One thing Mozilla and Firefox really lack is a quick easy way to deploy & maintain them in an orginization. A MSI based installer with security updates provided by MSP (patches to the MSI install) would allow Windows administrators to deploy and maintain Firefox via an Active Directory Group Policy...
I was proclaiming that a while back, and they've actually made progress in that area. There's a bug report with links to supposedly working MSI packages for Firefox provided by several people (seems like whenever a Firefox MSI post comes up I happen to not have a link to the bug). The next step, as stated in a previous comment to this story, is a tool or integration with Group Policy to allow for centralized configuration of many machines. This might be difficult since Group Policy stores configuration in the registry, while Firefox uses Javascript files. It might be possible to use a Group Policy plugin, but that's where my knowledge ends. Can anyone provide information?
And to those who are thinking "Group Policy?! pffft, I can do it with scripts", the point is to provide an option to those who would like to install Firefox by deploying an MSI package with a couple mouse clicks. Sure, if you need the power and have the time, then go ahead and write logon scripts to do it, but there are others, myself included, who would much rather use MSIs.
And I strongly disagree as well. I've had two AMD Duron 750s that ran Firefox quite slowly. Sure, it may be fast for some people, but it's also slow for others. I personally would prefer Firefox to be even leaner.
I really don't think C/C++ are to blame for ActiveX vulnerabilities.
I completely agree. The problem with ActiveX and some other Microsoft ideas is that they're fundamentally flawed with regards to security. You simply don't allow arbitrary code to download and execute. ActiveX shouldn't exist at all, and you're right, the problem is deeper than the language chosen.
Except that the CLI doesn't solve this problem, it just makes avoidable (which it already was to begin with). A developer can still write code to do pointer arithmetic. BTW, what kind of brain damaged designer allows for pointer arithmetic in a garbage collected language?
Pointer arithmetic automatically makes the code unsafe (you actually use the 'unsafe' keyword in C#), and you have to compile it with an/unsafe switch. Resulting binaries are not verifiable by.NET, and you can prevent unsafe code from executing via code security. I can't run C# code that uses pointer arithmetic off a network share because of this.
I thought that's why Microsoft was pushing for "managed code" with the.Net framework. Though I think it's some what ripping the idea(s) from Sun's Java. But I'm sure even with.Net, there will still be buffer overflows. Well...the GDI+ exploit is one prime example of that fact.
An interesting distinction to make is that.NET code itself isn't vulnerable to buffer overflows. GDI+ is an unmanaged component (likely written in C++), and is vulnerable. The problem is that.NET exposes GDI+ functionality through its graphics classes, and since those classes are part of the.NET framework,.NET itself essentially becomes vulnerable to buffer overflows.
Microsoft appears to be shifting its APIs to the managed world, either as wrappers to legacy APIs, or new APIs built completely in the.NET world (or both as is the case with WinFX). So to expand on your post, as long as legacy code is used, yeah, buffer overflows will still be possible, but by shifting more code to managed world the likelihood of such vulnerabilities will hopefully diminish.
Although we're really close, we'll get to a point where the animation no longer constrains the story.
I think we're already at that point, at least with some genres. I haven't seen The Incredibles yet, but Pixar's previous movies have been absolutely great with respect to the story, and the animation has enhanced it.
Rather, it's George Lucasness that constrains stories.
You really don't want browsers downloading and executing code. It's just too insecure. That way lies the hell of Active-X. The great thing about HTML is that it's basically descriptive, not executable. Downloading code in some interpretive language is only slightly less insecure, and much slower. (Or, when there's a page with a dumb ad on screen, CPU usage goes to 100%)
One alternative is to go with VMs and enforce security that way. For example, it's possible to run a.NET application with restricted permissions that say it can't read/write files and the registry, but it can only display UI. I'm sure something similar is possible with Java. You might wonder how security like this could possibly work, but you simply prevent applications from using System.IO.*, for example, and since.NET code is verified so that buffer overflows and "unsafe" code is impossible, it becomes highly unlikely that.NET code will be able to break out of the security boundaries it runs in.
Sure, you might get security holes that might allow a program to call System.IO.* stuff after all, but that can be patched, unlike ActiveX, which as a whole is simply a flawed concept.
I'm guessing in the future we'll be executing code from the web once more on our machines, but this time within the confines of a VM. Now that I think about it, why hasn't Java taken off more on web pages? The general slowness of applets loading is what bothered me before; is UI and applet performance still annoying? Or maybe it needs a XAML/XUL-like language?
Windows XP Home probably does have the security, but it might not be exposed through the UI, which, if that is the case, is essentially the same as having no security. If the functionality is there but no one can easily access it, then it is as if it doesn't exist.
I actually think Microsoft didn't realize the security flaws in Windows at and before XP (and I'm not talking about low level stuff, but high level things like giving users Admin privileges by default, or giving IE a convoluted security model), hence the easy-to-use, easy-to-compromise Windows XP Home. This changed with XP SP2, and Longhorn will probably be even more secure by default.
I think Python is a great language. One of my favorite features is the interactive interpreter. It's great for trying little bits of code quickly, and might be useful for in-class exercises where everyone follows along. At least that's what's supposed to happen in theory; in actuality you'll likely have half the class surfing and chatting;)
Windows is moving that direction but files aren't protected between users in any way.
That's a bunch of BS. Profile directories have permissions set so that only that user, Administrators, and the system (SYSTEM account = OS) can read it. This is by default, without any user intervention. User-specific data includes user documents, the HKEY_CURRENT_USER registry tree, and Internet cache among other things.
What I'm assuming is happening with Google Desktop is that it's running as a service when indexing, which enables it to bypass the default permissions since SYSTEM is given full access to profiles. This is akin to running a service as root in *nix. In case you're thinking "see?!?! Windows sucks because it runs as system!!!", you can change the account under which services run; IIS for Windows 2003 runs under a lesser-privileged account, in fact.
So really, the fact that Google Desktop is indexing data of all users is in the design of Google Desktop itself. It's perfectly feasible to restrict Google Desktop to running under the security context of a single user, which will restrict it to indexing only that user's files. Unfortunately, although permissions are restricted properly, users by default have Admin access in Windows, so it ends up being a Windows problem in the end unless you've restricted accounts. However, my point that file protection between users exists still stands.
This was exactly the situation that popped into my head. Remember that every little bit helps with application acceptance. Features that you don't care about may be what compels someone else to use the project.
but that's their call. Surely, there must be other alternatives than using something from M$. It's an installer - can't they use Nullsoft or something else?
MSIs allow for easy installation of programs across entire Active Directory networks. Sure, you can do this with scripts and silent installs, but MSIs let you do interesting things like per-user installs that migrate to computers with their profiles. A good example of this is TortoiseSVN, which I can install only for myself on a computer on an AD network, and when I go to another lab computer and logon it'll automatically install and yet still be visible to only me.
There's also a Firefox bug that's requesting an MSI installation option (but I forget the URL). IIRC someone built an MSI package using WiX, and several people have stated that an MSI package is imperative for corporate deployment of Firefox.
So yeah, there are alternatives, but using MSIs do make things easier for some people, me included.
Assuming that is true, the only real worry for Mono is that Microsoft would change.NET enough to break what compatibility they have, but the Mono project has already explained why this doesn't worry them.
I just wanted to clarify this part in case people are wondering why. Basically Microsoft can't break.NET compatibility in old versions of the Framework because it'll break all the programs that use those versions. So versions 1.0 and 1.1 can be considered unchangeable right now (except for fixes probably), and it's safe from a coding standpoint for Mono to make an equivalent implementation without worrying about breaking changes.
Microsoft can extend and modify.NET with newer versions, such as the currently-beta 2.0, but.NET versions can and are designed to be installed side-by-side, so applications that use 1.0 or 1.1 still need the respective version of the framework installed. If you want to check this for yourself, take a look at the C:\Windows\Microsoft.NET\Framework directory. I currently have the subdirectories v1.0.3705, v1.1.4322, and v2.0.40607
I'm in the same boat, although I do think that it takes an above-average level of computer competency to run Windows XP without spyware problems. Then again, I've always had hardware problems under Linux, so it seems like you need to excel at computers regardless of the OS you're using if you want it to be stable. Or maybe run Mac OS X (I don't know, I haven't tried it).
But yeah, I play games, do.NET coding, surf the Internet, and do school stuff all on Windows. What's nice is that a lot of what seems like Unix-exclusive software also runs on Windows. There's ActivePython, MiKTeX, a large collection of command-line Unix utilities, including wget, and even games such as FreeCiv. Other people might have different needs that necessitate Linux, but Windows runs fine for me.
With that said, Txiasaeia, you might want to try Gentoo for something different in the Linux world. Installation takes a while since it's a very manual process, but the entire distribution makes me feel "cleaner" when I use it (yes, I still take showers). Mandrake feels like absolute bloat to me, but I fell in love with Gentoo once I tried it.
Most excellent post. I've talked to some MS employees and they don't seem to have anything against the concept of open source itself. I feel that the fear of the GPL is purely because of legalities, and probably a bit of misunderstanding as well. It would be terrible from MS's standpoint if some GPL'ed code accidentally made its way into Windows, which results in the open-sourcing of some component they don't want open. And yes, I am confident they do not steal GPL code; it's made very clear internally that such code (and I think other outside code) is unacceptable in Microsoft products because of possible legal issues. Note that I do not mention something like "because GPL sucks ass!" To reiterate, my impression is that it's purely legal with a bit of misunderstanding.
About your example, a similar thing has happened with.NET. The.NET Framework SDK and compilers are freely available, but the Visual Studio.NET IDE is not. Although the VC++ compiler wasn't free in the past, the SDKs for Windows development have been free for as long as I can remember. Actually, I don't know if this is related to what you've said anymore, but it's an interesting example of how Microsoft places closed, $$ functionality on top of a layer of closed but free functionality.
That's something that's annoyed me with a lot of apps. What's with the gigantic fischer-price GUIs? are enterprise people attracted to that sort of thing?
Surprisingly, yes. I know a lot of people who knowingly keep the default Windows XP Luna scheme (I've asked them about it), and others who use the silver variant. So yes, some of you people may hate it but there do exist people out there who like the large UI elements and colors. People like my parents, whose eyesight are slowly getting worse with age. They surf the Internet with huge fonts, and a large 'fischer-price' UI definitely helps with eye strain.
With that said, I don't see anything wrong with making Evolution resemble Outlook as long as it borrows the good parts of Outlook's UI. Evolution needs a bit more contrast (someone else here mentioned it looked gray), but otherwise it's very slick and elegant.
Just like the "Y2K glitch" was a platform independant problem based upon the 2-digit-year shorthand causing logical flaws, if you store time in a 32-bit variable by the microsecond... you'll hit the hard limit after about 49.7 days which is why that number can show up in kernels other than Win9x. If there's no proper handling of that rollover, things go haywire.
One interesting bit is that Quake 1 servers had problems running for more than 49.7 days for what I assume is precisely the same reason.
Either they are not doing a good job of doing the whole buffer check thing that the guy harped to me about and it was all hogwash to impress upon you how "important" and "hard" coding in MS is, or there is something seriously wrong with the codebase that SO many exploits turn out everyday.
I was an intern at Microsoft this past summer, and I believe it's the shear quantity and perhaps complexity of software being written that's resulting in these bugs. They really do emphasize writing secure code now (I don't know how it was like before). I shared an office with two other interns, and during several code reviews another intern was involved with, there would be "did you check parameters here? potential buffer overflow? what if this is NULL?" And it wasn't even important code he was working on.
Forcing OEMs to include "restore CDs" instead of installation media.
My HP Pavilion zt3000 laptop came with an XP installation CD. After installing it I was left with a raw XP installation that was even missing drivers, so no, I somehow doubt Microsoft is currently forcing OEMs to include restore CDs over installation CDs.
Very neat, thanks. In my situation I'm creating user.prefs for everyone already, so this would work almost perfectly (and perfectly if I can stick the username inside the path somehow).
I was looking into going to CMU for their esteemed Computer Science program, but now I just hope they wont let this influence their set of courses, breadth of experience, or heterogeneous computer labs...
The University of Washington's Computer Science department recently moved into a new building partially funded by donations from Paul Allen, Bill & Melinda Gates Foundation, and Microsoft. Maybe they try to influence the software used to teach courses at other schools, but I don't see that here at all. The introductory programming courses are taught in Java (originally C++), the OS course requires that you write code on a *nix box (one of the projects involves modifying the Linux kernel), and most classes allow for projects to be coded on either a Unix or Windows machine. The computer labs actually increased percentage-wise in the number of Linux machines after moving into the new building.
This university is about a 15 minute drive from Microsoft in good traffic, and the evening CS master's program has a lot of Microsoft employees as students, so you'd expect a huge influence on course software. But Unix pops up in enough places that it feels balanced to me.
Active Directory was never intended to manage existing exe installers; you could use logon scripts to do install such programs. AD works with MSI files, however, which provide more structured installation as well as increased ease in customizing installations. Things like moving or renaming Start Menu shortcuts are easy with transform files.
Mind you, as long as MSI files are provided, you can easily upgrade products; it's provided directly in the Group Policy UI, in fact. I realize that the lack of MSI files may be a problem, but products such as the freely available WinInstall LE can help repackage exe installers as MSI packages, and MSI packages are used in the real world (Daemon Tools, Paint Shop Pro, Office,.NET redistributable, RSS Bandit, TortoiseSVN, Adobe Acrobat Reader). You might say "but most of those have exe installers!" They're actually just shims that check for the existence of Windows Installer; the actual installation information is in an embedded MSI.
Thanks for that information. I did something similar to get the files for Firefox, and after making modifications to the.js files for default user settings, I repackaged it as an MSI file for distribution.
Ahh kinda like ZenWorks [novell.com], or the NAL [novell.com]. But IMHO, that's still too much work. There's no good reason you can't just copy files from your server to the local machine to do an upgrade, with a flag file as the indicator.
That's possible, but MSIs provide useful features such as shortcuts and ability to make registry modifications. The latter is useful for making Firefox the default browser. I realize that all these can be done via scripting, but it's nice to have it all integrated in a single package, after which distribution is as simple as adding an MSI to a group policy.
The one area where MSIs really shine is customizability. Given an MSI file for an application, I can create my own transform file that changes things such as Start Menu shortcuts, installed files, registry changes, etc., basically anything regarding the installation process. This is difficult to do with regular exe installers, but not as applicable to Mozilla and Firefox since they both provide zip packages.
Did you look in the profile for your directory?
I'm not sure I understand what you're trying to get at there. Firefox profiles are stored in C:\Documents and Settings\username\Application Data\Firefox\... The problem is that changes in most of the Documents and Settings\username folder is copied to the domain server and back upon logging in and logging off. If a user jumps around machines a lot, this can cause copying entire profiles over the network. The Documents and Settings\username\Local Settings directory is exempt, and is intended for things such as Internet cache, which don't need to remain consistent across multiple machines. This is where Firefox's Internet cache should reside (but keep user configuration in its current location). I'd actually prefer it if profile copying were eliminated entirely, and profiles used directly from the domain server. It seems to work fine on Linux performance-wise, but I'm not qualified to really judge this.
Seriously dude, if you don't know how to write a simple script to copy files to all user's machines without the help of another program, what are you doing administering systems?
Of course it can be done, but then there are what I consider superior solutions when you already have an Active Directory network on Windows, where software upgrades and propagation of configuration settings can be controlled from a central place (Group Policies). Using scripts to upgrade would be like writing a script to download and patch on Gentoo even though emerge is already available.
Slashdot Mirror
One thing Mozilla and Firefox really lack is a quick easy way to deploy & maintain them in an orginization. A MSI based installer with security updates provided by MSP (patches to the MSI install) would allow Windows administrators to deploy and maintain Firefox via an Active Directory Group Policy...
I was proclaiming that a while back, and they've actually made progress in that area. There's a bug report with links to supposedly working MSI packages for Firefox provided by several people (seems like whenever a Firefox MSI post comes up I happen to not have a link to the bug). The next step, as stated in a previous comment to this story, is a tool or integration with Group Policy to allow for centralized configuration of many machines. This might be difficult since Group Policy stores configuration in the registry, while Firefox uses Javascript files. It might be possible to use a Group Policy plugin, but that's where my knowledge ends. Can anyone provide information?
And to those who are thinking "Group Policy?! pffft, I can do it with scripts", the point is to provide an option to those who would like to install Firefox by deploying an MSI package with a couple mouse clicks. Sure, if you need the power and have the time, then go ahead and write logon scripts to do it, but there are others, myself included, who would much rather use MSIs.
And I strongly disagree as well. I've had two AMD Duron 750s that ran Firefox quite slowly. Sure, it may be fast for some people, but it's also slow for others. I personally would prefer Firefox to be even leaner.
I really don't think C/C++ are to blame for ActiveX vulnerabilities.
I completely agree. The problem with ActiveX and some other Microsoft ideas is that they're fundamentally flawed with regards to security. You simply don't allow arbitrary code to download and execute. ActiveX shouldn't exist at all, and you're right, the problem is deeper than the language chosen.
Except that the CLI doesn't solve this problem, it just makes avoidable (which it already was to begin with). A developer can still write code to do pointer arithmetic. BTW, what kind of brain damaged designer allows for pointer arithmetic in a garbage collected language?
Pointer arithmetic automatically makes the code unsafe (you actually use the 'unsafe' keyword in C#), and you have to compile it with an /unsafe switch. Resulting binaries are not verifiable by .NET, and you can prevent unsafe code from executing via code security. I can't run C# code that uses pointer arithmetic off a network share because of this.
I thought that's why Microsoft was pushing for "managed code" with the .Net framework. Though I think it's some what ripping the idea(s) from Sun's Java. But I'm sure even with .Net, there will still be buffer overflows. Well...the GDI+ exploit is one prime example of that fact.
An interesting distinction to make is that .NET code itself isn't vulnerable to buffer overflows. GDI+ is an unmanaged component (likely written in C++), and is vulnerable. The problem is that .NET exposes GDI+ functionality through its graphics classes, and since those classes are part of the .NET framework, .NET itself essentially becomes vulnerable to buffer overflows.
Microsoft appears to be shifting its APIs to the managed world, either as wrappers to legacy APIs, or new APIs built completely in the .NET world (or both as is the case with WinFX). So to expand on your post, as long as legacy code is used, yeah, buffer overflows will still be possible, but by shifting more code to managed world the likelihood of such vulnerabilities will hopefully diminish.
Although we're really close, we'll get to a point where the animation no longer constrains the story.
I think we're already at that point, at least with some genres. I haven't seen The Incredibles yet, but Pixar's previous movies have been absolutely great with respect to the story, and the animation has enhanced it.
Rather, it's George Lucasness that constrains stories.
You really don't want browsers downloading and executing code. It's just too insecure. That way lies the hell of Active-X. The great thing about HTML is that it's basically descriptive, not executable. Downloading code in some interpretive language is only slightly less insecure, and much slower. (Or, when there's a page with a dumb ad on screen, CPU usage goes to 100%)
One alternative is to go with VMs and enforce security that way. For example, it's possible to run a .NET application with restricted permissions that say it can't read/write files and the registry, but it can only display UI. I'm sure something similar is possible with Java. You might wonder how security like this could possibly work, but you simply prevent applications from using System.IO.*, for example, and since .NET code is verified so that buffer overflows and "unsafe" code is impossible, it becomes highly unlikely that .NET code will be able to break out of the security boundaries it runs in.
Sure, you might get security holes that might allow a program to call System.IO.* stuff after all, but that can be patched, unlike ActiveX, which as a whole is simply a flawed concept.
I'm guessing in the future we'll be executing code from the web once more on our machines, but this time within the confines of a VM. Now that I think about it, why hasn't Java taken off more on web pages? The general slowness of applets loading is what bothered me before; is UI and applet performance still annoying? Or maybe it needs a XAML/XUL-like language?
Windows XP Home probably does have the security, but it might not be exposed through the UI, which, if that is the case, is essentially the same as having no security. If the functionality is there but no one can easily access it, then it is as if it doesn't exist.
I actually think Microsoft didn't realize the security flaws in Windows at and before XP (and I'm not talking about low level stuff, but high level things like giving users Admin privileges by default, or giving IE a convoluted security model), hence the easy-to-use, easy-to-compromise Windows XP Home. This changed with XP SP2, and Longhorn will probably be even more secure by default.
I think Python is a great language. One of my favorite features is the interactive interpreter. It's great for trying little bits of code quickly, and might be useful for in-class exercises where everyone follows along. At least that's what's supposed to happen in theory; in actuality you'll likely have half the class surfing and chatting ;)
Windows is moving that direction but files aren't protected between users in any way.
That's a bunch of BS. Profile directories have permissions set so that only that user, Administrators, and the system (SYSTEM account = OS) can read it. This is by default, without any user intervention. User-specific data includes user documents, the HKEY_CURRENT_USER registry tree, and Internet cache among other things.
What I'm assuming is happening with Google Desktop is that it's running as a service when indexing, which enables it to bypass the default permissions since SYSTEM is given full access to profiles. This is akin to running a service as root in *nix. In case you're thinking "see?!?! Windows sucks because it runs as system!!!", you can change the account under which services run; IIS for Windows 2003 runs under a lesser-privileged account, in fact.
So really, the fact that Google Desktop is indexing data of all users is in the design of Google Desktop itself. It's perfectly feasible to restrict Google Desktop to running under the security context of a single user, which will restrict it to indexing only that user's files. Unfortunately, although permissions are restricted properly, users by default have Admin access in Windows, so it ends up being a Windows problem in the end unless you've restricted accounts. However, my point that file protection between users exists still stands.
This was exactly the situation that popped into my head. Remember that every little bit helps with application acceptance. Features that you don't care about may be what compels someone else to use the project.
but that's their call. Surely, there must be other alternatives than using something from M$. It's an installer - can't they use Nullsoft or something else?
MSIs allow for easy installation of programs across entire Active Directory networks. Sure, you can do this with scripts and silent installs, but MSIs let you do interesting things like per-user installs that migrate to computers with their profiles. A good example of this is TortoiseSVN, which I can install only for myself on a computer on an AD network, and when I go to another lab computer and logon it'll automatically install and yet still be visible to only me.
There's also a Firefox bug that's requesting an MSI installation option (but I forget the URL). IIRC someone built an MSI package using WiX, and several people have stated that an MSI package is imperative for corporate deployment of Firefox.
So yeah, there are alternatives, but using MSIs do make things easier for some people, me included.
Cool, I want to go on that trail. Anyone want to come with me?
Assuming that is true, the only real worry for Mono is that Microsoft would change .NET enough to break what compatibility they have, but the Mono project has already explained why this doesn't worry them.
I just wanted to clarify this part in case people are wondering why. Basically Microsoft can't break .NET compatibility in old versions of the Framework because it'll break all the programs that use those versions. So versions 1.0 and 1.1 can be considered unchangeable right now (except for fixes probably), and it's safe from a coding standpoint for Mono to make an equivalent implementation without worrying about breaking changes.
Microsoft can extend and modify .NET with newer versions, such as the currently-beta 2.0, but .NET versions can and are designed to be installed side-by-side, so applications that use 1.0 or 1.1 still need the respective version of the framework installed. If you want to check this for yourself, take a look at the C:\Windows\Microsoft.NET\Framework directory. I currently have the subdirectories v1.0.3705, v1.1.4322, and v2.0.40607
I'm in the same boat, although I do think that it takes an above-average level of computer competency to run Windows XP without spyware problems. Then again, I've always had hardware problems under Linux, so it seems like you need to excel at computers regardless of the OS you're using if you want it to be stable. Or maybe run Mac OS X (I don't know, I haven't tried it).
But yeah, I play games, do .NET coding, surf the Internet, and do school stuff all on Windows. What's nice is that a lot of what seems like Unix-exclusive software also runs on Windows. There's ActivePython, MiKTeX, a large collection of command-line Unix utilities, including wget, and even games such as FreeCiv. Other people might have different needs that necessitate Linux, but Windows runs fine for me.
With that said, Txiasaeia, you might want to try Gentoo for something different in the Linux world. Installation takes a while since it's a very manual process, but the entire distribution makes me feel "cleaner" when I use it (yes, I still take showers). Mandrake feels like absolute bloat to me, but I fell in love with Gentoo once I tried it.
Most excellent post. I've talked to some MS employees and they don't seem to have anything against the concept of open source itself. I feel that the fear of the GPL is purely because of legalities, and probably a bit of misunderstanding as well. It would be terrible from MS's standpoint if some GPL'ed code accidentally made its way into Windows, which results in the open-sourcing of some component they don't want open. And yes, I am confident they do not steal GPL code; it's made very clear internally that such code (and I think other outside code) is unacceptable in Microsoft products because of possible legal issues. Note that I do not mention something like "because GPL sucks ass!" To reiterate, my impression is that it's purely legal with a bit of misunderstanding.
About your example, a similar thing has happened with .NET. The .NET Framework SDK and compilers are freely available, but the Visual Studio.NET IDE is not. Although the VC++ compiler wasn't free in the past, the SDKs for Windows development have been free for as long as I can remember. Actually, I don't know if this is related to what you've said anymore, but it's an interesting example of how Microsoft places closed, $$ functionality on top of a layer of closed but free functionality.
That's something that's annoyed me with a lot of apps. What's with the gigantic fischer-price GUIs? are enterprise people attracted to that sort of thing?
Surprisingly, yes. I know a lot of people who knowingly keep the default Windows XP Luna scheme (I've asked them about it), and others who use the silver variant. So yes, some of you people may hate it but there do exist people out there who like the large UI elements and colors. People like my parents, whose eyesight are slowly getting worse with age. They surf the Internet with huge fonts, and a large 'fischer-price' UI definitely helps with eye strain.
With that said, I don't see anything wrong with making Evolution resemble Outlook as long as it borrows the good parts of Outlook's UI. Evolution needs a bit more contrast (someone else here mentioned it looked gray), but otherwise it's very slick and elegant.
Just like the "Y2K glitch" was a platform independant problem based upon the 2-digit-year shorthand causing logical flaws, if you store time in a 32-bit variable by the microsecond... you'll hit the hard limit after about 49.7 days which is why that number can show up in kernels other than Win9x. If there's no proper handling of that rollover, things go haywire.
One interesting bit is that Quake 1 servers had problems running for more than 49.7 days for what I assume is precisely the same reason.
Either they are not doing a good job of doing the whole buffer check thing that the guy harped to me about and it was all hogwash to impress upon you how "important" and "hard" coding in MS is, or there is something seriously wrong with the codebase that SO many exploits turn out everyday.
I was an intern at Microsoft this past summer, and I believe it's the shear quantity and perhaps complexity of software being written that's resulting in these bugs. They really do emphasize writing secure code now (I don't know how it was like before). I shared an office with two other interns, and during several code reviews another intern was involved with, there would be "did you check parameters here? potential buffer overflow? what if this is NULL?" And it wasn't even important code he was working on.
Forcing OEMs to include "restore CDs" instead of installation media.
My HP Pavilion zt3000 laptop came with an XP installation CD. After installing it I was left with a raw XP installation that was even missing drivers, so no, I somehow doubt Microsoft is currently forcing OEMs to include restore CDs over installation CDs.
Very neat, thanks. In my situation I'm creating user.prefs for everyone already, so this would work almost perfectly (and perfectly if I can stick the username inside the path somehow).
I was looking into going to CMU for their esteemed Computer Science program, but now I just hope they wont let this influence their set of courses, breadth of experience, or heterogeneous computer labs...
The University of Washington's Computer Science department recently moved into a new building partially funded by donations from Paul Allen, Bill & Melinda Gates Foundation, and Microsoft. Maybe they try to influence the software used to teach courses at other schools, but I don't see that here at all. The introductory programming courses are taught in Java (originally C++), the OS course requires that you write code on a *nix box (one of the projects involves modifying the Linux kernel), and most classes allow for projects to be coded on either a Unix or Windows machine. The computer labs actually increased percentage-wise in the number of Linux machines after moving into the new building.
This university is about a 15 minute drive from Microsoft in good traffic, and the evening CS master's program has a lot of Microsoft employees as students, so you'd expect a huge influence on course software. But Unix pops up in enough places that it feels balanced to me.
Active Directory was never intended to manage existing exe installers; you could use logon scripts to do install such programs. AD works with MSI files, however, which provide more structured installation as well as increased ease in customizing installations. Things like moving or renaming Start Menu shortcuts are easy with transform files.
Mind you, as long as MSI files are provided, you can easily upgrade products; it's provided directly in the Group Policy UI, in fact. I realize that the lack of MSI files may be a problem, but products such as the freely available WinInstall LE can help repackage exe installers as MSI packages, and MSI packages are used in the real world (Daemon Tools, Paint Shop Pro, Office, .NET redistributable, RSS Bandit, TortoiseSVN, Adobe Acrobat Reader). You might say "but most of those have exe installers!" They're actually just shims that check for the existence of Windows Installer; the actual installation information is in an embedded MSI.
Thanks for that information. I did something similar to get the files for Firefox, and after making modifications to the .js files for default user settings, I repackaged it as an MSI file for distribution.
Ahh kinda like ZenWorks [novell.com], or the NAL [novell.com]. But IMHO, that's still too much work. There's no good reason you can't just copy files from your server to the local machine to do an upgrade, with a flag file as the indicator.
That's possible, but MSIs provide useful features such as shortcuts and ability to make registry modifications. The latter is useful for making Firefox the default browser. I realize that all these can be done via scripting, but it's nice to have it all integrated in a single package, after which distribution is as simple as adding an MSI to a group policy.
The one area where MSIs really shine is customizability. Given an MSI file for an application, I can create my own transform file that changes things such as Start Menu shortcuts, installed files, registry changes, etc., basically anything regarding the installation process. This is difficult to do with regular exe installers, but not as applicable to Mozilla and Firefox since they both provide zip packages.
Did you look in the profile for your directory?
I'm not sure I understand what you're trying to get at there. Firefox profiles are stored in C:\Documents and Settings\username\Application Data\Firefox\... The problem is that changes in most of the Documents and Settings\username folder is copied to the domain server and back upon logging in and logging off. If a user jumps around machines a lot, this can cause copying entire profiles over the network. The Documents and Settings\username\Local Settings directory is exempt, and is intended for things such as Internet cache, which don't need to remain consistent across multiple machines. This is where Firefox's Internet cache should reside (but keep user configuration in its current location). I'd actually prefer it if profile copying were eliminated entirely, and profiles used directly from the domain server. It seems to work fine on Linux performance-wise, but I'm not qualified to really judge this.
Seriously dude, if you don't know how to write a simple script to copy files to all user's machines without the help of another program, what are you doing administering systems?
Of course it can be done, but then there are what I consider superior solutions when you already have an Active Directory network on Windows, where software upgrades and propagation of configuration settings can be controlled from a central place (Group Policies). Using scripts to upgrade would be like writing a script to download and patch on Gentoo even though emerge is already available.