Giving you a test after you learned the material would be pointless,
And what, may I ask, is the point of tests? I thought they were an easy way to verify understanding of and ability to do something (when done properly). The student is given a set of problems to solve and either they can do it, showing the steps to support the answer or they have a problem with it. The point is that the teachers don't know if the students understand and can execute the material until the test results are in; if they already knew, it would be pointless.
much as would be giving you any sort of credit for writing programs to solve questions for which you plug in inputs and receive outputs as an answer. In short, it doesn't take a rocket scientist to convert someone's algorithm (the text's or a professor's) into a different form or to repeat it 15-minutes later.
And doing the same type of problem fifty times has merit? That's the alternative I was complaining about. If it's not either of these, then what IS the point?
The purpose of teaching is to verify understanding and recollection for a period of time sufficient to progress in the subject and to solve actual problems.
You can't translate the format of the concept from the textbook or instructor into a program without understanding it. If you can translate it into a totally different form, you understand it. I'm not copying formulas out of the book and plugging the numbers in. The calculator can do that already. I'm talking about stuff like executing synthetic division, factoring polynomials, or generating sequences. There aren't any formulas to copy. These problems operate on a variable number of arguments and have a complex but monotonus set of steps and branches to execute. Sure, the methods are detirminstic, so prime candidates for a computer, but it's hardly cut+paste. Actual problems, like what?
I wouldn't recommend software at all. [...] Come back when they're in college and ask again.
Sounded like a generalization of everyone to me. Who else would "they" be? Instead, you recommend something we call "pencil and paper." You made no caveats that it might not be for everyone, so I took it at the most obvious meaning; that it applies to everyone.
Learning mathematics (and reading music, and a number of other such undertakings) is as much a mechanical skill as an intellectual one and the quickest way to the brain is through the fingers.
You didn't say which parts of learning mathematics you were referring to as mechanical: concepts or execution. By leaving it open, you implied that it was as much of each. You didn't say that the quickest way to the brain for efficient execution is through the fingers. Without narrowing it down, you're implying that it applies to getting anything to the brain.
I'm sorry if I misinterpreted your post, but when you leave out important qualifications, I don't know what you are saying.
Repetition is done for the purpose of facility, which some people develop faster than others.
And when the number crunching role of manual pencil+paper is better executed by a computer? A computer is no replacement for knowing concepts, but it certainly is for repetitive operations. Spending time to improve manual execution speed is a waste of time when I will always have a computer availaible to do it during my job as a programmer.
I've got a HP48GX, an RPN/LISP graphing calculator from HP before they (mostly) nerfed their calculator research devision. I love it; there is no product out there I would trade it for, except maybe an HP49.
I suggest you download EMU48
: a free emulator for HP48 series calculators. You'll need a ROM image (HP allows free distrobution): HP48GX rev R. OSX version of EMU48 It's not as good as the physical unit, but it gives you the right idea.
Not everyone learns the same way. I wasted at least two thirds of my time in high school doing repetitious execution of various concepts, especially math. I can read clearly defined concepts one time, understand and remember them. It's nice that some of the other students have to do it x20 to learn it, but I didn't. To avoid being 'unfair' to the other students, I had to do the same work. Ostensibly, the goal was to get us to lean the concepts so we would do well when tested. I was ready to take the tests the same day as the new topic was presented, but still I was required to waste large quantities of time doing the same thing over and over, far past the point of having learned it. Every time I think of it, I am happier that college does not have the fetid mounds of busywork I was forced to endure in high school. In college, the prof explains the concepts to the class, provides support, suggests homework assignments and expects you to be able to know what you are doing given a test or project. The tests in HS weren't even worth that much; all the points were in the homework to let the kids who couldn't keep up get good grades because they worked. It sent the message of quantity over quality; that the former could make up for the latter.
I have at least 25KB of programs on my HP48 for all of the math techniques we needed to learn in various classes. (No, I didn't use it on tests) Surely if I can program the calculator to take the question in numerical form and produce the output, (and show the required work) I understand the underlying concepts. Isn't the test of understanding being able to explain it? Such as in the form of a program? It took me far less time to write and use those programs than it would have to do the work on paper. I would have learned nothing after about the 3rd problem on paper, but writing programs for them gave me valuable experience in quickly producing usable and reliable programs.
As a student I would have loved to learn how to use Mathematica or similar in HS; it would have been great. Sure, it would have confused some students, but don't lump everyone in with them.
The "pencil and paper" method of having students do the same thing repetitiously (to learn concepts of all things) is a brute-force learning method that does NOT work for everyone.
I think what he meant by "eats mouse events" is simple. Windows is INCREDIBLY inconsistent. In some apps/config panels you must click "apply" BEFORE clicking "OK" or the changes will not take effect. I've had this happen to me MORE than once. The reason lots of windows admins click apply/OK "just to be sure" is because they too have likely wasted 5 minutes figuring out why a fix doesn't work, only to find that it never actually took effect!
Operating system config dialogs? Third-party dialogs are irrelevant. I've never encountered this before: give me an example I can verify. Apply means to apply the changes without closing the window, OK means apply and close and cancel means don't apply and close. All of Microsoft's dialogs behave in this manner.
More to the point; Windows (by default) makes your user account an admin account. True, you WOULDN'T do everything root on *nix, but every single linux distro I've ever installed forces you to create a non-root account on install for just that reason. Not only does Windows NOT do this, but it NEVER extols the demons of running root all the time.
Yes, this is a problem: for users that are too ignorant to know better, for whom I have little sympathy. Microsoft should be more forthcoming about the risks, but isn't. This hardly represents a problem for a network administrator who presumably has control over the computers in the network. As for a *NIX that makes gives root by default: Lindows-- er Linspire.
And you don't disconnect your computers from the network to do a re-install of Windows? You are either:
I do have a NAT, but if I didn't, that's what slipstreaming is for; apply the patches before installation. Copy the patched installation files to the HD or a CD-RW and install from there. If you do a lot of installs, I suggest you maintain a patched \i386 directory on a filesever, boot a BartPE CD on install targets and start the install from there. Extra points for making an unattended installation: pop the CD in, and when the process finishes, everything is done. It may even be possible to boot into Linux from a CD have it copy the install files and setup program.
but there are a good number who do the strange things they do because, from experience, windows responds to these things at times.
Sounds like they give up too easily possibly because it's too much work to understand; a quick fix like restart or reinstall is easier (only in the sort term). Come on, it's software it has to be detirministic on some level.
I use Windows a lot and I admin several computers running it. The operating system makes plenty of sense to me; could you be more specific about what is confusing you? I don't make configuration changes more than once because I didn't expect the first few to take effect, or any of the other silly behavior you described. Windows is as detriministic as the next OS.
The OS eats mouse events
What is this effect you are describing? Mouse events go thru the Win32 subsystem and are posted to the message queue in the thread that owns the window under the cursor. How and when the events are handled depends on the application's thread.
[Windows] behaves differently when program X is running
Each process lives in its own address space. There are ways for them to communicate with each other, but interfere with each other (let alone the OS)? By what method are they doing that? Name some examples of this happening.
it is most often loaded with spyware and adware
I do not have and have never had any viruses, spyware, adware or other malware installed on my systems. It's not that hard to avoid. Running as a non-admin user prevents system infection and most forms of user infection. You wouldn't do everything as root on UNIX, would you?
how is anyone able to get some sort of baseline except for reinstalling all the time (with the computer disconnected from the network).
I have never reinstalled an operating system because it was broken, Windows included. I don't disconnect my computers from the network, either.
What you describe of users who treat the computer as a mystical black box and have infection problems they have can't fix or even know about is caused by ignorance and incompetence, not a specific OS. What makes you think it would be any different on a different OS?
When did I say anything about the OS being broken? It's an easy way to give the user full control over the computer as long as they are sitting in front of it, after which it returns to its standard state.
It's not the only way: giving users non-admin access to the machines is another. Unfortunately, non-admin doesn't let anyone install new programs or run certain badly designed ones correctly. This method gives them root without comprimising the machine for other users.
Either way, as an admin you want to have some protection against gross user incompetence. Windows is perfectly usable and stable if you know what you are doing. There is no time limit and there is no reason that it will just fall apart. Unfortunately, it is somewhat easy for a user to break or infect the machine through igorance, given admin access. Like I said, this probably isn't a good idea for a personal computer but it does work well for a community one.
Note that there is a version of Deep Freeze for Mac OSX also; does this mean that OSX is also "fundamentally flawed"?
I'm going to school at Baker College and at my campus, they've got Deep Freeze on all the computers. You are logged on as admin* and can install whatever you want, but when the computer is restarted it goes back to its original condition. It installs a filter driver that keeps track of all writes to the main disk, logs them and prepares to undo them upon restart. All your documents/files you want to keep are put on removable media (they'll get undone upon restart otherwise). Authorized admins can disable this temporairily to make permanent changes. Turn on a computer and it is in pristene condition; no crap, regardless of what the previous user did. This might not be so good for home use, but for the pre-installed standard lab environment needed for the computers, it works beautifully. I would definately recommend Deep Freeze for any place with requirements like this. Put all the user profiles and documents on a central server, cluster or removable media and make permanent local changes impossible. Viruses on the document storage area should be the only malware left; if you put it on a server, it can be scanned easily.
* It's not quite full admin, as you can't install new services or drivers; they might mess with Deep Freeze.
Try Process Explorer. A property tab lists every service running in a process, among many other things, like every handle and network port opened by a process.
NT confused? First, the bios decides which drive to boot off of; it loads the boot sector and executes it. If NTLDR is at the boot sector, it searches for "boot.ini" on the same volume. It'll see a list of OSes and a line like default= multi(0)disk(0)rdisk(0)partition(1)\WINDOWS The first part is an ARC (Advanced RISC Computing) standard path to find the volume to boot off of. multi is the disk controller; how these are numbered is up to BIOS. disk is for SCSI, rdisk is the drive number on the controller (0 for master, 1 for slave on IDE), and partition is self-explanitory. The \WINDOWS is the path from the volume's root where the OS is installed. This could also be the name of a file to load and execute directly. The volume that it should be booting off of is detirmined first by the BIOS and then explicitly by boot.ini Here's a good link about it.
I'd say that NTLDR's internal implementation is so undocumented that it would be difficult, but possible, to infect with a boot virus. There are easier ways to infect the system, though.
Windows NT 3.1, released in 1993 to match the current version of the other Windows line, had 3 service packs. I think this is the first time it was used, although there may have been some for Microsoft Lan Manager. And I think the updates for 95 were called OSRs.
FYI, when the MS ftp server is up you can still get SP3 for NT3.1 from them, or you can get it here
Structural vulnerabilities? You mean design flaws? Care to name any design flaws in Windows fixed by a patch? Every patch fixes implementation problems.
The design of NT security is excellent; the problems come from not using and implementing it correctly.
Yes, 95 (Windows 4.0), and later of that series, were able to take over IO and video, but could fall back to using DOS and BIOS for these things; enable real-mode compatible disk access and you will use DOS for all disk access, you could use DOS's MSCDEX.EXE for cd-rom access and when the network is told to use a real-mode NDIS or ODI driver, it loads the Microsoft network client for DOS (avoid this-- it's unstable), before 95 proper starts. It also required DOS to load and always kept DOS resident.
NT on the other hand, does not use DOS to load (it uses NTLDR), cannot use DOS for disk access, and cannot use real-mode network drivers. DOS support shares little in common with the original MS-DOS code base, and is completely optional. This also makes it less compatible with old software.
The connection limit is done directly in the TCP/IP protocol driver, tcpip.sys which makes it much harder to remove; you have to patch the binary. Search for "Event ID 4226".
Er, you know that XP is closer to 2003 than 2000 is. Server 2003 is based on XP; they took the XP code base, re-added the 2000 server stuff and made some updates. 2000 is NT 5.0 XP is NT 5.1 2003 is NT 5.2
You will also see a major enhancement to the Sage graphics engine we originally created for Command & Conquer Generals.
I think this is wrong. Emperor: Battle for Dune (also by Westwood) used it first in May of 2001. Either that, or something that looks and behaves exactly the same; same 3d base, same building construction, same camera controls. Why would they create a new engine that works just like the one they already have? Also, the original Dune game was the first to use the engine for C&C Tiberium Dawn and Red Alert.
And "proper statistical studies" show that for every person who joins the PTV, writes the FCC, or writes to his congresscritter, 100 don't because they are too lazy or bored or busy.
Which studies are these? Post links.
So they see 10million complaints and assume(rightly or wrongly) that ~100Million are or could be offended.
A proper study wouldn't use this kind of reasoning. Which accepted statistical method allows this kind of deduction? Since the only people who provide data are the ones making noise, the only conclusion they could draw would be about the vocal public, not the general public. The FCC indecency policy refers to the general public; this is the group for which conclusions must be drawn. Otherwise, the study is invalid because it measures the wrong thing, hence an improper study.
Large, compared to what? 3% is a segment, but I think it would take at least 15% to become a large segment. eln stated that a large segment (3%) of outspoken individuals can represent the entire general public. It can't.
The policy talks what the general public considers indecent. It does not say the loudest members of the general public. In order to support the policy they claim to support, they must go out of their way to find out what the GP wants. Sitting back and listening is easy, but it will produce bad results, as it legitimizes the use of more volume to support a position.
Therefore, if the FCC sees 10 million complaints about one particular thing, they must assume that that the general public sees that one thing as indecent, because such a large segment of the general public is complaining about it.
10 million out of 293 million do not a majority make. It's 3%.
The only way to detirmine what the majority of people want is to 1. poll everyone or 2. conduct a proper statistical study on it.
their EULA states that you can't remove their software via 3rd-party means
What are they going to do about it? Rescind permission to use their software? I think I would have demonstrated that I wanted to stop using it by removing it.
relevant studies universally show this is not true.
Which studies? Links, please. I've yet to see a honest comparison between the design of Linux or UNIX and Windows NT.
Time to market was simply not a factor in the design and implementation of Linux
Sure it was. Linus once said (I wish I could find the quote), as advice to people starting open-source projects, to concentrate on getting things done; that the number one reason for dead projects is that the scope got too grandeous-- everything had to be perfect in version 1, which is impractical. Look at the Hurd: there certainly isn't any pressure to finish that, and it isn't. Linux was originally designed to be a free and open alternative to Minix.
and security was focused on starting at line 1 of the code for the Linux kernel.
Security may have been a goal from the beginning in Linux, but it wasn't the focus; the focus was creating a free alternative to Minix. UNIX, however, was not designed to be secure. It has had security glued on the top. This happened some time ago, so has had plenty of time to become standard, but it hasn't always been this way.
OTOH, Windows NT was designed to be secure from the beginning. There is a single, extensible, Object Manager for all exported kernel objects (these objects cover many more things than UNIX everything-is-a-file) which validates object security, a single token system for identifying authority, domain and stand-alone configurations, secure desktops, memory protection, etc. Win32, compatible with Win16 which not designed to be secure, does not have quite as much granularity as other subsystems, but is still securable with desktop, window station and job objects. Show me one security problem inherent in the design of the NT kernel and system.
If the core issue is truly about Open Source vs proprietary, then there shouldn't be any problems in ReactOS, an open source clone of Windows NT. NT's design, open implementation. And what about the extremely proprietary IBM iSeries mainframes; a standard for stability and security.
Don't become too attached to M$ operating systems.
I'm not: I also run Linux (Debian mostly, to feed my additcion to apt-get). I'd say that the future is too volaitle to predict; I plan to keep my options open.
Windows can (as it currently exists) be functional or moderately secure, but not both.
I have security without sacraficing functionaility. It is not configured to give you both by default, however.
Apple has, notably, built a system you can sit your grandmother in front of and expect reasonable security. Several of the pre-rolled linux distros are just as secure and nearly as easy to use.
Both Apple and Linux have a much better behaved (and smaller) software library that doesn't require root just to run. If all Windows software was as well behaved, used proper MSI packages to install (avail. since at least Office 2000) this wouldn't be such an issue. UNIX users would never tolerate an app that required root to run, so almost none do. The Windows software library, through a process of expected compatibility that is no one's fault, have many apps that expect admin and users that will give it to them. It's a cyclic pattern between OS compatibility and developer expectations that has a lot of momentum and won't be dying anyime soon. Microsoft DOES have several compatibility shims that redirect writes to \program files and \windows to the user's profile, and similar for the registry. But how do you emulate the kernel drivers that some apps expect to be able to install? See safedisk. As for pre-installed apps, I agree to a certain extent, however it does not deal with the apps that require admin just to run. Joe will hear that the new, non-refundable, software that he just bought runs on XP and not FX eventually. He won't care about the technical details.
Also a long-term API change that will hopefully fix some of these things is in motion:.NET on Longhorn. I just hope it lives up to the hype.
When I said that I don't run anti-malware software, I meant regulary, as a standard defense. I ran them once out of curiosity. I just ran them again: no malware found. Then you changed your story: at first you asked how I could be sure without running anti-malware software and then agreed that a kernel takeover would render it useless and not provide assurance.
What would you have me do? Everything about not being sure that my computer is owned applies to all operating systems and all computers. Every OS could be compromised at the compiler level. Do you inspect the disassembly for GCC before you trust it? Where does it end? In order to be 100% completely sure, I would have to inspect every bit on the hard drive, every bit in memory, and know every detail about how the hardware works. There could be a huge government conspiracy to bug all hardware; the only way to be sure this isn't the case is to inspect and understand every circuit in the hardware. This is impractical: I have to settle with something less than that so I can actually do something with the machine.
Since the topic is personal methods of non-infection assurance, how are you sure that your computer isn't infected? At what point do you trust your tools? Did you compile the source yourself? If so, you must have trusted the compiler. Did you make the compiler binary by hand? How can you be sure that your OS doesn't have any unpatched, publicly unknown, exploits that have already let an infection in?
I submit that Windows, when configured properly, is just as secure as any other desktop PC OS, without sacraficing any usability. The article is about vulnerabilities patched long ago, and furthermore blocked by my router. The shell and Internet Explorer, which I do not consider to be terribly secure, do not get the priviliges needed to compromise the system when exposed to the Internet. The kernel and system OTOH, I do consider to be well designed and secure. The current rash of viruses and other malware are given the keys to the front door by the users who run as admin all the time, which I don't do. I'd like to see you name one that can infect a patched machine (the whole system) when run as a normal user. I trust my knowledge and expierence on the platform to tell me if it is infected. A perfect method? No, the prefect method is impractical. I do consider it to be good enough. Why should you believe me? The same reasons that you might believe any claim you cannot verify personally. I posted my views on this last month.
Sorry about maligning your analagy. I unfairly lumped you in with some ugly nudity comparisons made by someone else.
Slashdot Mirror
I'm not copying formulas out of the book and plugging the numbers in. The calculator can do that already. I'm talking about stuff like executing synthetic division, factoring polynomials, or generating sequences. There aren't any formulas to copy. These problems operate on a variable number of arguments and have a complex but monotonus set of steps and branches to execute. Sure, the methods are detirminstic, so prime candidates for a computer, but it's hardly cut+paste.
Actual problems, like what?
You didn't say that the quickest way to the brain for efficient execution is through the fingers. Without narrowing it down, you're implying that it applies to getting anything to the brain.
I'm sorry if I misinterpreted your post, but when you leave out important qualifications, I don't know what you are saying.And when the number crunching role of manual pencil+paper is better executed by a computer?
A computer is no replacement for knowing concepts, but it certainly is for repetitive operations.
Spending time to improve manual execution speed is a waste of time when I will always have a computer availaible to do it during my job as a programmer.
I've got a HP48GX, an RPN/LISP graphing calculator from HP before they (mostly) nerfed their calculator research devision. I love it; there is no product out there I would trade it for, except maybe an HP49.
I suggest you download EMU48 : a free emulator for HP48 series calculators. You'll need a ROM image (HP allows free distrobution): HP48GX rev R.
OSX version of EMU48
It's not as good as the physical unit, but it gives you the right idea.
Not everyone learns the same way. I wasted at least two thirds of my time in high school doing repetitious execution of various concepts, especially math. I can read clearly defined concepts one time, understand and remember them. It's nice that some of the other students have to do it x20 to learn it, but I didn't. To avoid being 'unfair' to the other students, I had to do the same work. Ostensibly, the goal was to get us to lean the concepts so we would do well when tested. I was ready to take the tests the same day as the new topic was presented, but still I was required to waste large quantities of time doing the same thing over and over, far past the point of having learned it. Every time I think of it, I am happier that college does not have the fetid mounds of busywork I was forced to endure in high school. In college, the prof explains the concepts to the class, provides support, suggests homework assignments and expects you to be able to know what you are doing given a test or project. The tests in HS weren't even worth that much; all the points were in the homework to let the kids who couldn't keep up get good grades because they worked. It sent the message of quantity over quality; that the former could make up for the latter.
I have at least 25KB of programs on my HP48 for all of the math techniques we needed to learn in various classes. (No, I didn't use it on tests) Surely if I can program the calculator to take the question in numerical form and produce the output, (and show the required work) I understand the underlying concepts. Isn't the test of understanding being able to explain it? Such as in the form of a program? It took me far less time to write and use those programs than it would have to do the work on paper. I would have learned nothing after about the 3rd problem on paper, but writing programs for them gave me valuable experience in quickly producing usable and reliable programs.
As a student I would have loved to learn how to use Mathematica or similar in HS; it would have been great. Sure, it would have confused some students, but don't lump everyone in with them.
The "pencil and paper" method of having students do the same thing repetitiously (to learn concepts of all things) is a brute-force learning method that does NOT work for everyone.
If you do a lot of installs, I suggest you maintain a patched \i386 directory on a filesever, boot a BartPE CD on install targets and start the install from there. Extra points for making an unattended installation: pop the CD in, and when the process finishes, everything is done.
It may even be possible to boot into Linux from a CD have it copy the install files and setup program.Sounds like they give up too easily possibly because it's too much work to understand; a quick fix like restart or reinstall is easier (only in the sort term). Come on, it's software it has to be detirministic on some level.
I don't make configuration changes more than once because I didn't expect the first few to take effect, or any of the other silly behavior you described. Windows is as detriministic as the next OS.What is this effect you are describing? Mouse events go thru the Win32 subsystem and are posted to the message queue in the thread that owns the window under the cursor. How and when the events are handled depends on the application's thread.Each process lives in its own address space. There are ways for them to communicate with each other, but interfere with each other (let alone the OS)? By what method are they doing that? Name some examples of this happening.I do not have and have never had any viruses, spyware, adware or other malware installed on my systems. It's not that hard to avoid. Running as a non-admin user prevents system infection and most forms of user infection. You wouldn't do everything as root on UNIX, would you?I have never reinstalled an operating system because it was broken, Windows included. I don't disconnect my computers from the network, either.
What you describe of users who treat the computer as a mystical black box and have infection problems they have can't fix or even know about is caused by ignorance and incompetence, not a specific OS. What makes you think it would be any different on a different OS?
When did I say anything about the OS being broken? It's an easy way to give the user full control over the computer as long as they are sitting in front of it, after which it returns to its standard state.
It's not the only way: giving users non-admin access to the machines is another. Unfortunately, non-admin doesn't let anyone install new programs or run certain badly designed ones correctly. This method gives them root without comprimising the machine for other users.
Either way, as an admin you want to have some protection against gross user incompetence. Windows is perfectly usable and stable if you know what you are doing. There is no time limit and there is no reason that it will just fall apart. Unfortunately, it is somewhat easy for a user to break or infect the machine through igorance, given admin access. Like I said, this probably isn't a good idea for a personal computer but it does work well for a community one.
Note that there is a version of Deep Freeze for Mac OSX also; does this mean that OSX is also "fundamentally flawed"?
I'm going to school at Baker College and at my campus, they've got Deep Freeze on all the computers. You are logged on as admin* and can install whatever you want, but when the computer is restarted it goes back to its original condition. It installs a filter driver that keeps track of all writes to the main disk, logs them and prepares to undo them upon restart. All your documents/files you want to keep are put on removable media (they'll get undone upon restart otherwise). Authorized admins can disable this temporairily to make permanent changes. Turn on a computer and it is in pristene condition; no crap, regardless of what the previous user did. This might not be so good for home use, but for the pre-installed standard lab environment needed for the computers, it works beautifully.
I would definately recommend Deep Freeze for any place with requirements like this. Put all the user profiles and documents on a central server, cluster or removable media and make permanent local changes impossible.
Viruses on the document storage area should be the only malware left; if you put it on a server, it can be scanned easily.
* It's not quite full admin, as you can't install new services or drivers; they might mess with Deep Freeze.
Try Process Explorer. A property tab lists every service running in a process, among many other things, like every handle and network port opened by a process.
NT confused? First, the bios decides which drive to boot off of; it loads the boot sector and executes it. If NTLDR is at the boot sector, it searches for "boot.ini" on the same volume. It'll see a list of OSes and a line like
default= multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
The first part is an ARC (Advanced RISC Computing) standard path to find the volume to boot off of. multi is the disk controller; how these are numbered is up to BIOS.
disk is for SCSI, rdisk is the drive number on the controller (0 for master, 1 for slave on IDE), and partition is self-explanitory.
The \WINDOWS is the path from the volume's root where the OS is installed. This could also be the name of a file to load and execute directly.
The volume that it should be booting off of is detirmined first by the BIOS and then explicitly by boot.ini
Here's a good link about it.
I'd say that NTLDR's internal implementation is so undocumented that it would be difficult, but possible, to infect with a boot virus. There are easier ways to infect the system, though.
Windows NT 3.1, released in 1993 to match the current version of the other Windows line, had 3 service packs. I think this is the first time it was used, although there may have been some for Microsoft Lan Manager. And I think the updates for 95 were called OSRs.
FYI, when the MS ftp server is up you can still get SP3 for NT3.1 from them, or you can get it here
Structural vulnerabilities? You mean design flaws? Care to name any design flaws in Windows fixed by a patch? Every patch fixes implementation problems.
The design of NT security is excellent; the problems come from not using and implementing it correctly.
Never heard of slipstreaming, eh? Install the patches before you install the OS.
You can also export registry hives and user profiles so you don't have to input those customizations manually for every install.
Yes, 95 (Windows 4.0), and later of that series, were able to take over IO and video, but could fall back to using DOS and BIOS for these things; enable real-mode compatible disk access and you will use DOS for all disk access, you could use DOS's MSCDEX.EXE for cd-rom access and when the network is told to use a real-mode NDIS or ODI driver, it loads the Microsoft network client for DOS (avoid this-- it's unstable), before 95 proper starts. It also required DOS to load and always kept DOS resident.
NT on the other hand, does not use DOS to load (it uses NTLDR), cannot use DOS for disk access, and cannot use real-mode network drivers. DOS support shares little in common with the original MS-DOS code base, and is completely optional. This also makes it less compatible with old software.
The connection limit is done directly in the TCP/IP protocol driver, tcpip.sys which makes it much harder to remove; you have to patch the binary.
Search for "Event ID 4226".
Er, you know that XP is closer to 2003 than 2000 is. Server 2003 is based on XP; they took the XP code base, re-added the 2000 server stuff and made some updates.
2000 is NT 5.0
XP is NT 5.1
2003 is NT 5.2
Also, the original Dune game was the first to use the engine for C&C Tiberium Dawn and Red Alert.
Since the only people who provide data are the ones making noise, the only conclusion they could draw would be about the vocal public, not the general public. The FCC indecency policy refers to the general public; this is the group for which conclusions must be drawn. Otherwise, the study is invalid because it measures the wrong thing, hence an improper study.
Large, compared to what? 3% is a segment, but I think it would take at least 15% to become a large segment. eln stated that a large segment (3%) of outspoken individuals can represent the entire general public. It can't.
The policy talks what the general public considers indecent. It does not say the loudest members of the general public. In order to support the policy they claim to support, they must go out of their way to find out what the GP wants.
Sitting back and listening is easy, but it will produce bad results, as it legitimizes the use of more volume to support a position.
The only way to detirmine what the majority of people want is to 1. poll everyone or 2. conduct a proper statistical study on it.
OTOH, Windows NT was designed to be secure from the beginning. There is a single, extensible, Object Manager for all exported kernel objects (these objects cover many more things than UNIX everything-is-a-file) which validates object security, a single token system for identifying authority, domain and stand-alone configurations, secure desktops, memory protection, etc. Win32, compatible with Win16 which not designed to be secure, does not have quite as much granularity as other subsystems, but is still securable with desktop, window station and job objects. Show me one security problem inherent in the design of the NT kernel and system.
If the core issue is truly about Open Source vs proprietary, then there shouldn't be any problems in ReactOS, an open source clone of Windows NT. NT's design, open implementation.
And what about the extremely proprietary IBM iSeries mainframes; a standard for stability and security.I'm not: I also run Linux (Debian mostly, to feed my additcion to apt-get). I'd say that the future is too volaitle to predict; I plan to keep my options open.
Microsoft DOES have several compatibility shims that redirect writes to \program files and \windows to the user's profile, and similar for the registry. But how do you emulate the kernel drivers that some apps expect to be able to install? See safedisk.
As for pre-installed apps, I agree to a certain extent, however it does not deal with the apps that require admin just to run. Joe will hear that the new, non-refundable, software that he just bought runs on XP and not FX eventually. He won't care about the technical details.
Also a long-term API change that will hopefully fix some of these things is in motion:
When I said that I don't run anti-malware software, I meant regulary, as a standard defense. I ran them once out of curiosity. I just ran them again: no malware found.
Then you changed your story: at first you asked how I could be sure without running anti-malware software and then agreed that a kernel takeover would render it useless and not provide assurance.
What would you have me do? Everything about not being sure that my computer is owned applies to all operating systems and all computers. Every OS could be compromised at the compiler level. Do you inspect the disassembly for GCC before you trust it? Where does it end? In order to be 100% completely sure, I would have to inspect every bit on the hard drive, every bit in memory, and know every detail about how the hardware works. There could be a huge government conspiracy to bug all hardware; the only way to be sure this isn't the case is to inspect and understand every circuit in the hardware. This is impractical: I have to settle with something less than that so I can actually do something with the machine.
Since the topic is personal methods of non-infection assurance, how are you sure that your computer isn't infected? At what point do you trust your tools? Did you compile the source yourself? If so, you must have trusted the compiler. Did you make the compiler binary by hand? How can you be sure that your OS doesn't have any unpatched, publicly unknown, exploits that have already let an infection in?
I submit that Windows, when configured properly, is just as secure as any other desktop PC OS, without sacraficing any usability. The article is about vulnerabilities patched long ago, and furthermore blocked by my router. The shell and Internet Explorer, which I do not consider to be terribly secure, do not get the priviliges needed to compromise the system when exposed to the Internet. The kernel and system OTOH, I do consider to be well designed and secure.
The current rash of viruses and other malware are given the keys to the front door by the users who run as admin all the time, which I don't do. I'd like to see you name one that can infect a patched machine (the whole system) when run as a normal user.
I trust my knowledge and expierence on the platform to tell me if it is infected. A perfect method? No, the prefect method is impractical. I do consider it to be good enough.
Why should you believe me? The same reasons that you might believe any claim you cannot verify personally. I posted my views on this last month.
Sorry about maligning your analagy. I unfairly lumped you in with some ugly nudity comparisons made by someone else.