Those are called Use Taxes. IMO, they should also be ruled unconstitutional in some cases:
INIAL, and I may be woefully incorrect about all of this, but, IIRC, the supreme court has ruled in the past that an interstate commerce tax is unconstitutional if it fails to violate either of the following:
1) must be compensating for an identifiable a tax burden. Decreased revenues due to 'lost sales' in other states do not count - clearly the NY interstate book tax would fail here.
2) The inter-and-intrastate taxes must be approximately equal. (You can't jack up the taxes for interstate commerce beyond what you demand of your own intrastate commerce. NY is probably okay here.)
The Use Taxes on vehicles/might/ be okay, provided the vehicles have a tax burden associated with them. And, vehicles do, though the burden probably ought not to be measured by the sales tax inside the state, but rather whatever vehicle-specific surcharges the state has.
The problem is that the UAC prompt also has to work with legacy applications which don't have contact information.:)
'don't warn me about this again' - presuming an app was trusted once at install-time, it's just going to go write the 'oh, the user allowed me permanantly, it's ok' setting wherever it turns out that is stored. Then they have no incentive to fix their design issues.
The problem isn't UAC, it's the fact that windows developers aren't writing for the standard user.
The best thing you can do as a user to ensure your user experience is good and will remain good?
Run as a standard user, on Vista and beyond.
Vista has done a lot to boost that demographic, but unless users start realize that Vista has nearly equalized the Administrator and Standard User scenarios, and start running as standard users, developers will find a new way to screw it up for standard users.
Key mistakes developers make:
'de-elevate' - the right way to do this is to keep a parent executable around, relative to the one from which you wish to 'de-elevate'. That parent executable itself may or may not have been 'elevated'.
'HKCR' - HKCR is there for compatability with win16. Stop using it already.
Interacting with the virtualstore - unless you are writing a module specifically designed to perform a one-time migration to address a virtualization issue with an older revision of your app, there's no reason to do this explicitly.
Interacting with the virtualstore from an 'elevated' app - wrong from conception. In UAC, if you elevate, you elevate to potentially another user entirely, and virtual stores are per-user. Ergo, this is never right.
'it's just a prompt'. It's not just a prompt. It's a stressed person running as a standard user in an enterprise who has to go ask help-desk to answer the UAC prompt.
My issue is about running code on my system that has the potential to be obnoxious as all hell. It's not quite so bad if the content is only going to affect how the page is displayed.
Still, I think the right way to go is to describe an extension to html that is flexible enough to let you dynamic content fans to get your content updates, maybe do some SOAP-fu here and there, but not provide access to thinks like input hooks. I can see no compelling reason to hook the keyboard and do mouse crap. Modal message boxes are a similarly bad feature. Your web page should not screw with my browser.
If the past 15 years of strobing pages, CPU gobbling animated backgrounds, looped 'all keys disabled' rickrolling with an endless supply of modal dialogs weren't enough to convince you, perhaps this should be.
The pic with the 2-tone room (red half, green half) makes me want to convert mine. Anyone know where people can buy colored LED lighting for @home, indoor application? I've not had a lot of success searching in the past.
Occam's razor is one of the most misapplied and intellectually virtueless axioms ever invented by man, and has no place in a rational discussion. Simplicity is always a matter of the framer's perspective.
Whether or not he's guilty (I for one don't take his behavior into account), my understanding thus far:
A) The prosecution has failed to show Nina Reiser is dead.
B) The prosecution has failed to produce any physical evidence linking Hans Reiser to Nina's death. Tiny flecks of blood found in places where Nina may have reasonably been in the past under normal circumstances in the past haven't even been found to be Nina's.
C) The prosecution has failed to produce circumstantial evidence tying Hans Reiser to Nina's death, just that he acts funny when he's convinced he is being followed by police and everyone thinks he killed his wife. Despite several attempts to guide Hans Reiser's children into a declaration that they witnessed an argument, nothing has been said that is consistant to that effect.
D) 8-time confessed serial killer Sturgeon was romantically involved with Nina.
I hope Hans didn't do it. If he did, though, I hope that the jury fails to find beyond a reasonable doubt that Hans Reiser murdered Nina Reiser, unless I've missed some vital piece of evidence somewhere, or they find their smoking gun. The evidence as I've seen it is too thin for someone to convict in good conscience.
Actually, I've got a pretty good understanding of how it works.
And yes, I am conflating privileges and ACL-foo and integrity level here, but what I said remains true - or is a serious bug if not.
That having been said, I think your implicit claim is about non-admin processes driving the input of admin-processes on the same desktop through window messages. I concede that this is a major design flaw (read: security bug), if true. I haven't personally tried.
In any case, in my mind, UAC is not about blame or security. It's about enforcing cleaner app design. Open a registry monitor sometime and watch programs writing what ought to be per-user settings to HKLM when the key is still restricted to 'Administrators' for write. People shouldn't do that. Developers have been blindly assuming everyone is an admin. In Vista, Microsoft tried hard to make the admin not-an-admin, and largely succeeded.
As far as the silent elevation: the scary scenario I was imagining was that someone would author a service that allowed for silent elevation of executables in a admin-protected config file. The problem this setup is that people would take advantage of it, and instead of cleaning up app design, during install they would just get themselves added to the magic 'I need admin privileges and don't mean to ask for them' list. Clearly you can see why this scenario would suck. Imagine if vi silently acquired root privileges every time it ran on your unix box. Blashpemy on unix, but developers of windows applications harp for just such a mechanism.
On this note, I am curious if the X11 design prevents applications from driving other applications on the same desktop.
Permeable how? That's an elevation of privilege (you know, the bad kind, not the user-requested kind) if so.
As far as UAC goes, that prompt isn't a warning, it's a very necessary privilege barrier. If they didn't display something, things would be silently elevating, and that is one hell of a scary prospect.
Windows has been a multi-user environment years, but it's still rare for an application to be written for a normal, non-administrative user. UAC is forcing software developers to write better, less invasive Windows software, which/is/ a good thing. I rarely see any prompts myself - installing software being the notable exception.
In '97-98, I had a little 4-5 node Beowulf cluster on a cart with wheels. While it wasn't quite as cost-effective as this, that's the nature of pricing in the computing world.
On that note... hard drives are good to have for all nodes, imo, since you may be doing things that make 'fetch/store data over the network' a bad strategy.
The entire point of the Beowulf model is it's cheap, easy, and fun. While it's great to see people building cute little clusters like this one, I wouldn't exactly call this a breakthrough moment in hobbyist cluster computing.
That having been said, I hope the machine gets a lot of use, and I like the appearance. I'm almost tempted to build one for myself, for old time's sake.:)
Slashdot Mirror
Those are called Use Taxes. IMO, they should also be ruled unconstitutional in some cases:
/might/ be okay, provided the vehicles have a tax burden associated with them. And, vehicles do, though the burden probably ought not to be measured by the sales tax inside the state, but rather whatever vehicle-specific surcharges the state has.
INIAL, and I may be woefully incorrect about all of this, but, IIRC, the supreme court has ruled in the past that an interstate commerce tax is unconstitutional if it fails to violate either of the following:
1) must be compensating for an identifiable a tax burden. Decreased revenues due to 'lost sales' in other states do not count - clearly the NY interstate book tax would fail here.
2) The inter-and-intrastate taxes must be approximately equal. (You can't jack up the taxes for interstate commerce beyond what you demand of your own intrastate commerce. NY is probably okay here.)
The Use Taxes on vehicles
The problem is that the UAC prompt also has to work with legacy applications which don't have contact information. :)
'don't warn me about this again' - presuming an app was trusted once at install-time, it's just going to go write the 'oh, the user allowed me permanantly, it's ok' setting wherever it turns out that is stored. Then they have no incentive to fix their design issues.
The problem isn't UAC, it's the fact that windows developers aren't writing for the standard user.
The best thing you can do as a user to ensure your user experience is good and will remain good?
Run as a standard user, on Vista and beyond.
Vista has done a lot to boost that demographic, but unless users start realize that Vista has nearly equalized the Administrator and Standard User scenarios, and start running as standard users, developers will find a new way to screw it up for standard users.
Key mistakes developers make:
'de-elevate' - the right way to do this is to keep a parent executable around, relative to the one from which you wish to 'de-elevate'. That parent executable itself may or may not have been 'elevated'.
'HKCR' - HKCR is there for compatability with win16. Stop using it already.
Interacting with the virtualstore - unless you are writing a module specifically designed to perform a one-time migration to address a virtualization issue with an older revision of your app, there's no reason to do this explicitly.
Interacting with the virtualstore from an 'elevated' app - wrong from conception. In UAC, if you elevate, you elevate to potentially another user entirely, and virtual stores are per-user. Ergo, this is never right.
'it's just a prompt'. It's not just a prompt. It's a stressed person running as a standard user in an enterprise who has to go ask help-desk to answer the UAC prompt.
I've been quite pleased with M-Audio cards, though linux support in alsa can be a bit dodgy (check before buying).
My issue is about running code on my system that has the potential to be obnoxious as all hell. It's not quite so bad if the content is only going to affect how the page is displayed.
Still, I think the right way to go is to describe an extension to html that is flexible enough to let you dynamic content fans to get your content updates, maybe do some SOAP-fu here and there, but not provide access to thinks like input hooks. I can see no compelling reason to hook the keyboard and do mouse crap. Modal message boxes are a similarly bad feature. Your web page should not screw with my browser.
Actually it may well be the case that nobody at Microsoft knows how to implement and specify it either. autospacelikeword96? Word96 was a while ago...
True, but I'm not talking about animated gifs, but rather animated mouse trails and crap like that.
I shouldn't need to run foreign code in order to display a bloody page. Or at least, that language should not enable abusive things.
If the past 15 years of strobing pages, CPU gobbling animated backgrounds, looped 'all keys disabled' rickrolling with an endless supply of modal dialogs weren't enough to convince you, perhaps this should be.
Flash, you're next.
Clearly any of the patents on the early bomb designs have long since expired. Nitpicking the summary blurb.
Comparing the efficiency of memory managers is hard. Care to explain this perception?
The pic with the 2-tone room (red half, green half) makes me want to convert mine. Anyone know where people can buy colored LED lighting for @home, indoor application? I've not had a lot of success searching in the past.
Correction: Joe Generic CS major who chose to use LaTeX (whatever the reason). You could do far, far worse as far as heuristics go.
Look for resumes made with LaTeX.
You know, any and all future network protocol RFCs should mandate the blacklisting of networks that choose not to comply.
Occam's razor is one of the most misapplied and intellectually virtueless axioms ever invented by man, and has no place in a rational discussion. Simplicity is always a matter of the framer's perspective.
Whether or not he's guilty (I for one don't take his behavior into account), my understanding thus far:
A) The prosecution has failed to show Nina Reiser is dead.
B) The prosecution has failed to produce any physical evidence linking Hans Reiser to Nina's death. Tiny flecks of blood found in places where Nina may have reasonably been in the past under normal circumstances in the past haven't even been found to be Nina's.
C) The prosecution has failed to produce circumstantial evidence tying Hans Reiser to Nina's death, just that he acts funny when he's convinced he is being followed by police and everyone thinks he killed his wife. Despite several attempts to guide Hans Reiser's children into a declaration that they witnessed an argument, nothing has been said that is consistant to that effect.
D) 8-time confessed serial killer Sturgeon was romantically involved with Nina.
I hope Hans didn't do it. If he did, though, I hope that the jury fails to find beyond a reasonable doubt that Hans Reiser murdered Nina Reiser, unless I've missed some vital piece of evidence somewhere, or they find their smoking gun. The evidence as I've seen it is too thin for someone to convict in good conscience.
Actually, I've got a pretty good understanding of how it works.
And yes, I am conflating privileges and ACL-foo and integrity level here, but what I said remains true - or is a serious bug if not.
That having been said, I think your implicit claim is about non-admin processes driving the input of admin-processes on the same desktop through window messages. I concede that this is a major design flaw (read: security bug), if true. I haven't personally tried.
In any case, in my mind, UAC is not about blame or security. It's about enforcing cleaner app design. Open a registry monitor sometime and watch programs writing what ought to be per-user settings to HKLM when the key is still restricted to 'Administrators' for write. People shouldn't do that. Developers have been blindly assuming everyone is an admin. In Vista, Microsoft tried hard to make the admin not-an-admin, and largely succeeded.
As far as the silent elevation: the scary scenario I was imagining was that someone would author a service that allowed for silent elevation of executables in a admin-protected config file. The problem this setup is that people would take advantage of it, and instead of cleaning up app design, during install they would just get themselves added to the magic 'I need admin privileges and don't mean to ask for them' list. Clearly you can see why this scenario would suck. Imagine if vi silently acquired root privileges every time it ran on your unix box. Blashpemy on unix, but developers of windows applications harp for just such a mechanism.
On this note, I am curious if the X11 design prevents applications from driving other applications on the same desktop.
Permeable how? That's an elevation of privilege (you know, the bad kind, not the user-requested kind) if so.
/is/ a good thing. I rarely see any prompts myself - installing software being the notable exception.
As far as UAC goes, that prompt isn't a warning, it's a very necessary privilege barrier. If they didn't display something, things would be silently elevating, and that is one hell of a scary prospect.
Windows has been a multi-user environment years, but it's still rare for an application to be written for a normal, non-administrative user. UAC is forcing software developers to write better, less invasive Windows software, which
New Scientist seems to have a habit of printing the worst kind of tripe. Slashdot really should stop giving them attention.
Seriously. Stop posting stories from New Scientist. Or articles in other publications on New Scientist articles.
In '97-98, I had a little 4-5 node Beowulf cluster on a cart with wheels. While it wasn't quite as cost-effective as this, that's the nature of pricing in the computing world.
:)
On that note... hard drives are good to have for all nodes, imo, since you may be doing things that make 'fetch/store data over the network' a bad strategy.
The entire point of the Beowulf model is it's cheap, easy, and fun. While it's great to see people building cute little clusters like this one, I wouldn't exactly call this a breakthrough moment in hobbyist cluster computing.
That having been said, I hope the machine gets a lot of use, and I like the appearance. I'm almost tempted to build one for myself, for old time's sake.
Actually, I've always thought there was a strong demand for a Star Trek comedy. I'd much prefer those over an animated series with 6-minute episodes.
I want to be snarky and point out this editor obvious has no grasp of grammar.
because we're going to build a 150,000 mile long cable, tethered securely to the Earth's surface...
Disregarding the content of your comment, you're still confusing encryption with obfuscation.
What you see here is obfuscation.