Of course Microsoft isn't going to admit to vulnerabilities if they can fix them quickly and quietly. But how will Microsoft know their vulnerabilities exist? We all have a (well justified) gut feeling that there are vulnerabilities in Microsoft's products, based on what has been discovered thus far, but the closed-source method of developing means there are vulnerabilities which likely will never be found. Look at the severity of the vulnerabilities too. Most of Microsoft's vulnerabilities are high to critical severity because of a deeply ingrained Windows culture which has numerous security nightmares, from browsers to privilege levels to file permissions.
The *nix vulnerabilities listed are more numerous because there are more programs for *nix, more kernel-level and library developers for *nix, and generally more eyes looking at the code. However, the high and critical severity vulnerabilities are extremely rare, for these same reasons. And also, because the *nix users are miles and miles ahead of Windows users in being aware of the security issues that affect what they are doing.
Narrator: Fantastic. So can you talk a little bit about
what's new in the Vista kernel? So we go from XP; now we're going to
Vista. So what are some of the new components?
Rob Short: A term I like to use is probably kind of
politically incorrect on TV is, some of the work we do is kind of like
sewers, but if we do this work incredibly well, the stuff is essential,
but nobody knows that it's there.
Narrator: Yes.
Rob Short: So, if things go bad, obviously you know about it.
Narrator: Certainly.
Rob Short: Most of the work that I've been focused on for the
last several years has been improving the experience where the hardware
meets the software. Things like power management. We have a team of
people looking at power management and working to improve how the
system behaves, say a laptop for example.
If you have a laptop, how fast does it turn on, turn off, how good
is the battery life? What's the experience when you dock or undock? And
we've done a huge amount of work on that. We've redesigned the
algorithm for hibernation so that we do a better job of figuring out
which pages are already on the disk so you don't have to send more of
the pages back to the disk. We've changed the way the power management
interfaces to the drivers so that we have a better feel for
understanding if we can just shut this thing off, right now. Today, in
the older system, in XP, we actually query the driver, say, "Hey, would
you, like, mind if we turn off the power?" A lot of times, people
haven't coded up the driver correctly. Mostly the drivers don't care,
where some really do. A disk driver, it really matters if you, you
know, turn the power off in the middle of a transfer. But a lot of
other things, you don't care. Mouse, it doesn't really matter that
much. You know, you can go across the extreme. So we've done a bunch of
work in that area.
We obviously do a lot of work in performance. One example is we had
problems with heap fragmentation, and we've redesigned some of the heap
algorithms so we can deal much better with much more random requests.
We can deal with those and do a better job with defragmenting the
heaps. So those are the types of things.
Several people--Darryl works specifically on the multimedia, and
understanding how we do a better job of not having glitches in
multimedia, but that also goes right through the full length of the
system. It's not just buried in the kernel.
We've improved the inter-process procedure call. We have a new sort
of fast, lightweight procedure call inside, in the core parts of the
system. We... stop me.
Narrator: (Laughing) He has a whole list! A cheat list!
Rob Short: There's an awful lot going on. One area where we
actually make a lot of changes over time that I feel really good
looking back is in the memory management area. If you think about the
early NT systems, Bill Gates used to beat us up, and say, "How come you
don't run in four megabytes?" And when you look at that today, and
think, we're running regularly in four gigabytes today, and we have the
systems in the lab that run with a terabyte of memory, the algorithms
that worked back then, and the priorities back then are completely
different than they are today. So we've put in work in Vista for
improving the NUMA support, which is Non-Uniform Memory Access when you
have a multi-processor where some of the memory is closer to some
processors than to others, so we do a better job of doing the
allocation, making sure that they're allocating memory that's on the
CPU, near the CPU that you're running on, and then you try to run the
process on the CPU where the memory actually is so you don't get cache
thrashing.
Narrator: Interesting.
Rob Short: We've done some stuff for the graphics. The
graphics processors today are more powerful than the CPU'
Here's a transcript. I'll write up the other half and post it too. Anybody get the name of the interviewer? I'll just call him "Narrator." And the typos are my fault. Everything else, flame them.
Narrator: Alright, so we're here for "Going Deep."
We have the corporate vice president and some of his architects
and they're going to talk about the Vista Kernel
so, hello. Can you introduce yourselves.
Rob Short: Yeah. I'm Rob Short, and I wrote the Kernel and Architecture team for Windows. The Kernel team obviously is the core piece of a system: schedules processes and finds devices, things like that.
The Architecture Team is something that I wanted to talk a little bit
about, because about two years ago, we realized that we were in a
little bit more trouble in terms of our ability to predict the impact
of changes and to make broad, cross-group changes to Windows, and what
we decided to do was have a core group of experts that would help the
teams and work right across all of windows to really help figure out
the impact of changes and make sure things were happening the way we'd
like to see them happen, and I have some of the people with me here today. This is just a few of the people on that team. We've about six people full-time, and we have a much broader team of about thirty architects working the different groups, and they all participate as part of our architecture team but they belong to the different teams
Narrator: Okay.
Rob Short: And the idea is to really improve our engineering process and improve our quality of our engineering and be able to predict the outcome of changes that we make.
Narrator: Okay.
Rob Short: I've been in Windows for basically ever, I've been in Windows for about fifteen years. I worked on a couple of other things in between, so I left and came back again but mostly I've been working on where the hardware meets the software.
Narrator: Excellent!
Rob Short: And I'd like to introduce my next partner in crime.
Narrator: (laughs)
Rich Neves: My name's Rich Neves. I've been working here almost three years. I work on the architecture team as Rob just described, and what my responsibility or role these days is is figuring out how to police the dependency between different pieces of the systems so that we can figure out how to compose the system in a more efficient way. By efficient, I mean in a way that isolates developers from the damage they can do to other developers. So basically, Microsoft's a very innovative company, and there's people working on amazing technologies in almost every nook and cranny, particularly in Windows. The challenge we face is delivering that innovation, and what our hope is that we can make innovation itself the bottleneck, instead of delivering innovation, which has been the problem in the past, and to do that, what we're trying to do is isolate pieces of the system from each other, so that developers can know that they can work in a particular area of the system, innovating a technology, without adversely impacting larger parts of the system, that as Rob said we can't predict they're going to be impacted, and in a way that would actually jeopardize our agility in getting those features out that result from that innovation.
So specifically what we've been doing is taking every binary in the system and assigning it a layer number, which is a rank in a directed acyclic graph. There's about 5,500 binaries in the system. And what we've been doing is getting transparency now into every dependency that developers add to any of those binaries, so that we can understand what's going on. And what's falling out of that is not necessarily just the isolation I described, but also, issues. We call them, sort of, conventional wisdom... controversies. For example, people might be thinking, well, I want to combine a whole bunch of DLL's into one DLL for perf. Well, it turns out that that's a
When is somebody going to clear up the difference between hardware patents and software patents? Sure, it's a tricky issue with FPGA's on the one side and Flash BIOS on the other, but am I infringing on a patent when I write free software? Isn't the patent supposed to protect the initial investment of the guy who designed the widget -- but only for about seven years (that's for hardware; it's different for software) -- and then ultimately, the patent process is supposed to open up the idea for anyone to see at that point.
From the article:
I say this as someone who grew up believing in the value of patents. As a teenager, I sat raptly in the U.S. Supreme Court gallery listening to attorneys argue University of Illinois Foundation v. Blonder Tongue Laboratories, a landmark patent-infringement case involving my father's company. As an inventor, I earned some 70 patents. And as a scientist, I managed research labs generating hundreds of patents a year.
But now, as a venture capitalist, I have come to the conclusion that protecting intellectual property (IP) with today's patents is virtually worthless -- despite the large court awards you may read about in the morning paper.
I am a contractor at a government installation. Without going into too much detail about what it is I do I can say this: civil service jobs in the US are where a lot of over-40 programmers go because the benefits of working for the US government are pretty good:
1. Your employer is the largest (fill in the blank) anywhere.
2. Your employer can't fire you. Civil servants basically can't be fired unless they do something completely crazy like "go postal."
3. The pay's not great, but the people are pretty laid back. And most of them are over 40.
From the article: "It's almost a mainstay of this country that the NSA only does foreign searches."
It sounds like a review is needed here.
From Sneakers:
Gordon walks up to Bishop and shows his ID.
GORDON: National Security Agency.
BISHOP: Ah. You're the guys I hear breathing on the other end of my phone.
GORDON: No, that's the FBI. We're not chartered for domestic surveillance.
BISHOP: Oh, I see. You just overthrow governments. Set up friendly dictators.
GORDON (smiling): No, that's the CIA. We protect our government's communications, we try to break the other fella's codes. We're the good guys, Marty.
BISHOP: Gee, I can't tell you what a relief that is, Dick.
Turn based and other role playing games aren't about you, silly! LucasArts and Sierra games do not involve much plot. They piggyback on ideas that have been tried and tested (King's Quest, anyone?) But serious role playing games (FF, for example) have a plot all their own. They struck out in a new direction where you are playing for something more than just getting a trillion points and making it on the high score list, or fragging more guys faster than your buddy next door. RPG's are many things to many people, but what do you think? Role playing is about entering a more real-world scenario than the total anarchy First Person Shooter that, to me, is terribly boring.
Role playing games have traditionally offered some amazingly subtle and beautiful challenges. Like, negotiating in a free market for the things you want. Now that is a skill that a lot of people use in real life. Fast-twitch trigger-happy shoot-anything-that-moves may be useful to some people in real life, but not me!
Another challenge in RPG's has been learning the rules. With complicated ranking mechanisms involving many variables, and huge maps with dungeons-inside-dungeons, it rivals the complexity of real life. (When's the last time you tried to use public transportation? The kill-or-be-killed skills a la Halo won't help you get on the metro.)
I could go on, but basically, that's the idea. By the way, I love Dragon Quest!
"'We're excited about this opportunity,' said Larry Williams, who handles international and government affairs for Space Exploration Technologies, or SpaceX. The California-based is planning its debut rocket launch from Kwajalein Atoll in the Pacific this month."
Microsoft will take over space travel for us. I have ties to NASA and they don't have the funding to do it all (reuters)
so people like Paul Allen will do it for us.
nickname, log on invisible ("appear offline"), actions (*falls over laughing*), auto-reply and bots and auto-forwarding.
direct-connect (probably IPv6. Or *maybe* teredo support if there are enough public teredo servers)
encryption
social networking, active directory support, etc. (for building contacts lists)
games
IRC, ICQ, all the existing protocols; use a peer-to-peer network for users with firewall problems (e.g. IRC is blocked at many workplaces)
VoIP and SIP services
offline messages
stored history
pasting multimedia into the message
additional requirements:
multiple accounts active at a time (actually, only the non-free ones don't do this already)
blackhole list sent by torrent, plus content filters like used for e-mail to stop spam, viruses
typing appears real-time (as it did with talk/ytalk. this could be an option, turn it on if you like it)
mobile device integration
backward compatibility with existing protocols, but use IPv6 and peer-to-peer to eliminate the "central server." This makes the client totally customizable: you can appear offline when you're on, or you can appear online when you're off (and a bot responds)--by removing the central server, we can really start inventing the protocol!
1. Divide self cleanly in half (humans are bilaterally symmetrical)
2. Bandage wound
3. Use half of brain (it's been done!) and telecommute until missing body parts are replaced
4. Send duplicate to work
5. Profit!
I joined/. just to respond to this post. I've been a professional window$ developer for years. I currently work for a government research lab where no micro$oft products are used. (Even the management uses Macs.) If you would like to enlighten me on my response here, please do.
The Mozilla Corporation can begin by:
1. ending the anti-MS slander contained within their various marketing campaigns.
So basically, you're pro-Microsoft. If Mozilla wants to slander Microsoft, they're just reflecting the opinions of the people (inside and outside the organization/corporation/whatever) and therefore, being true to the FOSS model.
2. fully documenting their APIs, to the high standards of Microsofts MSDN.
WHAT? You're joking, right? Years of working with broken MSDN CD's, missing online documentation, and "undocumented" APIs and you are touting Microsoft's "documentation"? Microsoft doesn't document their API's, they do press releases masquerading as API documentation. Then you pay them for tech support, which is where you find out what's really going on. Case in point: write a.bmp file without using any Microsoft API code, and then try to open it in paint. No go.
3. settling on a standard for Firefox APIs to avoid breaking existing extensions on every major Firefox release.
So you're talking about the extensions, and not the browser, right? Okay, then. Sorry if the extensions are not as well designed as the browser. (Though, I think they are. But that's beside the point.) If you don't like it, I personally will give you your money back.
4. invest in a software update system that actually works.
The word "invest" here seems misplaced. FOSS, remember? See #6. I love Firefox updates! (Even though the update icon alerts me to updates I knew about a few days earlier, it doesn't ask me to restart my computer when it's done!)
5. pay their developers a salary, which might discourage them from defecting to other companies
Have you ever thought about corporate espionage? You see, the developers for Firefox are allowed to contribute even when they have a job! That way, they can use the skills they develop at work to contribute to the quality of mozilla software. Talent raiding doesn't work unless you convince someone (i.e. make them sign a non-compete agreement that specifically prohibits FOSS development) to stop writing for mozilla.
6. get back on track with the delayed Firefox releases
If you use Firefox, though I'm betting you use IE, then can you tell me what security holes, or which missing parts of CSS2 we are waiting for?
Slashdot Mirror
The *nix vulnerabilities listed are more numerous because there are more programs for *nix, more kernel-level and library developers for *nix, and generally more eyes looking at the code. However, the high and critical severity vulnerabilities are extremely rare, for these same reasons. And also, because the *nix users are miles and miles ahead of Windows users in being aware of the security issues that affect what they are doing.
Narrator: Fantastic. So can you talk a little bit about what's new in the Vista kernel? So we go from XP; now we're going to Vista. So what are some of the new components?
Rob Short: A term I like to use is probably kind of politically incorrect on TV is, some of the work we do is kind of like sewers, but if we do this work incredibly well, the stuff is essential, but nobody knows that it's there.
Narrator: Yes.
Rob Short: So, if things go bad, obviously you know about it.
Narrator: Certainly.
Rob Short: Most of the work that I've been focused on for the last several years has been improving the experience where the hardware meets the software. Things like power management. We have a team of people looking at power management and working to improve how the system behaves, say a laptop for example.
If you have a laptop, how fast does it turn on, turn off, how good is the battery life? What's the experience when you dock or undock? And we've done a huge amount of work on that. We've redesigned the algorithm for hibernation so that we do a better job of figuring out which pages are already on the disk so you don't have to send more of the pages back to the disk. We've changed the way the power management interfaces to the drivers so that we have a better feel for understanding if we can just shut this thing off, right now. Today, in the older system, in XP, we actually query the driver, say, "Hey, would you, like, mind if we turn off the power?" A lot of times, people haven't coded up the driver correctly. Mostly the drivers don't care, where some really do. A disk driver, it really matters if you, you know, turn the power off in the middle of a transfer. But a lot of other things, you don't care. Mouse, it doesn't really matter that much. You know, you can go across the extreme. So we've done a bunch of work in that area.
We obviously do a lot of work in performance. One example is we had problems with heap fragmentation, and we've redesigned some of the heap algorithms so we can deal much better with much more random requests. We can deal with those and do a better job with defragmenting the heaps. So those are the types of things.
Several people--Darryl works specifically on the multimedia, and understanding how we do a better job of not having glitches in multimedia, but that also goes right through the full length of the system. It's not just buried in the kernel.
We've improved the inter-process procedure call. We have a new sort of fast, lightweight procedure call inside, in the core parts of the system. We ... stop me.
Narrator: (Laughing) He has a whole list! A cheat list!
Rob Short: There's an awful lot going on. One area where we actually make a lot of changes over time that I feel really good looking back is in the memory management area. If you think about the early NT systems, Bill Gates used to beat us up, and say, "How come you don't run in four megabytes?" And when you look at that today, and think, we're running regularly in four gigabytes today, and we have the systems in the lab that run with a terabyte of memory, the algorithms that worked back then, and the priorities back then are completely different than they are today. So we've put in work in Vista for improving the NUMA support, which is Non-Uniform Memory Access when you have a multi-processor where some of the memory is closer to some processors than to others, so we do a better job of doing the allocation, making sure that they're allocating memory that's on the CPU, near the CPU that you're running on, and then you try to run the process on the CPU where the memory actually is so you don't get cache thrashing.
Narrator: Interesting.
Rob Short: We've done some stuff for the graphics. The graphics processors today are more powerful than the CPU'
Narrator: Alright, so we're here for "Going Deep." We have the corporate vice president and some of his architects and they're going to talk about the Vista Kernel so, hello. Can you introduce yourselves.
Rob Short: Yeah. I'm Rob Short, and I wrote the Kernel and Architecture team for Windows. The Kernel team obviously is the core piece of a system: schedules processes and finds devices, things like that.
The Architecture Team is something that I wanted to talk a little bit about, because about two years ago, we realized that we were in a little bit more trouble in terms of our ability to predict the impact of changes and to make broad, cross-group changes to Windows, and what we decided to do was have a core group of experts that would help the teams and work right across all of windows to really help figure out the impact of changes and make sure things were happening the way we'd like to see them happen, and I have some of the people with me here today. This is just a few of the people on that team. We've about six people full-time, and we have a much broader team of about thirty architects working the different groups, and they all participate as part of our architecture team but they belong to the different teams
Narrator: Okay.
Rob Short: And the idea is to really improve our engineering process and improve our quality of our engineering and be able to predict the outcome of changes that we make.
Narrator: Okay.
Rob Short: I've been in Windows for basically ever, I've been in Windows for about fifteen years. I worked on a couple of other things in between, so I left and came back again but mostly I've been working on where the hardware meets the software.
Narrator: Excellent!
Rob Short: And I'd like to introduce my next partner in crime.
Narrator: (laughs)
Rich Neves: My name's Rich Neves. I've been working here almost three years. I work on the architecture team as Rob just described, and what my responsibility or role these days is is figuring out how to police the dependency between different pieces of the systems so that we can figure out how to compose the system in a more efficient way. By efficient, I mean in a way that isolates developers from the damage they can do to other developers. So basically, Microsoft's a very innovative company, and there's people working on amazing technologies in almost every nook and cranny, particularly in Windows. The challenge we face is delivering that innovation, and what our hope is that we can make innovation itself the bottleneck, instead of delivering innovation, which has been the problem in the past, and to do that, what we're trying to do is isolate pieces of the system from each other, so that developers can know that they can work in a particular area of the system, innovating a technology, without adversely impacting larger parts of the system, that as Rob said we can't predict they're going to be impacted, and in a way that would actually jeopardize our agility in getting those features out that result from that innovation.
So specifically what we've been doing is taking every binary in the system and assigning it a layer number, which is a rank in a directed acyclic graph. There's about 5,500 binaries in the system. And what we've been doing is getting transparency now into every dependency that developers add to any of those binaries, so that we can understand what's going on. And what's falling out of that is not necessarily just the isolation I described, but also, issues. We call them, sort of, conventional wisdom ... controversies. For example, people might be thinking, well, I want to combine a whole bunch of DLL's into one DLL for perf. Well, it turns out that that's a
From the article:
<sarcasm>I wonder if more people would adopt XP SP2 if Gates got David Letterman to comment on the Micro, Soft security (like Win95 http://arstechnica.com/articles/culture/total-shar e.ars/8)
Or maybe they could plug in a USB device and demonstrate how stable the system is, like Gates did for Win98 (http://www.cnn.com/TECH/computing/9804/20/gates.c omdex/)</sarcasm>
1. Your employer is the largest (fill in the blank) anywhere.
2. Your employer can't fire you. Civil servants basically can't be fired unless they do something completely crazy like "go postal."
3. The pay's not great, but the people are pretty laid back. And most of them are over 40.
It sounds like a review is needed here.
From Sneakers: Gordon walks up to Bishop and shows his ID.
GORDON: National Security Agency.
BISHOP: Ah. You're the guys I hear breathing on the other end of my phone.
GORDON: No, that's the FBI. We're not chartered for domestic surveillance.
BISHOP: Oh, I see. You just overthrow governments. Set up friendly dictators.
GORDON (smiling): No, that's the CIA. We protect our government's communications, we try to break the other fella's codes. We're the good guys, Marty.
BISHOP: Gee, I can't tell you what a relief that is, Dick.
Role playing games have traditionally offered some amazingly subtle and beautiful challenges. Like, negotiating in a free market for the things you want. Now that is a skill that a lot of people use in real life. Fast-twitch trigger-happy shoot-anything-that-moves may be useful to some people in real life, but not me!
Another challenge in RPG's has been learning the rules. With complicated ranking mechanisms involving many variables, and huge maps with dungeons-inside-dungeons, it rivals the complexity of real life. (When's the last time you tried to use public transportation? The kill-or-be-killed skills a la Halo won't help you get on the metro.)
I could go on, but basically, that's the idea. By the way, I love Dragon Quest!
Microsoft will take over space travel for us. I have ties to NASA and they don't have the funding to do it all (reuters) so people like Paul Allen will do it for us.
...I for one welcome our new retail overlords.
I for one welcome our new overlords. All hail BellSouth.
things already said:
additional requirements:
1. Divide self cleanly in half (humans are bilaterally symmetrical)
2. Bandage wound
3. Use half of brain (it's been done!) and telecommute until missing body parts are replaced
4. Send duplicate to work
5. Profit!
I joined /. just to respond to this post. I've been a professional window$ developer for years. I currently work for a government research lab where no micro$oft products are used. (Even the management uses Macs.) If you would like to enlighten me on my response here, please do.
The Mozilla Corporation can begin by:
1. ending the anti-MS slander contained within their various marketing campaigns.
So basically, you're pro-Microsoft. If Mozilla wants to slander Microsoft, they're just reflecting the opinions of the people (inside and outside the organization/corporation/whatever) and therefore, being true to the FOSS model.
2. fully documenting their APIs, to the high standards of Microsofts MSDN. .bmp file without using any Microsoft API code, and then try to open it in paint. No go.
WHAT? You're joking, right? Years of working with broken MSDN CD's, missing online documentation, and "undocumented" APIs and you are touting Microsoft's "documentation"? Microsoft doesn't document their API's, they do press releases masquerading as API documentation. Then you pay them for tech support, which is where you find out what's really going on. Case in point: write a
3. settling on a standard for Firefox APIs to avoid breaking existing extensions on every major Firefox release.
So you're talking about the extensions, and not the browser, right? Okay, then. Sorry if the extensions are not as well designed as the browser. (Though, I think they are. But that's beside the point.) If you don't like it, I personally will give you your money back.
4. invest in a software update system that actually works.
The word "invest" here seems misplaced. FOSS, remember? See #6. I love Firefox updates! (Even though the update icon alerts me to updates I knew about a few days earlier, it doesn't ask me to restart my computer when it's done!)
5. pay their developers a salary, which might discourage them from defecting to other companies
Have you ever thought about corporate espionage? You see, the developers for Firefox are allowed to contribute even when they have a job! That way, they can use the skills they develop at work to contribute to the quality of mozilla software. Talent raiding doesn't work unless you convince someone (i.e. make them sign a non-compete agreement that specifically prohibits FOSS development) to stop writing for mozilla.
6. get back on track with the delayed Firefox releases
If you use Firefox, though I'm betting you use IE, then can you tell me what security holes, or which missing parts of CSS2 we are waiting for?
See article on why we should boycott IE 7.