I think you're referring to XP SP2, which many people still are not using. Anyway, Windows XP still allows full administrator login through the GUI. That's a failing from the start, IMHO. If you need to use a GUI, then you shouldn't be administrating anything.
Meanwhile, as long as there is any kind of "compatibility mode" for running these broken apps at all, the issues will persist.
If Longhorn manages completely to separate administrator and user modes, then it stands a chance of being secure -- but then it will break so many old applications in one go, that users might as well cut their losses and go with an alternative OS -- maybe one that doesn't cost so much and doesn't have the potential for vendor lock-in. There's a market ripe and ready for anyone to base a solution on FreeBSD.....
The various BSD flavours support raw sockets. So does Solaris, and even Linux for that matter.
The difference with the Unix-like systems is that ordinary users don't get to poke about with dangerous stuff.
The real point is that Windows software has for too long depended on the assumption that the user has full unfettered access to every resource on the computer -- an assumption which had to cease to be true when Windows became network-aware, because in a networked environment some things are properly restricted. Yet for the best part of ten years, Windows continued to run without privilege separation; and application programmers took advantage of that, creating code which turned out to be fundamentally broken.
Face it, the bathwater is minging and the baby is dead -- there is nothing worth saving in the whole sorry mess. Whether bad water killed the baby, the dead baby made the water worse, or the two are unconnected, isn't really important right now. What is important is to get rid of them both, scrub out the bathtub and start again.
Of course, if you're going to switch to a new version of Windows -- which would have to be totally incompatible with all that sloppily-written software needing root access for no good reason -- then that would be about as big a change as switching to some other operating system. That must worry Microsoft.....
You are conveniently forgetting one important thing: Good Guys outnumber Bad Guys. This means that if anybody finds an exploit, it's statistically more likely that the finder is a Good Guy than a Bad Guy.
If you're a Good Guy and you find an exploit in an Open Source product, you can fix it -- or at least draw someone's attention to it, and it will get fixed. If you're a Bad Guy and you find an exploit in an Open Source product, there's a good chance that some Good Guy has already found it and set the machinery in motion -- just because there are more Good Guys than Bad Guys.
If you're a Good Guy and you find an exploit in a Closed Source product, TTs to you. You could inform the vendor, but there's not much chance they'll do anything about it. Rather, there's a good chance that you'll be tret like a criminal. Closed Source programmers are basically cowards, after all: they aren't prepared to shove their product right in the world's face with a cry of "Look what I did!" in case anyone laughs at them. And if you do laugh at them, they tend to get mad and blame you for discovering their weakness. If you're a Bad Guy and you find an exploit in an Open Source product, you keep quiet about it for a bit..... then you use it.
Anyway, if a vulnerability has been discovered and fixed -- and, let's face it, the Open Source Community usually has a fix ready in a matter of hours -- it's no big deal.
No, because I know that what they are talking about in the second link {the first didn't work} is impossible. Digital watermarking can be removed, and to do so is not difficult once you understand the file format being used. This is not a limitation of present technology, but a limitation of the universe. I suggest you learn some mathematics before you go spouting other people's fantasies as truth. Oh, and log in.
Note that you'll be fine if you have a Diesel-engined car with a mechanical fuel pump {e.g. older Fords and Peugeots}. These will run quite happily on cooking oil.
Bear in mind that Debian contains almost the whole of Open Source: accounting for all 12 architectures, there are something like 100 000 packages in Debian.
My suggestion would be to ditch binary package support for all except i386 and PPC architectures and life-or-death security updates to other architectures. The newer 64-bit architectures are more than fast enough to deal with compiling everything from source; and, as long as those source packages actually do compile eventually on the more esoteric architectures, it's not really a problem -- if you're running a weirdy machine, you probably can wait a little longer. Binary packages would only really be necessary in cases when there literally was not enough time to compile the patched version without running a serious risk of getting compromised.
That's why I said be sure you can de-power the display. I think on some machines, plugging in the AV cables does this automatically.
For the price they cost now, it's almost viable just to buy one and modify it. Rip the light bulb out {it's actually a cold cathode tube: put a big resistance in series and it'll light from the mains}, cut a window behind the screen, glue in a piece of plastic cut from an old CD box, and presto: a portable MP3/CD/DVD player with a daylight-powered display.
There is a DRM alternative in the way of an inaudible signature key inside a waveform.
There is however one slight flaw in this plan: It's bollocks.
Your scheme is a variant on the old "Have something on the disc that a legitimate user can read but a pirate can't" chestnut that gets trotted out from time to time. I hope you can understand why it could never work.
Inaudible watermarking is trivial to defeat -- lossy compression by definition doesn't preserve anything that is inaudible. And de-compression techniques are published, otherwise nobody would know how to make players; so it would be easy to strip the watermarking from the file.
You do have the right, but it's deeply buried in the law and not spelt out. Nobody has ever been taken to court for taping LPs at home, and they would never be sent down for it if they were. Basically, UK copyright law states that if the making of a copy is unavoidable in the exercise of your fair dealing rights {e.g. you have to make a copy of a CD or LP on tape to listen in a car with only a cassette player -- which you have a right to do as long as you own the CD/LP} then you aren't infringing copyright just by doing that.
I personally am holding out for a portable music player that reads.mp3 on DVD media
Have you tried a portable DVD player? Most of them are multi-region and multi-format, can play DVD, VCD, MP3 music and JPG photos from CD and DVD. Some can also play DivX. Be sure to choose one that allows you to de-power the display, to save precious milliamp-hours.
By the way, the singular of "virii" would be "virius". "Virus" doesn't have an "I" before the "U", so if you were going to {doubly incorrectly in this case: for one, when a foreign word imported into English acquires a new meaning, when it is used in the new sense it is pluralised according to English rules; and for another, "virus" is a stuff-word, not a thing-word, and so doesn't even have a plural form} follow Latin-style pluralisation rules, its plural would be "viri" with one I.
Trend Micro make a product called PC-Cillin. What I have always wondered is, why on earth would anyone use an anti-virus tool named after a drug which is famous for not working against viruses?
Somebody committed Criminal Damage if they did something that deliberately caused a HD-DVD player you owned to stop working. I'd call the Old Bill if I were you.
If I ever bought -- with my own money, earned by my own hard graft -- a DVD that had adverts on the beginning that refused to skip, I would take it right back to the store and demand a refund. If I press the fast-forward button, I expect my DVD recorder to honour that. I can fast-forward through the adverts on my home-made recordings {when I didn't sit through the show just pausing them out} and I expect to be able to fast-forward through adverts on other people's recordings, too. I do not see anything unreasonable about this expectation.
If the player doesn't fast-forward when you press the fast-forward button, then something is obviously broken. If changing the batteries in the remote causes it to fast-forward when you press the fast-forward button, then that to my mind proves the batteries were faulty. So if you have to change the DVD to make the player fast-forward when you press the fast-forward button, I'd say it's the disc itself that is faulty.
I think everyone should start demanding refunds on broken DVDs that don't fast-forward properly, and/or on broken DVD players with fast-forward buttons that don't work -- and threatening to sue for time wasted watching unskippable content. After all, our time is worth money, yes?
And what's wrong with Silverdale? I'll have you know both my parents were born in Jamland. Even if there was only one power line into the village, and so the mains voltage went down at predictable times {kettles going on for cups of tea, water heaters coming on, and so forth} -- it just made the TV picture shrink a bit.
The simple truth is, "pay per click" is a broken business model. Since even early versions of Mozilla, it's been riduculously easy just to click on an advert, and open it in a new tab in the background where you don't have to pay it any attention -- just close the tab when the bar gets too full to be readable.
You can try to track visitors with cookies, but the savvy ones empty the cookie jar once in awhile {and Firefox even allows you to "pretend" to accept cookies, but ditch them at the end of the session}. As you've every right to do: after all, it's your browser, and you -- not the content provider -- have the right to decide what you see.
Anyway, the public no longer wish to be bombarded with advertisements. In my case, seeing an advert actually makes me more likely to choose an alternative where I know my money is not going to be wasted on advertising. Here's a clue for all advertisers: When I wish to buy your tat, I will contact you. If I have not contacted you, it is because I do not wish to buy anything from you. Get it?
As well as file permissions similar to {but not quite the same as -- there were four user levels including system, and four operations including delete} those on Unix, VAX/VMS had Access Control Lists {ACLs} for privilege separation, allowing you to specify exactly who could access what resource, when, and where from. ACLs gave the administrator an amazing level of control.
They also saw about as much "real life" use as a pay toilet in a forest.
The Unix security model works because it's simple. It's good enough, for enough of the time.
If you really want the Apache user to have access to port 80, just recompile your kernel. {I'm taking it on faith that you know how to do that, because of what you've said. You couldn't have formed that opinion independently without compiling a kernel at least once in your life.}
I've heard this argument..... that Word is so powerful..... but every time I come close to believing it, I find evidence of a document with about fifteen different fonts in it, formatted using spaces, and a manually-entered table of contents.
I just think some people can't handle anything more complicated than a fountain pen.....
{and I write perl scripts to interface with mySQL databases for mail merging, because I can do that.}
Of course not. If.DOC was really a standard, then Office XP would be able to open Office 97 and earlier documents..... even Word for DOS documents. But that would mean that some people would be able to get away with not upgrading often enough for Microsoft! What I mean is, that Word XP.DOC is a standard, Word 2000.DOC is another standard, Word 97 is a different standard, and so forth.
It's all about locking customers into a never-ending upgrade cycle. When one of your contacts upgrades to Word XP {perhaps because their whole computer was replaced..... with one that happened to come with all new software}, then you, as a Word 97 user, have no choice but to upgrade..... even if you don't need any of the new features in Word XP..... there is one feature you do need, and that's the ability to open a Word XP document.
Microsoft would never knowingly supply the schema to any territory where the NDA part of their licence was legally unenforcible. Once an Open Source document format translator cropped up, it would be impossible to ban it -- and if it were dedicated to the Public Domain, nobody need ever take responsibility for it. But the only way it could ever happen would be for somebody, somewhere to breach a Microsoft NDA -- and then there would be a figure to blame.
Of course, we could get Ballmer or some other high-up Microsoft bod really, really pissed and hope he might blurt something out.....
If MS Word could import and export.SXW files natively, there would be no need for MS Word in the first place. It's only the fact that Word -- and nothing else -- can read.DOC files properly, that keeps Microsoft selling it. If Word could import and export.SXW files, an organisation could keep just one PC with a copy of Windows and Office {plus OO.o export}, all the rest using OpenOffice.org, and use just this one machine for translating legacy documents.
Now, MS Word has a macro language -- a bastardised dialect of BASIC -- and a document object model {though not quite like the W3C ECMAscript one} that allows the canny programmer access to every feature of a document. And the code to synthesise and analyse SXW files is open source. It ought to be very possible for some third party to write a Microsoft Word plugin to do absolutely seamless import and export of OO.o.SXW files.....
If I had a copy of Windows and a copy of Office, I'd be having a go myself. As it is, I got clean three years ago and don't intend to relapse anytime soon. Someone else can have the glory.
The issue is that governments are generally clueless about IT. Come to think of it, governments tend to be clueless, full stop.
The solution is to ban proprietary document formats -- or render them unworkable in practice, perhaps by enshrining in law any interested party's right to carry out reverse-engineering for the purpose of creating interoperable software.
Only if you are going to modify the document, then distribute it outside your organisation; and even then, you might have to modify the actual font. Otherwise, embedding a font into a document -- provided it is done in such a way that the complete font can be recovered for use in other documents -- would be considered "mere aggregation". At any rate, a document is not generally considered to be a derived work of a font.
I think you're referring to XP SP2, which many people still are not using. Anyway, Windows XP still allows full administrator login through the GUI. That's a failing from the start, IMHO. If you need to use a GUI, then you shouldn't be administrating anything.
.....
Meanwhile, as long as there is any kind of "compatibility mode" for running these broken apps at all, the issues will persist.
If Longhorn manages completely to separate administrator and user modes, then it stands a chance of being secure -- but then it will break so many old applications in one go, that users might as well cut their losses and go with an alternative OS -- maybe one that doesn't cost so much and doesn't have the potential for vendor lock-in. There's a market ripe and ready for anyone to base a solution on FreeBSD
The various BSD flavours support raw sockets. So does Solaris, and even Linux for that matter.
.....
The difference with the Unix-like systems is that ordinary users don't get to poke about with dangerous stuff.
The real point is that Windows software has for too long depended on the assumption that the user has full unfettered access to every resource on the computer -- an assumption which had to cease to be true when Windows became network-aware, because in a networked environment some things are properly restricted. Yet for the best part of ten years, Windows continued to run without privilege separation; and application programmers took advantage of that, creating code which turned out to be fundamentally broken.
Face it, the bathwater is minging and the baby is dead -- there is nothing worth saving in the whole sorry mess. Whether bad water killed the baby, the dead baby made the water worse, or the two are unconnected, isn't really important right now. What is important is to get rid of them both, scrub out the bathtub and start again.
Of course, if you're going to switch to a new version of Windows -- which would have to be totally incompatible with all that sloppily-written software needing root access for no good reason -- then that would be about as big a change as switching to some other operating system. That must worry Microsoft
You are conveniently forgetting one important thing: Good Guys outnumber Bad Guys. This means that if anybody finds an exploit, it's statistically more likely that the finder is a Good Guy than a Bad Guy.
..... then you use it.
If you're a Good Guy and you find an exploit in an Open Source product, you can fix it -- or at least draw someone's attention to it, and it will get fixed. If you're a Bad Guy and you find an exploit in an Open Source product, there's a good chance that some Good Guy has already found it and set the machinery in motion -- just because there are more Good Guys than Bad Guys.
If you're a Good Guy and you find an exploit in a Closed Source product, TTs to you. You could inform the vendor, but there's not much chance they'll do anything about it. Rather, there's a good chance that you'll be tret like a criminal. Closed Source programmers are basically cowards, after all: they aren't prepared to shove their product right in the world's face with a cry of "Look what I did!" in case anyone laughs at them. And if you do laugh at them, they tend to get mad and blame you for discovering their weakness. If you're a Bad Guy and you find an exploit in an Open Source product, you keep quiet about it for a bit
Anyway, if a vulnerability has been discovered and fixed -- and, let's face it, the Open Source Community usually has a fix ready in a matter of hours -- it's no big deal.
No, because I know that what they are talking about in the second link {the first didn't work} is impossible. Digital watermarking can be removed, and to do so is not difficult once you understand the file format being used. This is not a limitation of present technology, but a limitation of the universe. I suggest you learn some mathematics before you go spouting other people's fantasies as truth. Oh, and log in.
Note that you'll be fine if you have a Diesel-engined car with a mechanical fuel pump {e.g. older Fords and Peugeots}. These will run quite happily on cooking oil.
Bear in mind that Debian contains almost the whole of Open Source: accounting for all 12 architectures, there are something like 100 000 packages in Debian.
My suggestion would be to ditch binary package support for all except i386 and PPC architectures and life-or-death security updates to other architectures. The newer 64-bit architectures are more than fast enough to deal with compiling everything from source; and, as long as those source packages actually do compile eventually on the more esoteric architectures, it's not really a problem -- if you're running a weirdy machine, you probably can wait a little longer. Binary packages would only really be necessary in cases when there literally was not enough time to compile the patched version without running a serious risk of getting compromised.
That's why I said be sure you can de-power the display. I think on some machines, plugging in the AV cables does this automatically.
For the price they cost now, it's almost viable just to buy one and modify it. Rip the light bulb out {it's actually a cold cathode tube: put a big resistance in series and it'll light from the mains}, cut a window behind the screen, glue in a piece of plastic cut from an old CD box, and presto: a portable MP3/CD/DVD player with a daylight-powered display.
Your scheme is a variant on the old "Have something on the disc that a legitimate user can read but a pirate can't" chestnut that gets trotted out from time to time. I hope you can understand why it could never work.
Inaudible watermarking is trivial to defeat -- lossy compression by definition doesn't preserve anything that is inaudible. And de-compression techniques are published, otherwise nobody would know how to make players; so it would be easy to strip the watermarking from the file.
You do have the right, but it's deeply buried in the law and not spelt out. Nobody has ever been taken to court for taping LPs at home, and they would never be sent down for it if they were. Basically, UK copyright law states that if the making of a copy is unavoidable in the exercise of your fair dealing rights {e.g. you have to make a copy of a CD or LP on tape to listen in a car with only a cassette player -- which you have a right to do as long as you own the CD/LP} then you aren't infringing copyright just by doing that.
That's exactly what I meant.
By the way, the singular of "virii" would be "virius". "Virus" doesn't have an "I" before the "U", so if you were going to {doubly incorrectly in this case: for one, when a foreign word imported into English acquires a new meaning, when it is used in the new sense it is pluralised according to English rules; and for another, "virus" is a stuff-word, not a thing-word, and so doesn't even have a plural form} follow Latin-style pluralisation rules, its plural would be "viri" with one I.
Trend Micro make a product called PC-Cillin. What I have always wondered is, why on earth would anyone use an anti-virus tool named after a drug which is famous for not working against viruses?
Sale of Goods Act 1976. Goods not fit for purpose. Entitled to a cash refund.
Somebody committed Criminal Damage if they did something that deliberately caused a HD-DVD player you owned to stop working. I'd call the Old Bill if I were you.
If I ever bought -- with my own money, earned by my own hard graft -- a DVD that had adverts on the beginning that refused to skip, I would take it right back to the store and demand a refund. If I press the fast-forward button, I expect my DVD recorder to honour that. I can fast-forward through the adverts on my home-made recordings {when I didn't sit through the show just pausing them out} and I expect to be able to fast-forward through adverts on other people's recordings, too. I do not see anything unreasonable about this expectation.
If the player doesn't fast-forward when you press the fast-forward button, then something is obviously broken. If changing the batteries in the remote causes it to fast-forward when you press the fast-forward button, then that to my mind proves the batteries were faulty. So if you have to change the DVD to make the player fast-forward when you press the fast-forward button, I'd say it's the disc itself that is faulty.
I think everyone should start demanding refunds on broken DVDs that don't fast-forward properly, and/or on broken DVD players with fast-forward buttons that don't work -- and threatening to sue for time wasted watching unskippable content. After all, our time is worth money, yes?
And what's wrong with Silverdale? I'll have you know both my parents were born in Jamland. Even if there was only one power line into the village, and so the mains voltage went down at predictable times {kettles going on for cups of tea, water heaters coming on, and so forth} -- it just made the TV picture shrink a bit.
How do I set it to show distances in km?
The simple truth is, "pay per click" is a broken business model. Since even early versions of Mozilla, it's been riduculously easy just to click on an advert, and open it in a new tab in the background where you don't have to pay it any attention -- just close the tab when the bar gets too full to be readable.
You can try to track visitors with cookies, but the savvy ones empty the cookie jar once in awhile {and Firefox even allows you to "pretend" to accept cookies, but ditch them at the end of the session}. As you've every right to do: after all, it's your browser, and you -- not the content provider -- have the right to decide what you see.
Anyway, the public no longer wish to be bombarded with advertisements. In my case, seeing an advert actually makes me more likely to choose an alternative where I know my money is not going to be wasted on advertising. Here's a clue for all advertisers: When I wish to buy your tat, I will contact you. If I have not contacted you, it is because I do not wish to buy anything from you. Get it?
As well as file permissions similar to {but not quite the same as -- there were four user levels including system, and four operations including delete} those on Unix, VAX/VMS had Access Control Lists {ACLs} for privilege separation, allowing you to specify exactly who could access what resource, when, and where from. ACLs gave the administrator an amazing level of control.
They also saw about as much "real life" use as a pay toilet in a forest.
The Unix security model works because it's simple. It's good enough, for enough of the time.
If you really want the Apache user to have access to port 80, just recompile your kernel. {I'm taking it on faith that you know how to do that, because of what you've said. You couldn't have formed that opinion independently without compiling a kernel at least once in your life.}
I've heard this argument ..... that Word is so powerful ..... but every time I come close to believing it, I find evidence of a document with about fifteen different fonts in it, formatted using spaces, and a manually-entered table of contents.
.....
I just think some people can't handle anything more complicated than a fountain pen
{and I write perl scripts to interface with mySQL databases for mail merging, because I can do that.}
Of course not. If .DOC was really a standard, then Office XP would be able to open Office 97 and earlier documents ..... even Word for DOS documents. But that would mean that some people would be able to get away with not upgrading often enough for Microsoft! What I mean is, that Word XP .DOC is a standard, Word 2000 .DOC is another standard, Word 97 is a different standard, and so forth.
..... with one that happened to come with all new software}, then you, as a Word 97 user, have no choice but to upgrade ..... even if you don't need any of the new features in Word XP ..... there is one feature you do need, and that's the ability to open a Word XP document.
It's all about locking customers into a never-ending upgrade cycle. When one of your contacts upgrades to Word XP {perhaps because their whole computer was replaced
No, they couldn't, because yes, it would.
.....
Microsoft would never knowingly supply the schema to any territory where the NDA part of their licence was legally unenforcible. Once an Open Source document format translator cropped up, it would be impossible to ban it -- and if it were dedicated to the Public Domain, nobody need ever take responsibility for it. But the only way it could ever happen would be for somebody, somewhere to breach a Microsoft NDA -- and then there would be a figure to blame.
Of course, we could get Ballmer or some other high-up Microsoft bod really, really pissed and hope he might blurt something out
If MS Word could import and export .SXW files natively, there would be no need for MS Word in the first place. It's only the fact that Word -- and nothing else -- can read .DOC files properly, that keeps Microsoft selling it. If Word could import and export .SXW files, an organisation could keep just one PC with a copy of Windows and Office {plus OO.o export}, all the rest using OpenOffice.org, and use just this one machine for translating legacy documents.
.SXW files .....
Now, MS Word has a macro language -- a bastardised dialect of BASIC -- and a document object model {though not quite like the W3C ECMAscript one} that allows the canny programmer access to every feature of a document. And the code to synthesise and analyse SXW files is open source. It ought to be very possible for some third party to write a Microsoft Word plugin to do absolutely seamless import and export of OO.o
If I had a copy of Windows and a copy of Office, I'd be having a go myself. As it is, I got clean three years ago and don't intend to relapse anytime soon. Someone else can have the glory.
The issue is that governments are generally clueless about IT. Come to think of it, governments tend to be clueless, full stop.
The solution is to ban proprietary document formats -- or render them unworkable in practice, perhaps by enshrining in law any interested party's right to carry out reverse-engineering for the purpose of creating interoperable software.
Only if you are going to modify the document, then distribute it outside your organisation; and even then, you might have to modify the actual font. Otherwise, embedding a font into a document -- provided it is done in such a way that the complete font can be recovered for use in other documents -- would be considered "mere aggregation". At any rate, a document is not generally considered to be a derived work of a font.