No one system can be everything to everyone, and no one system (however powerful, or stable) can do everything perfectly that just one person might require of it in the course of a day
I wasn't aware that operating system is what end-users use for his/her daily work. I've always thought that it's the applications what matters. Glad that I'm corrected now;)
This is the technique we used some years ago. We were in the business of writing a kind of VPN software that ran on Linux and Windows. We defined crossplatform API and had two different teams to build it up, one which contained people who knew everything about Linux and other, which I worked in, for Windows. Everything went quite smoothly taking account that we even did some kernel mode network drivers for the VPN stuff.
There were some parts where it wasn't really wice to put one-liners to the API so we just #ifdefined those parts and let the build scripts figure out definitions for those.
But it really sounds like that people at 'rikkitikki' work place aren't so competent as they think, at least not in the Windows world.
That's the error that this is trying to fix. I'm skeptical as to how much this will help
I think the idea is that memcpy_s forces, or tries to force, coder to think. Is destination buffer really long enough? Should I check it's length somehow? But I'm a little skeptical too. Good coders don't need functions like memcpy_s anyway and lazy-ass coders cut the corners and make their own memcpy #defines.
And you have to remember DEC Alpha processor. Folklore says that Intel wanted to enter into some business agreement with DEC. They got to look at DEC's Alpha processor and after that they immediately dropped the deal. But for some curious reason Alpha technology ended up in Intel's Pentium line processors... Wonder why?
If I recall correctly DEC even tried to sue Intel for this but they ended up with some very stupid arbitration where Intel would have manufactured DEC's processors. I don't think that went very well because Alpha was sold to Compaq and then to, guess what, Intel.
And how does this concern Microsoft? Windows NT supported Alpha processors back in the days (maybe still does, at least with some effort?). Rumour says that someone, somewhere, was able to actually run NT on top of Alpha.
They need not to do any that. All they, and I mean public sector, need to do is learn how to buy software/IT-systems from suppliers. If they go like "here's X amount of money, give us Y", supplier takes X amount of money and gives back most cheapest Y they can find with no warranty, maintenance, support or anything. Public sector does not know how to demand quality.
What they should do is to hire a consultant (a good one, there's plenty of bad ones) who actually knows something about their needs and something about Y. Consultant goes to the supplier and says "we need Y and we need warranty and support/maintenace for it. We need it documented. We need it installed. And we need some training for it. How much it costs?".
The worst situation I've known is that the buyer does not know what they really want but they got plenty of money to spare. They split the task to three different software houses which should collaborate on the project (yeah, right). They start up steering groups and create a heck load of bureaucrazy to slow things down. In the end no-one is really commited to the project, just that they make sure if something goes wrong it's not their fault or at least they can blame someone else for it.
Last time I was writing kernel drivers for Windows XP (or any other Windows) Microsoft didn't test a single one of them in any way. And no, no fix in the OS can prevent null pointer exceptions, buffer overflows or division by zero in the kernel from bringing the OS to a halt. Try and get Linux source codes, inject following code into some kernel module, compile, install, boot and weep.
Now, the Futurama spaceship in contrast works by moving the universe aroud itself. Way cooler, isn't it?
Yes but if I remember correctly, they still had the problem that the space around ship had to move faster than light. I think Fry asked specifically about this from dr. Farnsworth but the answer was never explained.
But Superman can fly faster than light! All he has to do is fly very, very fast and shake his body a bit. I read a comic book once where he flew faster than light and ended up in another universe (and had hard time to get back because he ended up near red sun and lost his super powers).
Yes, that is weird. As a programmer, I like very much your solution to build a common library to make calculations. Maybe there are some stupid political reasons.
An idea! OpenOffice is licensed under LPGL. Now I'm not really familiar with that license but doesn't it give the right to rip off the calculation part from OpenOffice and publish it as a separate library? Just define nice interface and then comes the easy part, to convince everyone to actually use that library;)
Unfortunatelly not but since Wikipedia entry hasn't been changed I would believe that the article is still valid.
I just finished installing Office 2007 SP2 and here's the results. Both of these work well but I don't have OpenOffice or KOffice to see if they are compatiple. So is there anyone who could conform if these work or not?
There are two simple responses which I feel invalidate your analysis.
No, they don't and they are totally incorrect. Let's see... And oh yes, I live in Finland so this goes probably differently whereever you live.
Why should I be held responsible for my own banking activity, but not my own voting activity?
We have laws which explicitly prevents that. A person or company cannot gain unearned richess from such a mistake. So you can call your bank and say "I accidentally transferred all my savings to wrong account" and bank calls whoever got your money and asks if he/she/it could transfer them back. If recipient does not comply with your/bank's request you can take it to court and eventually you get your money back.
In election there is no such possibility. Someone could come to your house, keep a shotgun pointed to your head and ask politely you to give your vote to candidate X. You cast your vote (or loose your head) and that's it. And this enables you to sell your vote, which is explicitly forbidden by the law. Selling is possible in normal paper-voting but there is no evidence you to proof that you actually cast your vote in the way the buyer wanted so I really doubt that you wont get any money either.
Since we apparently can't recount the paper ballots anyway
You can't but all the political parties can put their presentative to oversee the counting process. And counting is done twice by different groups of people. Even after that recount is possible by court order. Every step is closely watched by parties to prevent any foul play. It really can't get any secure from that.
I couldn't conform this from TFA or in MS web site but I'm 99,9% sure that XPM can be switched off using Group Policy settings which renders these "support nightmare" issues to nil (allthought it disables the whole XMP but still, you wouldn't have nightmares).
Didn't we just have an article about a CPU hack which enables attacker to take over the whole system even from VM as long as the attacker gets root/admin access? I could be wrong though because the article went way over my head.
First thing was that I noticed that X didn't start. It threw some error messages to my face so I fired up my other PC and altavistad (Google wasn't around back then IIRC) and it took some hours to get it working. It was something about hand editing config files. Funny thing that after that every time I install Linux (which is pretty rare nowadays) I have to go through the same exercise:)
Next I find out that sounds aren't working. I could live with that because I had a really nice stereo system back.
But what was real showstopper was that I couldn't get my 56K modem working. I had a phoneline and internet access which I paid money for and which I couldn't use. I don't care whose fault it was that I couldn't access internet but I had to reformat the whole thing and install back Windows 98 to get that working.
So my first experience with Linux wasn't so great:(
That isn't really hard to code yourself on Windows (don't know about *nixes). I've written a media player which works like you described. Now I'm planning to write document management system that works the same but instead of media files it works with MS Office files. Funny thing that technical part is not that hard at all. What is hard is to design and usable interface for making queries:)
Well, there was that article couple of weeks ago in Slashdot that, if I remember correctly, explicitly said that... And this is RC we are now talking about so I totally understand this (MS probably wants to rule out installation errors caused by the user).
Hi. Thanks for the reply. I'm not really familiar with sandboxing technology and your reply cleared things up a bit.
But still if we go back to Windows (I don't know much about *nis OSes) even if you are running in the sandbox, you would able to use Win32 API, right? Now if you are running browser with user credentials, like Chrome/Chromium does, you are able to access plenty of stuff through Win32 API. This, of course, would need a sophisticated attack but in theory I think it is possible. Now even if you are restricted from accessing files that are not in your sandbox you are still able to access other processes/windows in the system. I once wrote a little piece of software that invaded other process' memory and ran stuff in it's context using Win32 API. It required admin privileges though but almost every XP is ran as admin.
But again, I don't know how sandboxing is done in Chromium, how "deep" it is and so on, and I don't know if such a sophisticated attack is possible through browser.
I'm not really sure what my question is here... maybe its just idle speculation:)
Slashdot Mirror
I wasn't aware that operating system is what end-users use for his/her daily work. I've always thought that it's the applications what matters. Glad that I'm corrected now ;)
This is the technique we used some years ago. We were in the business of writing a kind of VPN software that ran on Linux and Windows. We defined crossplatform API and had two different teams to build it up, one which contained people who knew everything about Linux and other, which I worked in, for Windows. Everything went quite smoothly taking account that we even did some kernel mode network drivers for the VPN stuff.
There were some parts where it wasn't really wice to put one-liners to the API so we just #ifdefined those parts and let the build scripts figure out definitions for those.
But it really sounds like that people at 'rikkitikki' work place aren't so competent as they think, at least not in the Windows world.
I think the idea is that memcpy_s forces, or tries to force, coder to think. Is destination buffer really long enough? Should I check it's length somehow? But I'm a little skeptical too. Good coders don't need functions like memcpy_s anyway and lazy-ass coders cut the corners and make their own memcpy #defines.
And you have to remember DEC Alpha processor. Folklore says that Intel wanted to enter into some business agreement with DEC. They got to look at DEC's Alpha processor and after that they immediately dropped the deal. But for some curious reason Alpha technology ended up in Intel's Pentium line processors... Wonder why?
If I recall correctly DEC even tried to sue Intel for this but they ended up with some very stupid arbitration where Intel would have manufactured DEC's processors. I don't think that went very well because Alpha was sold to Compaq and then to, guess what, Intel.
And how does this concern Microsoft? Windows NT supported Alpha processors back in the days (maybe still does, at least with some effort?). Rumour says that someone, somewhere, was able to actually run NT on top of Alpha.
They need not to do any that. All they, and I mean public sector, need to do is learn how to buy software/IT-systems from suppliers. If they go like "here's X amount of money, give us Y", supplier takes X amount of money and gives back most cheapest Y they can find with no warranty, maintenance, support or anything. Public sector does not know how to demand quality.
What they should do is to hire a consultant (a good one, there's plenty of bad ones) who actually knows something about their needs and something about Y. Consultant goes to the supplier and says "we need Y and we need warranty and support/maintenace for it. We need it documented. We need it installed. And we need some training for it. How much it costs?".
The worst situation I've known is that the buyer does not know what they really want but they got plenty of money to spare. They split the task to three different software houses which should collaborate on the project (yeah, right). They start up steering groups and create a heck load of bureaucrazy to slow things down. In the end no-one is really commited to the project, just that they make sure if something goes wrong it's not their fault or at least they can blame someone else for it.
Last time I was writing kernel drivers for Windows XP (or any other Windows) Microsoft didn't test a single one of them in any way. And no, no fix in the OS can prevent null pointer exceptions, buffer overflows or division by zero in the kernel from bringing the OS to a halt. Try and get Linux source codes, inject following code into some kernel module, compile, install, boot and weep.
char *foo = 0; *foo = 1;
Yes but if I remember correctly, they still had the problem that the space around ship had to move faster than light. I think Fry asked specifically about this from dr. Farnsworth but the answer was never explained.
But Superman can fly faster than light! All he has to do is fly very, very fast and shake his body a bit. I read a comic book once where he flew faster than light and ended up in another universe (and had hard time to get back because he ended up near red sun and lost his super powers).
We are talking about SCO, right? :)
Well, actually I just tried to be funny. Failed miserably :(
OMG! Our servers went dead in a blazing inferno! Nothing was left! I guess there's no data to sell anymore :'(
Yes, that is weird. As a programmer, I like very much your solution to build a common library to make calculations. Maybe there are some stupid political reasons.
An idea! OpenOffice is licensed under LPGL. Now I'm not really familiar with that license but doesn't it give the right to rip off the calculation part from OpenOffice and publish it as a separate library? Just define nice interface and then comes the easy part, to convince everyone to actually use that library ;)
Unfortunatelly not but since Wikipedia entry hasn't been changed I would believe that the article is still valid.
I just finished installing Office 2007 SP2 and here's the results. Both of these work well but I don't have OpenOffice or KOffice to see if they are compatiple. So is there anyone who could conform if these work or not?
=SUM(A1;A3;CEILING(A4;3)) + LOG(A1+10;10) - SQRT(A4)
=SUM(A1;A3;CEILING(A4;3)) + LOG(A1+10) - SQRT(A4)
Interesting. According the article referenced in the Wikipedia even OpenOffice and KOffice don't get along.
Screwdriver-through-the-lens-protocol works every time. Escpecially if you leave the screwdriver in place.
No, they don't and they are totally incorrect. Let's see... And oh yes, I live in Finland so this goes probably differently whereever you live.
We have laws which explicitly prevents that. A person or company cannot gain unearned richess from such a mistake. So you can call your bank and say "I accidentally transferred all my savings to wrong account" and bank calls whoever got your money and asks if he/she/it could transfer them back. If recipient does not comply with your/bank's request you can take it to court and eventually you get your money back.
In election there is no such possibility. Someone could come to your house, keep a shotgun pointed to your head and ask politely you to give your vote to candidate X. You cast your vote (or loose your head) and that's it. And this enables you to sell your vote, which is explicitly forbidden by the law. Selling is possible in normal paper-voting but there is no evidence you to proof that you actually cast your vote in the way the buyer wanted so I really doubt that you wont get any money either.
You can't but all the political parties can put their presentative to oversee the counting process. And counting is done twice by different groups of people. Even after that recount is possible by court order. Every step is closely watched by parties to prevent any foul play. It really can't get any secure from that.
I was too hasty. Here's confirmation XPM can be administered through Group Policy
I couldn't conform this from TFA or in MS web site but I'm 99,9% sure that XPM can be switched off using Group Policy settings which renders these "support nightmare" issues to nil (allthought it disables the whole XMP but still, you wouldn't have nightmares).
Yes, I know that. And probably MSN Desktop Search also. But I want to write a system of my own you know... Like a good hacker :)
Well, couldn't this be a nudge to the CPU vendors to stop artificially crippling their low-end CPUs?
Sound really secure and user friendly system to me :)
Didn't we just have an article about a CPU hack which enables attacker to take over the whole system even from VM as long as the attacker gets root/admin access? I could be wrong though because the article went way over my head.
SUSE was my first experience also.
First thing was that I noticed that X didn't start. It threw some error messages to my face so I fired up my other PC and altavistad (Google wasn't around back then IIRC) and it took some hours to get it working. It was something about hand editing config files. Funny thing that after that every time I install Linux (which is pretty rare nowadays) I have to go through the same exercise :)
Next I find out that sounds aren't working. I could live with that because I had a really nice stereo system back.
But what was real showstopper was that I couldn't get my 56K modem working. I had a phoneline and internet access which I paid money for and which I couldn't use. I don't care whose fault it was that I couldn't access internet but I had to reformat the whole thing and install back Windows 98 to get that working.
So my first experience with Linux wasn't so great :(
That isn't really hard to code yourself on Windows (don't know about *nixes). I've written a media player which works like you described. Now I'm planning to write document management system that works the same but instead of media files it works with MS Office files. Funny thing that technical part is not that hard at all. What is hard is to design and usable interface for making queries :)
So Lucifer is soon powering the Vatican. What if he turns out the light?
Well, there was that article couple of weeks ago in Slashdot that, if I remember correctly, explicitly said that... And this is RC we are now talking about so I totally understand this (MS probably wants to rule out installation errors caused by the user).
Hi. Thanks for the reply. I'm not really familiar with sandboxing technology and your reply cleared things up a bit.
But still if we go back to Windows (I don't know much about *nis OSes) even if you are running in the sandbox, you would able to use Win32 API, right? Now if you are running browser with user credentials, like Chrome/Chromium does, you are able to access plenty of stuff through Win32 API. This, of course, would need a sophisticated attack but in theory I think it is possible. Now even if you are restricted from accessing files that are not in your sandbox you are still able to access other processes/windows in the system. I once wrote a little piece of software that invaded other process' memory and ran stuff in it's context using Win32 API. It required admin privileges though but almost every XP is ran as admin.
But again, I don't know how sandboxing is done in Chromium, how "deep" it is and so on, and I don't know if such a sophisticated attack is possible through browser.
I'm not really sure what my question is here... maybe its just idle speculation :)