"What has UI design got to do with security. Will my car go better because it has translucent wavey controls on the dashboard?"
Are you serious? Ok, how about an example? Consider two dialogs prompting the user to allow some potentially dangerous action, one with an OK button as the default and one with the CANCEL button as the default. Which is more secure? Now consider a UI that labels every potentially dangerous setting with a shield or some other icon to signify that changing this setting might compromise security. Do you honestly think that it would make no difference?
UI design has a LOT to due with security. Any intelligent person who spends more than 10 seconds considering it will realize this.
"It is ironic that we get to pay MS for fixing defects in its own OS. Whether from Microsoft or Symantic these 'security' solutions are merely a plaster cast round a fractured system. The only difference is such revenues go to MS."
Huh? When was the last time you paid for a Microsoft security patch? Microsoft's One Care suite (which includes Antivirus and Antimalware, among other things) isn't a "fix" for some defect, it's simply another layer of security. If something does manage to get by the security layers Microsoft has included in Vista then, hopefully, these last layers of defense will catch them.
"What is required is an OS that can't be compromised by opening email or clicking on a URL and that don't require any action on behalf of the user to work."
Microsoft has addressed the vast majority of attack vectors with Vista. The combination of protected mode IE, UAC, address space layout randomization, and a host of other technologies will make it very difficult to run code that a user doesn't want to run. The primary purpose of the antivirus and antimalware is catch the programs that the user actually does want to run but that might be bad. Aside from restricting execution to only signed exes, there is no way to stop a user from being really, really stupid and downloading the latest porn viewer from a Russian porn site.
That said, no OS will ever be perfect. The point is that Microsoft has done a really, really good job at changing how they look at security. Vista will be the first OS that shows the fruits of their labor, and you might want to wait and see how it fairs in the real world before bashing it. Many people bashed.NET before it came out, and yet it has had *very* few security holes. The same goes for IIS 6. (Both of these products were created using the new security guidelines.)
"For instance when a box pops up asking me to accept a 'certificate'. How the heck is the average Vista user supposed to tell that."
Thank you for proving my point. It's about how you present that box. In XP pre-SP2, installing malware was a simple as including an activex control on a web page. Even without any exploits, a huge percentage of users would just click OK. Post SP2 you get a little information bar (just like a popup blocker) at the top of the browser. Most people ignore this bar. If a user really does want the activex to run they will find it easy enough, but by default it assumes the user doesn't want to run it. This alone dramatically decreased the spread of malware. Now, virtually all malware uses exploits to install itself. This is a great example of how simple UI design dramatically increased security.
I know this isn't the crowd to say this to, but Vista really will be a lot more secure than past versions of Windows. In fact, the mere addition of Protected Mode IE will prevent the VAST majority of Malware from ever getting a shot at most users PCs. (Since IE is the primary attack vector for virtually all of the bad guys, whether that's directly through the browser or via IE components being used in e-mail clients or other applications.)
McAfee and Symantec are very scared about this. They know that the more secure Windows gets the less people are going to want their very, very crappy products.
First they cry foul about Microsoft preventing kernel patching (yet somehow ignore the fact that Windows One Care works just fine without kernel patching by using documented APIs), and now they complain about what amounts to them not being able to plaster their brand and cross sell their other crappy products via the security center.
There is a *LOT* to be said for consistency in UI design. If users always know that you go to the Security Center to make sure your computer is secure, they're at least somewhat more likely to do it.
Well, if you look at my other post, I would say the TCP/IP improvements, productivity gains from improved UI, the revamped security model, and the general reliability improvements you'll get from Vista would all be worth while reasons to upgrade.
That said, upgrading an entire enterprise is very different from an individual upgrading their personal machine. The Business 2.0 article was talking about individuals, not enterprises. Vista is most definitly a great upgrade for home users. Anybody familiar with the features would agree with that.
But for a business, it's a much different decision. (Obviously.) Honestly, for most medium/large businesses, I would wait until Longhorn Server hits the market. The combination of Vista on both the client and the server will be far more attractive than just Vista.
Just out of curiosity, how many desktops are we talking about? Microsoft's volume licensing typically reduces the cost of Windows to between $50 and $60 per machine if you're dealing with more than 250 desktops. That means you're talking about 3000+ machines?
They're not providing DirectX 10 for XP because it relies on the new WDDM (Windows Display Driver Model) which is radically different from the one in XP and all other Windows versions.
It's not *just* a marketing thing, it's also a technical issue. In order to back-port DirectX 10 to XP they would need to include a huge chunk of functionality from Vista (in addition to DX10) into XP. There comes a point where you have to draw the line. (No pun intended.:)
I'm very sorry you don't understand. It must be hard going through life without the ability to grasp simple concepts due to your overwhelming need to be part of a subculture.
Let me know if I can do anything to help you out. Perhaps an intervention of some kind? Some medication?
You are incorrect. Any application written with WPF (Windows Presentation Foundation) supports resolution independence. WPF is the primary API for writing Windows applications on Vista.
It's also being back-ported to XP, so XP will support this as well.
Sigh... I should know better than to reply to people like you, but I'll bite.
Protect Mode IE is a lot more than an OK dialog. It's a sandboxed version of IE that runs as a user with virtually no permissions on the machine. That means if there is a bug in IE (which there will be), the best somebody can do with it is crash IE. They can't touch any files on the machine that are important, not even the files of the user running IE.
All interaction with the rest of the system is done through a broker, which runs as the current user. This broker is just a few thousand lines of code (I've read conflicting stats, but some say as little as 1500 lines of code). This means the code can be easily audited for security issues. The changes of there being a bug in the broker are virtually zero, at least when compared with the rest of IE.
So it's a bit more than another OK dialog. Sorry to disappoint you... I know you were happy thinking Microsoft wasn't actually improving security in Windows.
You must be using Beta 2. Try using a later build. The UAC dialogs are no longer modal and pop up far less often.
What I was talking about specifically is the better feedback and progress information you get during file operations. For instance, if I copy a lot of files from point A to point B, and point B contains some files with the same names, it prompts me at the end of the operation (not at indeterminant points in between) and allows me to selectively choose what to do with each file without cancelling or screwing up the operation as a whole.
Sounds like a simple thing, and it is, but it's a HUGE improvement over the piss poor way XP does things.
I guess it technically isn't re-writing, since they lifted the majority of the stack from BSD in the first place, but hey, did this wheel really need to be reinvented?
Well, I'm sure BSD heavily influenced Windows sockets, just as it did for virtually every other OS, but the new stuff in the Vista TCP stack is actually pretty impressive. The performance gains they've seen in testing are upwards of 400% for many types of common links.
Read more about here and here. There is also a good video about it on Channel 9.
So it's not really a question of reinvetion but of dramatic improvement.
Please, do yourself a favor a do a google search about Vista. Slashdot is not the place to learn about the benefits of a Microsoft OS.
But a quick list from the top of my head (ways it's better than XP):
Various kernel improvements in scheduling
Completely new TCP/IP stack that offers much greater performance on high latency connections
Composited desktop / Aero prettiness (looks far less childish than XP, imo)
Resolution/DPI independence
Nice UI improvements like Flip3d (works well), taskbar thumbnails
Revamped security model (UAC, new system services model, etc.)
IE 7+ (Protected Mode IE) - this will virtually eliminate malware via the browser
Much better networking UI / auto network discovery - much cooler than I expected
New start menu really is a LOT better than XPs
Far better Explorer interface - bread crumbs are great (about time)
WAY better file operations dialogs
WAY better file operations in general (no more huge lag when accessing network devices, disks, etc.)
ReadyBoost (uses USB disks as disk caching locations, works very well.)
SuperFetch - a much improved version of XPs intelligent caching
Integrated Search - works better than anything else out there, including Mac OS.
Windows Presentation Foundation (although this will be available on XP)
DirectX 10
Windows Display Driver Model (virtualization of graphics card memory!)
Dramatic improvements in driver development (can develop a simple driver in 500 instead of 5000 lines of code)
Great backup utils
And that was just off the top of my head. There is LOTS of other stuff if you bother to do some research. I can't speak for Ubuntu... one thing is for sure, Vista has a much cooler name.:)
I get 5.05% from an insured HSBC internet savings account. I can get 5.15% from various other similar companies.
So they spend the time and risk the legal ramifacations of sending millions of SPAM e-mails to get, at best.85% better than a opening a savings account at a bank?
I'm all for growing meat in a lab. The more meat, the merrier... but we can't even get farm raise salmon to taste right, what makes us think that meat grown in a lab is going to taste as good as a nice kobe beef ribeye?
Gurgle... meat... gurgle. Damn, now I'm hungry.
Might have the thaw that wild boar bacon I have in the freezer. That stuff is like crack, but with more cholesterol.
"A user mode driver won't bring down the system, but if a device works with the audio on a PC, how is Windows going to know that it won't just copy stuff wholesale?"
It wouldn't. Microsoft isn't requiring any special kind of DRM in the drivers they approve. The DRM schemes used would require kernel mode drivers to bypass due to the fact that hardware in question (the HD-DVD or Blueray drives) do their DRM-stuff in kernel mode drivers. The user mode driver isn't "low" enough to do the job.
So you could write a driver to interact with your audio device all you want, but it's never going to be able to rip the DRM out of the HD content.
"Until they were banned under the DMCA, you could go into Best Buy and pay about $40 for software that would make a copy of any DVD for you, with CSS removed. This would be a little trickier for the user with DRM built into the computer, but not much"
That's because CSS is fundementally flawed DRM. It relied on a secret embedded in software. Once this secret was found out, it was worthless. Without DMCA/other laws, this could certainly happen again, but newer DRM schemes are getting harder and harder to break. Once hardware gets involved (HDMI, for instance) it becomes nearly impossible.
"Beyond that, if Windows isn't actually preventing access to the files, you could just download a different media player program that didn't pay any attention to DRM restrictions"
Not really. The DRM in Vista is both hardware and software based. It's going to be *much* harder to get around.
"On their own, probably not, but it raises the barrier to entry for small companies that want to make hardware, especially innovative hardware, and especially hardware that works with the audio or video systems."
I'm not so sure about that. Do you know what the costs of getting a driver signed by Microsoft are? It's similar to the costs of running a site secured via SSL. You need a cert, which in the past used to cost upwards of $400. While it was a small barrier, it was for good reason.
Also, a huge number of drivers can be implemented as user mode drivers. Microsoft is making a big push to get as much stuff out of the kernel as possible and into user land. In addition, the user mode driver framework actually dramatically lowers the barriers of entry in the driver space because it reduces the minimum number of lines of code in a driver from something like 5000 to around 300.
"For instance, I have a Line6 GuitarPort on my computer"
This would be an excellent candidate for a user mode driver, which requires no signing. Basically anything that's not super performance critical can live in user mode. Even some things like storage drivers can live in user mode because the bottleneck is the hardware, not the software.
"DRM really has no hope of working without laws backing it up."
I disagree completely. DRM will work if the content it protects is sufficently valuable to the consumer and the protections in place don't make it prohibitive from a cost or ease of use perspective. In other words, the market determine if it works. It is certainly possible to make copying content nearly impossible for *most* people in *most* situations with a combination of hardware and software.
You're correct it's impossible to make it work 100% of the time, but it doesn't have to. It just has to prevent enough piracy to make the business side of things worthwhile. DRM technology will likely swing back and forth for a while, from too restrictive to not restrictive enough, until a balance has been found so that it works for the majority.
"Anyway, *I* could probably do it, but your average person on the street really doesn't have a practical option of using Linux at home when they're using Windows at work."
And the average person doesn't want to. If the average person wanted to switch to something other than Windows, competitors would quickly appear and gain traction. Mac OS X would finally gain some market share, for instance.:)
"You can't write your own device drivers. You can't use hardware from companies that haven't paid Microsoft to audit *their* device drivers to ensure it doesn't do anything that might interfere with the DRM. You may very well run into trouble with content that you yourself have created, when things don't work right."
Well, I would say that the VAST majority of people can't write device drivers to begin with, nor would they want to. Nevertheless, how is this different from other forms of licensing? In order to make an iPod accessory, I have to pay Apple. In order to make a Playstation controller (or game, for that matter) I have to pay Sony. Is this any different?
I would say the benefits of signed kernel mode software VASTLY outweight the potential harm to "freedom".
"To prevent that, you have to have something like the DMCA, making working on such systems, possessing them, and talking about them illegal, even for purposes that have nothing to do with piracy."
Ah, now you're talking about laws. This is an entirely different topic. I'm pro-DRM, and anti-DRM laws. When the government steps in all of a sudden the free market argument I was making starts to fall apart. So I agree with you, DRM-laws are typically a very bad thing.
"More choices of entertainment. Is entertainment really important enough to legally suppress speech?"
This applies to more than just entertainment. It's about digital content in general. And, again, I wasn't talking about the law aspect of this stuff.
"No, not really. I can avoid buying Windows Vista for maybe a year after its release, but beyond that it will be esentially unavoidable on a new computer."
That's really not true at all. You can build your own machine, get one with Linux, or format it on arrival. The "Microsoft Tax" is a fallacy. Windows adds about $30 to the cost of your Dell, for instance, so it really isn't a big deal. If enough people cared, OEMs would offer naked machines... but people don't care. Blame the market forces in this case.
"Even avoiding computers (not likely, as I'm a programmer) altogether won't do it if something like Fritz Hollings' bill eventually passes. And of course, I have no power as a consumer to avoid an environment where people are not legally allowed to talk shop."
Again, I agree about this inane laws. They are a violation of free speech almost no matter how you look at it.
"I believe it my right to use the content any way I choose, because I bought it."
Since when is it up to the buyer to determine the conditions of the sale? The SELLER determines the conditions and the buyer can choose to buy, or not buy. Simple as that.
"Why should I have this right? Because our copyright system is based in the Constitution, and exists solely for the purpose of the public good, and solely for a limited amount of time."
Huh? Find me the line in copyright law that references the Constitution. Find me the line in the Constitution that refers to a buyer determining the conditions of sale of a product or service.
Everybody here seems to be ridiculing Microsoft for listening to the "Media Companies" regarding DRM. But you're missing one big point...
The "Media Companies" are the ones who are going to all of this content. It's not a question of DRM-free HD content or DRM-restricted content, it's a question of DRM-restricted content or NO CONTENT AT ALL.
People say this somehow restricts innovation. I'm not sure how. People are free to produce competing media formats. People are free to create media players that play those competing formats. But media companies will choose not to utilize those alternatives because they don't protect their copyrights.
Microsoft adding this restriction didn't limit choice or "freedom". If anything, it created MORE choice. It gave a big incentive to media companies to produce new HD content that people want. If the media companies though their investments would go to waste thanks to piracy they would be far less inclined to make those investments. But now that's not the case.
It's not like this is going to stop anybody from producing HD content that plays without restriction. There are dozens of media formats available right now that allow you to reach HD resolutions. If you don't want DRM in the content YOU produce, this will not affect you at all.
I always get a kick out of people who set their firewall to prompt on every attempt to access the net, especially when they're running as admin on their boxes.
Even without the user running as admin, it's fairly easy to create a program to bypass outgoing firewalls. Basically the trick is it piggypack your communications over an existing application that's trusted.
Nearly everybody is going to trust IE (or Firefox, or whatever browser) to access the network. All you have to do is figure out a way to use that program to do your communications for you.
I once wrote a proof of concept app (in VB no less!) that used IE to do exactly this. I setup a simple piece of server software that accepted requests via HTTP GETs and returned the response as base64 encoded text in an HTML body. When my app needed to access remote data I just used IE to request that data from the server and then base64 decoded it. I could have also done something like have the server software act as a proxy so I could request any remote data I wanted, even if it wasn't hosted by my server. It was trivial.
The best part was that *every* major outgoing firewall failed to detect this attempt, despite that fact they claim to be able to tell when one application is using another to piggyback communications. Perhaps it was the way the COM interface worked, I'm not sure... but it never failed and never prompted me to allow it to happen.
Slashdot Mirror
Are you serious? Ok, how about an example? Consider two dialogs prompting the user to allow some potentially dangerous action, one with an OK button as the default and one with the CANCEL button as the default. Which is more secure? Now consider a UI that labels every potentially dangerous setting with a shield or some other icon to signify that changing this setting might compromise security. Do you honestly think that it would make no difference?
UI design has a LOT to due with security. Any intelligent person who spends more than 10 seconds considering it will realize this.
Huh? When was the last time you paid for a Microsoft security patch? Microsoft's One Care suite (which includes Antivirus and Antimalware, among other things) isn't a "fix" for some defect, it's simply another layer of security. If something does manage to get by the security layers Microsoft has included in Vista then, hopefully, these last layers of defense will catch them.
Microsoft has addressed the vast majority of attack vectors with Vista. The combination of protected mode IE, UAC, address space layout randomization, and a host of other technologies will make it very difficult to run code that a user doesn't want to run. The primary purpose of the antivirus and antimalware is catch the programs that the user actually does want to run but that might be bad. Aside from restricting execution to only signed exes, there is no way to stop a user from being really, really stupid and downloading the latest porn viewer from a Russian porn site.
That said, no OS will ever be perfect. The point is that Microsoft has done a really, really good job at changing how they look at security. Vista will be the first OS that shows the fruits of their labor, and you might want to wait and see how it fairs in the real world before bashing it. Many people bashed
Thank you for proving my point. It's about how you present that box. In XP pre-SP2, installing malware was a simple as including an activex control on a web page. Even without any exploits, a huge percentage of users would just click OK. Post SP2 you get a little information bar (just like a popup blocker) at the top of the browser. Most people ignore this bar. If a user really does want the activex to run they will find it easy enough, but by default it assumes the user doesn't want to run it. This alone dramatically decreased the spread of malware. Now, virtually all malware uses exploits to install itself. This is a great example of how simple UI design dramatically increased security.
I know this isn't the crowd to say this to, but Vista really will be a lot more secure than past versions of Windows. In fact, the mere addition of Protected Mode IE will prevent the VAST majority of Malware from ever getting a shot at most users PCs. (Since IE is the primary attack vector for virtually all of the bad guys, whether that's directly through the browser or via IE components being used in e-mail clients or other applications.)
McAfee and Symantec are very scared about this. They know that the more secure Windows gets the less people are going to want their very, very crappy products.
First they cry foul about Microsoft preventing kernel patching (yet somehow ignore the fact that Windows One Care works just fine without kernel patching by using documented APIs), and now they complain about what amounts to them not being able to plaster their brand and cross sell their other crappy products via the security center.
There is a *LOT* to be said for consistency in UI design. If users always know that you go to the Security Center to make sure your computer is secure, they're at least somewhat more likely to do it.
See this post.
Well, if you look at my other post, I would say the TCP/IP improvements, productivity gains from improved UI, the revamped security model, and the general reliability improvements you'll get from Vista would all be worth while reasons to upgrade.
That said, upgrading an entire enterprise is very different from an individual upgrading their personal machine. The Business 2.0 article was talking about individuals, not enterprises. Vista is most definitly a great upgrade for home users. Anybody familiar with the features would agree with that.
But for a business, it's a much different decision. (Obviously.) Honestly, for most medium/large businesses, I would wait until Longhorn Server hits the market. The combination of Vista on both the client and the server will be far more attractive than just Vista.
Just out of curiosity, how many desktops are we talking about? Microsoft's volume licensing typically reduces the cost of Windows to between $50 and $60 per machine if you're dealing with more than 250 desktops. That means you're talking about 3000+ machines?
They're not providing DirectX 10 for XP because it relies on the new WDDM (Windows Display Driver Model) which is radically different from the one in XP and all other Windows versions.
:)
It's not *just* a marketing thing, it's also a technical issue. In order to back-port DirectX 10 to XP they would need to include a huge chunk of functionality from Vista (in addition to DX10) into XP. There comes a point where you have to draw the line. (No pun intended.
How is this an insightful comment? This author shows his complete LACK of knowledge about Vista, not some insight about it.
Just because you haven't done more than 30 seconds of research on what's new in Vista doesn't mean there aren't any useful new features.
It means you're being willfully ignorant.
I'm very sorry you don't understand. It must be hard going through life without the ability to grasp simple concepts due to your overwhelming need to be part of a subculture.
Let me know if I can do anything to help you out. Perhaps an intervention of some kind? Some medication?
The difference is that a "configuration update" doesn't require regression testing, where as a "patch" does.
It really isn't that hard to understand. I'm not sure why you're having trouble.
Microsoft did not really "patch" their DRM. This wasn't a code change. Their DRM was designed to be updateable in the event that it was compromised.
There is a big difference in how fast you can roll out what ammounts to a configuration change and how fast you can roll out a code change.
That said, it didn't seem to do much good given that it was cracked again in a matter of days.
You are incorrect. Any application written with WPF (Windows Presentation Foundation) supports resolution independence. WPF is the primary API for writing Windows applications on Vista.
It's also being back-ported to XP, so XP will support this as well.
Sorry to burst your little Jobs-Bubble.
Sigh... I should know better than to reply to people like you, but I'll bite.
Protect Mode IE is a lot more than an OK dialog. It's a sandboxed version of IE that runs as a user with virtually no permissions on the machine. That means if there is a bug in IE (which there will be), the best somebody can do with it is crash IE. They can't touch any files on the machine that are important, not even the files of the user running IE.
All interaction with the rest of the system is done through a broker, which runs as the current user. This broker is just a few thousand lines of code (I've read conflicting stats, but some say as little as 1500 lines of code). This means the code can be easily audited for security issues. The changes of there being a bug in the broker are virtually zero, at least when compared with the rest of IE.
So it's a bit more than another OK dialog. Sorry to disappoint you... I know you were happy thinking Microsoft wasn't actually improving security in Windows.
You must be using Beta 2. Try using a later build. The UAC dialogs are no longer modal and pop up far less often.
What I was talking about specifically is the better feedback and progress information you get during file operations. For instance, if I copy a lot of files from point A to point B, and point B contains some files with the same names, it prompts me at the end of the operation (not at indeterminant points in between) and allows me to selectively choose what to do with each file without cancelling or screwing up the operation as a whole.
Sounds like a simple thing, and it is, but it's a HUGE improvement over the piss poor way XP does things.
Well, I'm sure BSD heavily influenced Windows sockets, just as it did for virtually every other OS, but the new stuff in the Vista TCP stack is actually pretty impressive. The performance gains they've seen in testing are upwards of 400% for many types of common links.
Read more about here and here. There is also a good video about it on Channel 9.
So it's not really a question of reinvetion but of dramatic improvement.
But a quick list from the top of my head (ways it's better than XP):
And that was just off the top of my head. There is LOTS of other stuff if you bother to do some research. I can't speak for Ubuntu... one thing is for sure, Vista has a much cooler name.
I get 5.05% from an insured HSBC internet savings account. I can get 5.15% from various other similar companies.
.85% better than a opening a savings account at a bank?
So they spend the time and risk the legal ramifacations of sending millions of SPAM e-mails to get, at best
They're idiots.
I'm all for growing meat in a lab. The more meat, the merrier... but we can't even get farm raise salmon to taste right, what makes us think that meat grown in a lab is going to taste as good as a nice kobe beef ribeye?
Gurgle... meat... gurgle. Damn, now I'm hungry.
Might have the thaw that wild boar bacon I have in the freezer. That stuff is like crack, but with more cholesterol.
It wouldn't. Microsoft isn't requiring any special kind of DRM in the drivers they approve. The DRM schemes used would require kernel mode drivers to bypass due to the fact that hardware in question (the HD-DVD or Blueray drives) do their DRM-stuff in kernel mode drivers. The user mode driver isn't "low" enough to do the job.
So you could write a driver to interact with your audio device all you want, but it's never going to be able to rip the DRM out of the HD content.
That's because CSS is fundementally flawed DRM. It relied on a secret embedded in software. Once this secret was found out, it was worthless. Without DMCA/other laws, this could certainly happen again, but newer DRM schemes are getting harder and harder to break. Once hardware gets involved (HDMI, for instance) it becomes nearly impossible.
Not really. The DRM in Vista is both hardware and software based. It's going to be *much* harder to get around.
I'm not so sure about that. Do you know what the costs of getting a driver signed by Microsoft are? It's similar to the costs of running a site secured via SSL. You need a cert, which in the past used to cost upwards of $400. While it was a small barrier, it was for good reason.
Also, a huge number of drivers can be implemented as user mode drivers. Microsoft is making a big push to get as much stuff out of the kernel as possible and into user land. In addition, the user mode driver framework actually dramatically lowers the barriers of entry in the driver space because it reduces the minimum number of lines of code in a driver from something like 5000 to around 300.
This would be an excellent candidate for a user mode driver, which requires no signing. Basically anything that's not super performance critical can live in user mode. Even some things like storage drivers can live in user mode because the bottleneck is the hardware, not the software.
I disagree completely. DRM will work if the content it protects is sufficently valuable to the consumer and the protections in place don't make it prohibitive from a cost or ease of use perspective. In other words, the market determine if it works. It is certainly possible to make copying content nearly impossible for *most* people in *most* situations with a combination of hardware and software.
You're correct it's impossible to make it work 100% of the time, but it doesn't have to. It just has to prevent enough piracy to make the business side of things worthwhile. DRM technology will likely swing back and forth for a while, from too restrictive to not restrictive enough, until a balance has been found so that it works for the majority.
And the average person doesn't want to. If the average person wanted to switch to something other than Windows, competitors would quickly appear and gain traction. Mac OS X would finally gain some market share, for instance.
Point taken.
The Constitution was meant as a document to restrict what the government can do, not enumerate what the people may do.
The elastic clause has been abused to the point where this really is lost on most people.
Well, I would say that the VAST majority of people can't write device drivers to begin with, nor would they want to. Nevertheless, how is this different from other forms of licensing? In order to make an iPod accessory, I have to pay Apple. In order to make a Playstation controller (or game, for that matter) I have to pay Sony. Is this any different?
I would say the benefits of signed kernel mode software VASTLY outweight the potential harm to "freedom".
Ah, now you're talking about laws. This is an entirely different topic. I'm pro-DRM, and anti-DRM laws. When the government steps in all of a sudden the free market argument I was making starts to fall apart. So I agree with you, DRM-laws are typically a very bad thing.
This applies to more than just entertainment. It's about digital content in general. And, again, I wasn't talking about the law aspect of this stuff.
That's really not true at all. You can build your own machine, get one with Linux, or format it on arrival. The "Microsoft Tax" is a fallacy. Windows adds about $30 to the cost of your Dell, for instance, so it really isn't a big deal. If enough people cared, OEMs would offer naked machines... but people don't care. Blame the market forces in this case.
Again, I agree about this inane laws. They are a violation of free speech almost no matter how you look at it.
Firefox is just as vulnerable to this technique as IE, although it takes a little more work to get the interop working.
Since when is it up to the buyer to determine the conditions of the sale? The SELLER determines the conditions and the buyer can choose to buy, or not buy. Simple as that.
Huh? Find me the line in copyright law that references the Constitution. Find me the line in the Constitution that refers to a buyer determining the conditions of sale of a product or service.
Everybody here seems to be ridiculing Microsoft for listening to the "Media Companies" regarding DRM. But you're missing one big point...
The "Media Companies" are the ones who are going to all of this content. It's not a question of DRM-free HD content or DRM-restricted content, it's a question of DRM-restricted content or NO CONTENT AT ALL.
People say this somehow restricts innovation. I'm not sure how. People are free to produce competing media formats. People are free to create media players that play those competing formats. But media companies will choose not to utilize those alternatives because they don't protect their copyrights.
Microsoft adding this restriction didn't limit choice or "freedom". If anything, it created MORE choice. It gave a big incentive to media companies to produce new HD content that people want. If the media companies though their investments would go to waste thanks to piracy they would be far less inclined to make those investments. But now that's not the case.
It's not like this is going to stop anybody from producing HD content that plays without restriction. There are dozens of media formats available right now that allow you to reach HD resolutions. If you don't want DRM in the content YOU produce, this will not affect you at all.
I always get a kick out of people who set their firewall to prompt on every attempt to access the net, especially when they're running as admin on their boxes.
Even without the user running as admin, it's fairly easy to create a program to bypass outgoing firewalls. Basically the trick is it piggypack your communications over an existing application that's trusted.
Nearly everybody is going to trust IE (or Firefox, or whatever browser) to access the network. All you have to do is figure out a way to use that program to do your communications for you.
I once wrote a proof of concept app (in VB no less!) that used IE to do exactly this. I setup a simple piece of server software that accepted requests via HTTP GETs and returned the response as base64 encoded text in an HTML body. When my app needed to access remote data I just used IE to request that data from the server and then base64 decoded it. I could have also done something like have the server software act as a proxy so I could request any remote data I wanted, even if it wasn't hosted by my server. It was trivial.
The best part was that *every* major outgoing firewall failed to detect this attempt, despite that fact they claim to be able to tell when one application is using another to piggyback communications. Perhaps it was the way the COM interface worked, I'm not sure... but it never failed and never prompted me to allow it to happen.