NOTE: For options 1 and 2: Both of these options require a kernel debugger to be hooked up for those options to become useable. If a kernel debugger is not hooked up, Windows File Protection is not disabled.
No, it's not impossible if you define your client-server protocol in such a way that the server ends up making all the decisions. In this way all input from the various "hacked" clients can be validated and the trust problem is greatly reduced.
Of course, for a game like Quake this isn't necessarily feasible because of performance and latency concerns. But for other types of games, like (for example) an Open Source Age of Empires, it could be easily done.
The amusing thing about this is that the Slashdot effect is as we speak accounting for about 99% of the hits on Knowledge Base article Q247804 in its entire lifetime.
Anyone who thinks this is a "story" needs to have their head fdisk'd, BTW.
>Maybe we should turn Slashdot form a news center >to an anti-Windows propaganda factory?
Wait a minute... You mean it isn't already?!?
Re:Where is Microsoft mentioned in this story?
on
Profiling A Nation
·
· Score: 1
Boy, those Microsoft people sure are evil, aren't they? I mean, they're sharing their Hotmail and Passport data with this even more evil media company, aren't they? I know it's true because it said so on Slashdot, even though it isn't mentioned in any of the links or news articles.
Oh, so they have a joint portal partnership in NineMSN? That proves it, then! They're allied with a hideous blood pact, and they're going to destroy privacy as we know it.
(It would take an anthropologist to understand Slashdot.)
So from the comments I've read... The consensus is that:
Magazines whose ad revenue causes them to lack objectivity suck.
A magazine based on content similar to Slashdot's that doesn't even pretend to be objective, would rock.
In conclusion, it sounds like most Slashdot readers simply want a magazine that will reinforce their prejudices, instead of magazines that disagree with them.
Now, while I agree with the criticism of the dinosaur computer mags, I must confess my suspicion that they're being replaced with something worse: news sites like Slashdot whose readership is collectively biased about a particular something, and aren't even ashamed to admit it.
If the future of computer news is a splintering of interests into different web sites, each catering to a different source of fanaticism, then I'm afraid I'll remember the days of tree-based computer journalism with nostalgia.
Of course everything is opcodes in the end. The point is that if you want COM features for your app you can write a thousand lines of code COM-style and use the COM libraries.
If you don't use the libraries, however, but still want the features, then you write a million lines of code.
The point, my anonymous friend, is that COM without DCOM goes way beyond refcounts.
"COM = IUnknown. _Everything_ else is an extension."
Not really. I agree that accepting IDispatch as part of the the definition of COM is questionable (and embarrassing), but COM is really whatever the spec says that it is.
And the COM spec defines most of the features that I mentioned in my "flamebait" post: the language independence via binary interface layout, the threading models, the IPC, the version conventions, etc.
The problem I have is that since COM is a Microsoft technology, a lot of inaccurate stuff it said about it on Slashdot. Inaccuracies annoy me.
magenta says: "without DCOM, COM is just a C++ refcount garbage collector"
This comment is truly revealing of the author's level of knowledge. It's the equivalent of taking a Java object, re-writing it as a C struct with some function pointers and claiming that "Java is just C with some syntactic sugar."
The fact of the matter is that the COM programming model, even without DCOM, provides a lot more than refcounting:
Language independence: call your VB objects from C++, your C++ objects from Java, your Java objects from VB.
Automatic thread synchronization: don't want to get dirty with mutexes and critical sections? Mark your object as single-threaded and you're set.
Out of process servers: while slower than in-proc, this is a great strategy for fault tolerance; e.g., running plugin code without fear or it corrupting your memory space.
Versioning: COM allows you to publish new versions of your interfaces and components without breaking compatibility with older clients or suffering from the fragility of enforced binary compatibility (aka DLL-hell).
Memory allocation tracking via IMallocSpy
Object persistence via storage and monikers
And so on... Not to mention Win2K features like async COM and COM+ stuff like transactions, object pooling and events
As always, it helps to have a clue before writing an opinion about something.
Re:Can You Install Windows 98? I think I can!
on
CNN Installs Linux
·
· Score: 1
Run smartdrv.exe before starting the DOS-mode file copy and you'll be astonished at how NT setup flies!
Goes to show you just how awful BIOS disk access routines really are.
I don't quite see the relevance of this. Even assuming that the guy on the phone was telling the truth, there's a rather large gulf between some clueless MS contractor playing with CivCTP and to "Bill converting his minions to Linux."
Furthermore, until you know what group the Linux newbie was from, you'll have a hard time finding the meaning of this (non-)event. And even if you did know, all you could deduce is that some pointy haired manager somewhere got a pawn of his to write him a "report" about Linux.
In short, if you think this is news, you need your head examined. MS has lots of Linux users on campus, lots of independent groups with their own motivations and interests, lots of competitors and lots of clueless contractors.
Furthermore, there seems to be some confusion between CSP's and providers of authentication on NT. Assuming the worst possible case (e.g., the NSA can break everything encrypted via CryptoAPI), this has nothing to do with someone subverting LSA or kerberos and logging onto your system and reading or modifying your files.
In other words, you should really only be concerned if you're using the CryptoAPI to encrypt sensitive stuff. If you don't trust the CryptoAPI, then you can always use something unrelated, like PGP. But if your paranoia level is that high, then maybe even PGP has "backdoors" that you're unaware of...
Slashdot Mirror
NOTE: For options 1 and 2: Both of these options require a kernel debugger to be hooked up for those options to become useable. If a kernel debugger is not hooked up, Windows File Protection is not disabled.
I presume you know how to hook up a KD?
Of course, for a game like Quake this isn't necessarily feasible because of performance and latency concerns. But for other types of games, like (for example) an Open Source Age of Empires, it could be easily done.
Anyone who thinks this is a "story" needs to have their head fdisk'd, BTW.
>Maybe we should turn Slashdot form a news center
>to an anti-Windows propaganda factory?
Wait a minute... You mean it isn't already?!?
Oh, so they have a joint portal partnership in NineMSN? That proves it, then! They're allied with a hideous blood pact, and they're going to destroy privacy as we know it.
(It would take an anthropologist to understand Slashdot.)
Is Bruce Perens over 18?
In conclusion, it sounds like most Slashdot readers simply want a magazine that will reinforce their prejudices, instead of magazines that disagree with them.
Now, while I agree with the criticism of the dinosaur computer mags, I must confess my suspicion that they're being replaced with something worse: news sites like Slashdot whose readership is collectively biased about a particular something, and aren't even ashamed to admit it.
If the future of computer news is a splintering of interests into different web sites, each catering to a different source of fanaticism, then I'm afraid I'll remember the days of tree-based computer journalism with nostalgia.
I call your bluff on this: name one API that wasn't available to Netscape in late 1995 and that is available now.
My mistake. I hope at0m feels better, then. :-)
Well, that's okay, since the editorial staff of this website are so objective and fair-minded...
Hope you get better soon, Rob!
Of course everything is opcodes in the end. The point is that if you want COM features for your app you can write a thousand lines of code COM-style and use the COM libraries.
If you don't use the libraries, however, but still want the features, then you write a million lines of code.
The point, my anonymous friend, is that COM without DCOM goes way beyond refcounts.
Not really. I agree that accepting IDispatch as part of the the definition of COM is questionable (and embarrassing), but COM is really whatever the spec says that it is.
And the COM spec defines most of the features that I mentioned in my "flamebait" post: the language independence via binary interface layout, the threading models, the IPC, the version conventions, etc.
The problem I have is that since COM is a Microsoft technology, a lot of inaccurate stuff it said about it on Slashdot. Inaccuracies annoy me.
This comment is truly revealing of the author's level of knowledge. It's the equivalent of taking a Java object, re-writing it as a C struct with some function pointers and claiming that "Java is just C with some syntactic sugar."
The fact of the matter is that the COM programming model, even without DCOM, provides a lot more than refcounting:
As always, it helps to have a clue before writing an opinion about something.
Goes to show you just how awful BIOS disk access routines really are.
Furthermore, until you know what group the Linux newbie was from, you'll have a hard time finding the meaning of this (non-)event. And even if you did know, all you could deduce is that some pointy haired manager somewhere got a pawn of his to write him a "report" about Linux.
In short, if you think this is news, you need your head examined. MS has lots of Linux users on campus, lots of independent groups with their own motivations and interests, lots of competitors and lots of clueless contractors.
Move along, now.
http://ntbugtraq.ntad vice.com/default.asp?sid=1&pid=47&aid=52 has a very reasonable outsider's perspective of what this issue is about.
Furthermore, there seems to be some confusion between CSP's and providers of authentication on NT. Assuming the worst possible case (e.g., the NSA can break everything encrypted via CryptoAPI), this has nothing to do with someone subverting LSA or kerberos and logging onto your system and reading or modifying your files.
In other words, you should really only be concerned if you're using the CryptoAPI to encrypt sensitive stuff. If you don't trust the CryptoAPI, then you can always use something unrelated, like PGP. But if your paranoia level is that high, then maybe even PGP has "backdoors" that you're unaware of...