Hopefully this means we will have better samples before buying online. I am tired of searching for an album on Amazon, being curious, and finding the 30 second samples don't really help me, especially when the samples are TERRIBLE bitrate and overcompressed.
If you do a Google search for a song title and band right now, many return a "Liston On" link. Just now I did it and it gives three links for a copyrighted, RIAA song:
iLike - a broken video clip
Pandora - a 30 second sample
Lala - streaming play it once version of the whole song, not the best sound quality, but acceptable. It also has the whole album streamable once from the same page.
It looks more like "market shaping" to me - streaming is a contradictory market strategy to the "pay per download" model that Itunes uses.
Lala's business model incorporates pay per download as part of it, rather than contradicting it as you claim. You search Google and a link pops up. First listen is free for music discovery. You can pay a small amount each time to stream it successive times or you can buy it and download it as well as be able to stream that song whenever you want. It neatly incorporates the two models. A cynic might claim it eliminates the revenue from people repurchasing songs they downloaded then failed to backup and lost somehow, but I don't think that is a significant source of revenue for Apple. Rather, the goodwill from letting people re-download songs will make for happier customers, enhance the Apple brand, and lead to more hardware sales, which is where Apple makes the real money.
I agree that this purchase makes sense, but it seems risky to put forward the cash for something that relies entirely on google and affiliate links.
Well, Lala probably has a contract with Google, which they will still have to honor. Beyond that, this gets Apple a jumpstart on any competition. And given they're sitting on 31 billion in cash reserves, more than anyone thinks is sensible, I don't see this purchase as too risky.
iTunes runs on Windows, but it would be very Apple to put features in the Mac iTunes and exclude them from the Windows one.
It would? Do you have any examples of Apple doing this sort of thing in the past? iTunes is to sell iPods and iPhones. Most of those people use Windows. Has the Windows version of iTunes aver lacked feature parity with the Windows version?
Google Search for any song online via Google and Lala brought a stream right to you. First listen is free, after that you have to pay. Why would Apple buy them? Considering most sane people use Google and Lala doesn't require something like iTunes, Lala was in a better position to bring music people want directly to them.
That is probably the biggest reason.
This is just eliminating the competition before they got too big. Can I get an Antitrust Amen?
Umm, you don't know much about Lala do you? They admitted that they did not foresee any time in the near future where they would be profitable and as a long term investment were actively seeking someone to buy them to keep the service going. I doubt this will raise antitrust flags since Lala did not have significant market share and what they did have was primarily streaming.
As for the other reasons Apple bought them, besides the Google deal... They have significant engineering talent, they have a solid subscription streaming solution which is missing from Apple's lineup and that solution scales into individual downloads which is Apple's main offering, and they have their service built as a Web service, where Apple has recently started expanding iTunes. In fact, one analyst (UBS ) has already been speculating this signals Apple being serious about making iTunes a Web service that will work with any device and a possible service to run out of Apple's giant new server farm. If so, that would be breaking the exclusive ties between the iTunes store and Apple's hardware offerings which would in fact get rid of Apple's biggest potential antitrust problem.
one menu for all windows. It's not bad thing, saves vertical screen space. But i don't like it because there is totaly no way this could be used with focus follows mouse, witch i consider more useful feature.
The more important benefit of a single menu for everything is it is simply, much, much faster to access with a mouse. Users develop muscle memory because the menus are always in the same place and because they border the edge of the screen, they are essentially infinite in one dimension for mouse users. Most users never notice the speed difference because when they're accessing menus they are concentrating on the task and the perception of time's passage is greatly affected by that; but a formal usability study shows significant speed differences.
Of course i understand that such thing like focus follows mouse are for more advanced users only, computer newbies are confused even without this, and if they would have to always look where the mouse is i think it would be much harder for them (although skill gained by this should be useful later on i guess).
Most good user interfaces scale with the user. That is to say, they are easy to learn and easy to use for new users, but you can layer more complexity on top for advanced users. What you want to avoid is multiple methods for the same task, where an novice user can be stuck in an advanced user mode with no easy way out. A good example of this is mouse buttons. Chording or multitouch allows the same interface to work as expected for both types of users. Two physical buttons that have to be changed by changing hardware result in novice users mistakenly clicking the wrong button about 20% of the time. This is still one of the biggest usability failures of modern computing. Thankfully we're moving towards laptops and trackpads allowing for the problem to be overcome in the near future.
Id[sic] say we can split all users in 3 categories
We can, but a good interface should scale smoothly up as users become more proficient rather than changing drastically at some point. You go on to point out UI elements you like and which you think would be best for others. I've learned from long experience, you can't guess about these things. You can try different things, but you have to test everything and can't be attached to something cool, when testing shows it causes problems for users overall.
Personally, when I'm using text based programs like text editors, terminals, word processors, etc. I think keyboard tabbing is the fastest way to switch windows. You don't have to take your hands off the keyboard and if it is a tiered tab system (one command to switch app another for window) it scales very well even into hundreds of windows and tabs. Of course that is a learnability trade off, as it is harder for new users even if it scales better for advanced users. It is similar to multiple desktops, but without as much work on the part of users for setting up the desktops. It can also automatically switch your desktop in the process for those of us that like that feature. When using graphical applications I find that mapping a mouse button or gesture to an expose-like feature is faster by far than switching desktops and then moving the mouse onto the right window. It instantly puts all the windows in place and then you have the same behavior/workflow as mouse follows cursor.
Realistically, though, it is not what is fastest for you or I that should be targeted. It is what works best for the widest range of users when formally tested.
Agreed but it is still a way better metric than top product.
Not really. First we have access to numbers for top selling products, but I don't see any easy to find numbers on amount of money spent on apps by users of different phones. Second, top selling apps gives a good idea as to how much is spent for the average app. Amount spent per phone will vary greatly based upon what apps and what number are available. Would you use the same numbers to judge how much the average user is willing to spend on desktop computers? If people spend less money on apps for Macs than for Windows machines, does that reflect the free apps and different selection of apps or the willingness of users of those OS's to pay. Mac users spend less on games by a large margin, and yet shareware game companies report a much lower rate of nonpayment from those same users indicating that contrary to your proposed metric Mac users are more willing to pay for games.
Hell for linux the top grossing product might be some odd server thing that costs thousands to deploy. Does that mean linux users are rich? Fuck no.
That is because for the most part Linux is not a comparable product to Windows or OS X. Most Linux installs are for the server and appliance space where consumers don't consider Windows or OS X desktop products as an alternative. If you were to narrow that down to Linux on the desktop pre-installs though (say everex machines), I bet the numbers would be a pretty good indication.
Now probably here pops a lot of people that goes something like this: "oh i tried this and it suck" or something like that. Well then i bet you haven't tried it enough.
I've tried it (FFM) for years and still use it and I've formally tested it in usability studies. Focus follows mouse is a useful UI feature, but it does not work with permanently positioned menus, which are an even bigger usability win.
Or people think hard to learn = hard to use (never mind that hard to learn most of the time means, i'm very lazy to learn something new, so I'll just say interface i don't know sucks).
Learnability is just one aspect of usability, and you're absolutely right that it is not the only function thereof. Take single button trackpads (not mice, trackpads), for example. They win on learnability of novice users. They fail on learnability for moderate users, who are already used to two buttons, but are unwilling to learn to use a keyboard key for chording. They win for advanced users who are willing to learn chording because they are faster once learned than two button trackpads. Mostly this has been supplanted by multi-touch now, but for the longest time this held true and usability experts all pretty much agreed based on the studies, but normal users did not understand, would not believe, and constantly spread misinformation based upon their own misguided opinions.
My point is there are a lot of people that bitch about fsf/oss software interfaces, while most of them are stuck with stone age interfaces, and don't know better.
I make a point of using multiple interfaces daily and being current on all of them. The same holds true for pretty much everything. Windows users complain about Linux, despite having never used it as their daily OS nor bothered to learn the major interface elements. But Linux users are just as loud bout complaining about OS X, while most clearly have never used it for more than 10 minutes since they don't even know what the user interface elements implemented in it are. I've tried to do comparisons of the strengths and weaknesses of major OS's many times, including soliciting opinions from Slashdot users. The results are frustrating, with greater than 90% of comments being from persons who clearly do not use or understand one of the two OS's they are comparing. This holds true for UI elements as well as most other aspects of OS's.
I think the communications failure here is no one is quoting the portion of the other's comment they are referring to. Let me try to clarify:
Pretty much a big failure on OS X that their Maximize doesn't even always make a window full screen.
Maximizing made sense when we were all using 640x480 screens. Every pixel was precious and had to be dedicated to the task at hand.
And what about a tabbed and paned interface loses the ability to see two windows side by side?
Nothing about tabbed and paned, but everything about a maximize button that always takes up the whole screen instead of maximizing the content. You see, if the button to expand a window makes that window take up the whole screen, even when there is not enough content to fit, then you can't see other open windows, like a second window that you would otherwise be able to see next to it. Hence, the expand button in OS X leaves it up to the app developer to decide if their application is one that should expand to fill the screen (like movie viewers and most games) or expand to show all content (like text editors and terminals). It was a smart UI choice, that gets a lot of negative comments from people who have not used it and know nothing about UI design.
And if you look at the iPhone's top grossing apps*
Why would anyone look at that particularly? Of course it will be skewed towards more expensive applications by virtue of what it is. I suppose you can compare that to the top grossing apps on other platforms. But I don't see those numbers published anywhere for anything but the iPhone for comparison. I chose the top selling apps because there were numbers for most platforms easily available.
I don't pay anything for apps because I don't own a smartphone. What does that have to do with anything. One person's experience doesn't really matter compared to wide ranging statistical analysis of many users.
Yeah, but there are still fewer free apps for WinMo than the iPhone. What were were talking about was specifically excluding apps for free because you said apps that were sold. I'm not interested in getting in a dick waving contest with you about whether Windows Mobile or the iPhone is a better platform for some purpose. I don't care and don't own one of either. I'm just wondering where you got the idea that apps cost more on the iPhone, since I've never seen any article that made such a claim and many that said the opposite.
If you do have a source for your opinion, please present it, otherwise I'm writing your opinion off as just unsupported belief from a fanboy/hater.
Find stats on amount of money spent on apps PER phone.
Why? How does that matter when it can be hugely influenced by how many offerings are available on a given platform and by how easy it is to acquire those offerings. You might as well argue that people that shop at Walmart spend more money than people who shop at the Gap, because the average person spends more money at the former in a year. Of course they do, because Walmart has a lot more selection of products.
I think the fact that a poor game can be so popular is the fact that they are targeting addicted social network users.
That is a valid point.
That is like saying you can sell games and apps for more on an iphone... duhhh. It is all about the user base.
I'm not sure I'm following you here. You think you can sell games for more on an iPhone than on what platform? Games are certainly cheaper on average than on a Nintendo DS or PSP (which average $32 a title). I haven't seen overall numbers for other phone platforms, but there are published numbers on the average cost of the top 10 most popular paid apps and the iPhone is at the bottom of the list:
iPhone - $1.60
Windows Mobile - $20.00
BlackBerry - $18.00
Nokia Symbian S60 - $24.50
In short, I don't know where you get the idea that people pay more for apps on the iPhone, but from all the numbers I've seen the exact opposite seems to be the case by a huge margin. The larger user base a developer can target with a single version of the app and the fact that Apple charges very little from developers (profiting from increased Phone sales instead) has made the iPhone a place where people actually make money selling small titles for a dollar and major games for $10.
No it isn't but, the actual quote is "correlation does not imply any specific causation". Correlation does imply (not prove, that's for math) some causation. Lack of correlation, likewise strongly implies a lack of causation. It is inductive logical refutation for the theory that cell phones increase rates of brain cancer... the scientific method at work.
So long as MS has any control - real or perceived - over third parties who run such distribution channels, it will be fined to Hell and beyond for abusing monopoly (and rightly so, IMO).
That's not how antitrust law works. For MS to be found guilty and fined they need to be leveraging their OS monopoly into another market. In this case, it would be the market for a specific kind of application. All MS has to do to remain compliant with the law is treat their own applications exactly the same as third party applications. That means no MS applications that don't have to use the same APIs or sandbox.
You largely describe how sandboxed.NET applications (e.g. those installed using ClickOnce, or WPF browser applications running in a browser) work. That exists today. Application writers mostly don't bother with it, however, even when they build on.NET anyway.
I don't want to quibble about the details there. For such a system to work, developers need to be given incentive to use such a system. For example, users won't be shown scary looking prompts that might lead them to use a competing product and it is the default behavior for apps built using mainstream dev tools. You can't just add it as an option, if developers are willing to put in more work for the same money, and expect it to make any difference.
And making it the only way to run "untrusted" applications... see above monopoly issue in case a whitelist is involved. And with no whitelist, it would be a usability hell.
That's easy from an antitrust perspective. Provide a greylist in the form of a regularly updated feed. Provide the API to third parties and allow any company willing to sign a contract (known parties that can be held legally responsible) to supply the same either for free or as a pay service.
I'd also note, a whitelist/blacklist is not sufficiently granular. Rather each app should be restricted by an ACL (already an option built into Windows) and the whitelist should approve/disapprove/or modify the ACL.
As a side note, for all the good ideas, why do you think e.g. Apple doesn't implement them in desktop OS X?
Because to date there have been what, two in the wild trojans and no in the wild worms for OS X. Apple implements a level of security that is appropriate to the threat posed to their users. Right now, looking for both trojans when downloading files from Safari and Mail.app seems to work just fine.
I might mention Apple has done a lot of work over the last two versions building all the underlying architecture needed to implement just such a system. They ported an ACL framework from TrustedBSD and wrote their own signing framework. That combined with the OpenStep implementation leaves them with everything but the manager app and the OS UI components. They already use the signing framework in their security and already apply ACLs to sandbox several potentially vulnerable applications and services. In fact it already prevented OS X from being vulnerable to the ZeroConf exploit that hit Linux and many Windows apps a few years back.
Nonetheless, most Windows malware is of the "explicitly run by the user" kind. Why aim for anything more complicated when this simple approach requires absolutely no security or hacking skills, and works wonderfully?
While I agree trojans are a significant concern, I don't think you can dismiss other kinds of malware either. Last I checked the numbers, while trojans were the most numerous kind of malware (more kinds of trojans than any other malware) they did not make up the bulk of compromised computers. That honor was still held by automated worms which had no user interaction. While there are fewer different worms out there, each one exploited vastly more systems than any trojan.
You can't secure against that[trojans], and no OS on the market today does that.
The iPhone and SELinux both seem to contradict your assertion.
SELinux can still be disabled, so in a sense it's equivalent to a particularly annoying prompt.
But in the environment where it is deployed, it is not disabled and often users have ability to disable it, yet those same users can still install arbitrary software, it is just into a locked down sandbox.
iPhone - it's not an OS feature, it's a "feature" of a locked-down distribution channel. A very dubious one at that, and I can't even imagine what an outcry would there be on/. (and elsewhere) if Microsoft ever went for white-listing applications that can run on Windows.
The distribution channel is a feature of the OS. Ubuntu Linux, by the way, has a similar model on the roadmap where they offer commercial apps though a store built into the package manager and by default disable software installation from other sources. Apple has a single distribution channel, but would they be all that much less secure if the iPhone allowed subscription to multiple distribution channels, all signed? It's the fact that the applications come through a certifying body and are linked to real people and their ability to run can be revoked centrally that makes it very secure. MS could (and I think should) replicate the default sandboxing and centralized installation management. Further they should allow other software to run, but only in a locked down sandbox or VM that can't access any file not explicitly selected by the user. There's no reason you can't add the security features of the iPhone without making it a one company show.
My entire reply was about how more prompts do not make an OS more secure, so I'm not sure what you're implying.
I was commenting on your phraseology which implied that the OS was still not secure despite tons of prompts instead of because of tons of prompts.
It's not impossible, but as described it's rather pointless.
I disagree.
I dare say that the majority of software run requires some persistent access to system state (i.e. at least some changes should remain after it's closed - saved documents, etc). So full sandboxing is unfeasible for all applications.
Who said anything about full sandboxing. When I use a VM, I give that VM access to a single directory in a larger shared directory of the host OS. If I want it to access files I copy them into the directory. When I'm done, I can copy select files out of the directory. The directory is locked so it can never use more than a select amount of disk space. The VM has access to the internet or not on a one off basis, which I can disable at any time and excessive network use is easily detected by my monitors. All of these are reasonable secure defaults that don't interfere with the operation of normal software. Some are a bit cumbersome because I'm implementing them by hand, explicitly, instead of their existing as a part of a pre-built, polished security infrastructure. The easiest way is to limit applications to the ability to modif
Just to clarify, using your definition of sufficient security, no consumer PC OS has sufficient security.
Most Mac OS X users never have a significant security related problem. Most SELinux workstation users never have a significant security related problem. Most Symbian OS users never have a significant security related problem. These OS's all have differing level of security in different ways, some more and some less strict than in Windows 7. The difference is, the amount of effort put into security for those OS's is sufficient to meet the needs of the customers, because if it isn't customers move on to another OS. Microsoft does not have that issue, so they do not invest money in securing their OS to deal with the level of threat appropriate to the real world environment in which it operates.
People who single out Windows for problems that are systemic across all other Operating Systems are a) moronic and b) zealots
Or maybe you're simply not understanding how Windows is different from all other OS's. It is not being marketed in a competitive free market where customers needs are met because that is what maximizes profit. If MS were broken up into two companies both with complete rights to the Windows code, half the resources, and forbidden to in any way interact non-publicly or enter into exclusive agreements, how long do you think it would be before one of those companies introduced technology that made security no longer a major issue for their users as a way to win customers from the competing company?
Malware is what users explicitly run, and then it does bad things to their system.
You're thinking of a trojan. Malware is simply short for malicious software, which includes trojans, but also worms, viruses, and others.
You can't secure against that, and no OS on the market today does that.
The iPhone and SELinux both seem to contradict your assertion.
You can pop up tons of prompts...
Why do users who seem focused entirely on Windows seem to think MORE prompts would make an OS more secure?
...but then it's the "dancing bunnies" problem
When I want to run Windows software I don't trust, I install it in a clean Windows VM by itself and roll back any changes to the VM after each time I use it. Are you telling me it is impossible to automate that level of sandboxing?
... the user can be convinced to click "Yes" on each and every prompt.
If you're giving people prompts that have a "Yes" button you've already failed and need to hire some usability experts with security backgrounds and then listen to them. All buttons should be verbs that describe a unique action. Otherwise the more prompts you have the more you condition users to a single response without reading. It's lot harder to convince a user to click the "Let this program from an unknown source have complete control of my computer forever", especially when that is the last option, they've never seen that before, and one of the other options is "Run this, but don't let it access my files" that safely runs the application in a sandbox or clean VM and hands it dummy resources when asked.
The PC was invented because people wanted to have a computer under their control that they could load anything they wanted to. Trick someone into thinking that the cute little fluffy sheep walking around on their screen is something they want, and they'll install it, and they'll answer the "Do you want this program to have access to core system functions?" and they'll have no clue what a core is except they don't own an Apple, and they'll say "sure, whatever it takes to just stop bothering the piss out of me and show me the fuzzy sheep".
If your OS is asking end users if an unsigned application can have complete control of their computer, then you have already failed as an OS designer. A good OS lets the user run whatever they want, but sandboxes it by default so they can do so safely. If you make sure users know applications will run or not regardless of if they give it complete control of their computer, because the app itself doesn't have a good way to tell, then you can easily let users see the fuzzy sheep without letting it root the machine. This is s solved problem.
The user can control the computer, or they can't.
You can let the user control the computer if you give them good information, good choices, and good granularity of control. "Run it and let it control my computer forever" or "don't run it" is not sufficient granularity of control. It's like Word files back in the day. You could open them or you could not open them. My boss offered a grand for anyone in the office that could create a menu item that was "open but don't let it run macros and VB scripts and infect my machine".
If you give them control, they can and frequently will load things that will cause problems.
Only if you give them crappy defaults and poor choices without enough info.
I intend no insult to inexperienced users here. It would be nice if computers were designed to slowly unlock functions as people get more experienced and knowledgeable with the operating system, but that just ain't gonna happen.
There is no need for slowly unlocking functionality. Just put crazy options like running unsigned apps outside of the sandbox in a advanced options menu where users of legitimate software will never have to go and make sure it is appropriately labelled like "Allow the unknown person who created this software to control my computer from now on".
Like ladders, chainsaws, hammers, and lathes - there's only so much safety you can design into something and still allow someone to get the work done they want with it.
Chainsaws aren't designed so that if you cut into the wrong tree an eco-activist can at any point in the future take over your chainsaw and do what they want with it unless the user goes to great lengths and buys third party products to stop that from happening. OS's should have security appropriate to the threat level they are likely to be subjected to. For home users, Windows does not have sufficient security.
As long as the person using it understands what a program should have access to and is capable of making an informed decision that "dancing fluffy bunnies" should not have access to the Master Boot Record or the/windows/system32/etc folder. As opposed to, say, a system management tool that should.
This is not necessary at all. Simply apply ACLs to every application. Apply more restrictive ACLs to unsigned applications and don't even give the user the option the escalate unless they go into advanced settings. Provide good sandboxing up to and including a VM that the malware will have difficulty knowing it is in. If all of the above fails, allow current security companies to provide an ACL/graylist for software using the built in security architecture.
If "dancing fluffy bunnies" is signed, then the malware author will be caught in short order and the signature revoked. If it is not signed and it wants to do anything useful, the user will have to have the knowledge to manually disable the security (which will not be necessary to run any software the user has ever seen that isn't malware) and it will have to have been missed by any security feeds the user subscribes to.
This is largely a solved problem complicated by several nontechnical problems. MS has a monopoly and it is more profitable for them to do little and make press releases than it is to actually invest in coding and testing this. MS is not great at innovation, and no other major vendor has done this for a mainstream desktop because there is no demand except on Windows. MS is terrible at UI usability, and usability is integral to security in this instance (one of the reasons UAC has failed to be effective).
They've seen the error of their ways, and tried to fix it in Vista and Se7en. With UAC, the USERS are STILL ASKING for this software to be installed, then people get upset when, lo and behold, it does get installed.
Users are not being given the information they need to make a good decision or the interface with granular control they need to make a safe decision. If you want to run software you don't trust, safely on Windows (even 7) the easiest way is still to install a VM, install windows in the VM, install the software in Windows in the VM on Windows, run the software, and rollback the VM when you're done. That is way beyond the capabilities of the average user and is way, way, way to slow and cumbersome of a method. Why can't Windows have a simple "This application is from an unknown source and wants to perform actions that may compromise your computer's security (Don't run it) (Run it safely in a sandbox) (Advanced Options)" With 'Advanced Options' being the only way to run the application and let it have more permission than a very restrictive sandbox?
We can design the software to be as secure as we want. We can allow an untrained user to install software. PICK ONE.
Bullshit. Untrained users install software securely on the iPhone. They do it on a good SELinux setup. The idea that you have to pick one is simply crap that people assume based upon having no idea about security except as it exists in Windows.
As much as I hate to come to microsoft's defense, this problem is at least as much the fault of the user.
One of the biggest failings of computer security is this idea that figuring out who can be blamed is part of it. It doesn't matter whose fault it is, just that the security has failed. Heck you could create Linux distro that prefaces every command with a warning that taking any action might result in the computer being compromised. Then it's the users fault, right? It's absurd. You have to take normal user behavior into consideration when designing a security architecture.
Think of the windows users you know - how many of them log in to their computer with full uninhibited administrator rights every single time they user their computer?
Most of them because most Windows users are still running a version of Windows where that is the default and they don't even know what the difference is. Others just want to get work done and have apps that run when they are administrators, but which they don't know how to run when they aren't.
The vast majority of malware, rootkits, spyware, viruses, etc that plague windows so severely are completely dependent on having administrator rights.
Where I'll give MS credit is where they recognized that regular user and admin accounts don't provide enough granularity of security for the modern era and moved to a more fine grained permissions scheme.
If windows users would join the rest of the computing community in the present century and realize that they don't need administrator rights to check their email, they would see the infection rate drop astronomically.
Actually what needs to happen is for MS to make all application developers, including their own obey strict rules for sandboxing of applications not just from the OS, but from one another. Then it doesn't matter if you're an admin or a regular users because it is the application that does not have permission to mess with anything without the explicit approval of the user. Since making sandboxing mandatory would also make applications attempting to do this very rare, UAC alerts could be an extreme rarity, without sacrificing security.
Although of course there are far too many software companies that write terrible code (for useful software) for windows that won't install without administrator rights, but that is another matter.
Actually, that's probably the biggest issue. MS has all the power here. They can enforce whatever restrictions they want on application developers so long as MS plays by the same rules themselves. You don't see a lot of malware on the iPhone unless users have gone out of their way to hack their own system. I don't advocate locking things down to a single repository, like Apple did, but there's no reason a full fledged desktop OS can't get all the same security advantages without the single repository lock-in... if the OS vendor put in the work to do it.
The average user is not installing software that often in comparison to the frequency in which they use their computer for mundane tasks that have no need for administrator access.
Average users shouldn't have to know the difference. They should just log in, be in normal user mode by default, and be asked for escalation of privileges in the rare instance where that is needed (NOT all the fricking time to do normal tasks).
(1) When did Microsoft buy-out Apple? They must have taken-down the "Don't be evil" mission statements.
You seem to be confusing Apple and Google.
(2) Is there any proof that SMELL can cause lung problems?
No one said smell can cause lung problems anymore than people claim sight can cause your chest cavity to be punctured because you can see a guy aiming a gun at you. Smell is a sense which can be used to detect things that are potentially damaging, like carcinogens.
"It is impossible for a lawyer to determine what business conduct will be pronounced lawful by the Courts. This situation is embarrassing to businessmen wishing to obey the law and to Government officials attempting to enforce it."
- Supreme Court Justice Jackson, head of the Antitrust Division, [DoJ]
You're quoting a guy who served in the 50's and who is famous for making some of the most questionable supreme court decisions of all time? Sorry but we have plenty of precedent and while judging the extent of influence is subjective, judging the quality of the acts that are illegal is quite clear cut. No one has ever been convicted of the type of act you're asserting MS would be in trouble for. Any competent lawyer could advise them on how to implement such a feature without any legal exposure.
Incorrect. Its about ILLEGALLY EXCLUDING your competitor(s) from competing in the market.
The fact that you only mention one market, when almost all antitrust law is about two different markets, basically shows you're clueless.
Also, The market definition is INSANELY vague. In US vs Microsoft the market definition for operating systems was "Single User desktop PCs that run on an intel chip". Why not "Single user desktop PCs that come in a shiny case and run on a PowerPC chip"?
Because they look at the market and see what users purchasers consider when making such a purchase. Since OEMs were not making PPC systems and then considering buying Windows and alternative OS's to run on them, they made the most succinct market definition they thought would clarify things. It's not at all hard to understand if you know what a "market" is in legal and economic terms.
Harm to competitors is obviously not illegal. If you do well, your competitor gets harmed.
You're over simplifying. It's harm to competitors in one market, using monopoly influence in a different market that is illegal. Competitors in a different market being harmed by what you do in a market where they aren't meaningfully competing is not something that normally happens in business. It only happens when one company has such large influence on a market that it can leverage it.
However if you read the anti-trust rulings, this line is HUGELY blurry.
Just because you don't grasp a concept, doesn't mean it is blurry. How much influence a company has on a market is blurry. Whether or not a given action is damaging and leveraging that influence, however, is quite clear and easily testable.
Whats[sic] was even more shameful was that while this alleged 'illegal' exclusion of netscape from the market was going on, millions of users managed to download and install Netscape.
Are you a moron? That's analogous to saying, "even after the beating, the victim still managed to keep breathing and eat liquid foods. They weren't dead. Clearly the assault case should be thrown out". Because harm does not totally kill another market it should be legal, as if the only level of damage that we should worry about is complete and utter annihilation? Yes, you are a moron.
That's also probably why you're posting as an anonymous coward.
And who the fuck are you? Hiding behind a username on a website? Oh the irony..
First, that's not irony. Second, I'm using a pseudonym, but at least I stand behind my comments and reputation built as part of that pseudonym as well as putting my karma on the line. You switch to commenting as an AC as soon as you realize you're talking out your ass.
I feel the same way, but will HTML5 ever get widely used if IE doesn't support it (properly)?
Maybe. You need to install a plug-in to run Silverlight. With the Chrome Frame plug-in you can do the same thing with HTML5, and users of other browsers don't need a plug-in at all, potentially resulting in a net win. The real issue is if HTML5 will be acceptable to the media companies that want DRM and lock-in so they can double charge for content they provide.
LOL. Its cute how computer geeks think they can read wikipedia and think they now understand anti-trust law. You have little to no clue what you're talking about.
Actually I do, which is why my predictions about how antitrust law is going to handle something turn out to be correct so often. Go ahead and look at my posting history.
Anti-trust law is INSANELY ad-hoc and is riddled with holes you can ride a truck through.
Reading the Clayton and Sherman acts gives you 90% of what you need to know. Sure there are details, but in the US the fundamental concepts are not too difficult and it's clear you have no idea what the hell you're talking about because you're getting the fundamental concepts wrong. That is to say, leveraging a market into another is fairly prerequisite, except for price fixing. That's also probably why you're posting as an anonymous coward.
Although my job here isn't to educate you...
That's good since you don't even seem to grasp the fundamental concepts involved.
Slashdot Mirror
Hopefully this means we will have better samples before buying online. I am tired of searching for an album on Amazon, being curious, and finding the 30 second samples don't really help me, especially when the samples are TERRIBLE bitrate and overcompressed.
If you do a Google search for a song title and band right now, many return a "Liston On" link. Just now I did it and it gives three links for a copyrighted, RIAA song:
It looks more like "market shaping" to me - streaming is a contradictory market strategy to the "pay per download" model that Itunes uses.
Lala's business model incorporates pay per download as part of it, rather than contradicting it as you claim. You search Google and a link pops up. First listen is free for music discovery. You can pay a small amount each time to stream it successive times or you can buy it and download it as well as be able to stream that song whenever you want. It neatly incorporates the two models. A cynic might claim it eliminates the revenue from people repurchasing songs they downloaded then failed to backup and lost somehow, but I don't think that is a significant source of revenue for Apple. Rather, the goodwill from letting people re-download songs will make for happier customers, enhance the Apple brand, and lead to more hardware sales, which is where Apple makes the real money.
I agree that this purchase makes sense, but it seems risky to put forward the cash for something that relies entirely on google and affiliate links.
Well, Lala probably has a contract with Google, which they will still have to honor. Beyond that, this gets Apple a jumpstart on any competition. And given they're sitting on 31 billion in cash reserves, more than anyone thinks is sensible, I don't see this purchase as too risky.
iTunes runs on Windows, but it would be very Apple to put features in the Mac iTunes and exclude them from the Windows one.
It would? Do you have any examples of Apple doing this sort of thing in the past? iTunes is to sell iPods and iPhones. Most of those people use Windows. Has the Windows version of iTunes aver lacked feature parity with the Windows version?
Google Search for any song online via Google and Lala brought a stream right to you. First listen is free, after that you have to pay. Why would Apple buy them? Considering most sane people use Google and Lala doesn't require something like iTunes, Lala was in a better position to bring music people want directly to them.
That is probably the biggest reason.
This is just eliminating the competition before they got too big. Can I get an Antitrust Amen?
Umm, you don't know much about Lala do you? They admitted that they did not foresee any time in the near future where they would be profitable and as a long term investment were actively seeking someone to buy them to keep the service going. I doubt this will raise antitrust flags since Lala did not have significant market share and what they did have was primarily streaming.
As for the other reasons Apple bought them, besides the Google deal... They have significant engineering talent, they have a solid subscription streaming solution which is missing from Apple's lineup and that solution scales into individual downloads which is Apple's main offering, and they have their service built as a Web service, where Apple has recently started expanding iTunes. In fact, one analyst (UBS ) has already been speculating this signals Apple being serious about making iTunes a Web service that will work with any device and a possible service to run out of Apple's giant new server farm. If so, that would be breaking the exclusive ties between the iTunes store and Apple's hardware offerings which would in fact get rid of Apple's biggest potential antitrust problem.
one menu for all windows. It's not bad thing, saves vertical screen space. But i don't like it because there is totaly no way this could be used with focus follows mouse, witch i consider more useful feature.
The more important benefit of a single menu for everything is it is simply, much, much faster to access with a mouse. Users develop muscle memory because the menus are always in the same place and because they border the edge of the screen, they are essentially infinite in one dimension for mouse users. Most users never notice the speed difference because when they're accessing menus they are concentrating on the task and the perception of time's passage is greatly affected by that; but a formal usability study shows significant speed differences.
Of course i understand that such thing like focus follows mouse are for more advanced users only, computer newbies are confused even without this, and if they would have to always look where the mouse is i think it would be much harder for them (although skill gained by this should be useful later on i guess).
Most good user interfaces scale with the user. That is to say, they are easy to learn and easy to use for new users, but you can layer more complexity on top for advanced users. What you want to avoid is multiple methods for the same task, where an novice user can be stuck in an advanced user mode with no easy way out. A good example of this is mouse buttons. Chording or multitouch allows the same interface to work as expected for both types of users. Two physical buttons that have to be changed by changing hardware result in novice users mistakenly clicking the wrong button about 20% of the time. This is still one of the biggest usability failures of modern computing. Thankfully we're moving towards laptops and trackpads allowing for the problem to be overcome in the near future.
Id[sic] say we can split all users in 3 categories
We can, but a good interface should scale smoothly up as users become more proficient rather than changing drastically at some point. You go on to point out UI elements you like and which you think would be best for others. I've learned from long experience, you can't guess about these things. You can try different things, but you have to test everything and can't be attached to something cool, when testing shows it causes problems for users overall.
Personally, when I'm using text based programs like text editors, terminals, word processors, etc. I think keyboard tabbing is the fastest way to switch windows. You don't have to take your hands off the keyboard and if it is a tiered tab system (one command to switch app another for window) it scales very well even into hundreds of windows and tabs. Of course that is a learnability trade off, as it is harder for new users even if it scales better for advanced users. It is similar to multiple desktops, but without as much work on the part of users for setting up the desktops. It can also automatically switch your desktop in the process for those of us that like that feature. When using graphical applications I find that mapping a mouse button or gesture to an expose-like feature is faster by far than switching desktops and then moving the mouse onto the right window. It instantly puts all the windows in place and then you have the same behavior/workflow as mouse follows cursor.
Realistically, though, it is not what is fastest for you or I that should be targeted. It is what works best for the widest range of users when formally tested.
Agreed but it is still a way better metric than top product.
Not really. First we have access to numbers for top selling products, but I don't see any easy to find numbers on amount of money spent on apps by users of different phones. Second, top selling apps gives a good idea as to how much is spent for the average app. Amount spent per phone will vary greatly based upon what apps and what number are available. Would you use the same numbers to judge how much the average user is willing to spend on desktop computers? If people spend less money on apps for Macs than for Windows machines, does that reflect the free apps and different selection of apps or the willingness of users of those OS's to pay. Mac users spend less on games by a large margin, and yet shareware game companies report a much lower rate of nonpayment from those same users indicating that contrary to your proposed metric Mac users are more willing to pay for games.
Hell for linux the top grossing product might be some odd server thing that costs thousands to deploy. Does that mean linux users are rich? Fuck no.
That is because for the most part Linux is not a comparable product to Windows or OS X. Most Linux installs are for the server and appliance space where consumers don't consider Windows or OS X desktop products as an alternative. If you were to narrow that down to Linux on the desktop pre-installs though (say everex machines), I bet the numbers would be a pretty good indication.
Now probably here pops a lot of people that goes something like this: "oh i tried this and it suck" or something like that. Well then i bet you haven't tried it enough.
I've tried it (FFM) for years and still use it and I've formally tested it in usability studies. Focus follows mouse is a useful UI feature, but it does not work with permanently positioned menus, which are an even bigger usability win.
Or people think hard to learn = hard to use (never mind that hard to learn most of the time means, i'm very lazy to learn something new, so I'll just say interface i don't know sucks).
Learnability is just one aspect of usability, and you're absolutely right that it is not the only function thereof. Take single button trackpads (not mice, trackpads), for example. They win on learnability of novice users. They fail on learnability for moderate users, who are already used to two buttons, but are unwilling to learn to use a keyboard key for chording. They win for advanced users who are willing to learn chording because they are faster once learned than two button trackpads. Mostly this has been supplanted by multi-touch now, but for the longest time this held true and usability experts all pretty much agreed based on the studies, but normal users did not understand, would not believe, and constantly spread misinformation based upon their own misguided opinions.
My point is there are a lot of people that bitch about fsf/oss software interfaces, while most of them are stuck with stone age interfaces, and don't know better.
I make a point of using multiple interfaces daily and being current on all of them. The same holds true for pretty much everything. Windows users complain about Linux, despite having never used it as their daily OS nor bothered to learn the major interface elements. But Linux users are just as loud bout complaining about OS X, while most clearly have never used it for more than 10 minutes since they don't even know what the user interface elements implemented in it are. I've tried to do comparisons of the strengths and weaknesses of major OS's many times, including soliciting opinions from Slashdot users. The results are frustrating, with greater than 90% of comments being from persons who clearly do not use or understand one of the two OS's they are comparing. This holds true for UI elements as well as most other aspects of OS's.
I think the communications failure here is no one is quoting the portion of the other's comment they are referring to. Let me try to clarify:
Pretty much a big failure on OS X that their Maximize doesn't even always make a window full screen.
Maximizing made sense when we were all using 640x480 screens. Every pixel was precious and had to be dedicated to the task at hand.
And what about a tabbed and paned interface loses the ability to see two windows side by side?
Nothing about tabbed and paned, but everything about a maximize button that always takes up the whole screen instead of maximizing the content. You see, if the button to expand a window makes that window take up the whole screen, even when there is not enough content to fit, then you can't see other open windows, like a second window that you would otherwise be able to see next to it. Hence, the expand button in OS X leaves it up to the app developer to decide if their application is one that should expand to fill the screen (like movie viewers and most games) or expand to show all content (like text editors and terminals). It was a smart UI choice, that gets a lot of negative comments from people who have not used it and know nothing about UI design.
And if you look at the iPhone's top grossing apps*
Why would anyone look at that particularly? Of course it will be skewed towards more expensive applications by virtue of what it is. I suppose you can compare that to the top grossing apps on other platforms. But I don't see those numbers published anywhere for anything but the iPhone for comparison. I chose the top selling apps because there were numbers for most platforms easily available.
I pay more than $1.60 for apps.
I don't pay anything for apps because I don't own a smartphone. What does that have to do with anything. One person's experience doesn't really matter compared to wide ranging statistical analysis of many users.
Pretty much all winmo apps are free...
Yeah, but there are still fewer free apps for WinMo than the iPhone. What were were talking about was specifically excluding apps for free because you said apps that were sold. I'm not interested in getting in a dick waving contest with you about whether Windows Mobile or the iPhone is a better platform for some purpose. I don't care and don't own one of either. I'm just wondering where you got the idea that apps cost more on the iPhone, since I've never seen any article that made such a claim and many that said the opposite.
If you do have a source for your opinion, please present it, otherwise I'm writing your opinion off as just unsupported belief from a fanboy/hater.
Find stats on amount of money spent on apps PER phone.
Why? How does that matter when it can be hugely influenced by how many offerings are available on a given platform and by how easy it is to acquire those offerings. You might as well argue that people that shop at Walmart spend more money than people who shop at the Gap, because the average person spends more money at the former in a year. Of course they do, because Walmart has a lot more selection of products.
I think the fact that a poor game can be so popular is the fact that they are targeting addicted social network users.
That is a valid point.
That is like saying you can sell games and apps for more on an iphone... duhhh. It is all about the user base.
I'm not sure I'm following you here. You think you can sell games for more on an iPhone than on what platform? Games are certainly cheaper on average than on a Nintendo DS or PSP (which average $32 a title). I haven't seen overall numbers for other phone platforms, but there are published numbers on the average cost of the top 10 most popular paid apps and the iPhone is at the bottom of the list:
In short, I don't know where you get the idea that people pay more for apps on the iPhone, but from all the numbers I've seen the exact opposite seems to be the case by a huge margin. The larger user base a developer can target with a single version of the app and the fact that Apple charges very little from developers (profiting from increased Phone sales instead) has made the iPhone a place where people actually make money selling small titles for a dollar and major games for $10.
Correlation is not causation
No it isn't but, the actual quote is "correlation does not imply any specific causation". Correlation does imply (not prove, that's for math) some causation. Lack of correlation, likewise strongly implies a lack of causation. It is inductive logical refutation for the theory that cell phones increase rates of brain cancer... the scientific method at work.
So long as MS has any control - real or perceived - over third parties who run such distribution channels, it will be fined to Hell and beyond for abusing monopoly (and rightly so, IMO).
That's not how antitrust law works. For MS to be found guilty and fined they need to be leveraging their OS monopoly into another market. In this case, it would be the market for a specific kind of application. All MS has to do to remain compliant with the law is treat their own applications exactly the same as third party applications. That means no MS applications that don't have to use the same APIs or sandbox.
You largely describe how sandboxed .NET applications (e.g. those installed using ClickOnce, or WPF browser applications running in a browser) work. That exists today. Application writers mostly don't bother with it, however, even when they build on .NET anyway.
I don't want to quibble about the details there. For such a system to work, developers need to be given incentive to use such a system. For example, users won't be shown scary looking prompts that might lead them to use a competing product and it is the default behavior for apps built using mainstream dev tools. You can't just add it as an option, if developers are willing to put in more work for the same money, and expect it to make any difference.
And making it the only way to run "untrusted" applications... see above monopoly issue in case a whitelist is involved. And with no whitelist, it would be a usability hell.
That's easy from an antitrust perspective. Provide a greylist in the form of a regularly updated feed. Provide the API to third parties and allow any company willing to sign a contract (known parties that can be held legally responsible) to supply the same either for free or as a pay service.
I'd also note, a whitelist/blacklist is not sufficiently granular. Rather each app should be restricted by an ACL (already an option built into Windows) and the whitelist should approve/disapprove/or modify the ACL.
As a side note, for all the good ideas, why do you think e.g. Apple doesn't implement them in desktop OS X?
Because to date there have been what, two in the wild trojans and no in the wild worms for OS X. Apple implements a level of security that is appropriate to the threat posed to their users. Right now, looking for both trojans when downloading files from Safari and Mail.app seems to work just fine.
I might mention Apple has done a lot of work over the last two versions building all the underlying architecture needed to implement just such a system. They ported an ACL framework from TrustedBSD and wrote their own signing framework. That combined with the OpenStep implementation leaves them with everything but the manager app and the OS UI components. They already use the signing framework in their security and already apply ACLs to sandbox several potentially vulnerable applications and services. In fact it already prevented OS X from being vulnerable to the ZeroConf exploit that hit Linux and many Windows apps a few years back.
Nonetheless, most Windows malware is of the "explicitly run by the user" kind. Why aim for anything more complicated when this simple approach requires absolutely no security or hacking skills, and works wonderfully?
While I agree trojans are a significant concern, I don't think you can dismiss other kinds of malware either. Last I checked the numbers, while trojans were the most numerous kind of malware (more kinds of trojans than any other malware) they did not make up the bulk of compromised computers. That honor was still held by automated worms which had no user interaction. While there are fewer different worms out there, each one exploited vastly more systems than any trojan.
You can't secure against that[trojans], and no OS on the market today does that.
The iPhone and SELinux both seem to contradict your assertion.
SELinux can still be disabled, so in a sense it's equivalent to a particularly annoying prompt.
But in the environment where it is deployed, it is not disabled and often users have ability to disable it, yet those same users can still install arbitrary software, it is just into a locked down sandbox.
iPhone - it's not an OS feature, it's a "feature" of a locked-down distribution channel. A very dubious one at that, and I can't even imagine what an outcry would there be on /. (and elsewhere) if Microsoft ever went for white-listing applications that can run on Windows.
The distribution channel is a feature of the OS. Ubuntu Linux, by the way, has a similar model on the roadmap where they offer commercial apps though a store built into the package manager and by default disable software installation from other sources. Apple has a single distribution channel, but would they be all that much less secure if the iPhone allowed subscription to multiple distribution channels, all signed? It's the fact that the applications come through a certifying body and are linked to real people and their ability to run can be revoked centrally that makes it very secure. MS could (and I think should) replicate the default sandboxing and centralized installation management. Further they should allow other software to run, but only in a locked down sandbox or VM that can't access any file not explicitly selected by the user. There's no reason you can't add the security features of the iPhone without making it a one company show.
My entire reply was about how more prompts do not make an OS more secure, so I'm not sure what you're implying.
I was commenting on your phraseology which implied that the OS was still not secure despite tons of prompts instead of because of tons of prompts.
It's not impossible, but as described it's rather pointless.
I disagree.
I dare say that the majority of software run requires some persistent access to system state (i.e. at least some changes should remain after it's closed - saved documents, etc). So full sandboxing is unfeasible for all applications.
Who said anything about full sandboxing. When I use a VM, I give that VM access to a single directory in a larger shared directory of the host OS. If I want it to access files I copy them into the directory. When I'm done, I can copy select files out of the directory. The directory is locked so it can never use more than a select amount of disk space. The VM has access to the internet or not on a one off basis, which I can disable at any time and excessive network use is easily detected by my monitors. All of these are reasonable secure defaults that don't interfere with the operation of normal software. Some are a bit cumbersome because I'm implementing them by hand, explicitly, instead of their existing as a part of a pre-built, polished security infrastructure. The easiest way is to limit applications to the ability to modif
Just to clarify, using your definition of sufficient security, no consumer PC OS has sufficient security.
Most Mac OS X users never have a significant security related problem. Most SELinux workstation users never have a significant security related problem. Most Symbian OS users never have a significant security related problem. These OS's all have differing level of security in different ways, some more and some less strict than in Windows 7. The difference is, the amount of effort put into security for those OS's is sufficient to meet the needs of the customers, because if it isn't customers move on to another OS. Microsoft does not have that issue, so they do not invest money in securing their OS to deal with the level of threat appropriate to the real world environment in which it operates.
People who single out Windows for problems that are systemic across all other Operating Systems are a) moronic and b) zealots
Or maybe you're simply not understanding how Windows is different from all other OS's. It is not being marketed in a competitive free market where customers needs are met because that is what maximizes profit. If MS were broken up into two companies both with complete rights to the Windows code, half the resources, and forbidden to in any way interact non-publicly or enter into exclusive agreements, how long do you think it would be before one of those companies introduced technology that made security no longer a major issue for their users as a way to win customers from the competing company?
Any OS is susceptible to malware.
True.
Malware is what users explicitly run, and then it does bad things to their system.
You're thinking of a trojan. Malware is simply short for malicious software, which includes trojans, but also worms, viruses, and others.
You can't secure against that, and no OS on the market today does that.
The iPhone and SELinux both seem to contradict your assertion.
You can pop up tons of prompts...
Why do users who seem focused entirely on Windows seem to think MORE prompts would make an OS more secure?
...but then it's the "dancing bunnies" problem
When I want to run Windows software I don't trust, I install it in a clean Windows VM by itself and roll back any changes to the VM after each time I use it. Are you telling me it is impossible to automate that level of sandboxing?
... the user can be convinced to click "Yes" on each and every prompt.
If you're giving people prompts that have a "Yes" button you've already failed and need to hire some usability experts with security backgrounds and then listen to them. All buttons should be verbs that describe a unique action. Otherwise the more prompts you have the more you condition users to a single response without reading. It's lot harder to convince a user to click the "Let this program from an unknown source have complete control of my computer forever", especially when that is the last option, they've never seen that before, and one of the other options is "Run this, but don't let it access my files" that safely runs the application in a sandbox or clean VM and hands it dummy resources when asked.
The PC was invented because people wanted to have a computer under their control that they could load anything they wanted to. Trick someone into thinking that the cute little fluffy sheep walking around on their screen is something they want, and they'll install it, and they'll answer the "Do you want this program to have access to core system functions?" and they'll have no clue what a core is except they don't own an Apple, and they'll say "sure, whatever it takes to just stop bothering the piss out of me and show me the fuzzy sheep".
If your OS is asking end users if an unsigned application can have complete control of their computer, then you have already failed as an OS designer. A good OS lets the user run whatever they want, but sandboxes it by default so they can do so safely. If you make sure users know applications will run or not regardless of if they give it complete control of their computer, because the app itself doesn't have a good way to tell, then you can easily let users see the fuzzy sheep without letting it root the machine. This is s solved problem.
The user can control the computer, or they can't.
You can let the user control the computer if you give them good information, good choices, and good granularity of control. "Run it and let it control my computer forever" or "don't run it" is not sufficient granularity of control. It's like Word files back in the day. You could open them or you could not open them. My boss offered a grand for anyone in the office that could create a menu item that was "open but don't let it run macros and VB scripts and infect my machine".
If you give them control, they can and frequently will load things that will cause problems.
Only if you give them crappy defaults and poor choices without enough info.
I intend no insult to inexperienced users here. It would be nice if computers were designed to slowly unlock functions as people get more experienced and knowledgeable with the operating system, but that just ain't gonna happen.
There is no need for slowly unlocking functionality. Just put crazy options like running unsigned apps outside of the sandbox in a advanced options menu where users of legitimate software will never have to go and make sure it is appropriately labelled like "Allow the unknown person who created this software to control my computer from now on".
Like ladders, chainsaws, hammers, and lathes - there's only so much safety you can design into something and still allow someone to get the work done they want with it.
Chainsaws aren't designed so that if you cut into the wrong tree an eco-activist can at any point in the future take over your chainsaw and do what they want with it unless the user goes to great lengths and buys third party products to stop that from happening. OS's should have security appropriate to the threat level they are likely to be subjected to. For home users, Windows does not have sufficient security.
As long as the person using it understands what a program should have access to and is capable of making an informed decision that "dancing fluffy bunnies" should not have access to the Master Boot Record or the /windows/system32/etc folder. As opposed to, say, a system management tool that should.
This is not necessary at all. Simply apply ACLs to every application. Apply more restrictive ACLs to unsigned applications and don't even give the user the option the escalate unless they go into advanced settings. Provide good sandboxing up to and including a VM that the malware will have difficulty knowing it is in. If all of the above fails, allow current security companies to provide an ACL/graylist for software using the built in security architecture.
If "dancing fluffy bunnies" is signed, then the malware author will be caught in short order and the signature revoked. If it is not signed and it wants to do anything useful, the user will have to have the knowledge to manually disable the security (which will not be necessary to run any software the user has ever seen that isn't malware) and it will have to have been missed by any security feeds the user subscribes to.
This is largely a solved problem complicated by several nontechnical problems. MS has a monopoly and it is more profitable for them to do little and make press releases than it is to actually invest in coding and testing this. MS is not great at innovation, and no other major vendor has done this for a mainstream desktop because there is no demand except on Windows. MS is terrible at UI usability, and usability is integral to security in this instance (one of the reasons UAC has failed to be effective).
They've seen the error of their ways, and tried to fix it in Vista and Se7en. With UAC, the USERS are STILL ASKING for this software to be installed, then people get upset when, lo and behold, it does get installed.
Users are not being given the information they need to make a good decision or the interface with granular control they need to make a safe decision. If you want to run software you don't trust, safely on Windows (even 7) the easiest way is still to install a VM, install windows in the VM, install the software in Windows in the VM on Windows, run the software, and rollback the VM when you're done. That is way beyond the capabilities of the average user and is way, way, way to slow and cumbersome of a method. Why can't Windows have a simple "This application is from an unknown source and wants to perform actions that may compromise your computer's security (Don't run it) (Run it safely in a sandbox) (Advanced Options)" With 'Advanced Options' being the only way to run the application and let it have more permission than a very restrictive sandbox?
We can design the software to be as secure as we want. We can allow an untrained user to install software. PICK ONE.
Bullshit. Untrained users install software securely on the iPhone. They do it on a good SELinux setup. The idea that you have to pick one is simply crap that people assume based upon having no idea about security except as it exists in Windows.
As much as I hate to come to microsoft's defense, this problem is at least as much the fault of the user.
One of the biggest failings of computer security is this idea that figuring out who can be blamed is part of it. It doesn't matter whose fault it is, just that the security has failed. Heck you could create Linux distro that prefaces every command with a warning that taking any action might result in the computer being compromised. Then it's the users fault, right? It's absurd. You have to take normal user behavior into consideration when designing a security architecture.
Think of the windows users you know - how many of them log in to their computer with full uninhibited administrator rights every single time they user their computer?
Most of them because most Windows users are still running a version of Windows where that is the default and they don't even know what the difference is. Others just want to get work done and have apps that run when they are administrators, but which they don't know how to run when they aren't.
The vast majority of malware, rootkits, spyware, viruses, etc that plague windows so severely are completely dependent on having administrator rights.
Where I'll give MS credit is where they recognized that regular user and admin accounts don't provide enough granularity of security for the modern era and moved to a more fine grained permissions scheme.
If windows users would join the rest of the computing community in the present century and realize that they don't need administrator rights to check their email, they would see the infection rate drop astronomically.
Actually what needs to happen is for MS to make all application developers, including their own obey strict rules for sandboxing of applications not just from the OS, but from one another. Then it doesn't matter if you're an admin or a regular users because it is the application that does not have permission to mess with anything without the explicit approval of the user. Since making sandboxing mandatory would also make applications attempting to do this very rare, UAC alerts could be an extreme rarity, without sacrificing security.
Although of course there are far too many software companies that write terrible code (for useful software) for windows that won't install without administrator rights, but that is another matter.
Actually, that's probably the biggest issue. MS has all the power here. They can enforce whatever restrictions they want on application developers so long as MS plays by the same rules themselves. You don't see a lot of malware on the iPhone unless users have gone out of their way to hack their own system. I don't advocate locking things down to a single repository, like Apple did, but there's no reason a full fledged desktop OS can't get all the same security advantages without the single repository lock-in... if the OS vendor put in the work to do it.
The average user is not installing software that often in comparison to the frequency in which they use their computer for mundane tasks that have no need for administrator access.
Average users shouldn't have to know the difference. They should just log in, be in normal user mode by default, and be asked for escalation of privileges in the rare instance where that is needed (NOT all the fricking time to do normal tasks).
(1) When did Microsoft buy-out Apple? They must have taken-down the "Don't be evil" mission statements.
You seem to be confusing Apple and Google.
(2) Is there any proof that SMELL can cause lung problems?
No one said smell can cause lung problems anymore than people claim sight can cause your chest cavity to be punctured because you can see a guy aiming a gun at you. Smell is a sense which can be used to detect things that are potentially damaging, like carcinogens.
"It is impossible for a lawyer to determine what business conduct will be pronounced lawful by the Courts. This situation is embarrassing to businessmen wishing to obey the law and to Government officials attempting to enforce it." - Supreme Court Justice Jackson, head of the Antitrust Division, [DoJ]
You're quoting a guy who served in the 50's and who is famous for making some of the most questionable supreme court decisions of all time? Sorry but we have plenty of precedent and while judging the extent of influence is subjective, judging the quality of the acts that are illegal is quite clear cut. No one has ever been convicted of the type of act you're asserting MS would be in trouble for. Any competent lawyer could advise them on how to implement such a feature without any legal exposure.
Incorrect. Its about ILLEGALLY EXCLUDING your competitor(s) from competing in the market.
The fact that you only mention one market, when almost all antitrust law is about two different markets, basically shows you're clueless.
Also, The market definition is INSANELY vague. In US vs Microsoft the market definition for operating systems was "Single User desktop PCs that run on an intel chip". Why not "Single user desktop PCs that come in a shiny case and run on a PowerPC chip"?
Because they look at the market and see what users purchasers consider when making such a purchase. Since OEMs were not making PPC systems and then considering buying Windows and alternative OS's to run on them, they made the most succinct market definition they thought would clarify things. It's not at all hard to understand if you know what a "market" is in legal and economic terms.
Harm to competitors is obviously not illegal. If you do well, your competitor gets harmed.
You're over simplifying. It's harm to competitors in one market, using monopoly influence in a different market that is illegal. Competitors in a different market being harmed by what you do in a market where they aren't meaningfully competing is not something that normally happens in business. It only happens when one company has such large influence on a market that it can leverage it.
However if you read the anti-trust rulings, this line is HUGELY blurry.
Just because you don't grasp a concept, doesn't mean it is blurry. How much influence a company has on a market is blurry. Whether or not a given action is damaging and leveraging that influence, however, is quite clear and easily testable.
Whats[sic] was even more shameful was that while this alleged 'illegal' exclusion of netscape from the market was going on, millions of users managed to download and install Netscape.
Are you a moron? That's analogous to saying, "even after the beating, the victim still managed to keep breathing and eat liquid foods. They weren't dead. Clearly the assault case should be thrown out". Because harm does not totally kill another market it should be legal, as if the only level of damage that we should worry about is complete and utter annihilation? Yes, you are a moron.
That's also probably why you're posting as an anonymous coward.
And who the fuck are you? Hiding behind a username on a website? Oh the irony..
First, that's not irony. Second, I'm using a pseudonym, but at least I stand behind my comments and reputation built as part of that pseudonym as well as putting my karma on the line. You switch to commenting as an AC as soon as you realize you're talking out your ass.
I feel the same way, but will HTML5 ever get widely used if IE doesn't support it (properly)?
Maybe. You need to install a plug-in to run Silverlight. With the Chrome Frame plug-in you can do the same thing with HTML5, and users of other browsers don't need a plug-in at all, potentially resulting in a net win. The real issue is if HTML5 will be acceptable to the media companies that want DRM and lock-in so they can double charge for content they provide.
LOL. Its cute how computer geeks think they can read wikipedia and think they now understand anti-trust law. You have little to no clue what you're talking about.
Actually I do, which is why my predictions about how antitrust law is going to handle something turn out to be correct so often. Go ahead and look at my posting history.
Anti-trust law is INSANELY ad-hoc and is riddled with holes you can ride a truck through.
Reading the Clayton and Sherman acts gives you 90% of what you need to know. Sure there are details, but in the US the fundamental concepts are not too difficult and it's clear you have no idea what the hell you're talking about because you're getting the fundamental concepts wrong. That is to say, leveraging a market into another is fairly prerequisite, except for price fixing. That's also probably why you're posting as an anonymous coward.
Although my job here isn't to educate you...
That's good since you don't even seem to grasp the fundamental concepts involved.