* Follow the Apple pricing model: One version $89 for everyone with no upgrades, ultimates or basics. Apple's pricing regime would be exactly the same as Microsofts if they didn't make expensive PCs which they make an absolute mint on which are 100% required to run their OS. Microsoft doesn't have a high-profit PC hardware division to subsidise their software sales, so don't expect them to.
You're making shit up. The secure mode prompt is ALWAYS the one which performs the actual elevation (specifically, the one displayed by consent.exe) it never pops up just to tell you that it's going to ask more questions.
And moving that folder wont invoke UAC unless you're moving from the Windows or Program Files directories (and what the fuck are you doing that for?)
I know a lot of people who use it in real life, and guess what: none of them have problems. So it's "offensive" to you that multitudes (not this "lucky few") can run an OS that you can't? And "don't we dare" tell you there isn't a problem with the OS?
Item 1 is pure FUD, UAC only responds to user action - in fact if a program at startup requires UAC approval, Windows just wont start it! So that's made up. Item 2 is nothing to do with UAC or Microsoft, so it's just more FUD. Item 3 is applicable only if the user you are logged in as is an admin - otherwise, an administrative username and password is required as well as the Continue or Cancel. Also of note is that (although it's not the default) you can configure UAC to demand a password on every elevation whether you're an admin or not.
When you elevate a process, it DOES stay elevated - with two exceptions, which is Explorer (for obvious reasons, the shell that launches every other program cannot stay elevated) and Internet Explorer (for obvious reasons, your web browser also cannot remain elevated).
That's a legal minefield. Remember, anything you do on your employer's time is theirs (work for hire, I believe it's called). Doing that would create a hassle for the project you're trying to help.
DO NOT work on Open Source projects during work hours unless it's part of your job.
Heh, I did much the same thing with Delphi. I can almost guarantee the company still charges for three days of data processing time when they only do one day now.
I don't work there anymore, but I'm pretty sure they still use my software.
What companies do in the area I'm from is usually to write a clause that does in fact cover all eventualities. Generally, the contracts here all contain a clause which states that the company can either give you four weeks notice, or any period of notice but your normal salary/wages as if you worked the full four weeks. And on top of that, the law requires they fork over all holidays they owe you in cash too. The flip side (you quitting) works the same way, except that if you leave early they can simply not pay you for time worked.
You are on the losing side the free software battle and making things worse for yourself. Battle? What battle? You know, I've never even seen the Free Software Foundation try to claim there's some kind of battle. Yet you (and folks like PJ at Groklaw) seem to believe that Freedom of Choice in software is good, so long as it's the same as your choice.
And before you trot out the "M$ Shill" line, no I don't get paid by Microsoft. I work for the government in my country, and we're encouraged to consider Open Source in our "purchasing" decisions, and in fact we even use it - our IT department even encourages Firefox usage (because, well, IE is bloody difficult to use!) and our government has even proposed RFCs and contributes to Open Source itself.
Perhaps they're frightened of Neelie Kroes. I'd be. Finally there's something that the EU is good for, i.e. stealing fuck-huge amounts of money. Fixed that for you.
In response, I direct you to http://windizupdate.com/era.php. Which states quite categorically that WindizUpdate is now completely unsupported and will not receive updates to Windows past the abandonment in November last year, which means if you rely on it for updating Windows then updates will never actually come down.
Reminds me of ZoneAlarm. The UI crashes, and the TrueVector Internet Monitor suddenly loses the ability to process rules, and applies a default "deny-all" policy.
On Windows a download may well execute even if the user does not realise that this may happen. This is compounded by the fact that a file 'something.jpg' may in fact be a.exe because Windows hides this vital information. It is made blindingly clear to a user that they are launching an executable if they double click on an executable downloaded off the internet (so long as it is stored on an NTFS volume) as it is tagged in its file stream as a file retrieved from a potentially dangerous zone. Your described situation is more false than the situations you decry as impossible.
For an example of this behaviour, download an EXE using Internet Explorer and double click on it. You are warned that this file might not be safe and asked if you want to continue. To see why, open a command prompt, change directory to the folder the EXE is in, and type "notepad nameofexe:Zone.Identifier" (for example, "notepad notepad.exe:Zone.Identifier")
Just a note, I would say that Firefox did actually save the file successfully, but Windows transparently redirected it. Check your "%UserProfile%\AppData\Local\VirtualStore\Program Files" folder and I bet your images are somewhere in there.
No, you are incorrect on the automatic detection. Windows will by default punt any attempts to write to protected locations to the "virtual store" (a copy of the system locations stored within your profile) without invoking a UAC prompt, just for backward compatibility. The application doesn't even know that its file didn't go where it asked.
Yes, yes I am. Why is this? People often forget that UAC will actually demand a password as well if you are not a member of the administrators group. And, it can even be configured to always demand a password, even if you are!
Vista has one and only one major security-impacting feature - The "Train users to always click yes" interface to privilege escalation. And I feel confident saying that very, very few of us consider that a "good" thing. Get users on Linux, and we'll be seeing the "Train users to always click yes (or in CLI mode, prefix with "sudo") approach to privilege escalation"
Wait, that sounds familiar. Oh, wow! Both my post and yours are virtually identical!
Seriously, people bash UAC, but it's pretty much identical to sudo.
Same way as ours (in New Zealand) - with a higher income tax rate. It's absolutely not the effect of high import duties and taxes, since American companies do it in every country, except where the exchange rate equals something like $0.75USD / dollar - then they double it first. Apple, I'm looking at you!
If you really wanted to be paranoid about the whole thing, you could also do a lookup for ftp.internic.net via every root server listed in your current named.cache file The root servers wont resolve that though. The furthest they can go is telling you what server to contact for the domain "net"
Yes there is for lower levels. All DNS responses specify a TTL (time-to-live), after which the response issued during the last contact should be discarded. This doesn't address the root level though, for which you cannot actually use a DNS entry to get to in the first place (after all, who'd resolve it?)
You're making shit up. The secure mode prompt is ALWAYS the one which performs the actual elevation (specifically, the one displayed by consent.exe) it never pops up just to tell you that it's going to ask more questions.
And moving that folder wont invoke UAC unless you're moving from the Windows or Program Files directories (and what the fuck are you doing that for?)
I know a lot of people who use it in real life, and guess what: none of them have problems. So it's "offensive" to you that multitudes (not this "lucky few") can run an OS that you can't? And "don't we dare" tell you there isn't a problem with the OS?
Get the fuck over yourself.
Item 1 is pure FUD, UAC only responds to user action - in fact if a program at startup requires UAC approval, Windows just wont start it! So that's made up. Item 2 is nothing to do with UAC or Microsoft, so it's just more FUD. Item 3 is applicable only if the user you are logged in as is an admin - otherwise, an administrative username and password is required as well as the Continue or Cancel. Also of note is that (although it's not the default) you can configure UAC to demand a password on every elevation whether you're an admin or not.
When you elevate a process, it DOES stay elevated - with two exceptions, which is Explorer (for obvious reasons, the shell that launches every other program cannot stay elevated) and Internet Explorer (for obvious reasons, your web browser also cannot remain elevated).
Tip: westbake is twitter as well. You've been twitrolled.
Which software, so we can eliminate it from all future purchasing decisions?
That's a legal minefield. Remember, anything you do on your employer's time is theirs (work for hire, I believe it's called). Doing that would create a hassle for the project you're trying to help.
DO NOT work on Open Source projects during work hours unless it's part of your job.
Heh, I did much the same thing with Delphi. I can almost guarantee the company still charges for three days of data processing time when they only do one day now.
I don't work there anymore, but I'm pretty sure they still use my software.
Are you planning to burn down the building if they don't return your stapler?
What companies do in the area I'm from is usually to write a clause that does in fact cover all eventualities. Generally, the contracts here all contain a clause which states that the company can either give you four weeks notice, or any period of notice but your normal salary/wages as if you worked the full four weeks. And on top of that, the law requires they fork over all holidays they owe you in cash too. The flip side (you quitting) works the same way, except that if you leave early they can simply not pay you for time worked.
And before you trot out the "M$ Shill" line, no I don't get paid by Microsoft. I work for the government in my country, and we're encouraged to consider Open Source in our "purchasing" decisions, and in fact we even use it - our IT department even encourages Firefox usage (because, well, IE is bloody difficult to use!) and our government has even proposed RFCs and contributes to Open Source itself.
In response, I direct you to http://windizupdate.com/era.php. Which states quite categorically that WindizUpdate is now completely unsupported and will not receive updates to Windows past the abandonment in November last year, which means if you rely on it for updating Windows then updates will never actually come down.
Reminds me of ZoneAlarm. The UI crashes, and the TrueVector Internet Monitor suddenly loses the ability to process rules, and applies a default "deny-all" policy.
Avast? Seriously, that's masochistic. I've never seen a worse UI!
Well, except maybe Norton.
For an example of this behaviour, download an EXE using Internet Explorer and double click on it. You are warned that this file might not be safe and asked if you want to continue. To see why, open a command prompt, change directory to the folder the EXE is in, and type "notepad nameofexe:Zone.Identifier" (for example, "notepad notepad.exe:Zone.Identifier")
Just a note, I would say that Firefox did actually save the file successfully, but Windows transparently redirected it. Check your "%UserProfile%\AppData\Local\VirtualStore\Program Files" folder and I bet your images are somewhere in there.
No, you are incorrect on the automatic detection. Windows will by default punt any attempts to write to protected locations to the "virtual store" (a copy of the system locations stored within your profile) without invoking a UAC prompt, just for backward compatibility. The application doesn't even know that its file didn't go where it asked.
Yes, yes I am. Why is this? People often forget that UAC will actually demand a password as well if you are not a member of the administrators group. And, it can even be configured to always demand a password, even if you are!
of us consider that a "good" thing. Get users on Linux, and we'll be seeing the "Train users to always click yes (or in CLI mode, prefix with "sudo") approach to privilege escalation"
Wait, that sounds familiar. Oh, wow! Both my post and yours are virtually identical!
Seriously, people bash UAC, but it's pretty much identical to sudo.
Same way as ours (in New Zealand) - with a higher income tax rate. It's absolutely not the effect of high import duties and taxes, since American companies do it in every country , except where the exchange rate equals something like $0.75USD / dollar - then they double it first. Apple, I'm looking at you!
Yes there is for lower levels. All DNS responses specify a TTL (time-to-live), after which the response issued during the last contact should be discarded. This doesn't address the root level though, for which you cannot actually use a DNS entry to get to in the first place (after all, who'd resolve it?)
Except that the plural of Box is not Boxen. Stop making up words.