This isn't speculation (or if it is, it's very good speculation); this is what BLADE actually does.
(I'm not sure if they use a separate application or a OS-level driver or what, but the basic idea is there: if the user moved the cursor over the "save" button on the download dialog, the user requested it. If not, then the user didn't request it.)
But the data available to the browser and the programmability of the web browser must be inconsistent - there must be something that a webpage can do that is impossible to detect whether or not a human or a computer did it.
I saw the BLADE talk at the CCS conference this past week where it was published, and they at least claim that they can tell. What they say is that they actually look at the physical input from the mouse & keyboard to determine whether the user explicitly downloaded something. (If not, they quarantine it so it can't be executed.) Basically the only way around that is to compromise the OS, at which point you can't really do anything.
No faking events to forge clicks on OK or whatnot.
Take clickjacking for example, you trick people into clicking somewhere.
The web page can trick the user into consenting to download an EXE and running it, but their goal isn't to prevent attacks like that. Drive-by-downloads explicitly don't require user interaction.
A language can change nearly overnight to add mechanism for threading.
Is that why the C and C++ people have spent so long at trying to come up with a memory model that will actually work correctly under concurrent execution? Is that why Java got it wrong the first time?
No it hasn't. The DMCA is not in the constitution.
Duh. What I said was that SCOTUS's ruling was not "the First Amendment means that it is unconstitutional to ban the sale of VCRs" -- it was "Congress hasn't made the sale of VCRs illegal." Thus if Congress had decided that such a thing would be a good idea, the Betamax case does not mean that such an attempt would be unconstitutional.
Congress didn't decide that for VCRs -- but it did decide that later for other circumvention devices and methods when it passed the DMCA. Because of this, the applicability of the Betamax case to anything relevant to the digital world is very little.
Sony made it's initial money off a sliver of non-infringing purpose with the vcr (with its ability to record, not play that is)
Huh? Sony was founded decades before VCRs were invented, and then probably lost a non-trivial amount of money, at least at first, by pushing Betamax.
almost all uses of it were infringing but there was the one case of time shifting that was deemed non-infringing and that sliver was enough that the lawsuits were denied.
I'm not convinced that "almost all uses" of the VCR were infringing; I'd be astonished if the proportion of uses of the VCR that were infringing is close to that of uses of the PS3 jailbreaks for infringing purposes.
If memory serves, the SCOTUS also explicitly said that the VCR wasn't illegal solely by the reason that Congress hadn't made it illegal, and it was not a Constitutional argument. the DMCA has changed that too.
(If you don't pick up the subtext, I'm calling BS. If you think Exxon stations sell oil pumped by Exxon, BP stations sell oil pumped by BP, etc., you're mistaken; basically the oil you get at any station is a mixture of that from each source. (BP stations may add BP additives, but that's about it.) Furthermore, BP stations are related to BP itself in-name-only, so if you boycott those stations you're not actually hurting the people who caused this problem.)
However, as I was growing up as a lefty, I recognized that some things were easier with my right hand. Like scissors, or dialing an old style wheel telephone. I play racket sports with my left hand (which freaks some people out where I live), but for instance, I play Frisbee with my right.
It's interesting to compare what lefties do with each hand. I can write legibly with my right hand, but it takes probably 5 times longer than with my left and still comes out worse. I much prefer left-handed scissors (to the point of sometimes using scissors that are shaped for right hands with my left), but I play racket sports (during the extremely infrequent cases I do that) with my right. It's also always amusing when I go mini-golfing or something and I have to figure out whether left or right is more natural. (I think that's left, but I'm not sure.) But I also throw a frisbee with my right hand. (I can also snap with my right hand but not my left, and my right hand is probably more dominant during rock climbing.)
Personally, I'd say that "Linux" is probably closer to "Gnome/Linux" than "GNU/Linux" for a large and growing proportion of Linux users, but that's just me.
Even the default handwriting recognition is pretty damn accurate (you can train it to better fit your writing style).
I was actually astonished at how accurate it was -- and surprisingly, it's actually better at cursive than print. XP was pretty poor when it came to non-words (e.g. URLs), but Vista and 7 improve that as well. I forget whether it was introduced in Vista or 7, but if the application supports it, the pen input panel can actually do some pretty neat stuff. (E.g. compare the URL bar in Firefox and IE using that input panel on Win 7.)
I dual boot that machine with Kubuntu (actually triple boot -- XP, 7, and Kubuntu), and unfortunately there's nothing close I've found.
That said... what I found personally is that the main thing it is good for was taking notes with OneNote. There you're not using the input panel mostly only if you're flipping back and forth to Firefox or something. For times when I wasn't OneNote-ing it up, it stayed in laptop mode. (It's also somewhat amusing to play StarCraft in tablet mode. No hotkeys is hard...) If you don't use it for that purpose much, the tablet doesn't buy you much, even with a pen. Why would I write something when I can type faster?
Programs that do take advantage of the tablet, do it so poorly that you prefer to run it as a netbook.
I agree with this, with one big exception: OneNote, which is a pretty fantastic piece of software. I generally hate about 99% of the software I use in a given day. (I recently pushed for and got Linux on my work box, while I run Windows at home; this way I get pissed off in different ways by my OS depending on where I am, instead of always the same way, which gets a bit old.) So, at least I think that my like of OneNote says something, because... it doesn't really piss me off at all. It's one of only a couple pieces of software I can say that about.
That being said, OneNote is basically the only reason that I would put my tablet (a Lenovo X61) out of notebook mode. I'd do things like read websites and stuff occasionally, but they're kind of too heavy to do that for very long at all.
It's a good thing both of those use the same design then. Otherwise Dell might be caught copying.
(For the clueless, like the parent clearly is, yes, convertible tablets aren't new. The summary even says that. In fact, they're really old. I came very close to buying one over four years ago. What's new here is the design, and the linked HP tablet uses the design that has been followed by convertible tablets half a decade. Is Dell's new design good? Who knows; I'm not saying it is, just that that's what the article is about.)
Consider the physics GRE doesn't allow calculators.
To be fair, if the physics GRE is like the comp sci GRE, it's multiple choice. I'm not sure that's exactly a good exam to use as a role model.
That said, even things like the integration/differentiation of calculators (like the 89) that can do symbolic manipulations can be, depending on the class, a huge advantage over even more basic graphing calculators.
This is very close to being right, and exactly why I wish Linux were better about letting me (or more accurately, my family) install things without admin rights.
Same here. Both myself and a friend occasionally do a look around for a package manager that you can use as non-root, and so far have basically struck out in terms of ones that work. (It's been a while since the last round, but as I recall the closest we got was GoboLinux's. My friend is the one who tried that out, and I forget what his gripes were.) I just yesterday started using GNU Stow as a very, very partial solution.
I wish that Linux viruses and, more importantly, trojans would be restricted to just blowing away home. Then they would 1) only be able to damage their own files through stupidity and 2) be easily stopped by a virus scanner
I think that #1 is a benefit that's greatly overstated by some people in the Linux community. Compromising a user account is an improvement over compromising the system, I don't want to dispute that... but given that (1) everyone's most important data is accessible by their user and (2) I estimate that on a vast majority of systems, compromising the user account almost is compromising the system.
I would also disagree with #2; I don't think that the biggest problems with malware detection come from the malware disabling the scanners by running at the same level, I think they come from things like polymorphic viruses and such that are just flat out hard to detect.
Not just that, but it could set itself to run each time the user logs in. This is less damaging than putting it into a system folder, and it would save quite a few people. That said... what percentage of desktop computers are or essentially are single-account machines? I'd guess easily 3/4 of them, and probably more like 85 or 90%. Between people who actually have their own computer (e.g. they live alone), share accounts between everyone in a family (I would guess most "normal" people, though I'm not sure), machines where there is a de-facto single user (e.g. almost all "personal" workstations in company settings), and the general increased prevalence of computers (especially laptops), I'd say that a very substantial majority of the time, compromising one account is basically the same as compromising the system.
Unfortunately, iPhone != iPod Touch, and if the tech specs people are linking two lower (on Apple's site) are accurate, the cameras are vastly different. The new iPod Touch has a lower resolution than the digital camera my parents had when I was in high school a decade ago.
I am by no means a megapixel counter. I just replaced an 8 MP camera with an 18 MP one (Rebel XT to a T2i), but the increase in pixel count was one of the least attractive changes. I'd much rather see Canon take a couple generations, not increase the pixel count at all, and half the noise. But at the same time, 960x720 won't even fill some netbook monitors at 1:1.
A few years ago this would have been a much more fair question... now it's just troll/flamebait. I run as a limited user at both work and home, and for the most part it's installers and a couple other apps you'd expect which need admin rights.
(Even when Vista was new I kept a log of all the elevations I gave in a month or so, and with a couple exceptions (one of which has been since fixed and one of which was a stupid utility I didn't really need) they were basically on-par with what you'd need to 'sudo' to do in Linux.)
Which is why you get the ridiculous volume shadow copy bullshit
Volume shadow copy is somewhat independent of the locking BS Windows gives you. The locking makes VSS more necessary (okay, essential), but it brings a lot of benefits even if you don't have locking.
I used the Mozilla suite for a while (web & mail), but it definitely wasn't a clear win over IE. It was slower, at least for me, much more of a memory hog, and didn't work with as many websites. It was only once Firefox was stable that there was something that was clearly better than IE. I probably switched from a combination of IE/Mozilla to Firefox a bit late into the party, but there were still 3 1/2 years between the release of IE 5 and the release of Firefox (let alone when it became stable; it didn't hit 1.0 for 2 years after that, though it was good before then); during those 3 1/2 years, IE was king IMO.
Personally, I still think IE was better than the alternatives for some time. Netscape 4 and IE 5 were about on par; each had advantages over the other. IE improved a bit to 5.5 and to 6, while Netscape didn't. And it was a long time until Firefox showed up on the scene.
Actually your analogy is kind of funny, because while I'm by no means an expert, I did read the Wikipedia article on it about a week ago, and there's a section about an article in the Rutgers Law Review called "The Myth of the Ford Pinto Case" that basically said (1) the Pinto really wasn't worse than most cars of the era and (2) that memo you alude to is incredibly misdescribed. (The latter point is supported by the fact that the trial judge actually ruled it inadmissable.) In particular, it was not a "the cost of the lawsuits will be less than the cost of a recall" analysis.
(Of course this means that in some sense you could say IE6 was worse than the Pinto.;-))
...symbolic links to files (yep, it's done above the VFS layer in Windows Vista), no support for RAIDs...
To be fair, if these are done in another layer (as they are, if we take your word for it), then you can hardly count it as a strike against the file system.
I'd definitely like to see Windows get a ZFS-like file system, and I do think NTFS is comparable to ext3 etc. (Each has a benefit or two over the others, e.g. ext3 doesn't store a file creation time and Windows has Transactional NTFS, but at least NTFS on Windows has some obnoxious file naming limits and locking problems.) That said, NTFS beat the pants off of the file systems available in 2.4.
No need to actually freeze I/O; the volume shadow service will ensure that the snapshot is taken at a consistent time.
I've not actually used this feature, so I spent a bit of time just now looking around for how to actually activate it. It sounds like it's easy if you have a server edition of Windows ("vssadmin create shadow/for=c:"), but I'm not sure how you can trigger a copy manually on non-servers. It's possible that creating a system restore point does exactly what you want, but I'm not sure. You can tell it to make snapshots automatically (for use with the "previous versions" feature), but I don't see a way to specify the interval, just stuff like the maximum amount of space to use.
Slashdot Mirror
This isn't speculation (or if it is, it's very good speculation); this is what BLADE actually does.
(I'm not sure if they use a separate application or a OS-level driver or what, but the basic idea is there: if the user moved the cursor over the "save" button on the download dialog, the user requested it. If not, then the user didn't request it.)
But the data available to the browser and the programmability of the web browser must be inconsistent - there must be something that a webpage can do that is impossible to detect whether or not a human or a computer did it.
I saw the BLADE talk at the CCS conference this past week where it was published, and they at least claim that they can tell. What they say is that they actually look at the physical input from the mouse & keyboard to determine whether the user explicitly downloaded something. (If not, they quarantine it so it can't be executed.) Basically the only way around that is to compromise the OS, at which point you can't really do anything.
No faking events to forge clicks on OK or whatnot.
Take clickjacking for example, you trick people into clicking somewhere.
The web page can trick the user into consenting to download an EXE and running it, but their goal isn't to prevent attacks like that. Drive-by-downloads explicitly don't require user interaction.
A language can change nearly overnight to add mechanism for threading.
Is that why the C and C++ people have spent so long at trying to come up with a memory model that will actually work correctly under concurrent execution? Is that why Java got it wrong the first time?
No it hasn't. The DMCA is not in the constitution.
Duh. What I said was that SCOTUS's ruling was not "the First Amendment means that it is unconstitutional to ban the sale of VCRs" -- it was "Congress hasn't made the sale of VCRs illegal." Thus if Congress had decided that such a thing would be a good idea, the Betamax case does not mean that such an attempt would be unconstitutional.
Congress didn't decide that for VCRs -- but it did decide that later for other circumvention devices and methods when it passed the DMCA. Because of this, the applicability of the Betamax case to anything relevant to the digital world is very little.
Sony made it's initial money off a sliver of non-infringing purpose with the vcr (with its ability to record, not play that is)
Huh? Sony was founded decades before VCRs were invented, and then probably lost a non-trivial amount of money, at least at first, by pushing Betamax.
almost all uses of it were infringing but there was the one case of time shifting that was deemed non-infringing and that sliver was enough that the lawsuits were denied.
I'm not convinced that "almost all uses" of the VCR were infringing; I'd be astonished if the proportion of uses of the VCR that were infringing is close to that of uses of the PS3 jailbreaks for infringing purposes.
If memory serves, the SCOTUS also explicitly said that the VCR wasn't illegal solely by the reason that Congress hadn't made it illegal, and it was not a Constitutional argument. the DMCA has changed that too.
Can you explain how to accomplish this task?
(If you don't pick up the subtext, I'm calling BS. If you think Exxon stations sell oil pumped by Exxon, BP stations sell oil pumped by BP, etc., you're mistaken; basically the oil you get at any station is a mixture of that from each source. (BP stations may add BP additives, but that's about it.) Furthermore, BP stations are related to BP itself in-name-only, so if you boycott those stations you're not actually hurting the people who caused this problem.)
However, as I was growing up as a lefty, I recognized that some things were easier with my right hand. Like scissors, or dialing an old style wheel telephone. I play racket sports with my left hand (which freaks some people out where I live), but for instance, I play Frisbee with my right.
It's interesting to compare what lefties do with each hand. I can write legibly with my right hand, but it takes probably 5 times longer than with my left and still comes out worse. I much prefer left-handed scissors (to the point of sometimes using scissors that are shaped for right hands with my left), but I play racket sports (during the extremely infrequent cases I do that) with my right. It's also always amusing when I go mini-golfing or something and I have to figure out whether left or right is more natural. (I think that's left, but I'm not sure.) But I also throw a frisbee with my right hand. (I can also snap with my right hand but not my left, and my right hand is probably more dominant during rock climbing.)
Okay, Gnome is part of the GNU project, I'll admit forgetting about that when I posted that comment. Never mind.
Personally, I'd say that "Linux" is probably closer to "Gnome/Linux" than "GNU/Linux" for a large and growing proportion of Linux users, but that's just me.
Even the default handwriting recognition is pretty damn accurate (you can train it to better fit your writing style).
I was actually astonished at how accurate it was -- and surprisingly, it's actually better at cursive than print. XP was pretty poor when it came to non-words (e.g. URLs), but Vista and 7 improve that as well. I forget whether it was introduced in Vista or 7, but if the application supports it, the pen input panel can actually do some pretty neat stuff. (E.g. compare the URL bar in Firefox and IE using that input panel on Win 7.)
I dual boot that machine with Kubuntu (actually triple boot -- XP, 7, and Kubuntu), and unfortunately there's nothing close I've found.
That said... what I found personally is that the main thing it is good for was taking notes with OneNote. There you're not using the input panel mostly only if you're flipping back and forth to Firefox or something. For times when I wasn't OneNote-ing it up, it stayed in laptop mode. (It's also somewhat amusing to play StarCraft in tablet mode. No hotkeys is hard...) If you don't use it for that purpose much, the tablet doesn't buy you much, even with a pen. Why would I write something when I can type faster?
Programs that do take advantage of the tablet, do it so poorly that you prefer to run it as a netbook.
I agree with this, with one big exception: OneNote, which is a pretty fantastic piece of software. I generally hate about 99% of the software I use in a given day. (I recently pushed for and got Linux on my work box, while I run Windows at home; this way I get pissed off in different ways by my OS depending on where I am, instead of always the same way, which gets a bit old.) So, at least I think that my like of OneNote says something, because... it doesn't really piss me off at all. It's one of only a couple pieces of software I can say that about.
That being said, OneNote is basically the only reason that I would put my tablet (a Lenovo X61) out of notebook mode. I'd do things like read websites and stuff occasionally, but they're kind of too heavy to do that for very long at all.
It's a good thing both of those use the same design then. Otherwise Dell might be caught copying.
(For the clueless, like the parent clearly is, yes, convertible tablets aren't new. The summary even says that. In fact, they're really old. I came very close to buying one over four years ago. What's new here is the design, and the linked HP tablet uses the design that has been followed by convertible tablets half a decade. Is Dell's new design good? Who knows; I'm not saying it is, just that that's what the article is about.)
Consider the physics GRE doesn't allow calculators.
To be fair, if the physics GRE is like the comp sci GRE, it's multiple choice. I'm not sure that's exactly a good exam to use as a role model.
That said, even things like the integration/differentiation of calculators (like the 89) that can do symbolic manipulations can be, depending on the class, a huge advantage over even more basic graphing calculators.
This is very close to being right, and exactly why I wish Linux were better about letting me (or more accurately, my family) install things without admin rights.
Same here. Both myself and a friend occasionally do a look around for a package manager that you can use as non-root, and so far have basically struck out in terms of ones that work. (It's been a while since the last round, but as I recall the closest we got was GoboLinux's. My friend is the one who tried that out, and I forget what his gripes were.) I just yesterday started using GNU Stow as a very, very partial solution.
I wish that Linux viruses and, more importantly, trojans would be restricted to just blowing away home. Then they would 1) only be able to damage their own files through stupidity and 2) be easily stopped by a virus scanner
I think that #1 is a benefit that's greatly overstated by some people in the Linux community. Compromising a user account is an improvement over compromising the system, I don't want to dispute that... but given that (1) everyone's most important data is accessible by their user and (2) I estimate that on a vast majority of systems, compromising the user account almost is compromising the system.
I would also disagree with #2; I don't think that the biggest problems with malware detection come from the malware disabling the scanners by running at the same level, I think they come from things like polymorphic viruses and such that are just flat out hard to detect.
Among several possibilities, "unzip this and look!"
(And no, using something like file-roller won't help you here.)
Not just that, but it could set itself to run each time the user logs in. This is less damaging than putting it into a system folder, and it would save quite a few people. That said... what percentage of desktop computers are or essentially are single-account machines? I'd guess easily 3/4 of them, and probably more like 85 or 90%. Between people who actually have their own computer (e.g. they live alone), share accounts between everyone in a family (I would guess most "normal" people, though I'm not sure), machines where there is a de-facto single user (e.g. almost all "personal" workstations in company settings), and the general increased prevalence of computers (especially laptops), I'd say that a very substantial majority of the time, compromising one account is basically the same as compromising the system.
Unfortunately, iPhone != iPod Touch, and if the tech specs people are linking two lower (on Apple's site) are accurate, the cameras are vastly different. The new iPod Touch has a lower resolution than the digital camera my parents had when I was in high school a decade ago.
I am by no means a megapixel counter. I just replaced an 8 MP camera with an 18 MP one (Rebel XT to a T2i), but the increase in pixel count was one of the least attractive changes. I'd much rather see Canon take a couple generations, not increase the pixel count at all, and half the noise. But at the same time, 960x720 won't even fill some netbook monitors at 1:1.
But, the netflix addition is nice, but they don't have enough content to view on demand anyway.
What about all of these?
A few years ago this would have been a much more fair question... now it's just troll/flamebait. I run as a limited user at both work and home, and for the most part it's installers and a couple other apps you'd expect which need admin rights.
(Even when Vista was new I kept a log of all the elevations I gave in a month or so, and with a couple exceptions (one of which has been since fixed and one of which was a stupid utility I didn't really need) they were basically on-par with what you'd need to 'sudo' to do in Linux.)
Which is why you get the ridiculous volume shadow copy bullshit
Volume shadow copy is somewhat independent of the locking BS Windows gives you. The locking makes VSS more necessary (okay, essential), but it brings a lot of benefits even if you don't have locking.
I used the Mozilla suite for a while (web & mail), but it definitely wasn't a clear win over IE. It was slower, at least for me, much more of a memory hog, and didn't work with as many websites. It was only once Firefox was stable that there was something that was clearly better than IE. I probably switched from a combination of IE/Mozilla to Firefox a bit late into the party, but there were still 3 1/2 years between the release of IE 5 and the release of Firefox (let alone when it became stable; it didn't hit 1.0 for 2 years after that, though it was good before then); during those 3 1/2 years, IE was king IMO.
*symbolic links to files, incorrect NTFS has supported reparse points since Windows 2000
Reparse points can only occur at directories, which means that NTFS did not support symlinks to files until Vista.
Personally, I still think IE was better than the alternatives for some time. Netscape 4 and IE 5 were about on par; each had advantages over the other. IE improved a bit to 5.5 and to 6, while Netscape didn't. And it was a long time until Firefox showed up on the scene.
Actually your analogy is kind of funny, because while I'm by no means an expert, I did read the Wikipedia article on it about a week ago, and there's a section about an article in the Rutgers Law Review called "The Myth of the Ford Pinto Case" that basically said (1) the Pinto really wasn't worse than most cars of the era and (2) that memo you alude to is incredibly misdescribed. (The latter point is supported by the fact that the trial judge actually ruled it inadmissable.) In particular, it was not a "the cost of the lawsuits will be less than the cost of a recall" analysis.
(Of course this means that in some sense you could say IE6 was worse than the Pinto. ;-))
...symbolic links to files (yep, it's done above the VFS layer in Windows Vista), no support for RAIDs...
To be fair, if these are done in another layer (as they are, if we take your word for it), then you can hardly count it as a strike against the file system.
I'd definitely like to see Windows get a ZFS-like file system, and I do think NTFS is comparable to ext3 etc. (Each has a benefit or two over the others, e.g. ext3 doesn't store a file creation time and Windows has Transactional NTFS, but at least NTFS on Windows has some obnoxious file naming limits and locking problems.) That said, NTFS beat the pants off of the file systems available in 2.4.
No need to actually freeze I/O; the volume shadow service will ensure that the snapshot is taken at a consistent time.
I've not actually used this feature, so I spent a bit of time just now looking around for how to actually activate it. It sounds like it's easy if you have a server edition of Windows ("vssadmin create shadow /for=c:"), but I'm not sure how you can trigger a copy manually on non-servers. It's possible that creating a system restore point does exactly what you want, but I'm not sure. You can tell it to make snapshots automatically (for use with the "previous versions" feature), but I don't see a way to specify the interval, just stuff like the maximum amount of space to use.