Vista was okay if there was no OEM crap and on speedy hardware with loads of RAM and your hardware and software was supported. That's why it worked for some. Coloring all of them as sockpuppets is juvenile.
WP7 has polish and is ultra smooth and the metro UI is really innovative and good. If it was made by Apple, people would be singing praises of it over here ad nauseum. Cut and paste is coming in an update this month and has already been demoed at CES. And there are LOTS of non-geeks who don't care about multitasking. It's a good 1.0 product but MS is not pushing updates fast enough.
MS has the financial muscle to see it through. Remember Windows 1.0, the original XBOX, Word, Excel etc.?
(AppStore Guidelines Chapter 21. Charities and contributions):
21.1 Apps that include the ability to make donations to recognized charitable organizations must be free 21.2 The collection of donations must be done via a wweb site in Safari or an SMS
The App included no ability to make donations. The author was personally donating out of his App Store revenue, which is a completely different thing. And I don't think WikiLeaks is a 'recognized charitable organization'.
"The recent incident of "backdoors" in Microsoft software is indicative of a fundamental problem that electronic commerce will need to address very soon," Jerry Harold, president & co-founder of NetSec [...] Even if Microsoft has stringent internal requirements for software assurance, it's very difficult to catch a backdoor that may be hidden by a single coder deep inside hundreds of thousands of lines of code," said Harold "This is why NetSec builds its products on an operating system (OpenBSD) that has made security its number one goal," Harold told SOURCES. "The source for the operating system was re-built from the ground up for security and is publicly available. As a result, it is continuously subjected to rigorous security review by independent software engineers around the world. This has additional benefits because secure code often tends to be well designed, stable, and efficient."
They put the money into a foundation that then invests the large amounts of money into the American economy and sometimes businesses or areas of development that they hold an interest in. Once the return is netted at the end of the year, then this is what is "given away" in the strictest sense of the words
The objective is to make money for the charity, so more money can be given out. It does not matter to the foundation if that's an American business or not, just that it has to be profitable. If African companies are not profitable then the foundation will simply squander the money away.
If you don't think that the Bill and Melinda Gates Foundation is American-centric and nationalistic in its investments, why don't you read his warning letter about China developing alternative energy [slashdot.org].
What has that go to do with the foundation? It's not even mentioned there. Dare a person have different goals and objectives in his life? I think you're letting bias cloud your judgment. Just throwing the money at a problem does not solve it. Signing a check of a trillion dollars to the African government will just make the situation worse. A foundation is far better.
How is what the foundation doing largely detrimental?
First, the report talks about devices sold, not the installed base, in which PCs will have a very big lead for the foreseeable future. Phones have long sold better than PCs. Also, do you know anyone that just uses smartphones and tablets but never PCs or laptops? Didn't think so.
Microsoft plans to cut the amount of time it stores the IP addresses associated with search queries from 18 months to six months, in compliance with new European regulations and with a mind to putting pressure on its biggest rival.
Searchers on Bing already have their IP addresses immediately anonymized following a search query, but to comply with a new European Commission directive on Internet privacy the company will delete the IP addresses entirely after six months. Microsoft said it will roll out the new policy over the next 12 to 18 months, however.
Google anonymizes IP addresses after nine months, and deletes IP addresses after 18 months, which the company says is necessary to protect its search results and ads against click fraud and spam.
Umm isn't the git mirror read only and is populated with code from Savannah? In that case you don't need a sha1 collision. Since the attacker had control of the server, he could mask the edits and make a change to the code in the database directly without being logged.
How do you know a trojan wasn't slipped into the various software source hosted by the Savannah server like GCC, the GNU utilities etc.?
You don't complain about the car's safety if you manage to cut yourself with a knife while inside, do you?
No, but you would complain if the people responsible for ensuring the safety of the car run red lights themselves and put others at risk. That's what happened here. The hardcore admins themselves didn't follow basic security procedures like hashing passwords and protecting against injection attacks.
A salt + a good hash will prevent against bruteforcing. Encryption will allow the attacker to get the original password back which can be used on other websites etc. Any web site worth it's salt (pun unintended) hashes the passwords instead of encrypting them. Cmon, this is Web Security 101 stuff.
It was a GNU project it was running on HURD not Linux.
Umm.. this wasn't a LINUX issue it was an SQL injection attack on a website. Are just trying to troll or do you really not know the difference?
This is definitely a LINUX issue because GNU utilities(like gcc) are bundled with almost every Linux distro. If someone were able to slip a trojan into gcc or any other GNU util, it's game over for every Linux installation. http://cm.bell-labs.com/who/ken/trust.html#fig6
You're the one who's shortsighted to think that it's isolated to HURD.
Add to that that gcc is hosted. Compromise gcc's source and you get access to everything you ever want. Obligatory Ken Thompson compiler trojan article link http://cm.bell-labs.com/who/ken/trust.html#fig6
The actual bug I planted in the compiler would match code in the UNIX "login" command. The replacement code would miscompile the login command so that it would accept either the intended encrypted password or a particular known password. Thus if this code were installed in binary and the binary were used to compile the login command, I could log into that system as any user.
Such blatant code would not go undetected for long. Even the most casual perusal of the source of the C compiler would raise suspicions.
FIGURE 7
The final step is represented in Figure 7. This simply adds a second Trojan horse to the one that already exists. The second pattern is aimed at the C compiler. The replacement code is a Stage I self-reproducing program that inserts both Trojan horses into the compiler. This requires a learning phase as in the Stage II example. First we compile the modified source with the normal C compiler to produce a bugged binary. We install this binary as the official C. We can now remove the bugs from the source of the compiler and the new binary will reinsert the bugs whenever it is compiled. Of course, the login command will remain bugged with no trace in source anywhere. Moral
The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect.
Who ever said there was a law being broken? It may be Apple's right to be a dick, but we are free to discuss about it without a bunch of apologists supporting their unethical actions.
iFans would shit a golden brick if Microsoft banned iTunes from Windows 7
iTunes is already banned from Windows Phone 7 because Windows Phone 7 runs only verifiably type-safe CIL, and iTunes, which I assume is written in Objective-C, doesn't compile to verifiably type-safe CIL.
iTunes is simply not written for Windows Phone 7 yet. Come back if and when Apple submits an iTunes app that actually runs on Windows Phone 7 and Microsoft rejects it. Until then stop making statements that are the equivalent of "Disneyland banned me because they won't buy a air ticket for me to fly there.".
Slashdot Mirror
I thought Computerworld was the one that successfully trolled Slashdot anti-MS zealots by faking Vista and Windows 7 benchmarks? http://www.zdnet.com/blog/btl/why-we-dont-trust-devil-mountain-software-and-neither-should-you/31024
Vista was okay if there was no OEM crap and on speedy hardware with loads of RAM and your hardware and software was supported. That's why it worked for some. Coloring all of them as sockpuppets is juvenile.
And do you have a citation for the Kin's 30k facebook friends and under 1k friends? Thought there were only 9000 earlier.
http://www.intomobile.com/2010/07/08/microsoft-kin-facebook-app-shows-over-8800-active-kin-phones-debunk/
WP7 has polish and is ultra smooth and the metro UI is really innovative and good. If it was made by Apple, people would be singing praises of it over here ad nauseum. Cut and paste is coming in an update this month and has already been demoed at CES. And there are LOTS of non-geeks who don't care about multitasking. It's a good 1.0 product but MS is not pushing updates fast enough.
MS has the financial muscle to see it through. Remember Windows 1.0, the original XBOX, Word, Excel etc.?
A much better video in English here http://www.youtube.com/watch?v=oH-0OH0MI2Y
In what way is a Windows PC or Android phone an 'assembly kit' ?
(AppStore Guidelines Chapter 21. Charities and contributions):
21.1 Apps that include the ability to make donations to recognized charitable organizations must be free 21.2 The collection of donations must be done via a wweb site in Safari or an SMS
The App included no ability to make donations. The author was personally donating out of his App Store revenue, which is a completely different thing. And I don't think WikiLeaks is a 'recognized charitable organization'.
That section applies to Apps that are soliciting donations through in-store payments, not the revenue from App Store sales.
Give me a break. Apple sells a streamlined user experience to people who want exactly that. .
So the 'people' you speak of don't want to see an Android magazine app in the App Store and don't like others using it as well?
http://www.openbsd.org/reprints/article_20000419.html
"The recent incident of "backdoors" in Microsoft software is indicative of a fundamental problem that electronic commerce will need to address very soon," Jerry Harold, president & co-founder of NetSec [...] Even if Microsoft has stringent internal requirements for software assurance, it's very difficult to catch a backdoor that may be hidden by a single coder deep inside hundreds of thousands of lines of code," said Harold
"This is why NetSec builds its products on an operating system (OpenBSD) that has made security its number one goal," Harold told SOURCES. "The source for the operating system was re-built from the ground up for security and is publicly available. As a result, it is continuously subjected to rigorous security review by independent software engineers around the world. This has additional benefits because secure code often tends to be well designed, stable, and efficient."
How can you backtrack if you never promised support in the first place?
They didn't have time for even cut and paste or CDMA phones.... is this news a surprise?
They put the money into a foundation that then invests the large amounts of money into the American economy and sometimes businesses or areas of development that they hold an interest in. Once the return is netted at the end of the year, then this is what is "given away" in the strictest sense of the words
The objective is to make money for the charity, so more money can be given out. It does not matter to the foundation if that's an American business or not, just that it has to be profitable. If African companies are not profitable then the foundation will simply squander the money away.
If you don't think that the Bill and Melinda Gates Foundation is American-centric and nationalistic in its investments, why don't you read his warning letter about China developing alternative energy [slashdot.org].
What has that go to do with the foundation? It's not even mentioned there. Dare a person have different goals and objectives in his life? I think you're letting bias cloud your judgment. Just throwing the money at a problem does not solve it. Signing a check of a trillion dollars to the African government will just make the situation worse. A foundation is far better.
How is what the foundation doing largely detrimental?
First, the report talks about devices sold, not the installed base, in which PCs will have a very big lead for the foreseeable future. Phones have long sold better than PCs. Also, do you know anyone that just uses smartphones and tablets but never PCs or laptops? Didn't think so.
That's what he said too.
Here is your citation: http://tech.slashdot.org/comments.pl?sid=1898170&cid=34461356
Err, Bing does a better job with privacy. It sanitizes IPs in 6 months versus Google's 9 months. http://news.cnet.com/8301-30684_3-10437137-265.html
Microsoft plans to cut the amount of time it stores the IP addresses associated with search queries from 18 months to six months, in compliance with new European regulations and with a mind to putting pressure on its biggest rival.
Searchers on Bing already have their IP addresses immediately anonymized following a search query, but to comply with a new European Commission directive on Internet privacy the company will delete the IP addresses entirely after six months. Microsoft said it will roll out the new policy over the next 12 to 18 months, however.
Google anonymizes IP addresses after nine months, and deletes IP addresses after 18 months, which the company says is necessary to protect its search results and ads against click fraud and spam.
Umm isn't the git mirror read only and is populated with code from Savannah? In that case you don't need a sha1 collision. Since the attacker had control of the server, he could mask the edits and make a change to the code in the database directly without being logged.
How do you know a trojan wasn't slipped into the various software source hosted by the Savannah server like GCC, the GNU utilities etc.?
You don't complain about the car's safety if you manage to cut yourself with a knife while inside, do you?
No, but you would complain if the people responsible for ensuring the safety of the car run red lights themselves and put others at risk. That's what happened here. The hardcore admins themselves didn't follow basic security procedures like hashing passwords and protecting against injection attacks.
You mean Windows Server 2008 R2?
A salt + a good hash will prevent against bruteforcing. Encryption will allow the attacker to get the original password back which can be used on other websites etc. Any web site worth it's salt (pun unintended) hashes the passwords instead of encrypting them. Cmon, this is Web Security 101 stuff.
It was a GNU project it was running on HURD not Linux.
Umm.. this wasn't a LINUX issue it was an SQL injection attack on a website. Are just trying to troll or do you really not know the difference?
This is definitely a LINUX issue because GNU utilities(like gcc) are bundled with almost every Linux distro. If someone were able to slip a trojan into gcc or any other GNU util, it's game over for every Linux installation. http://cm.bell-labs.com/who/ken/trust.html#fig6
You're the one who's shortsighted to think that it's isolated to HURD.
Red Hat/Fedora servers had been hacked compromising the private signing key http://www.pcworld.com/businesscenter/article/150212/hackers_crack_into_red_hat.html
Ubuntu repositories hacked http://www.pcworld.com/businesscenter/article/150212/hackers_crack_into_red_hat.html
And don't forget the Debian SSL key debacle....
Add to that that gcc is hosted. Compromise gcc's source and you get access to everything you ever want. Obligatory Ken Thompson compiler trojan article link http://cm.bell-labs.com/who/ken/trust.html#fig6
The actual bug I planted in the compiler would match code in the UNIX "login" command. The replacement code would miscompile the login command so that it would accept either the intended encrypted password or a particular known password. Thus if this code were installed in binary and the binary were used to compile the login command, I could log into that system as any user.
Such blatant code would not go undetected for long. Even the most casual perusal of the source of the C compiler would raise suspicions.
FIGURE 7
The final step is represented in Figure 7. This simply adds a second Trojan horse to the one that already exists. The second pattern is aimed at the C compiler. The replacement code is a Stage I self-reproducing program that inserts both Trojan horses into the compiler. This requires a learning phase as in the Stage II example. First we compile the modified source with the normal C compiler to produce a bugged binary. We install this binary as the official C. We can now remove the bugs from the source of the compiler and the new binary will reinsert the bugs whenever it is compiled. Of course, the login command will remain bugged with no trace in source anywhere.
Moral
The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect.
It allows corporations to develop proprietary applications and install them on users' handsets
Any chance the jailbreak comes with the option to disable this functionality?
Corporations are not going to be able to use this tool to install applications on general users' handsets without permission.
That line should read 'employees' handsets' not 'user's handsets'. That's a feature.
It's effectively the same thing, because of DRM, the only installs possible are from the App store.
Who ever said there was a law being broken? It may be Apple's right to be a dick, but we are free to discuss about it without a bunch of apologists supporting their unethical actions.
The new(a year now?) meta-moderation is broken badly compared to the earlier one.
iFans would shit a golden brick if Microsoft banned iTunes from Windows 7
iTunes is already banned from Windows Phone 7 because Windows Phone 7 runs only verifiably type-safe CIL, and iTunes, which I assume is written in Objective-C, doesn't compile to verifiably type-safe CIL.
iTunes is simply not written for Windows Phone 7 yet. Come back if and when Apple submits an iTunes app that actually runs on Windows Phone 7 and Microsoft rejects it. Until then stop making statements that are the equivalent of "Disneyland banned me because they won't buy a air ticket for me to fly there.".