If it was so it might be, and if it were so it would be, but as it isn't it ain't.
There's your prior art, all the way back from the time of Lewis Carroll...
And it is not just that this comes from the other side of the Looking Glass.
I, myself, feel like I've made it through the looking glass into some strange alternative world, where they say "when I say someting it means what I want it to mean!"
and then they file a patent... ?! WTF? this is just too bloody unreal for words.
I'm glad I've stuck to C where this patent does not apply.
What ever happened to winning by doing better than the competition, anyway? Are American corporations so pathetic that they have to stoop to this level to compete now?
Same thing that happened to "Keep the customers satisfied". I suspect the focus on shareholders' profits has had something to do with it, but that can't explain it all.
If the analogy should be continued, I'd think it would be a party located in Beijing, Seoul, Tokyo, or some other important Asian city, rather than anywhere in the US.
Though I doubt it will come to anything like this.
You can make functions return more than one value by either having them return a struct, or via a argument passed by reference. Passing and returning structs by value has been ANSI standard since the late 1980s at least.
Such as this somewhat contrived example:
/* In a.h file somewhere to be included: */ struct statusinfo { int errcode, wherebroke; };
/* then sometime later in a.c file: */ #include <stdio.h>
fp = fopen(whatever, "r"); if(NULL == fp) { rstatus.errcode = errno; rstatus.wherebroke = __LINE__; return(rstatus); } /* Do something or other with what is found in the file */
As for the "peeing on the line" examination, I would be very concerned about the negative result. Ground-mounted railway power rails generally hold on the order of 700 V DC, and we can expect urine, like much of the rest of the body to contain ions and thus be a low-resistance conductor from the rail into the body of the man standing there peeing. Chances are that any insulation in the soles of his shoes (many shoes have soles of conductive material) and the earth resistance is not exceedingly large either. With moist ground we may be talking of a few hundred Ohms.
This immediately makes for something on the order of a 1 A current to flow in the man's lower body, causing the muscles in his legs to lock and heat up. This is DC, so there is no possible periodic relief as with AC, where the voltage goes thru zero every 100 or 120 times a second -- this is a steady continuous current. The man will most likely fall over once his leg muscles, already damaged, have seized, and then it may be the fall, the fact that he comes into contact with the hot rail and ground that finally kills him.
And if we were talking about peeing on 16kV or 25kV overhead wires off of a bridge, there is no argument; here the tragic result is guaranteed.
Notwithstanding all of the above and any science or argumentation, people have been known to be killed when touching hot electrical conductors with voltages far less than the 700 V or so that railways use. It may only be the detailed manner of death that is interesting for a study.
On the "mobile-phone in gas-station" however, I'd not be as severely criticizing. The old prohibition probably stems from those days when mobile phones used mechanical power converters to produce the necessary voltages for their operation. These could produce the undesired sparks. But these things went out of use decades ago.
A more modern reason that could be argued, is that electromagnetic interference from mobile phones could adversely affect the operation of the electronics in the pumps, causing these to malfunction and perhaps result in somebody getting free gas (or petrol)! Obviously, this will not do!
I've had good results with using a 2.5inch-to 3.5inch harddrive adapter, which allows me to plug the laptop drive into a standard IDE bus on a desktop computer, and then accessing the file systems on it from Linux there. It is likely that Windows would be able to do this as well, depends on the file system, but chances are that yours holds one of the FAT variants, and these will be easily readable from Windows.
Off-by-one errors are possible in almost every language. Wherever there is some kind of list or set of objects, however expressed, there is the potential for such an error. The actual implementation language doesn't matter here.
And that makes legitimate E-mail from South Korea less than useful, when there is no way knowing whether it makes it through to the other end or not. I have been noticing this.
Just getting the output-channel, from brain to computer, would reduce the incidence of nerve problems in people's arms, such as carpal-tunnel syndrome or strain on the ulnar nerve (which I am bothered with right now).
Come to think of that, would it not be generally easier to interface to some peripheral nerves, at what is effectively one of the brains' IO channels, instead of trying to make sense of all the activity going on in the brain itself?
Re:poor effort
on
IT, Be Free!
·
· Score: 2, Insightful
1> why doesn't the article include a direct link to the damn thing.
It does. Towards the end it reads:
The document is available
online
, along with a
form
that can be used to "sign" it.
2> The declaration stinks of pointy haired people sitting in afternoon long meetings. Not sure if I disagree here. Its form reminds me of these stuffy CEPT resolutions I have seen quoted in the old Radio Amateurs Handbook. On the other hand, there are only so many ways such a declaration could be formatted. And isn't the content rather more important, than the form being a literary masterpiece? Besides, the audience may include said PHBs.
3>. IBM now is not the same as IBM was 25 years ago. They probably sees this as relevant to their future business opportunities. They indicate as much, at any rate. And as they are more concerned with selling hardware and services; if they can profit from open standards then they will support that.
Which does raise the question of how much more than an IBM PR thing this really is.
The computer might have become different, but the knowledge of how it used to work will not be lost. Just look at Charles Babbage's mechanical computer (difference engine) from the 1830s; no theoretical difficulties in re-implementing that in the 1980s, some 150 years later.
Similarly, unless some catastrophic loss of historical information should occur, someone 200 years from now would still be able to fathom the concept of a command-line or even a desktop-metaphor GUI. They will of course think it is clunky and old-fashioned, but hey, it is a couple centuries past the state of the art....
In Norway, the rule is that stores selling electrical and electronic equipment, including computers, are required to accept old and defunct equipment for recycling, even if you have not bought anything from them. I thought that was some kind of EU mandate (Norway isn't in the EU but through the EES agreement we have to implement most of EU regulations).
Now, I have a number of computers in various state of repair myself, but I don't see the point in having a lot of dead hard disks and dead monitors around, so all of that goes into the recycling area behind a store in Sandvika... where there always seems to be some people picking through the remains. The council also accepts electrical and electronic waste free for individuals, but this ends up behind the fences at the dump and becomes unavailable to potential second-users.
ah yes, the "cc -o *.c"... actually on HP-UX the cc command was smart enough not to accept any.c file for the -o argument, precluding this particular one.
But having used MS-DOS for a while, where copying defaults to the current directory, I managed to screw up while attempting to copy a pair of program files from one place to another via "cp../oldprog/*" and then wondering why I didn't see any files in the current directory... and what was worse, my file "ndss.c" was now irrevocably lost as well, having been overwritten by the makefile:(
One day, during a fairly intense development phase, we were writing some documentation and debating some finer points about the organization of some chapters. Now, I tend to wave my hands around a lot during such discussions, to emphasize whatever points I think are right.
Now, we also were drinking Coca-Cola, and there were a couple of these half-full glasses standing around.
Of course, the combination proved fatal to a keyboard and one of the draft documents in short order. Once the drink hit the keyboard, the word processor program received a dozen or so Rs, and the computer started beeping continually. We unplugged the keyboard, tried plugging in another, but the PC still keept beeping. So it had to be rebooted, and there went our document draft. We had previously turned on the Autosave function since it would take about 30 seconds and tend to strike in the middle of some inspired writing run, cutting it short in the process.
The keyboard was of the kind with foam-supported capacitive switches under the keys. Several attempts were made of cleaning it, in a shower and even a dishwasher, but the keys remained sticky, and the keyboard was given up for dead.
Another coworker had bought a PC in parts, and being adept with cars, he thought he'd be able to assemble a PC as well. He mostly managed it too, except for the cache RAM. This was back in the day when the 486DX motherboards had 32K static RAM cache chips in long skinny 28-pin packages, which fit into their sockets in two ways, one right and one wrong. And since the power and ground pins are at opposite corners of these, the wrong way is very wrong...
Now, he had bought the full complement of 9 such chips for his motherboard, and managed to put them in backwards, as he were about to discover the hard way. On turning on the power, two of them cracked open, two others just melted in the middle region where the silicon was, and these and the others got so hot so as to leave visible marks on the sockets they were in.
He came around and asked me about what had happened, and I could only tell him to go get a new set of memory chips. I actually did test the now-defunct set, and the chips without visible external damage actually still were able to read and write parts of their contents, but they had some memory addresses that were "stuck" at 1 and thus were useless for all practical purposes.
They may even convince some big websites to not allow access from "untrusted" browsers. In each case they will only allow a level of compatability that will make Windows appear to be the most feature-full OS.
That isn't all that different from what we see with some of the IE-only sites today. But one operational problem I think we will get with this comes with the need for special client-side code, and as this is where we see a lot of today's problems with spywares and worms I don't think this is going to win MS many friends.
Also, the customization capabilities of Linux desktops I believe will become an advantage, not a liability, to a company, since this customization is something that the company as opposed to the end-user employee is performing.
The employees will be given a Linux desktop that can be locked down a lot tighter than a Windows desktop installation as long as the latter will require downloaded code to run, in order to implement these vaunted "features".
No joke, this company is
for
for real. And yes, I do not think they chose that good of a name either. But this is the result of the fusion of several insurance companies, including some with names like "Storebrand" and "Norges Brannkasse" names which reveal the focus on fire insurance (Brann == fire) in a country where most houses are made of wood.
Re:Joe vs. vi vs. GUI based editors
on
JOE Hits 3.0
·
· Score: 1
A dozen of one, 12 of the other...
^K-d for "Kommand Done" vs. ":wq!" for "Write and Quit and I really am sure I wanna do that!" This, to me, looks like a draw.
I had to learn vi back in the days of Turbo Pascal 3.x and Wordstar and their famous "diamond" of movement keys, besides arrow keys that did something more useful than putting "escape[A" into the text. And though I found vi rather strange at first, I later got used to its way of working, to the extent of finding a clone that worked on DOS and never looking back. It was nice never having to leave the alphanumeric sections and get confused by hitting Page down instead of Delete.
But the big cinch was the interchanging of Ctrl and Caps lock that took place sometime in the later 80s. Although Caps-Lock is poison for users of vi, the repositioning of the Control key didn't help with the old Wordstar ways either. Though errors tended to be less deleterious than in vi, where "Escape u" usually restored sanity.
It is mostly a matter of mnemonics for either editor, just that those are different.
Yes, the children may love the mascot and they appear to find them easily recognizeable.
That isn't the hard part.
What is, is to convince the school bureaucrats, who are the ones making decisions and hold the purse strings, that this is a worthwhile product for their schools. Whatever schoolchildren actually like or don't like, only becomes known to them indirectly via teachers and superintendents, as one of several decision criteria. More important than the logo is if anyone can support it and how much retraining costs.
Does a slightly dishevelled-looking seagull mascot help or hinder the chances for that project? That really depend on the audience. To the extent the seagull character appeals to students, as well as having been drawn by one, it is likely OK for school.
Consider, that as sea birds go, gulls certainly are more controversial than penguins.
This particular seagull character would have been a harder sell to some company even where a seagull might otherwise would appeal, such as subcontractors to the offshore oil industry and fish processing industry. But if the potential customer would be running a city dump or maintain boat canopies, that would not sell, as in these jobs, seagulls tend to be slightly less than welcome.
Red generally means "Stop!" not necessarily "Danger" unless you translate "Stop!" as danger ahead. Which may or may not be accurate. Green could also mean "Danger" depending on your point of view. For example, green for crossing traffic does imply increased danger to a pedestrian.
Fax software could be problematic, but even here the protocol involved would be different than the dial-up numbers, attempting to send a fax to somewhere there is a modem at the other end expecting a PPP-style connection to be made would not work well. So the original problem of dial-up connections being hijacked here would be avoided by depending on something else not working... that is iffy at best. This is still a gray area.
For RAS callbacks, the user authentication might be good enough to get around the risk of a hijacked connection, and it could otherwise be one of a set of known good numbers.
As for "arbitrary" I was thinking of the process causing a machine to dial to any number whatever, without limitation, as is what the dial-up hijacking programs do when they cause dialing to some expensive service without the user knowing. My suggestion basically is a whitelisting of acceptable numbers to be dialled.
Changing the OS: yes, in some circumstances that is what we all do when installing or updating kernel or utility software. Now, I didn't define what I meant by an OS, but it has two parts, the kernel and the utilities. The kernel part is what should be protected, since it in turn provides the other guards against intrusion and observation.
I don't see any problem with changing or augmenting the utilities, which like all other application programs are dependent on the kernel. You mention Windows Explorer and WinRAR -- these qualify as utilities running in the user-space along with other applications. Or at least it should do so; this boundary is blurred in Windows and that is not a good thing.
A lot of this comes down to the user or owner of the machine being unaware or maybe uncaring about what is going on in the system. Monitoring of an employee by his employer may be OK, monitoring of that employee by a competitor of that employer definitely isn't. The same issue is with remote control and automatic updates, who does it, what does it encompass, and do I (or my employer) know?
I recall having had problems with a particularly draconian virus-guard interfering with software development, since it was set up to believe that the production and changing of executable files was a sign of a rampant virus... Such solutions are not universally useable, clearly. And there is the risk that most everything would get one or more of these warning labels.
First of all, much, if not most, software nowadays is not bought in a box in a store, but downloaded from somewhere on the internet. With the boxes, the manufacturer is pretty well defined, but for the online stuff there is no box, and sometimes no other website or other virtual packaging. Then there is the matter of the spyware making its way in unnoticed; where and when would that be able to display the required warnings? And how about enforcement -- some kind of draconian nonsense perhaps, what with the current state of enforcement of anti-spam rules. Yeah right!
Then there is the matter of a captive audience; when downloading a utility or a game, the downloader presumably wants to try out or use this, and will not be deterred by dire warnings. After all, a lot of the worms going around are from people opening E-mail attachments not knowing what these are, how can we expect people to refrain from downloading and installing stuff they actually have found out about and which they want?
This whole debacle underlines a more fundamental flaw: that there is no sharp distinction between operating system software and application software on MS-Windows. The fact that arbitrary non-OS programs are able to modify the operating system they run on, and basically do a number of the activities that Simson Garfinkel made up icons for, indicates that the way it is constructed is wrong. This seems to be further supported by the folklore of Windows needing periodic updates and the common observation that any Windows installation that has been running for a while has become sluggish.
Having said this, let's have a look at where
the big problems are and what constitutes the biggest headache? Some of these behaviors are legitimate, but the design of Windows makes it hard to figure out what is or has happened, even in these cases where the OS cannot be blamed.
Hook - The automatic start-up of a program is a legitimate function of an OS. The main problem with Windows is not that this is possible but that the actual mechanism is so obscure -- is it the Startup folder, some autorun script somewhere, some key in the Registry, and if so, where inside there is it?
Dial - This kind of behavior of automatic dialling to arbitrary numbers is never reasonable and could be generally prohibited by the design of the OS itself. Automatic and unattended dialling is reasonable only for dedicated alarm-transmitting hardware. Which by the nature of its application is fairly secure by design anyway, including a pre-set number. This same limitation could be used to advantage on other computers -- have a list of approved numbers which is guarded and relatively difficult to modify, and let the OS be the guardian of this.
Modify the OS -- This is the big no-no. No application (user-land) program should have the rights to modifying the operating system. This boundary should be hard. In fact, this behavior alone opens the gate for all the other vulnerabilities that all in some way or another depend on the rules of the OS being bent to accomodate nasty behavior.
Monitoring Activities -- The big problem here is that this happens with the user unaware. There is nothing the OS itself can do to stop this, other than making it possible to detect this kind of behavior and close the outbound channels. The hard part here is that there is a lot of legitimate outbound traffic, and how can the OS tell the difference?
Pop-up -- Unsolicited messages are generally a bad thing. Again, the OS is helpless to stop running processes doing such annoying things since it cannot tell the difference between a good or bad process already running.
Remote Control -- The problem here is as with monitoring. How can the OS or anyone else determine whether the controlling entity is a friend or a foe? Information about such activity happening when it happens might help, but it may also get in the way of legitimate remote-controlling.
Self-Update -- Related to the remote-control and OS-modification issu
Same with me. I started with printing letters, then we had to learn the cursive handwriting, and a few years later my handwriting had become horrible.
I then tried to change it to a semi-printing style which at least was legible. What finally cleaned my handwriting up was the drafting course in high school and the requirements that we should use "technical font" in the College of Engineering, and that really has served me well since then.
Occasionally in meetings in some non-technical context, I have received praise for my legible handwriting -- and then been selected for the sometimes tedious task of writing down the minutes of that meeting -- so this is a mixed blessing.
Slashdot Mirror
There's your prior art, all the way back from the time of Lewis Carroll...
And it is not just that this comes from the other side of the Looking Glass.
I, myself, feel like I've made it through the looking glass into some strange alternative world, where they say "when I say someting it means what I want it to mean!"
and then they file a patent... ?! WTF? this is just too bloody unreal for words.
I'm glad I've stuck to C where this patent does not apply.
Same thing that happened to "Keep the customers satisfied". I suspect the focus on shareholders' profits has had something to do with it, but that can't explain it all.
Though I doubt it will come to anything like this.
Such as this somewhat contrived example:
Adding variables to the struct statusinfo for the file-name and maybe the function name is left as an exercise -- you get the idea.
This immediately makes for something on the order of a 1 A current to flow in the man's lower body, causing the muscles in his legs to lock and heat up. This is DC, so there is no possible periodic relief as with AC, where the voltage goes thru zero every 100 or 120 times a second -- this is a steady continuous current. The man will most likely fall over once his leg muscles, already damaged, have seized, and then it may be the fall, the fact that he comes into contact with the hot rail and ground that finally kills him.
And if we were talking about peeing on 16kV or 25kV overhead wires off of a bridge, there is no argument; here the tragic result is guaranteed.
Notwithstanding all of the above and any science or argumentation, people have been known to be killed when touching hot electrical conductors with voltages far less than the 700 V or so that railways use. It may only be the detailed manner of death that is interesting for a study.
On the "mobile-phone in gas-station" however, I'd not be as severely criticizing. The old prohibition probably stems from those days when mobile phones used mechanical power converters to produce the necessary voltages for their operation. These could produce the undesired sparks. But these things went out of use decades ago.
A more modern reason that could be argued, is that electromagnetic interference from mobile phones could adversely affect the operation of the electronics in the pumps, causing these to malfunction and perhaps result in somebody getting free gas (or petrol)! Obviously, this will not do!
I've had good results with using a 2.5inch-to 3.5inch harddrive adapter, which allows me to plug the laptop drive into a standard IDE bus on a desktop computer, and then accessing the file systems on it from Linux there. It is likely that Windows would be able to do this as well, depends on the file system, but chances are that yours holds one of the FAT variants, and these will be easily readable from Windows.
But this particular "beer" mix featured here sounds vile.
Off-by-one errors are possible in almost every language. Wherever there is some kind of list or set of objects, however expressed, there is the potential for such an error. The actual implementation language doesn't matter here.
And that makes legitimate E-mail from South Korea less than useful, when there is no way knowing whether it makes it through to the other end or not. I have been noticing this.
Come to think of that, would it not be generally easier to interface to some peripheral nerves, at what is effectively one of the brains' IO channels, instead of trying to make sense of all the activity going on in the brain itself?
It does. Towards the end it reads:
The document is available online , along with a form that can be used to "sign" it.
2> The declaration stinks of pointy haired people sitting in afternoon long meetings. Not sure if I disagree here. Its form reminds me of these stuffy CEPT resolutions I have seen quoted in the old Radio Amateurs Handbook. On the other hand, there are only so many ways such a declaration could be formatted. And isn't the content rather more important, than the form being a literary masterpiece? Besides, the audience may include said PHBs.
3>. IBM now is not the same as IBM was 25 years ago. They probably sees this as relevant to their future business opportunities. They indicate as much, at any rate. And as they are more concerned with selling hardware and services; if they can profit from open standards then they will support that.
Which does raise the question of how much more than an IBM PR thing this really is.
Similarly, unless some catastrophic loss of historical information should occur, someone 200 years from now would still be able to fathom the concept of a command-line or even a desktop-metaphor GUI. They will of course think it is clunky and old-fashioned, but hey, it is a couple centuries past the state of the art....
Now, I have a number of computers in various state of repair myself, but I don't see the point in having a lot of dead hard disks and dead monitors around, so all of that goes into the recycling area behind a store in Sandvika... where there always seems to be some people picking through the remains. The council also accepts electrical and electronic waste free for individuals, but this ends up behind the fences at the dump and becomes unavailable to potential second-users.
But having used MS-DOS for a while, where copying defaults to the current directory, I managed to screw up while attempting to copy a pair of program files from one place to another via "cp ../oldprog/*" and then wondering why I didn't see any files in the current directory... and what was worse, my file "ndss.c" was now irrevocably lost as well, having been overwritten by the makefile :(
Now, we also were drinking Coca-Cola, and there were a couple of these half-full glasses standing around.
Of course, the combination proved fatal to a keyboard and one of the draft documents in short order. Once the drink hit the keyboard, the word processor program received a dozen or so Rs, and the computer started beeping continually. We unplugged the keyboard, tried plugging in another, but the PC still keept beeping. So it had to be rebooted, and there went our document draft. We had previously turned on the Autosave function since it would take about 30 seconds and tend to strike in the middle of some inspired writing run, cutting it short in the process.
The keyboard was of the kind with foam-supported capacitive switches under the keys. Several attempts were made of cleaning it, in a shower and even a dishwasher, but the keys remained sticky, and the keyboard was given up for dead.
Another coworker had bought a PC in parts, and being adept with cars, he thought he'd be able to assemble a PC as well. He mostly managed it too, except for the cache RAM. This was back in the day when the 486DX motherboards had 32K static RAM cache chips in long skinny 28-pin packages, which fit into their sockets in two ways, one right and one wrong. And since the power and ground pins are at opposite corners of these, the wrong way is very wrong...
Now, he had bought the full complement of 9 such chips for his motherboard, and managed to put them in backwards, as he were about to discover the hard way. On turning on the power, two of them cracked open, two others just melted in the middle region where the silicon was, and these and the others got so hot so as to leave visible marks on the sockets they were in.
He came around and asked me about what had happened, and I could only tell him to go get a new set of memory chips. I actually did test the now-defunct set, and the chips without visible external damage actually still were able to read and write parts of their contents, but they had some memory addresses that were "stuck" at 1 and thus were useless for all practical purposes.
I am really wondering more why 23, 42, 69, and 8675309 were not on that list of numbers...
That isn't all that different from what we see with some of the IE-only sites today. But one operational problem I think we will get with this comes with the need for special client-side code, and as this is where we see a lot of today's problems with spywares and worms I don't think this is going to win MS many friends.
Also, the customization capabilities of Linux desktops I believe will become an advantage, not a liability, to a company, since this customization is something that the company as opposed to the end-user employee is performing.
The employees will be given a Linux desktop that can be locked down a lot tighter than a Windows desktop installation as long as the latter will require downloaded code to run, in order to implement these vaunted "features".
No joke, this company is for for real. And yes, I do not think they chose that good of a name either. But this is the result of the fusion of several insurance companies, including some with names like "Storebrand" and "Norges Brannkasse" names which reveal the focus on fire insurance (Brann == fire) in a country where most houses are made of wood.
^K-d for "Kommand Done" vs. ":wq!" for "Write and Quit and I really am sure I wanna do that!" This, to me, looks like a draw.
I had to learn vi back in the days of Turbo Pascal 3.x and Wordstar and their famous "diamond" of movement keys, besides arrow keys that did something more useful than putting "escape[A" into the text. And though I found vi rather strange at first, I later got used to its way of working, to the extent of finding a clone that worked on DOS and never looking back. It was nice never having to leave the alphanumeric sections and get confused by hitting Page down instead of Delete.
But the big cinch was the interchanging of Ctrl and Caps lock that took place sometime in the later 80s. Although Caps-Lock is poison for users of vi, the repositioning of the Control key didn't help with the old Wordstar ways either. Though errors tended to be less deleterious than in vi, where "Escape u" usually restored sanity.
It is mostly a matter of mnemonics for either editor, just that those are different.
Congratulations to "JOE" with its version 3 !
What is, is to convince the school bureaucrats, who are the ones making decisions and hold the purse strings, that this is a worthwhile product for their schools. Whatever schoolchildren actually like or don't like, only becomes known to them indirectly via teachers and superintendents, as one of several decision criteria. More important than the logo is if anyone can support it and how much retraining costs.
Does a slightly dishevelled-looking seagull mascot help or hinder the chances for that project? That really depend on the audience. To the extent the seagull character appeals to students, as well as having been drawn by one, it is likely OK for school.
Consider, that as sea birds go, gulls certainly are more controversial than penguins.
This particular seagull character would have been a harder sell to some company even where a seagull might otherwise would appeal, such as subcontractors to the offshore oil industry and fish processing industry. But if the potential customer would be running a city dump or maintain boat canopies, that would not sell, as in these jobs, seagulls tend to be slightly less than welcome.
Red generally means "Stop!" not necessarily "Danger" unless you translate "Stop!" as danger ahead. Which may or may not be accurate. Green could also mean "Danger" depending on your point of view. For example, green for crossing traffic does imply increased danger to a pedestrian.
For RAS callbacks, the user authentication might be good enough to get around the risk of a hijacked connection, and it could otherwise be one of a set of known good numbers.
As for "arbitrary" I was thinking of the process causing a machine to dial to any number whatever, without limitation, as is what the dial-up hijacking programs do when they cause dialing to some expensive service without the user knowing. My suggestion basically is a whitelisting of acceptable numbers to be dialled.
Changing the OS: yes, in some circumstances that is what we all do when installing or updating kernel or utility software. Now, I didn't define what I meant by an OS, but it has two parts, the kernel and the utilities. The kernel part is what should be protected, since it in turn provides the other guards against intrusion and observation.
I don't see any problem with changing or augmenting the utilities, which like all other application programs are dependent on the kernel. You mention Windows Explorer and WinRAR -- these qualify as utilities running in the user-space along with other applications. Or at least it should do so; this boundary is blurred in Windows and that is not a good thing.
A lot of this comes down to the user or owner of the machine being unaware or maybe uncaring about what is going on in the system. Monitoring of an employee by his employer may be OK, monitoring of that employee by a competitor of that employer definitely isn't. The same issue is with remote control and automatic updates, who does it, what does it encompass, and do I (or my employer) know?
I recall having had problems with a particularly draconian virus-guard interfering with software development, since it was set up to believe that the production and changing of executable files was a sign of a rampant virus... Such solutions are not universally useable, clearly. And there is the risk that most everything would get one or more of these warning labels.
Then there is the matter of a captive audience; when downloading a utility or a game, the downloader presumably wants to try out or use this, and will not be deterred by dire warnings. After all, a lot of the worms going around are from people opening E-mail attachments not knowing what these are, how can we expect people to refrain from downloading and installing stuff they actually have found out about and which they want?
This whole debacle underlines a more fundamental flaw: that there is no sharp distinction between operating system software and application software on MS-Windows. The fact that arbitrary non-OS programs are able to modify the operating system they run on, and basically do a number of the activities that Simson Garfinkel made up icons for, indicates that the way it is constructed is wrong. This seems to be further supported by the folklore of Windows needing periodic updates and the common observation that any Windows installation that has been running for a while has become sluggish.
Having said this, let's have a look at where the big problems are and what constitutes the biggest headache? Some of these behaviors are legitimate, but the design of Windows makes it hard to figure out what is or has happened, even in these cases where the OS cannot be blamed.
Hook - The automatic start-up of a program is a legitimate function of an OS. The main problem with Windows is not that this is possible but that the actual mechanism is so obscure -- is it the Startup folder, some autorun script somewhere, some key in the Registry, and if so, where inside there is it?
Dial - This kind of behavior of automatic dialling to arbitrary numbers is never reasonable and could be generally prohibited by the design of the OS itself. Automatic and unattended dialling is reasonable only for dedicated alarm-transmitting hardware. Which by the nature of its application is fairly secure by design anyway, including a pre-set number. This same limitation could be used to advantage on other computers -- have a list of approved numbers which is guarded and relatively difficult to modify, and let the OS be the guardian of this.
Modify the OS -- This is the big no-no. No application (user-land) program should have the rights to modifying the operating system. This boundary should be hard. In fact, this behavior alone opens the gate for all the other vulnerabilities that all in some way or another depend on the rules of the OS being bent to accomodate nasty behavior.
Monitoring Activities -- The big problem here is that this happens with the user unaware. There is nothing the OS itself can do to stop this, other than making it possible to detect this kind of behavior and close the outbound channels. The hard part here is that there is a lot of legitimate outbound traffic, and how can the OS tell the difference?
Pop-up -- Unsolicited messages are generally a bad thing. Again, the OS is helpless to stop running processes doing such annoying things since it cannot tell the difference between a good or bad process already running.
Remote Control -- The problem here is as with monitoring. How can the OS or anyone else determine whether the controlling entity is a friend or a foe? Information about such activity happening when it happens might help, but it may also get in the way of legitimate remote-controlling.
Self-Update -- Related to the remote-control and OS-modification issu
IIRC, some older Compaq-machines had this sort of thing with their BIOS; once the disk went bad on these, that was it. Instant boat-anchor.
Then there is the question of allowing other OSes on there besides or instead of the supplied one... Monopoly and anti-trust issues anyone?
I then tried to change it to a semi-printing style which at least was legible. What finally cleaned my handwriting up was the drafting course in high school and the requirements that we should use "technical font" in the College of Engineering, and that really has served me well since then.
Occasionally in meetings in some non-technical context, I have received praise for my legible handwriting -- and then been selected for the sometimes tedious task of writing down the minutes of that meeting -- so this is a mixed blessing.