I didn't make a snide remark. I pointed out that windows maintains a pool of zeroed ram, and will constantly fill it when it's able to.
Windows will allocate from that pool first, and then top it back up when it hits a threshold of low free memory from supercache. It then has the luxury of handling this in the background, so you're not waiting for the system to zero memory out, unless you somehow manage to totally max out the memory you've got in use. It's at this point when you've got bigger problems, like the fact that the disk will probably become your bottleneck, not the speed at which you can zero out ram.
I didn't miss your point, I'm suggesting that you're not thinking like an operating system designer, and saying "how can i shorten the critical path of giving a process the memory it requests?" The answer is: Pre-zero memory, and fill the zeroed pool from the cache as needed when you get low. There's no "wait" for zeroed out memory, at this point.
You might want to grab a copy of Process Explorer sometime, and look at the stats it reports. you'll notice that windows actually spends idle time pre-zeroing ram, so that this is already done, in more than enough amounts. If your system is slammed, i could see having to pre-zero the pages, just before use, however, but it's not like it's not something that couldn't be done while waiting for other I/O operations to complete (since your system is slammed anyway:) )
My laptop currently has 2.8 million pages zeroed atm (it has 8gb, and I don't have much running right now, so there's not a lot to cache.)
This is actually a feature, as other posters have pointed out. It's called Internet explorer Enhanced Security or somesuch. You can disable it as a feature in Win2k8/Win2k3 via various means if you really want to use win2k8 as a desktop. Basically, it's the server's way of telling you you shouldn't be browsing the web, and if you try to, it's going to pester you about everything you visit.
It's a reasonable "duh" saftey net, imho, and sufficiently annoying enough to remember to minimize the RDP session and use your desktop.
That's pretty much the case for the labs. We roll out updates internally first to give them a bit of a bash to watch out for issues, but 30k+ systems is not the same as a worldwide launch. Additionally, there aren't really that many user-grade XP systems left here, for obvious reasons.
When the rootkit has complete, unrestricted access to the system, *it can do anything it wants*. there really isn't a way to stop it, unless you've forced it into a lower-security prison (aka, user-level).
If it wants to pick a random memory address that it's hard coded and jump to it, it can do it. the cpu's not going to stop it, and windows is not responsible for fixing that. You may as well ask for the linux kernel to stop a rootkit module from rewriting the software interrupt vector tables and hooking into system calls. If it has write-anywhere memory level access (and it does, it's in the kernel during initialization, launched by root), then it can write bytes to memory, anywhere it chooses. if you then upgrade to a kernel with a different system call table layout due to an improvement, and the malware doesn't self-correct? boom!
Now, solutions to this involve things like virtualization and sandboxing, but we're not quite there yet. I wouldn't actually mind seeing an operating system take advantage of VT and other things to produce an OS with a secure core, that self-verifies and only accepts signed updates.
So do some logitech, but you do realize that flash always asks for permission before allowing a flash app to touch your webcam, right? I wouldn't be surprised if it was buggy enough to get around, and some subset of people might have clicked 'always allow' but i suspect it's a subset that's vanishingly small.
Ooooohhhhh. you mean like this political party? oh, wait, that's the site for the party of gamers that are running against Atkinson. But if it's not in the article, it mustn't be true! Gamers are clearly all stalking Atkinson and completely eschew the political process!
s/country/state/g. This is a state-level Attorney General, not for the entire country. (US has state-level AGs as well, fyi)
Second, there's a difference between getting nastygrams sent to your office, where they can be filtered by functionaries, and a nastygram sent to your home.
That said, this guy's holding an irrational position if he wants to avoid violence getting in the hands of teenagers, imho. Better off allowing R18+, and then pushing for more games to be rated R18+, so that fewer of them are given to children by parents. Of course, he prefers the 'head-in-sand' approach.
The difference being that microsoft banned the console, not the account. the accounts used on that console, and the content purchased through them can be transferred to a working console. Does apple allow that?
Except they didn't ban the people. they banned the hardware from live, since it's untrustworthy. The people still have their gold status, and can sign in on another unhacked console, and use xbox live the way they always did.
Putting people on silver status would involve taking away a service they paid for. The fact that the device they were using is no longer considered kosher to use to access that service is a related, but seperatable issue. They still have all of the stuff they owned, and can use it on another console if they transfer the rights to that console. MS didn't steal money from them.
Personally, if I was going to mod an xbox, I'd have a second, unmodified one for normal usage nearby. Anyone who decided to take the risk also has the old owner onus applicable.
Google is coming close, but they still have a ways to go. One big benefit they have is that they will host the solutions for people. That is the market shift that Microsoft might miss. If they continue to expect their customers to eat the cost of onsite hardware, they are going to get clobbered once Google (or someone else) offers the same functionality.
Except that MS is pushing along with office online, hosted exchange, etc. They're not sitting still, the question will be whether they can stomach the idea of moving their lunch from client apps to web. i think it has a pretty good shot.
Sanity checking in this case won't have been helpful if a separate process was making assumptions about offsets in the code in the dll, instead of looking up the appropriate symbol. you know, the kind of things that rootkits do to try and avoid detection? I hardly think it's reasonable for a patch to scan every single file, including ones that don't come from microsoft at all, to look for things that might, possibly, be trying to call a method by directly referencing an offset in a dll via a backdoor mechanism. Your TRWTF would only make sense if there were binary diffs involved, which have never been the case. The offset of a method moves, the only things that fail are things that aren't playing by the rules (read, malware, and the occasional idiotic 3rd party)
Congratulations, you only get partial credit, because you've never bothered to look up even rudimentary details about Australian politics.
In Australia, voting is compulsory in both State and Federal elections (we vote for people, not on issues for the most part, so the ticket isn't gigantic, except for the occasional senate ticket, which you can avoid by going for 'party' instead of 'people')
A) in your example simply doesn't apply.
What's really happened here is that we voted a party in, and then they changed their minds and have gone on a giant censorship rampage for no reason.
I suspect, in your case, the phones were using their own weight to press against the charging pins? I've seen cases where the contact plate corrodes over time, and it becomes more difficult for it to contact and charge properly (logitech mouse bit me with that one)
I find something that's pressed against it using a spring/catch works better (which is the case for laptops) so i'm not sure i'd be willing to compare the two situations.
That's not really the only recourse. In a corporate environment, the system's still tied to the domain, so in the off-chance that the system connects to a network, it'll try to 'phone home' and can be remote-wiped. But yeah, no-one's claiming that TPM is perfect, because no security system is perfect. It's just a step up from 'no protection at all' that requires an additional time/sophisitication level to break. That could be time enough to secure anything that could be exposed.
Of course, the sane approach is to not keep anything on the vulnerable system at all, and access it all via VPN/remote desktop, but that's hardly 100% practical (email caches, etc for efficiency). It's standing orders where I work though (as is bitlocker, even for desktop systems), as much as is practical, at any rate.
Actually, since we use the same accessibility controls to test software, they don't benefit a minority. Sorry, but without them, we'd just end up recreating them to do what they provide, except it'd be far less standardized into one API.
A senator with his seniority in Australia pretty much has his multi-million dollar pension secured if he's reached the top of the Victorian Senate ticket. The only way to take away his power is to get the opposition party in power. (who, last time they were in power, had protect-the-childrens-from-childporn on their minds, but at least did so by giving people software they could voluntarily use (but didn't seem to care about)
I'm going to stay within context, and assume he means 'the launch of features to access these services from xbox live, which have been popular for the services themselves', not that he means that the services couldn't have happened without xbox live.
I know i didn't bother with netflix until it was easy to use via my xbox. facebook and twitter are less useful (my phone works better there, although the xbox makes a decent facebook-photo-browsing tool)
I'm guessing because plugins in firefox are written using javascript and XUL. i thought they still supported the old netscrape (man, haven't used that one in a while) api though, which would still allow things to waltz through...
Actually, about all IE8 on vista/win7 has access to is %USERPROFILE%\AppData\LocalLow\, or anything else tagged with the same attribute (your favorites folder too)
Network shares won't have this attribute set, nor will My Documents, unless you went out and fiddled with cacls.
Seems like it'd be reasonably easy to independently verify this. If it was off, then the power company should be able to show a difference in consumption. Since when has the power company ever not micro-measured usage?:P
If your automated tests all need to go through a set of gui steps to get to a control panel, and someone accidentally or deliberately moves it, but your tests don't get updated, they're all going to fail, and you lose a large amount of coverage for a small change.
However, if you've only got one test who's purpose it is to test the path and make sure it's reachable, and all the rest use a "horrible kludge" as you put it to just get to the feature, then you've improved test reliablity, and you're testing specific things with each test.
I could also see this being useful with particular types of model-based monkey testing, and other things like that.
Of course, most control panels can be accessed by running the.cpl file itself, so this would seem superfluous.
So, on that note, i'd suggest that this is more likely a side-effect of a feature that exists for some other purpose, similar to how explorer maps special folders to specific tasks. Like, say, if you go to c:\windows\fonts\, or c:\windows\assembly and get special views.
Slashdot Mirror
I didn't make a snide remark. I pointed out that windows maintains a pool of zeroed ram, and will constantly fill it when it's able to.
Windows will allocate from that pool first, and then top it back up when it hits a threshold of low free memory from supercache.
It then has the luxury of handling this in the background, so you're not waiting for the system to zero memory out, unless you somehow manage to totally max out the memory you've got in use.
It's at this point when you've got bigger problems, like the fact that the disk will probably become your bottleneck, not the speed at which you can zero out ram.
I didn't miss your point, I'm suggesting that you're not thinking like an operating system designer, and saying "how can i shorten the critical path of giving a process the memory it requests?" The answer is: Pre-zero memory, and fill the zeroed pool from the cache as needed when you get low. There's no "wait" for zeroed out memory, at this point.
You might want to grab a copy of Process Explorer sometime, and look at the stats it reports. you'll notice that windows actually spends idle time pre-zeroing ram, so that this is already done, in more than enough amounts. If your system is slammed, i could see having to pre-zero the pages, just before use, however, but it's not like it's not something that couldn't be done while waiting for other I/O operations to complete (since your system is slammed anyway :) )
My laptop currently has 2.8 million pages zeroed atm (it has 8gb, and I don't have much running right now, so there's not a lot to cache.)
This is actually a feature, as other posters have pointed out. It's called Internet explorer Enhanced Security or somesuch. You can disable it as a feature in Win2k8/Win2k3 via various means if you really want to use win2k8 as a desktop. Basically, it's the server's way of telling you you shouldn't be browsing the web, and if you try to, it's going to pester you about everything you visit.
It's a reasonable "duh" saftey net, imho, and sufficiently annoying enough to remember to minimize the RDP session and use your desktop.
That's pretty much the case for the labs. We roll out updates internally first to give them a bit of a bash to watch out for issues, but 30k+ systems is not the same as a worldwide launch. Additionally, there aren't really that many user-grade XP systems left here, for obvious reasons.
When the rootkit has complete, unrestricted access to the system, *it can do anything it wants*. there really isn't a way to stop it, unless you've forced it into a lower-security prison (aka, user-level).
If it wants to pick a random memory address that it's hard coded and jump to it, it can do it. the cpu's not going to stop it, and windows is not responsible for fixing that. You may as well ask for the linux kernel to stop a rootkit module from rewriting the software interrupt vector tables and hooking into system calls. If it has write-anywhere memory level access (and it does, it's in the kernel during initialization, launched by root), then it can write bytes to memory, anywhere it chooses. if you then upgrade to a kernel with a different system call table layout due to an improvement, and the malware doesn't self-correct? boom!
Now, solutions to this involve things like virtualization and sandboxing, but we're not quite there yet. I wouldn't actually mind seeing an operating system take advantage of VT and other things to produce an OS with a secure core, that self-verifies and only accepts signed updates.
So do some logitech, but you do realize that flash always asks for permission before allowing a flash app to touch your webcam, right?
I wouldn't be surprised if it was buggy enough to get around, and some subset of people might have clicked 'always allow' but i suspect it's a subset that's vanishingly small.
Done
Ooooohhhhh. you mean like this political party? oh, wait, that's the site for the party of gamers that are running against Atkinson.
But if it's not in the article, it mustn't be true! Gamers are clearly all stalking Atkinson and completely eschew the political process!
plus fucking 1 on that score. How the hell did we end up with a religious nutjob for a prime minister?
Depends where you live. In melbourne, we call them prawns. IIRC, they tend to get called shrimp in QLD, don't they?
s/country/state/g. This is a state-level Attorney General, not for the entire country. (US has state-level AGs as well, fyi)
Second, there's a difference between getting nastygrams sent to your office, where they can be filtered by functionaries, and a nastygram sent to your home.
That said, this guy's holding an irrational position if he wants to avoid violence getting in the hands of teenagers, imho. Better off allowing R18+, and then pushing for more games to be rated R18+, so that fewer of them are given to children by parents. Of course, he prefers the 'head-in-sand' approach.
The difference being that microsoft banned the console, not the account. the accounts used on that console, and the content purchased through them can be transferred to a working console. Does apple allow that?
Except they didn't ban the people. they banned the hardware from live, since it's untrustworthy. The people still have their gold status, and can sign in on another unhacked console, and use xbox live the way they always did.
Putting people on silver status would involve taking away a service they paid for. The fact that the device they were using is no longer considered kosher to use to access that service is a related, but seperatable issue. They still have all of the stuff they owned, and can use it on another console if they transfer the rights to that console. MS didn't steal money from them.
Personally, if I was going to mod an xbox, I'd have a second, unmodified one for normal usage nearby. Anyone who decided to take the risk also has the old owner onus applicable.
Google is coming close, but they still have a ways to go. One big benefit they have is that they will host the solutions for people. That is the market shift that Microsoft might miss. If they continue to expect their customers to eat the cost of onsite hardware, they are going to get clobbered once Google (or someone else) offers the same functionality.
Except that MS is pushing along with office online, hosted exchange, etc. They're not sitting still, the question will be whether they can stomach the idea of moving their lunch from client apps to web. i think it has a pretty good shot.
Sanity checking in this case won't have been helpful if a separate process was making assumptions about offsets in the code in the dll, instead of looking up the appropriate symbol. you know, the kind of things that rootkits do to try and avoid detection?
I hardly think it's reasonable for a patch to scan every single file, including ones that don't come from microsoft at all, to look for things that might, possibly, be trying to call a method by directly referencing an offset in a dll via a backdoor mechanism.
Your TRWTF would only make sense if there were binary diffs involved, which have never been the case. The offset of a method moves, the only things that fail are things that aren't playing by the rules (read, malware, and the occasional idiotic 3rd party)
Congratulations, you only get partial credit, because you've never bothered to look up even rudimentary details about Australian politics.
In Australia, voting is compulsory in both State and Federal elections (we vote for people, not on issues for the most part, so the ticket isn't gigantic, except for the occasional senate ticket, which you can avoid by going for 'party' instead of 'people')
A) in your example simply doesn't apply.
What's really happened here is that we voted a party in, and then they changed their minds and have gone on a giant censorship rampage for no reason.
I suspect, in your case, the phones were using their own weight to press against the charging pins? I've seen cases where the contact plate corrodes over time, and it becomes more difficult for it to contact and charge properly (logitech mouse bit me with that one)
I find something that's pressed against it using a spring/catch works better (which is the case for laptops) so i'm not sure i'd be willing to compare the two situations.
That's not really the only recourse.
In a corporate environment, the system's still tied to the domain, so in the off-chance that the system connects to a network, it'll try to 'phone home' and can be remote-wiped.
But yeah, no-one's claiming that TPM is perfect, because no security system is perfect. It's just a step up from 'no protection at all' that requires an additional time/sophisitication level to break. That could be time enough to secure anything that could be exposed.
Of course, the sane approach is to not keep anything on the vulnerable system at all, and access it all via VPN/remote desktop, but that's hardly 100% practical (email caches, etc for efficiency). It's standing orders where I work though (as is bitlocker, even for desktop systems), as much as is practical, at any rate.
Actually, since we use the same accessibility controls to test software, they don't benefit a minority. Sorry, but without them, we'd just end up recreating them to do what they provide, except it'd be far less standardized into one API.
A senator with his seniority in Australia pretty much has his multi-million dollar pension secured if he's reached the top of the Victorian Senate ticket. The only way to take away his power is to get the opposition party in power. (who, last time they were in power, had protect-the-childrens-from-childporn on their minds, but at least did so by giving people software they could voluntarily use (but didn't seem to care about)
I'm going to stay within context, and assume he means 'the launch of features to access these services from xbox live, which have been popular for the services themselves', not that he means that the services couldn't have happened without xbox live.
I know i didn't bother with netflix until it was easy to use via my xbox. facebook and twitter are less useful (my phone works better there, although the xbox makes a decent facebook-photo-browsing tool)
I'm guessing because plugins in firefox are written using javascript and XUL. i thought they still supported the old netscrape (man, haven't used that one in a while) api though, which would still allow things to waltz through...
Actually, about all IE8 on vista/win7 has access to is %USERPROFILE%\AppData\LocalLow\, or anything else tagged with the same attribute (your favorites folder too)
Network shares won't have this attribute set, nor will My Documents, unless you went out and fiddled with cacls.
Seems like it'd be reasonably easy to independently verify this. If it was off, then the power company should be able to show a difference in consumption. Since when has the power company ever not micro-measured usage? :P
I'm going to go with 'testability'.
If your automated tests all need to go through a set of gui steps to get to a control panel, and someone accidentally or deliberately moves it, but your tests don't get updated, they're all going to fail, and you lose a large amount of coverage for a small change.
However, if you've only got one test who's purpose it is to test the path and make sure it's reachable, and all the rest use a "horrible kludge" as you put it to just get to the feature, then you've improved test reliablity, and you're testing specific things with each test.
I could also see this being useful with particular types of model-based monkey testing, and other things like that.
Of course, most control panels can be accessed by running the .cpl file itself, so this would seem superfluous.
So, on that note, i'd suggest that this is more likely a side-effect of a feature that exists for some other purpose, similar to how explorer maps special folders to specific tasks. Like, say, if you go to c:\windows\fonts\, or c:\windows\assembly and get special views.