great. Anyway, we have too many eyes from different groups going through oru designs and actual code for people to make such shady business decisions.
Where does that "impenetrable" quote come from? MS has pretty openly stated that they know that protection mechanisms like Activation can, and will, be cracked. They have been pretty clear that these mechanisms are in place more for the hobbyist or mom-and-pop user, than the people that would actively seek out cracks/pirate software.
Something that immediately comes to mind is windows update. For example, XP SP2 weighed in at a hefty 250mb. Distributing it must have cost millions in bandwidth alone. If the auto-update agent did bit-torrent like P2P they could seed a couple of thousand machines with SP2 and let the distributed protocol take over.
Has Mr. Cohen ever read research papers before? If so, and his response is always this way, then he must be a very angry man! :) Research papers are often just algorithms and simulations. Especially when it comes to large scale networking research. Welcome to the world of academia, where it's not about the code or real life performance, but how your stuff holds up to mathematical analysis.
It would be nice. But lets be realistic, MS isn't the only group out to expand market share. The Linux community was excited to lend a hand to China's Linux distribution. Similarly, google censors searches in the same country. For corporations, economics will almost always win out over politics.
You aren't going to get a senior developer position straight out of a Masters with no job experience. Senior positions usually require 5 years job experience at least. I'd be wary of any company that would place you as a senior anything.
Aim for an entry level developer position, and be happy that you masters will gain you probably a 10-20% higher starting salary. A job is as challenging as you make it, so if you really are a smart guy you'll rise the ranks fairly quickly. But don't expect to get leadership positions without proving your self first.
And don't go into interviews with a chip on your shoulder about your Masters. I have a CS Masters, so do many of the people I work with, and while it made my job search a little easier, I still had to go through tough interviews for the dev position I'm in now.
If you browse their site, you'll see .aspx extensions. That's Microsoft ASP .Net.
Any idea why Dell dropped Web Objects in favor of an Asp .Net system? It can't have been a small move, which would involve not only recoding their app, but moving to win2k3 servers.
I'm not sure why people keep saying it is. IE is an application like any other application. It runs in the user's context. It doesn't have any process running in the kernel. IE exploits are only as harmful as any other process running under the logged in user. This is why I run my login account as limited user, not administrator, so that and IE exploit (or firefox, whatever), doesn't hose my system.
That said, IE does allow itself to be instantiated within other processes, which is where the problem emerges when trying to uninstall. Many apps, not limited to those bundled with Windows, use this feature to display web content within their application. IE, in essence, placed itself as a codec of sorts. Just like you can't play DiVX without some sort of DiVX codec installed, some web enabled apps cannot function without IE installed. It may be an underhanded way of keeping a foothold on the Windows platform, but it add some value to a developer.
This statistic is a good thing, both for MS and for the Linux community. It means that soon, there will be large swaths of companies running an OS that is not officially supported. Unless their IT department likes to live dangerously, they have to migrate to a supported OS. In all likelyhood, this will mean a huge surge in XP SP2 adoption. But it could also be an opportunity for the Linux community to provide a viable alternative.
The timing is kind of screwed up for LH... As much as it has been delayed, it has a ton of interesting stuff under the hood, particularly when it comes to security. But I don't think any company will hold off an upgrade for a year.
So web ads justify an 80 billion dollar stock?
Where does google's income come from, exactly?
Google should remember to grab as much copper wiring from the walls as possible!
Miyazaki may be an ubelievably great artist, but his movies will not bring in hundreds of millions of dollars in movie sales, and billions in merchandizing. Therefore, no, Disney won't consider Miyazaki, or his approach, a significant asset to the company as a whole.
I don't quite understand your objection... How are you supposed to fix an issue if you don't repro it first? And you object to them making a plan for the development, testing and deployment of the patch? Are you a developer?
It extends the bash idea such that instead of piping strings between commands, you actually pass around objects.
:)
So if you execute something like
c:\> list processes | analyze
the analyze script, written in C#, would receive an object for every process, with all the member variables and functions inherent in a Process object.
I believe they have video demos of this on the MSDN website.
It was a pretty neat idea. Not sure if '5 years ahead of linux', but definitely more full featured. That's not so say someone couldn't just write another shell to match this. Maybe 6-12 months ahead?
But this is not a feature of Firefox or Safari, now is it? It is a side effect of the fact that linux users are tech-saavy and know how stupid it is tu run as root all the time.
Linux programs are designed you can get all features without being root. Windows programs are not.
Apart from little shareware/freeware utilities most mature software works as a limited user (LUA) under Windows. I've been running my desktop this way since win2k, and haven't had any problems with productivity. It's really not that hard to develop an application that doesn't write to system folders or the system portion of the registry.
Yeah, this is what they are doing in LH, and what I understand OSX does. You are logged in as Admin, but your apps run limited unless they require higher priviledges, which fires off a prompt to the user.
Right now in XP/2k/NT4 you can run your account as a limited user without much hassle (games don't like it), but doing runas often is sometimes a pain (having to re-enter credentials), so some people often leave a command prompt window open that was runas the administrator, and you can fire off processes from there, kind of like a sudo.
That's one comment I never understand. Why would it be suicide for Apple to allow OSX to boot on any PC? Wouldn't they make far more money selling millions of copies of OSX than selling millions of desktops?
I think moving OSX to the general PC platform would be a genius move, assuming they can handle all the hardware configurations gracefully. This is the only way, IMHO, that OSX could really make a dent in Windows' market share. Right now, to switch they have to get rid of their current hardware AND software, and those are some pretty big steps. It seems like OSX x86 has the possibility of running Windows apps through something like WINE. Take out the custom hardware and now it's not that huge of a deal for someone to switch to OSX.
Yup, you can run any app under other credentials using runas. The syntax is
/u:Username command
runas
It will pop-up a dialog to enter the password of the user, then run the command if the credentials are correct.
This is how us people who run as limited user get by. If you need to admin the machine, but don't want to fast user switch, you can right click the shortcut, and select 'runas'.
There's a difference. Server 2003 runs IE as Administrator, then locks IE down to the point where it is unusable. It didn't take too long for people to figure out this isn't the right way. So instead, IE will be left as open as it is in XP SP2 (which is decently protected, at this point), but the process will not run with Administrator rights.
...just some of the key features of Firefox and Safari?
What are you talking about? When you run Firefox under an Administrator account, it runs as an Administrator. In linux if you run Firefox as root, it runs as root. Neither provide any sort of explicit protection against this environment. Or am I missing something here? If you run your windows desktop account as a limited user (not an Administrator), then IE6/5/4 and all other browsers on the market today run as a least priviledged process.
While LH will default to setting up accounts as limited users and not administrator, for those who run as Administrator, most applications will run as lower priviledged processes anyway, unless the priviledges are explicitly elevated by the user.