As someone who Beta tested the OS and who has it on 3 work machines and a couple of home machines (except for one box that dual boots Ubuntu and XP) I can almost agree with you. However, if you try to capture audio as it is playing you will find it has more DRM than XP. Using freeware like Audigy on XP you could (depending on your sound card) capture what was being played. Some cards called it "what u hear" others "wave out mix" - but generally you could grab it.
With Vista, you can no longer do that. It does stop me from ripping that 2 second sound byte from DVD that I sometimes want for my own use. In fact, that's the only reason the XP box still exists; it would be just Ubuntu if not for that one thing. So, to be fair - there is more DRM in Vista than in WinXP. It hasn't hurt much yet for me - but it has been a small pain. I think what we need hear is more honest talk from folks who have tried it and seen what sucks and what doesn't and a little less vitriol from some folks anyway who haven't even tried it.
So far, these have all been Flash based attacks from what I am reading. I know few folks use it yet (ever?), but what about SilverLight? Does it enable these same vectors? I know some sites (like MLB.COM) do some of their stuff in SilverLight these days (probably got special help setting it up or got paid to do it or something). Anyway, it makes me wonder if it is really ALL rich media or if it is really specific to a design issue with Flash?
I had understood that advertisers didn't pay for "impressions" (ad views) anymore and only paid for click throughs. If that is true (and I may be wrong about it - I certainly admit that), then if you are not going to click on an ad you might as well block them since the site admin isn't getting paid anyway. (And, even worse - for the few who self host the ads, you would be costing them bandwidth).
I know I am with you on the "don't notice the ads". That's for the admittedly RARE occasion when I have to use IE to browse. The rest of the time FireFox with adblock plus makes short work of the ads. However, I have to admit that even when browsing with an ad infested browser, I notice the ads but do NOT notice who or what they are for as they are simply annoyances to be avoided until I can find the "printer friendly" version or find the pattern that allows my eyes to get through the page without getting any "reading comprehension" from the ads.
This must not be common though as the ads seem to be profitable (at least for the ad hosting companies). I have to say - I don't notice the ads on TV either on the rare occasion when I watch live TV (such as a live sporting event or something). I just tune them out and could not tell you who or what they were for. So I must be pretty atypical and not really a "target" of the ads anyway.
I wouldn't even trust the local connection at my office (and this is a campus of 5,000 people). Too many times in the past the proxy server array has come to a halt or even - get this - some jacknut on a backhoe cuts all of the fiber into the complex. Yep - multiple providers giving us access to "the cloud", but the bundles of fiber still come in through one entry point and it has been cut in the past.
If I was going to do a presentation at all, the whole thing would be local and have absolutely no dependency on a network. I actually DO presentations frequently in front of small audiences (so far up to 300 people) and you always want to have the thing work no matter what. This means multiple notebooks, a couple of memory keys, maybe a copy on CD, and anything that is going to be demo that requires the network should have slides that have a canned copy (or a movie) of the demo. Otherwise you risk leaving the audience not only underwhelmed with your lack of foresight, but also not getting the full benefit of the materials you intended to show them.
Online only presentation? Not gonna do it; wouldn't be prudent...
That would probably be a bad move as MS has a hell of a lot of patents - and while I believe software patents should just up and go away - for now, they are still allowed in the US and MS may even be able to prove one or more of them are being infringed. Again, I don't like software patents anymore than the next slashdotter, but we'd be foolish to just assume that they can't prove even one patent being infringed. Maybe they can't - but it wouldn't be a good idea for Red Hat to jump into the ring unless they are 100% sure that it wouldn't happen.
Yep, Robert Heinlein had those in his novels many a year ago. Seems like they could work. If they don't work due to the weight of the sealant then they could at least be used without sealant and they would still show where the leak is.
I personally do a lot of presentations before live audiences. One of the things that I have to deal with is that many places (hotel conference areas in say Singapore, London, Houston, Kuala Lumpur, Kazakhstan, etc.) that I show up at to speak don't have network connections available anywhere near where the speaker podium is. Sometimes their wireless works, sometimes it doesn't. In places where the wireless does work, it often goes down in the middle of the presentation either due to load or some other issue. I would never feel comfortable using an online presentation tool to do something like this. Now, it would be different if I was doing the classic "Web Ex" or "Live Meeting" type of thing from my office. This tool could possibly replace those. But for folks doing their presenting on the road you must have a presentation tool running on your notebook. Online just won't cut it for that at this point in time.
Don't forget the WPAD information so that web browsers can find their proxy server. Handing this out in DHCP is faster for the browser than just configuring WPAD in DNS (it can be done both ways, and should be for redundancy - but setting it in DHCP generally results in better behavior).
My current machine is a pretty capable notebook (Dell Lattitude D820) with Core 2 duo. When I use it in the car with an inverter the inverter display normally shows between 20 to 30 watts. I know the supply is rated something much higher, but it never seems to draw that much.
Well, I think the OP had a point there. After all, with online phone directories (that sometimes have mailing addresses, etc.) coupled with this kind of data, targeted mailings become too damn easy (yes, my opinion).
For example, run a quick query with some simple software and presto you now have the address, phone number, name of all public employees over 30 in area X,Y,Z making more than $80,000 per year. That's something I wouldn't want the average run of the mill "marketing" (read slimeball) drone to have easily available. Now, if they want to go to the city records office or something and write all this stuff down on paper and then transfer it to their computer - more power to them. But they won't, and we all know that. So, by keeping it public but off the internet it keeps it from being abused en-mass.
Which is why most restaurants that used to have their employees sing Happy Birthday to patrons celebrating their birthday now have to sing some contrived crapola instead. Another example of how copyrights can seem to live forever and dorks (oh, excuse me "greedy corporations" but dorks works too) try to grab money for something they never should have really owned and certainly didn't come up with.
Maybe it is, maybe it isn't - but it will probably be less stable as these folks have proven time and again that they can implement these rootkit like techniques, but they don't do it perfectly and may end up introducing vulnerabilities or more like just causing stability issues. The real problems would come in when you have a couple of these darn things loaded. You wouldn't even see them, but they could certainly cause the hated BSOD or hide your files accidentally or who knows what.
I'm also in Oil and accounts are disabled about when an employee leaves from their final day (or is escorted out if fired). Also, most of these people don't have remote access ability on their accounts. The systems run firewalls, the SCADA networks are either air-gap from the main corp nets or if they are not as critical they are firewalled so that only certain machines can get there from here. Not to say they can't be cracked, but there are a hell of a lot of softer targets to go after.
Well we do know that there are new API's in Vista that allow reservations of bandwidth for devices (like disk drives) and that media player does indeed make use of them (this has been demonstrated at events like Tech-Ed and Mark Russinovich's talks have contained demonstrations of this as well). I can't imagine that they purposefully tried to reserve network bandwidth though when the files are local on your hard drive. You can see why they would reserve some hard drive bandwidth though; as the GP said it is to provide skip-free audio and is indeed a new Vista feature. Sounds like they either have a bug with it where it reserves network bandwidth when it doesn't need to, or it is something to do with it having to reserve a certain percentage of the total number of interrupts regardless of which device is being triggered?
Most likely he hadn't used offline files enough to know. If someone puts a shortcut on their desktop to "their offline files", then they do show like he mentioned. However, as most folks who use Windows know that is only 1 view into them and the standard view accessing them by either mapped drive or \\server\share\folder just like in when connected is more prevalent and works better.
I will say that on XP the offline files feature is not very stable when used with large data sets and does not attempt to do any binary differentials on copies so it is probably not a good solution here, especially since most people would know better than to attempt to use this on a file that is normally locked when the system is up (unless you have SQL set to only be running when you want it running it will try to lock the file all the time and will not survive online/offline transitions and won't sync.
For a MS SQL server database (which MSDE is), you need to either:
1) Export the data first or
2) stop the database engine before backing it up
So, any solution like this needs to have some scripting at the "pre backup" and "post backup" phases so that stopping and starting of the database engine is done. Also, the user will have to be asked if it is OK to stop the database for a backup. Most likely best to just do an online dump of the database and back up the dump so that the user doesn't have to stop working.
Good point. Probably the first one will be $1.25 for "paper bill"...
Re:SCOX: death throes begin - spasms of appeals
on
SCO Loses
·
· Score: 1
Honestly I think it would actually be over once the SCO lawyers are fairly confident that SCO will no longer be able to pay them. That should end the cases real quick.
I tried it with FireFox 2.0.06 with JRE 1.6 on Vista. I had put FireFox on my second monitor though; the one that doesn't host the start menu and all. The "PWND" window only covered the single monitor, so it was simple to close the FireFox window on the other screen. Not much of a vulnerability as others have mentioned; the code that runs still has to play in the Java sandbox and all.
Slashdot Mirror
As someone who Beta tested the OS and who has it on 3 work machines and a couple of home machines (except for one box that dual boots Ubuntu and XP) I can almost agree with you. However, if you try to capture audio as it is playing you will find it has more DRM than XP. Using freeware like Audigy on XP you could (depending on your sound card) capture what was being played. Some cards called it "what u hear" others "wave out mix" - but generally you could grab it.
With Vista, you can no longer do that. It does stop me from ripping that 2 second sound byte from DVD that I sometimes want for my own use. In fact, that's the only reason the XP box still exists; it would be just Ubuntu if not for that one thing. So, to be fair - there is more DRM in Vista than in WinXP. It hasn't hurt much yet for me - but it has been a small pain. I think what we need hear is more honest talk from folks who have tried it and seen what sucks and what doesn't and a little less vitriol from some folks anyway who haven't even tried it.
So far, these have all been Flash based attacks from what I am reading. I know few folks use it yet (ever?), but what about SilverLight? Does it enable these same vectors? I know some sites (like MLB.COM) do some of their stuff in SilverLight these days (probably got special help setting it up or got paid to do it or something). Anyway, it makes me wonder if it is really ALL rich media or if it is really specific to a design issue with Flash?
I had understood that advertisers didn't pay for "impressions" (ad views) anymore and only paid for click throughs. If that is true (and I may be wrong about it - I certainly admit that), then if you are not going to click on an ad you might as well block them since the site admin isn't getting paid anyway. (And, even worse - for the few who self host the ads, you would be costing them bandwidth).
I know I am with you on the "don't notice the ads". That's for the admittedly RARE occasion when I have to use IE to browse. The rest of the time FireFox with adblock plus makes short work of the ads. However, I have to admit that even when browsing with an ad infested browser, I notice the ads but do NOT notice who or what they are for as they are simply annoyances to be avoided until I can find the "printer friendly" version or find the pattern that allows my eyes to get through the page without getting any "reading comprehension" from the ads.
This must not be common though as the ads seem to be profitable (at least for the ad hosting companies). I have to say - I don't notice the ads on TV either on the rare occasion when I watch live TV (such as a live sporting event or something). I just tune them out and could not tell you who or what they were for. So I must be pretty atypical and not really a "target" of the ads anyway.
I wouldn't even trust the local connection at my office (and this is a campus of 5,000 people). Too many times in the past the proxy server array has come to a halt or even - get this - some jacknut on a backhoe cuts all of the fiber into the complex. Yep - multiple providers giving us access to "the cloud", but the bundles of fiber still come in through one entry point and it has been cut in the past.
If I was going to do a presentation at all, the whole thing would be local and have absolutely no dependency on a network. I actually DO presentations frequently in front of small audiences (so far up to 300 people) and you always want to have the thing work no matter what. This means multiple notebooks, a couple of memory keys, maybe a copy on CD, and anything that is going to be demo that requires the network should have slides that have a canned copy (or a movie) of the demo. Otherwise you risk leaving the audience not only underwhelmed with your lack of foresight, but also not getting the full benefit of the materials you intended to show them.
Online only presentation? Not gonna do it; wouldn't be prudent...
That would probably be a bad move as MS has a hell of a lot of patents - and while I believe software patents should just up and go away - for now, they are still allowed in the US and MS may even be able to prove one or more of them are being infringed. Again, I don't like software patents anymore than the next slashdotter, but we'd be foolish to just assume that they can't prove even one patent being infringed. Maybe they can't - but it wouldn't be a good idea for Red Hat to jump into the ring unless they are 100% sure that it wouldn't happen.
Yep, Robert Heinlein had those in his novels many a year ago. Seems like they could work. If they don't work due to the weight of the sealant then they could at least be used without sealant and they would still show where the leak is.
I personally do a lot of presentations before live audiences. One of the things that I have to deal with is that many places (hotel conference areas in say Singapore, London, Houston, Kuala Lumpur, Kazakhstan, etc.) that I show up at to speak don't have network connections available anywhere near where the speaker podium is. Sometimes their wireless works, sometimes it doesn't. In places where the wireless does work, it often goes down in the middle of the presentation either due to load or some other issue. I would never feel comfortable using an online presentation tool to do something like this. Now, it would be different if I was doing the classic "Web Ex" or "Live Meeting" type of thing from my office. This tool could possibly replace those. But for folks doing their presenting on the road you must have a presentation tool running on your notebook. Online just won't cut it for that at this point in time.
Don't forget the WPAD information so that web browsers can find their proxy server. Handing this out in DHCP is faster for the browser than just configuring WPAD in DNS (it can be done both ways, and should be for redundancy - but setting it in DHCP generally results in better behavior).
My current machine is a pretty capable notebook (Dell Lattitude D820) with Core 2 duo. When I use it in the car with an inverter the inverter display normally shows between 20 to 30 watts. I know the supply is rated something much higher, but it never seems to draw that much.
Well, I think the OP had a point there. After all, with online phone directories (that sometimes have mailing addresses, etc.) coupled with this kind of data, targeted mailings become too damn easy (yes, my opinion).
For example, run a quick query with some simple software and presto you now have the address, phone number, name of all public employees over 30 in area X,Y,Z making more than $80,000 per year. That's something I wouldn't want the average run of the mill "marketing" (read slimeball) drone to have easily available. Now, if they want to go to the city records office or something and write all this stuff down on paper and then transfer it to their computer - more power to them. But they won't, and we all know that. So, by keeping it public but off the internet it keeps it from being abused en-mass.
That's fine and works until they boot a live CD of some distro.
Which is why most restaurants that used to have their employees sing Happy Birthday to patrons celebrating their birthday now have to sing some contrived crapola instead. Another example of how copyrights can seem to live forever and dorks (oh, excuse me "greedy corporations" but dorks works too) try to grab money for something they never should have really owned and certainly didn't come up with.
10 penny nails? (Or 10d as some call them http://en.wikipedia.org/wiki/Nail_(fastener)#US_pe nny_sizes). Sounds about right, and is probably all that SCO has left anyway.
Maybe it is, maybe it isn't - but it will probably be less stable as these folks have proven time and again that they can implement these rootkit like techniques, but they don't do it perfectly and may end up introducing vulnerabilities or more like just causing stability issues. The real problems would come in when you have a couple of these darn things loaded. You wouldn't even see them, but they could certainly cause the hated BSOD or hide your files accidentally or who knows what.
I seem to recall Lotus didn't like MAPI and wanted to push their own API called VIM? (http://en.wikipedia.org/wiki/Vendor_Independent_M essaging).
I'm also in Oil and accounts are disabled about when an employee leaves from their final day (or is escorted out if fired). Also, most of these people don't have remote access ability on their accounts. The systems run firewalls, the SCADA networks are either air-gap from the main corp nets or if they are not as critical they are firewalled so that only certain machines can get there from here. Not to say they can't be cracked, but there are a hell of a lot of softer targets to go after.
I'm not sure it would even be that useful if GM/Ford/BWM or whoever did it. It would probably be ad-supported anyway. Can you just imagine?
Hey, driver - you need new wiper blades. Check out the specials at Pep Boys (tm)! While there, get an oil change!
I just hope that never comes true!
Well we do know that there are new API's in Vista that allow reservations of bandwidth for devices (like disk drives) and that media player does indeed make use of them (this has been demonstrated at events like Tech-Ed and Mark Russinovich's talks have contained demonstrations of this as well). I can't imagine that they purposefully tried to reserve network bandwidth though when the files are local on your hard drive. You can see why they would reserve some hard drive bandwidth though; as the GP said it is to provide skip-free audio and is indeed a new Vista feature. Sounds like they either have a bug with it where it reserves network bandwidth when it doesn't need to, or it is something to do with it having to reserve a certain percentage of the total number of interrupts regardless of which device is being triggered?
Most likely he hadn't used offline files enough to know. If someone puts a shortcut on their desktop to "their offline files", then they do show like he mentioned. However, as most folks who use Windows know that is only 1 view into them and the standard view accessing them by either mapped drive or \\server\share\folder just like in when connected is more prevalent and works better.
I will say that on XP the offline files feature is not very stable when used with large data sets and does not attempt to do any binary differentials on copies so it is probably not a good solution here, especially since most people would know better than to attempt to use this on a file that is normally locked when the system is up (unless you have SQL set to only be running when you want it running it will try to lock the file all the time and will not survive online/offline transitions and won't sync.
For a MS SQL server database (which MSDE is), you need to either:
1) Export the data first or
2) stop the database engine before backing it up
So, any solution like this needs to have some scripting at the "pre backup" and "post backup" phases so that stopping and starting of the database engine is done. Also, the user will have to be asked if it is OK to stop the database for a backup. Most likely best to just do an online dump of the database and back up the dump so that the user doesn't have to stop working.
Good point. Probably the first one will be $1.25 for "paper bill"...
Honestly I think it would actually be over once the SCO lawyers are fairly confident that SCO will no longer be able to pay them. That should end the cases real quick.
I tried it with FireFox 2.0.06 with JRE 1.6 on Vista. I had put FireFox on my second monitor though; the one that doesn't host the start menu and all. The "PWND" window only covered the single monitor, so it was simple to close the FireFox window on the other screen. Not much of a vulnerability as others have mentioned; the code that runs still has to play in the Java sandbox and all.
IE 7 on Vista here did have the crash just as documented. Open a new tab and start typing a URL and it crashed it.