"Trying to hide encryption keys within an executable's memory space is probably one of the silliest ever conceived."
Except with Trusted Computing.
Memory Curtaining allows a program to protect its memory from being read by other processes and the kernel.
If a driver has to be signed to be loaded (as in 64-bit Windows Vista*) then none of the drivers will be able to look at the curtained memory (unless you're able to pay Microsoft some money/and/ slip the debugging functionality of your driver past their noses). The next version of PowerDVD could require all unsigned drivers to be unloaded.
There's more to this, such as HDCP, prevention of screenshots, etc.
If record companies are willing to take the plunge and go all the way in DRM (requiring TC, using the ICT http://en.wikipedia.org/wiki/Image_Constraint_Toke n, revoking keys of cracked players, shutting off most of their current market) it could be the end of piracy and fair use too.
* I think there are some exceptions for developers, and you may also be able to bypass this restriction (which is against the EULA) or to load a new root certificate to sign your drivers. Also, it's worth noting that 32-bit Vista has an API to check if any unsigned drivers are loaded.
"What are the odds a content provider won't opt-in for protection?"
If the content provider does opt-in for "protection", then they will miss out on all the customers who have older HD displays that don't take HDCP signals. (This is because the packaging has to clearly state the "protection" is activated.) Therefore, the "protection" will not be activated on HD-DVD and BluRay releases until 2012. (See URL.)
My dad claims that they will simply *never* use the functionality. I disagree and have been trying to convince him of the need to buy compatible hardware or miss out on the HD bandwagon.
"There's not 5 versions - there's 9. Currently there is Vista Home Basic and Vista Home Basic Premium, Vista Business Basic and Premium, Vista Ultimate, and Vista Server - with 4 versions of Vista Server knows to exist and more planned."
No, that would be Vista Starter ("emerging markets" only), Home Basic, Home Basic N, Home Premium, Business, Business N, Enterprise (volume licensing only) and Ultimate. Already excluding the "N" versions for their pointlessness, I count 6, or 5 available in the First World, or 4 available to consumers. I don't know why you count the server editions because that's an entirely seperate product and deciding between Vista and Vista Server is hardly difficult.
'"It will have the ability to restrict your network access if you have a down-level machine..."
Translation: "You WILL upgrade all of your machines to Vista, or Microsoft will artificially degrade their performance." It's called "market development."
Those M$ asshats are actually going to try to sell this as a NAC feature, when it's nothing but another license fee grab.'
WTF are you talking about? This allows network admins (the people who run your company's DHCP server to be precise) to collect (insecure and not entirely trustable) information about your computer's setup when you plug it in and set it to use DHCP. This allows them to stop you from bringing a home laptop if it lacks certain Vista patches. Alternatively, they can do it the old way, which is MAC address filtering. Then, you bring the laptop to them, they judge its security, and then (if you succeed) add you to the list of allowed MAC addresses.
The other thing, CTCP, is (as mentioned in the article) an extension to TCP which (presumably) makes use of methods which weren't known (or suitable) when TCP was originally written, to communicate over the network at higher speed. If the other side doesn't support it, normal TCP is used. CTCP also (according to the article) is not so aggressive as to take large parts of your network bandwidth when normal TCP is also being transferred, i.e. it won't clog up your tubes as soon as you have a few Vista machines, requiring you to switch everything else to Vista too. It won't.
It's also insecure as hell, someone could write a virus that does nothing but shut off this checking and then erases itself. Then you got a lot of time spent by the Help Desk and/or Techs trying to figure out why no one can connect!
Not if: 1) This code is in the kernel, 2) You are running a version of Vista which forbids patching of the kernel (i.e. modification of the kernel that is running) - that's any 64-bit installation
Also not if: 1) The setting requires a UAC prompt, 2) The company has gone to the bother of training users to: 2 a) Answer valid UAC prompts, 2 b) Decline unexpected UAC prompts 3) The requirement in (1) is secure and cannot be worked around.... OK, it's insecure as hell.
I forgot to mention push polls where the polling company only tells you who they are when you ask them. That hardly matters, though, because they literally read from a script (sometimes changing the order of the questions as instructed) and they refuse to tell you funded the poll.
One of them began with general local politics then honed in on one senator. It gave a series of facts about them, and asked how much each fact made you think more negatively about them (i.e. you selected between "very bad", "bad", "don't mind/OK").
One of the facts was that "they had made a donation to Friends of Islam". The "donation" was by going to a fundraising dinner to discuss whatever that organisation does. The other facts included similar stretches of the truth.
Wake up - this happens all the time (or at for politics, over the phone, in the US election runup).
In the midterm elections 2006 I found on reddit and some other websites: 1) Repeated automated calls made "important information about Lois Murphy," or another particular candidate. They would continue with explanations on this person's terrible policies - by which time most people had hung up. FCC says the originating party must be identified at the *beginning* of the message - in this case it was at the end. These collected on answering machines in droves and people reported being called in the night-time repeatedly, and being called after they hung up. The calls were actually made by the opposing party. Some media reported it without mentioning the originating party in an attempt to spin the story into a non-party issue. http://216.239.59.104/search?q=cache:qXa897eiLfAJ: www.alternet.org/blogs/video/43955/+phone+calls+mi dterm+deceptive+LGBT&hl=en&gl=uk&ct=clnk&cd=1&clie nt=firefox-a http://www.dailykos.com/storyonly/2006/11/6/02926/ 3087
"The cost of these robo-call campaigns isn't high, although the fines that may accrue to the NRCC may be. The problem is, of course, that they don't care how much they have to pay after they've won. This tactic is being used in 15 districts, which is the number that the NRCC believes it needs to hold the House. These are the 15 districts that they believe are so close that voter suppression tactics can change the outcome."
2) "We are calling on behalf of the LGBT [Society or whatever]" and they would like to thank [candidate] for fully supporting them in every way. These calls were not made by the LGBT group nor by the candidate. It was obviously aimed at those who feel queasy about LGBT - but it never said its actual origins. The originators claimed they really *were* doing it for the LGBT group. Scum.
3) Voter suppression calls which say you aren't registered validly and that you may be arrested if you attempt to vote. (Obviously targeted at key districts so that on the balance of probabilities, the party ends up ahead.) Obviously these ones didn't state their origin either.
Maybe you should download a program which checks the error correction codes on the CDs. You might find that some of them are almost unreadable but the error correction means that they work as normal.
Your CDs are likely to fail all at (almost) the same time.
In the UK, a 20% sample of libraries have their borrowings tracked, and authors above a certain popularity get back some payment. However, it's by no means proportional to how many people took your book out. Their is a ceiling (about £6,500), a floor (£1) and a fixed pot (~£6.5mn). The current rate averages at 6 pence per loan. (This is from a book in front of me.)
"why there isn't a default Word toolbar which encompasses all of the styles in a document I'll never understand"
There is - but it's a vertical toolbar, aka a Task Pane (Word 2003 and XP and possibly 2000). View -> Task Pane then on the Task Pane (usually docked to the right) press the little "down" triangle and choose "Styles and Formatting". At the bottom choose "Formatting in use".
Word 2007: From the "Home" tab, click the "Styles" dialog launcher.
Well, if you irradiated a human, then that would be a bit dangerous. However, food which has *already* been irradiated has no protection from bacteria after irradiation. That's why it's packed in a sterile environment.
The EULA doesn't allow you to use WMDRM (i.e. protected Windows Media files) nor BitLocker (i.e. encryption of an entire volume) from within a virtual machine. I don't know whether it's technically enforced. If it isn't, I wouldn't be surprised if an update will begin enforcing it.
"you can move license to another computer only once (even in BOX version). So you'll hava to buy new Vista after second mainboard upgrade"
They changed that after a massive (and I mean MASSIVE) backlash. However, if you upgrade your edition of Vista using Windows Anytime Upgrade (i.e. Vista Home Basic -> Vista Home Premium, Vista Home Premium -> Vista Ultimate, Vista Business -> Vista Ultimate) then that upgrade is still only transferable once. The second transfer will require you to buy another upgrade if you want it.
"license prohibits making screenshots containing desktop or icons or other artwork incorporated into Vista"
"I really can't justify the need for a 4GHz processor to run a spreadsheet, or a simple database."
You're imagining that need. Vista can run on any (mainstream, x86) computer purchased in the last few years, and for the shininess, capable graphics cards start at about $30.
"I mean, do you really see new features in Office 2007 that aren't currently available in, say, Office 2000 or OpenOffice?"
I do, actually. Have you even looked at Office 2007? Firstly you have the Ribbon which allows me to find features quickly and lets me discover everything they have to offer. Then you have advances in PivotTables, conditional formatting in Excel (data bars etc, although they have their bad points), amazing style-colorscheme-font system, beautiful new fonts, less limitations in Excel (row count, size of cell contents etc) and new licensing (one Office 2007 Home and Student serves three computers - and you don't need to be a Student). Also new math formula system.
The only bad points are Office Genuine Advantage and the fact that you need to set the old formats as default.
There was such a saying, and that saying was false. In fact, it still is.
Besides, unlike a classroom project, we don't *have* to collaborate. If somebody feels everybody else is bogging them down, they can work on cracking WGA on their own or with a small group. Then when they're done, they can release it on a "works-for-me, no guarantees, no support" basis. Anything goes.
(Initial) activation says to Microsoft, "a new installation has been carried out with the key FCKGW-bla on hardware bla".
WGA checks in with Microsoft regularly to say, "somebody is running a computer with the key bla on hardware bla".
Microsoft will (presumably) allow you to activate even when you've moved hardware a few times. However, if more than one installation is active, they will be able to tell because WGA checks in daily (when automatic updates are on) and if you don't check in (this can only be due to lack of connectivity) then Vista will start complaining. If you are checking in with more than one hardware setup, they will know.
It states very early in the EULA that IF YOU DO NOT AGREE TO THIS EULA, YOU MAY RETURN THE SOFTWARE FOR A FULL REFUND. Getting a software shop to actually take back a box which has already been opened is another matter.
"In the hospital I worked at, anyone with a hospital ID badge could get in to the patient records room, go and get any set of records and do what they wanted with it - there was no way of checking whether a member of staff really needed to see the patients records. I don't really see that this system is much more insecure than the current situation."
I suppose they can read the medical records of people who live hundreds of miles away, too? No?
Then the new system (as it is currently, without the "envelope" functionality) is less secure.
Slashdot Mirror
http://en.wikipedia.org/wiki/Big_Brother_(Yes_Mini ster)
"the new National Integrated Database: the detailed personal records of every UK citizen, which will be held on computer by the government"
You insensitive clod! I use CRCs! :)
"Trying to hide encryption keys within an executable's memory space is probably one of the silliest ever conceived."
/and/ slip the debugging functionality of your driver past their noses). The next version of PowerDVD could require all unsigned drivers to be unloaded.
e n, revoking keys of cracked players, shutting off most of their current market) it could be the end of piracy and fair use too.
Except with Trusted Computing.
Memory Curtaining allows a program to protect its memory from being read by other processes and the kernel.
If a driver has to be signed to be loaded (as in 64-bit Windows Vista*) then none of the drivers will be able to look at the curtained memory (unless you're able to pay Microsoft some money
There's more to this, such as HDCP, prevention of screenshots, etc.
If record companies are willing to take the plunge and go all the way in DRM (requiring TC, using the ICT http://en.wikipedia.org/wiki/Image_Constraint_Tok
* I think there are some exceptions for developers, and you may also be able to bypass this restriction (which is against the EULA) or to load a new root certificate to sign your drivers. Also, it's worth noting that 32-bit Vista has an API to check if any unsigned drivers are loaded.
"What are the odds a content provider won't opt-in for protection?"
e n
If the content provider does opt-in for "protection", then they will miss out on all the customers who have older HD displays that don't take HDCP signals. (This is because the packaging has to clearly state the "protection" is activated.) Therefore, the "protection" will not be activated on HD-DVD and BluRay releases until 2012. (See URL.)
http://en.wikipedia.org/wiki/Image_Constraint_Tok
My dad claims that they will simply *never* use the functionality. I disagree and have been trying to convince him of the need to buy compatible hardware or miss out on the HD bandwagon.
"There's not 5 versions - there's 9. Currently there is Vista Home Basic and Vista Home Basic Premium, Vista Business Basic and Premium, Vista Ultimate, and Vista Server - with 4 versions of Vista Server knows to exist and more planned."
No, that would be Vista Starter ("emerging markets" only), Home Basic, Home Basic N, Home Premium, Business, Business N, Enterprise (volume licensing only) and Ultimate. Already excluding the "N" versions for their pointlessness, I count 6, or 5 available in the First World, or 4 available to consumers. I don't know why you count the server editions because that's an entirely seperate product and deciding between Vista and Vista Server is hardly difficult.
"What else would I use to edit, crop and save screen shots when I'm writing documentation?"
Vista's new screenshot tool?
'"It will have the ability to restrict your network access if you have a down-level machine..."
Translation: "You WILL upgrade all of your machines to Vista, or Microsoft will artificially degrade their performance." It's called "market development."
Those M$ asshats are actually going to try to sell this as a NAC feature, when it's nothing but another license fee grab.'
WTF are you talking about? This allows network admins (the people who run your company's DHCP server to be precise) to collect (insecure and not entirely trustable) information about your computer's setup when you plug it in and set it to use DHCP. This allows them to stop you from bringing a home laptop if it lacks certain Vista patches. Alternatively, they can do it the old way, which is MAC address filtering. Then, you bring the laptop to them, they judge its security, and then (if you succeed) add you to the list of allowed MAC addresses.
The other thing, CTCP, is (as mentioned in the article) an extension to TCP which (presumably) makes use of methods which weren't known (or suitable) when TCP was originally written, to communicate over the network at higher speed. If the other side doesn't support it, normal TCP is used. CTCP also (according to the article) is not so aggressive as to take large parts of your network bandwidth when normal TCP is also being transferred, i.e. it won't clog up your tubes as soon as you have a few Vista machines, requiring you to switch everything else to Vista too. It won't.
An implementation of it for Linux is apparently at http://lwn.net/Articles/185074/.
It's also insecure as hell, someone could write a virus that does nothing but shut off this checking and then erases itself. Then you got a lot of time spent by the Help Desk and/or Techs trying to figure out why no one can connect!
... OK, it's insecure as hell.
Not if:
1) This code is in the kernel,
2) You are running a version of Vista which forbids patching of the kernel (i.e. modification of the kernel that is running) - that's any 64-bit installation
Also not if:
1) The setting requires a UAC prompt,
2) The company has gone to the bother of training users to:
2 a) Answer valid UAC prompts,
2 b) Decline unexpected UAC prompts
3) The requirement in (1) is secure and cannot be worked around.
I forgot to mention push polls where the polling company only tells you who they are when you ask them. That hardly matters, though, because they literally read from a script (sometimes changing the order of the questions as instructed) and they refuse to tell you funded the poll.
One of them began with general local politics then honed in on one senator. It gave a series of facts about them, and asked how much each fact made you think more negatively about them (i.e. you selected between "very bad", "bad", "don't mind/OK").
One of the facts was that "they had made a donation to Friends of Islam". The "donation" was by going to a fundraising dinner to discuss whatever that organisation does. The other facts included similar stretches of the truth.
Wake up - this happens all the time (or at for politics, over the phone, in the US election runup).
: www.alternet.org/blogs/video/43955/+phone+calls+mi dterm+deceptive+LGBT&hl=en&gl=uk&ct=clnk&cd=1&clie nt=firefox-a/ 3087
In the midterm elections 2006 I found on reddit and some other websites:
1) Repeated automated calls made "important information about Lois Murphy," or another particular candidate. They would continue with explanations on this person's terrible policies - by which time most people had hung up. FCC says the originating party must be identified at the *beginning* of the message - in this case it was at the end. These collected on answering machines in droves and people reported being called in the night-time repeatedly, and being called after they hung up. The calls were actually made by the opposing party. Some media reported it without mentioning the originating party in an attempt to spin the story into a non-party issue.
http://216.239.59.104/search?q=cache:qXa897eiLfAJ
http://www.dailykos.com/storyonly/2006/11/6/02926
"The cost of these robo-call campaigns isn't high, although the fines that may accrue to the NRCC may be. The problem is, of course, that they don't care how much they have to pay after they've won. This tactic is being used in 15 districts, which is the number that the NRCC believes it needs to hold the House. These are the 15 districts that they believe are so close that voter suppression tactics can change the outcome."
2) "We are calling on behalf of the LGBT [Society or whatever]" and they would like to thank [candidate] for fully supporting them in every way. These calls were not made by the LGBT group nor by the candidate. It was obviously aimed at those who feel queasy about LGBT - but it never said its actual origins. The originators claimed they really *were* doing it for the LGBT group. Scum.
3) Voter suppression calls which say you aren't registered validly and that you may be arrested if you attempt to vote. (Obviously targeted at key districts so that on the balance of probabilities, the party ends up ahead.) Obviously these ones didn't state their origin either.
Maybe you should download a program which checks the error correction codes on the CDs. You might find that some of them are almost unreadable but the error correction means that they work as normal.
Your CDs are likely to fail all at (almost) the same time.
The ASA suck. They'll probably claim that if those dead musicians ever wanted to extend copyright, it's OK to put them on the list.
They screwed up on my complaint when PC World implied you needed a dual-core system to download something while listening to music.
In the UK, a 20% sample of libraries have their borrowings tracked, and authors above a certain popularity get back some payment. However, it's by no means proportional to how many people took your book out. Their is a ceiling (about £6,500), a floor (£1) and a fixed pot (~£6.5mn). The current rate averages at 6 pence per loan. (This is from a book in front of me.)
"why there isn't a default Word toolbar which encompasses all of the styles in a document I'll never understand"
There is - but it's a vertical toolbar, aka a Task Pane (Word 2003 and XP and possibly 2000). View -> Task Pane then on the Task Pane (usually docked to the right) press the little "down" triangle and choose "Styles and Formatting". At the bottom choose "Formatting in use".
Word 2007: From the "Home" tab, click the "Styles" dialog launcher.
Well, if you irradiated a human, then that would be a bit dangerous. However, food which has *already* been irradiated has no protection from bacteria after irradiation. That's why it's packed in a sterile environment.
God, you're dumb.
The EULA doesn't allow you to use WMDRM (i.e. protected Windows Media files) nor BitLocker (i.e. encryption of an entire volume) from within a virtual machine. I don't know whether it's technically enforced. If it isn't, I wouldn't be surprised if an update will begin enforcing it.
"you can move license to another computer only once (even in BOX version). So you'll hava to buy new Vista after second mainboard upgrade"
They changed that after a massive (and I mean MASSIVE) backlash. However, if you upgrade your edition of Vista using Windows Anytime Upgrade (i.e. Vista Home Basic -> Vista Home Premium, Vista Home Premium -> Vista Ultimate, Vista Business -> Vista Ultimate) then that upgrade is still only transferable once. The second transfer will require you to buy another upgrade if you want it.
"license prohibits making screenshots containing desktop or icons or other artwork incorporated into Vista"
No, I don't think so...
"I really can't justify the need for a 4GHz processor to run a spreadsheet, or a simple database."
You're imagining that need. Vista can run on any (mainstream, x86) computer purchased in the last few years, and for the shininess, capable graphics cards start at about $30.
"I mean, do you really see new features in Office 2007 that aren't currently available in, say, Office 2000 or OpenOffice?"
I do, actually. Have you even looked at Office 2007? Firstly you have the Ribbon which allows me to find features quickly and lets me discover everything they have to offer. Then you have advances in PivotTables, conditional formatting in Excel (data bars etc, although they have their bad points), amazing style-colorscheme-font system, beautiful new fonts, less limitations in Excel (row count, size of cell contents etc) and new licensing (one Office 2007 Home and Student serves three computers - and you don't need to be a Student). Also new math formula system.
The only bad points are Office Genuine Advantage and the fact that you need to set the old formats as default.
There was such a saying, and that saying was false. In fact, it still is.
Besides, unlike a classroom project, we don't *have* to collaborate. If somebody feels everybody else is bogging them down, they can work on cracking WGA on their own or with a small group. Then when they're done, they can release it on a "works-for-me, no guarantees, no support" basis. Anything goes.
(Initial) activation says to Microsoft, "a new installation has been carried out with the key FCKGW-bla on hardware bla".
WGA checks in with Microsoft regularly to say, "somebody is running a computer with the key bla on hardware bla".
Microsoft will (presumably) allow you to activate even when you've moved hardware a few times. However, if more than one installation is active, they will be able to tell because WGA checks in daily (when automatic updates are on) and if you don't check in (this can only be due to lack of connectivity) then Vista will start complaining. If you are checking in with more than one hardware setup, they will know.
It states very early in the EULA that IF YOU DO NOT AGREE TO THIS EULA, YOU MAY RETURN THE SOFTWARE FOR A FULL REFUND. Getting a software shop to actually take back a box which has already been opened is another matter.
I am so sick of seeing that pasted into Slashdot again and again. Why not take a few bullet points, then give the link? People just ignore it anyway.
"No, they aren't. Really. Go into a Marks & Spencer store, and ask customers at random if they are concerned about RFID, or even what it is.
About 90% of them will have never even heard of it, and a further 9.9% or so will know what it is but not care."
Go into a typical restaurant and ask the customers at random if they are concerned about DRM/Net Neutrality, or even what it is.
About 70%/99.9% of them will have never even heard of it, and a further 15%/0.01% or so will know what it is but not care.
People expect the media to bring up these issues. The fact that it hasn't received publicity doesn't mean it doesn't matter.
That said, this *particular* use of RFID is harmless and quite positive.
Don't they use "Marks & Sparks" in some of their Christmas marketing campaigns?
CAPTCHA: bullying
"In the hospital I worked at, anyone with a hospital ID badge could get in to the patient records room, go and get any set of records and do what they wanted with it - there was no way of checking whether a member of staff really needed to see the patients records. I don't really see that this system is much more insecure than the current situation."
I suppose they can read the medical records of people who live hundreds of miles away, too? No?
Then the new system (as it is currently, without the "envelope" functionality) is less secure.