This is where this all falls apart. It's pretty trivial to notice if the hardware you're running on has changed
Trivial for who. How often do you scan and compare your list of hardware devices in normal operation. How often does your mom. Remember: trojan makers aren't interested in hacking hardened hacker's computer. They're interested in the mythical mom.
If my antivirus will detect hardware changes then it'll whine on actual hardware changes too. We arrive at the fact that Joanna discovered: it'll be god damn impossible to figure out whether your heuristics are part of a legitimate operation or "evil" one.
I know how my parents react when their security software whines all the time - they click the Yes box and forget about it.
As soon as your grandpa connects to the internet, the AV can just poll any time server on the net, including inofficial ones set up by the AV vendor, using different ports and even possibly a different protocol. Indeed, the timing information could even be implicitly included in the communication with the AV update server. Since there's an external server involved, the root kit cannot control all aspects of it unless the update server itself is compromized (if the update server uses public key kryptography to sign its messages, the root kit cannot simply modify the data stream).
You're honestly giving Internet time servers too much credit if you think of depending for nanosecond resolution on them.
1. Do you really wish to manipulate the clock for every non-privileged instruction, which will result in a horrible VM performance?
The huge majority of time the computer is running "userspace" commands. Do the math.
Yes, your grandpa won't notice a 50% slowdown, but your anti-virus software will easily notice. It's either your grandpa doesn't notice and your anti-virus does, or your anti-virus doesn't and your grandpa does (assuming the anti-virus software does a extensive amount of checking)
The anti-virus can't detect jack since the the rootkit can report any clockrate to it. Remember: the hardware configuration the software sees is what the rootkit opts to report.
The problem is, that if the VM writer tries to take every possible method to make the execution time similar (e.g. make privileged instructions run as fast as non-privileged instructions), it has to slow the faster ones down. Suddenly, even your grandpa will notice something is wrong. The most insane method would be a VM based on a full-blown, cycle-accurate simulator, but that will be horribly slow.
Two things:
1. You assume the clock isn't manipulated, hence fast commands should be slowed down to match virtualized instructions. Instead the direct instructions may be left running, and the virtualized to skew the clock subtly enough to be undetectable to the naked eye, and match well with the hardware performance to a detector running within.
2. We're soon about to get plenty of cores on desktop machines, where most of the tasks are serial. If a VM would make use of the extra cores to simulate a single core in around 50-60% its native speed, it may prove undetectable to granda who just browses the net and uses Excel.
I'm still convinced that it's possible to make a VM that appaears to software running within as real hardware.
The paper, however, takes a practical approach, examining how some industry standard VM-s operate, such as VMWare and Virtual PC.
Those VM-s take plenty of shortcuts to improve performance, and don't virtualize some instructions, rather remap them, or "shift rings" of execution etc. as much as possible so to take advantage of the hardware while remaining sandboxed. They don't virtualize the clock as well, so you could time the performance.
A rootkit isn't competing with other rootkits based on performance, it does so based on how undetectable it is. It's arguably a different problem. I think we're yet to witness what a full blown VM made to be a rootkit will act like, and whether it'll be detectable.
Just the same, I don't feel smug about how easily they damaged ISO. When I want to feel smug, I contemplate Vista's failure and what that means for the whole next generation of M$ crap and lock in.
I'm not sure why it looks "easily" to corrupt ISO to you. It did take a lot of effort behind the scenes, give them credit where it's due.
Your three points are relatively valid, but the rest of the text is just a bit of sony bashing for no real reason. High end luxury products that look good and are bought by people to show off is a very very well established early base of almost any mass market product (most especially electronics).
I don't do Sony bashing, I don't dislike Sony, I use Sony products (phone and laptop, but the Sony blank disk media is crap). The matter of fact is there's nothing high end about this product. The advantage of a little OLED TV over a little LCD TV are minimal at this point, especially at the price point, plasmas at least scaled to good sizes, despite their cost.
It's just that Sony isn't exactly the Rolex of TV-s (anymore...?), so buying a tiny OLED TV isn't going to impress much anyone. Buying a big LCD TV mounted on the wall would do better.
I'm sorry some Slashdot commenters see things so black and white, if you want to artificially split this in strictly "Sony praising" and "Sony bashing" groups, you only limit your viewpoint on this.
Just because it's MS doesn't mean that it needs to be senselessly bashed. This would be one of the reasons as to why it shouldn't be. This guy knows what he's doing, and he does it well. Gasp, he works for MS.
He may know what he's doing, but here's what he has to say about his colleagues in Microsoft:
"Developers tend to think in terms of what a customer needs. But many times, the things that make things really cool for a customer provide a superhighway for the bad guy to attack your code. "
"It's ad-hoc. Microsoft asks every single developer and program manager to threat model (because they're the ones who know what the code is doing). Unfortunately that means that they're not experts on threat modeling."
"I can't think of the number of times I had to tell developers on my team ``It doesn't matter that you've checked the value on the client, you still need to check it on the server because the client that's talking to your server might not be your code.``" :P
Try to imagine this guy's work day: He gets to wake up in the morning, hug his kids and then go into work and spend all day trying to figure out the right combination of security defaults that will (a) let people go out and do stuff while (b) protecting them from their own "I'm a average Windows user" level of abject stupidity.
Put another way, imagine that instead of just setting up a computer for your parents, you had to set one up for *everybody's* parents. All at once.
As much as it's fun to give MS shit for their products, I think I'd last about two hours in that position before I went into the executive washroom and slashed my wrists.
Uhmm, dude, you're giving him way too much props. I don't know anything about the guy in PARTICULAR, he's probably great professional, and does his job very well.
I as an average web dev, have to deal with similar security issues every time I design a simple site with a CMS. What user types I have? What each type does? How do I make it flexible for the limited users to do their job but not mess with stuff that might prove problematic?
And I don't have the convenience of Ring 0, 1, 2 or built-in system ACL for any of this. I code it from scratch, since on the web, the existing systems are either outdated, messy (don't wanna touch ready-made PHP CMS with a twenty foot pole), insecure, have too much of the wrong features or not enough of the right ones. Or a combination of all those.
Also, not to turn it into flamewar, so I'll try to express myself subtly. If this guy was setting the default security for Windows so far (oversimplified but just example), then he was waaay on the one extreme with Windows 95/98/ME/2000, hit a sweet spot with Windows XP SP2, and got waaaaay on the other extreme with Vista.
Someone didn't do their job quite right on those defaults and features there.
After some research, the Slashdot title and summary are, as usual, completely wrong. The Office Live service will complement Office, and NOT offer online Word and Excel.
It'll offer complementing services, such as email, online synch and storage.
CmdrTaco, how would you feel to get fired from your own blog for incompetence?
I imagine that spammers could band together or simply get botnets 'clicking' as independent IP addresses links that boost their page rank. That's how it worked with Bush, they simply linked his homepage as "miserable failure" and suddenly he was the number one result from that query in Google.
I like your post, but Google can't detect if you "click" a link. It doesn't need botnets to click links from different IP addresses.
It just needs the mere *presence* of those links, with the same text, to the same page. Also the hosting servers of those sites should have different IP-s.
The miserable failure bomb was simply a bunch of bloggers posting a link on their blogs. When GoogleBot came around and found the links, the attack was accomplished.
If you have to have office installed, why bother with the online version? I could see them requiring office to register for an account. But why bother?
There is no point. You need to see Microsoft thinks in multiple steps, and this is just step 1.
Step 1 is about rolling out a beta of this software, and allow the public to test it, give feedback, and their devs to improve on that.
The fact they offer it only to existing customers means there's no chance that this may hurt their Office sales. And it also lets the world know that Microsoft is "aware" of competing web products, such as Google's.
Should things get rough (Step 2), Microsoft already will have a mature web product in their hands, it will have people familiar with working with this product, and have the option of changing how to offer it, including separately for an yearly fee, as Google does.
It's the benefit of having so much money, you can throw them in all directions and use what "sticks".
Which raises the question: Why not have GoogleBot do a check also as a normal user-agent (IE/Firefox/etc.) and see if the page is significantly different than when it identifies itself? At the very least GoogleBot could check if there are common blacklist words ("viagra" et al) on the website when identifying itself as IE or Firefox.
It does. It also detects landing pages mentioned above. Apparently it's something more subtle than what one could think of in few mins on Slashdot, and we'll learn soon enough.
They're available to sell, but they are not designed and destined to sell well. They are designed and destined to do well in the news outlets.
It's called halo product. It's supposed to improve the sales of other Sony products and improve the perception of Sony as a whole.
Another example of halo product are the most most top of the line graphics cards made by NVidia and ATI, not many of those get bought, but they affect purchase decision for the lower end products, and make the news.
Microsoft has some emerging issues it has to deal with:
- the threat of a free OS commoditizing what they worked so hard to keep unique in Windows - the emerging of accepted open standards that turn Microsoft's proprietary alternatives against themselves and wall them from the rest of the world - the emerging of plenty of companies ready to deliver free OS components and support to Microsoft's corporate customers (which will directly affect Microsoft's bottom line and the industry trends in adoption of Windows)
Microsoft's business strategists have done a careful and detailed analysis of their situation and arrived at the infamous "patent deals". They have drawn the decision chart and figured, there's no way for them to lose, no matter how the market or their competition moves.
Possible outcomes & side effects:
- The patent threats split Linux community and cause unrest in corporate clients who consider adopting Linux for their servers or even desktops. - Novell and the other distros in the patent deal are rejected by the community and Microsoft eliminates one of its more dangerous competitors should Linux' adoption really take off. -OR- - Red Hat and the other distros OUT of the patent deal get destabilized and abandoned by the corporate clients and Microsoft gets to "coown" the Linux code together with Novell by means of the patent implementations all over the code. They can't just buy Novell now since it'll destabilize their Windows brand, and cause antritrust lawsuits. But should Windows go down next 5-10-15 years, you can be sure Microsoft will be talking to merge with Novell and offer their Linux distro with all the windows IP in it.
In essense Microsoft either gets to split the OSS movement, eliminate some of their stronger competirors, and improve the Windows brand and adoption, or gets a second route to quickly enter the market with Linux OS should Windows go horribly down, by utilizing all their Windows IP inside the Linux system.
What about standards:
- Where Microsoft has their own standard opposed to an open competing standard, they try to promote it to a full standard (OOXML, Exchange server integration with SUSE, ActiveDirectory integration with SUSE etc., XPS) - Where Microsoft doesn't have their own standard, they adopt the publicly accepted standard, and extend it in attempt to create added-value dialect (RSS with own extensions in IE7,.NET and Silverlight competing with Flash and AJAX web apps, XML markup base for Microsoft's new standards such as OOXML and XPS, IIS7 configuration XML files etc.)
So Novell's deal helps Microsoft make better penetration of Microsoft standards and technologies as something that comes standard with Linux. We're talking about Mono, Moonlight, Exchange integration, Samba integration and all those technologies which might have alternatives outside the Microsoft world.
This is marked to the public outside as interoperability effort. It sure is improving interoperability, but at the cost of putting more and more MS IP in Linux's distributions.
So was Novell wrong to sign the deal? If they had the pure intention to move the OSS community and help Linux as a whole, it was wrong. But as a company that competes against *OTHER* Linux distro companies, it was half right.
Right now if you see above all the outcomes from this deal (which are all good for Microsoft) there's 50/50 about who will survive (the non-patent deal Linux companies, or the patent deal Linux companies). Novell and RedHat are on the opposite sides of a gamble that'll play out in the next years.
While they're the gamble players, Microsoft is the casino. Never mind who wins, the casino always wins. Good job, MS:)
1. They will produce only 2000 of those per year. 2. The product for OLED was selected not to be practical but newsworthy. Everyday Joe cares about TV-s, although he won't buy this one, he'll read about it, so newspapers will write about it. Consider: OLED has shorter pixel life and wastes less power than LCD+light. Where is this useful? Laptops (limited energy and no constant use). Where is it harmful? TV-s (constant use and unlimited AC power). 3. The design is made to impress, not be practical. Notice they put the tuner down in an ugly box to show off the very thin OLED display (no backlight). Notice the off-center hinge, designed to stress how light the screen is (puts unneeded stress, however small, on the materials).
Bottom line is, of course, great that someone is pushing OLED for something bigger than a camera preview screen. But it's NOT mass produced product. They make just few units, to make the news.
It's a product straight from the PR department. I suspect Sony Rolly will have similar fate.
Those aren't products made to sell, they're made to rebuild the image of Sony as the cool tech company. However, years ago they were the cool tech company which mass produced goods that are at the same practical, high tech, and luxury.
Those new gadgets don't send the same message. Wish them good luck with this, maybe if they keep producing gadgets like those at this pace, at some point they'll hit a homerun again...
I am just stunned. I realize the majority of people here are probably monolingual and probably living in North America, but the majority of posts here seem to be along the lines of "Well it doesn't affect me, so who gives a f**k?"
Stop your flapping mouth and think a little: who it DOES affect? No one. It simply affects no one but linguists.
I'm not living in US, and not living in a country where English is official language. I know my language, and I know English. Anything affecting me negatively so far? Let's say I move to US (as I got several job offers already) and have kids there. My kids will likely know only English. Are they affected? They get to learn English, and this is ok to them, they don't need to learn a language (my native) which they can't use.
It's a simple mechanism of changing generations and the older generation dying out with some of their unique professions, abilities, knowledge.. and languages.
This is why we don't live forever, and have kids which start anew. So people like you, who prefer to panic at the face of constant change, don't have the chance to sit forever, stopping natural development and progress of cultures.
My father spoke five languages - none of which I learned to speak more than a few mumbles here and there. But I could see how different languages were better at expressing different emotions, different ideas, different viewpoints in life.
All of us realize each language has various different unique characteristics. But things are created and lost every day. As I said in a previous post, it'll be great for scientists to store this in an accessible data bank for us to refer to, but keeping it artificially alive is pointless, if people find no use for it (yes, even if I can express my foot itch better in another language than English).
If you're so enraged at our "small mindedness", how come you ALSO didn't learn those 5 languages? It's easy to criticize, how about you put your actions where your mouth is then?
The reason languages go extinct.. is YOU. Either start learning those 5 languages, or don't criticize people for daring say what you do out loud (in English, nevertheless).
Clearly it is meaningless to talk about this kind of change in a time frame of days, so the only reason to state "every 14 days", instead of a more meaningful figure like 250/decade would be to try to manipulate the listener into action.
You're happy they didn't enact the dying languages as little furry animals with watery eyes, wearing labels so we know which language they represent. Then shooting them to pieces.
Slashdot Mirror
My girlfriend (yes, I have one)
Where's your temple, oh mighty one, so I could fall on my knees and praise you!
Complaints started last spring on the Apple forum, which is still quite active.
Oh don't worry, we're working on erasing those complaints.
- Apple's Support Team
This is where this all falls apart. It's pretty trivial to notice if the hardware you're running on has changed
Trivial for who. How often do you scan and compare your list of hardware devices in normal operation. How often does your mom.
Remember: trojan makers aren't interested in hacking hardened hacker's computer. They're interested in the mythical mom.
If my antivirus will detect hardware changes then it'll whine on actual hardware changes too. We arrive at the fact that Joanna discovered: it'll be god damn impossible to figure out whether your heuristics are part of a legitimate operation or "evil" one.
I know how my parents react when their security software whines all the time - they click the Yes box and forget about it.
As a developer and student, I consume eight liters of Mountain Dew a day and I have no diabetes problems.
You're not a developer and student, that was 60 years ago. It's now 2067.
As soon as your grandpa connects to the internet, the AV can just poll any time server on the net, including inofficial ones set up by the AV vendor, using different ports and even possibly a different protocol. Indeed, the timing information could even be implicitly included in the communication with the AV update server. Since there's an external server involved, the root kit cannot control all aspects of it unless the update server itself is compromized (if the update server uses public key kryptography to sign its messages, the root kit cannot simply modify the data stream).
You're honestly giving Internet time servers too much credit if you think of depending for nanosecond resolution on them.
1. Do you really wish to manipulate the clock for every non-privileged instruction, which will result in a horrible VM performance?
The huge majority of time the computer is running "userspace" commands. Do the math.
Yes, your grandpa won't notice a 50% slowdown, but your anti-virus software will easily notice. It's either your grandpa doesn't notice and your anti-virus does, or your anti-virus doesn't and your grandpa does (assuming the anti-virus software does a extensive amount of checking)
The anti-virus can't detect jack since the the rootkit can report any clockrate to it. Remember: the hardware configuration the software sees is what the rootkit opts to report.
The problem is, that if the VM writer tries to take every possible method to make the execution time similar (e.g. make privileged instructions run as fast as non-privileged instructions), it has to slow the faster ones down. Suddenly, even your grandpa will notice something is wrong. The most insane method would be a VM based on a full-blown, cycle-accurate simulator, but that will be horribly slow.
Two things:
1. You assume the clock isn't manipulated, hence fast commands should be slowed down to match virtualized instructions. Instead the direct instructions may be left running, and the virtualized to skew the clock subtly enough to be undetectable to the naked eye, and match well with the hardware performance to a detector running within.
2. We're soon about to get plenty of cores on desktop machines, where most of the tasks are serial. If a VM would make use of the extra cores to simulate a single core in around 50-60% its native speed, it may prove undetectable to granda who just browses the net and uses Excel.
I'm still convinced that it's possible to make a VM that appaears to software running within as real hardware.
The paper, however, takes a practical approach, examining how some industry standard VM-s operate, such as VMWare and Virtual PC.
Those VM-s take plenty of shortcuts to improve performance, and don't virtualize some instructions, rather remap them, or "shift rings" of execution etc. as much as possible so to take advantage of the hardware while remaining sandboxed. They don't virtualize the clock as well, so you could time the performance.
A rootkit isn't competing with other rootkits based on performance, it does so based on how undetectable it is. It's arguably a different problem. I think we're yet to witness what a full blown VM made to be a rootkit will act like, and whether it'll be detectable.
Just the same, I don't feel smug about how easily they damaged ISO. When I want to feel smug, I contemplate Vista's failure and what that means for the whole next generation of M$ crap and lock in.
I'm not sure why it looks "easily" to corrupt ISO to you. It did take a lot of effort behind the scenes, give them credit where it's due.
Your three points are relatively valid, but the rest of the text is just a bit of sony bashing for no real reason.
High end luxury products that look good and are bought by people to show off is a very very well established early base of almost any mass market product (most especially electronics).
I don't do Sony bashing, I don't dislike Sony, I use Sony products (phone and laptop, but the Sony blank disk media is crap). The matter of fact is there's nothing high end about this product. The advantage of a little OLED TV over a little LCD TV are minimal at this point, especially at the price point, plasmas at least scaled to good sizes, despite their cost.
It's just that Sony isn't exactly the Rolex of TV-s (anymore...?), so buying a tiny OLED TV isn't going to impress much anyone. Buying a big LCD TV mounted on the wall would do better.
I'm sorry some Slashdot commenters see things so black and white, if you want to artificially split this in strictly "Sony praising" and "Sony bashing" groups, you only limit your viewpoint on this.
Just because it's MS doesn't mean that it needs to be senselessly bashed. This would be one of the reasons as to why it shouldn't be. This guy knows what he's doing, and he does it well. Gasp, he works for MS.
:P
He may know what he's doing, but here's what he has to say about his colleagues in Microsoft:
"Developers tend to think in terms of what a customer needs. But many times, the things that make things really cool for a customer provide a superhighway for the bad guy to attack your code. "
"It's ad-hoc. Microsoft asks every single developer and program manager to threat model (because they're the ones who know what the code is doing). Unfortunately that means that they're not experts on threat modeling."
"I can't think of the number of times I had to tell developers on my team ``It doesn't matter that you've checked the value on the client, you still need to check it on the server because the client that's talking to your server might not be your code.``"
Try to imagine this guy's work day: He gets to wake up in the morning, hug his kids and then go into work and spend all day trying to figure out the right combination of security defaults that will (a) let people go out and do stuff while (b) protecting them from their own "I'm a average Windows user" level of abject stupidity.
Put another way, imagine that instead of just setting up a computer for your parents, you had to set one up for *everybody's* parents. All at once.
As much as it's fun to give MS shit for their products, I think I'd last about two hours in that position before I went into the executive washroom and slashed my wrists.
Uhmm, dude, you're giving him way too much props. I don't know anything about the guy in PARTICULAR, he's probably great professional, and does his job very well.
I as an average web dev, have to deal with similar security issues every time I design a simple site with a CMS. What user types I have? What each type does? How do I make it flexible for the limited users to do their job but not mess with stuff that might prove problematic?
And I don't have the convenience of Ring 0, 1, 2 or built-in system ACL for any of this. I code it from scratch, since on the web, the existing systems are either outdated, messy (don't wanna touch ready-made PHP CMS with a twenty foot pole), insecure, have too much of the wrong features or not enough of the right ones. Or a combination of all those.
Also, not to turn it into flamewar, so I'll try to express myself subtly. If this guy was setting the default security for Windows so far (oversimplified but just example), then he was waaay on the one extreme with Windows 95/98/ME/2000, hit a sweet spot with Windows XP SP2, and got waaaaay on the other extreme with Vista.
Someone didn't do their job quite right on those defaults and features there.
After some research, the Slashdot title and summary are, as usual, completely wrong. The Office Live service will complement Office, and NOT offer online Word and Excel.
It'll offer complementing services, such as email, online synch and storage.
CmdrTaco, how would you feel to get fired from your own blog for incompetence?
We're not talking about the results page, but just links. In sites separate from Google.
I imagine that spammers could band together or simply get botnets 'clicking' as independent IP addresses links that boost their page rank. That's how it worked with Bush, they simply linked his homepage as "miserable failure" and suddenly he was the number one result from that query in Google.
I like your post, but Google can't detect if you "click" a link. It doesn't need botnets to click links from different IP addresses.
It just needs the mere *presence* of those links, with the same text, to the same page. Also the hosting servers of those sites should have different IP-s.
The miserable failure bomb was simply a bunch of bloggers posting a link on their blogs. When GoogleBot came around and found the links, the attack was accomplished.
If you have to have office installed, why bother with the online version? I could see them requiring office to register for an account. But why bother?
There is no point. You need to see Microsoft thinks in multiple steps, and this is just step 1.
Step 1 is about rolling out a beta of this software, and allow the public to test it, give feedback, and their devs to improve on that.
The fact they offer it only to existing customers means there's no chance that this may hurt their Office sales. And it also lets the world know that Microsoft is "aware" of competing web products, such as Google's.
Should things get rough (Step 2), Microsoft already will have a mature web product in their hands, it will have people familiar with working with this product, and have the option of changing how to offer it, including separately for an yearly fee, as Google does.
It's the benefit of having so much money, you can throw them in all directions and use what "sticks".
Ops, the link above was supposed to go to the halo effect article on Wikipedia. Sorry.
Which raises the question: Why not have GoogleBot do a check also as a normal user-agent (IE/Firefox/etc.) and see if the page is significantly different than when it identifies itself? At the very least GoogleBot could check if there are common blacklist words ("viagra" et al) on the website when identifying itself as IE or Firefox.
It does. It also detects landing pages mentioned above. Apparently it's something more subtle than what one could think of in few mins on Slashdot, and we'll learn soon enough.
They're available to sell, but they are not designed and destined to sell well. They are designed and destined to do well in the news outlets.
It's called halo product. It's supposed to improve the sales of other Sony products and improve the perception of Sony as a whole.
Another example of halo product are the most most top of the line graphics cards made by NVidia and ATI, not many of those get bought, but they affect purchase decision for the lower end products, and make the news.
Microsoft has some emerging issues it has to deal with:
.NET and Silverlight competing with Flash and AJAX web apps, XML markup base for Microsoft's new standards such as OOXML and XPS, IIS7 configuration XML files etc.)
:)
- the threat of a free OS commoditizing what they worked so hard to keep unique in Windows
- the emerging of accepted open standards that turn Microsoft's proprietary alternatives against themselves and wall them from the rest of the world
- the emerging of plenty of companies ready to deliver free OS components and support to Microsoft's corporate customers (which will directly affect Microsoft's bottom line and the industry trends in adoption of Windows)
Microsoft's business strategists have done a careful and detailed analysis of their situation and arrived at the infamous "patent deals". They have drawn the decision chart and figured, there's no way for them to lose, no matter how the market or their competition moves.
Possible outcomes & side effects:
- The patent threats split Linux community and cause unrest in corporate clients who consider adopting Linux for their servers or even desktops.
- Novell and the other distros in the patent deal are rejected by the community and Microsoft eliminates one of its more dangerous competitors should Linux' adoption really take off. -OR-
- Red Hat and the other distros OUT of the patent deal get destabilized and abandoned by the corporate clients and Microsoft gets to "coown" the Linux code together with Novell by means of the patent implementations all over the code. They can't just buy Novell now since it'll destabilize their Windows brand, and cause antritrust lawsuits. But should Windows go down next 5-10-15 years, you can be sure Microsoft will be talking to merge with Novell and offer their Linux distro with all the windows IP in it.
In essense Microsoft either gets to split the OSS movement, eliminate some of their stronger competirors, and improve the Windows brand and adoption, or gets a second route to quickly enter the market with Linux OS should Windows go horribly down, by utilizing all their Windows IP inside the Linux system.
What about standards:
- Where Microsoft has their own standard opposed to an open competing standard, they try to promote it to a full standard (OOXML, Exchange server integration with SUSE, ActiveDirectory integration with SUSE etc., XPS)
- Where Microsoft doesn't have their own standard, they adopt the publicly accepted standard, and extend it in attempt to create added-value dialect (RSS with own extensions in IE7,
So Novell's deal helps Microsoft make better penetration of Microsoft standards and technologies as something that comes standard with Linux. We're talking about Mono, Moonlight, Exchange integration, Samba integration and all those technologies which might have alternatives outside the Microsoft world.
This is marked to the public outside as interoperability effort. It sure is improving interoperability, but at the cost of putting more and more MS IP in Linux's distributions.
So was Novell wrong to sign the deal? If they had the pure intention to move the OSS community and help Linux as a whole, it was wrong. But as a company that competes against *OTHER* Linux distro companies, it was half right.
Right now if you see above all the outcomes from this deal (which are all good for Microsoft) there's 50/50 about who will survive (the non-patent deal Linux companies, or the patent deal Linux companies). Novell and RedHat are on the opposite sides of a gamble that'll play out in the next years.
While they're the gamble players, Microsoft is the casino. Never mind who wins, the casino always wins. Good job, MS
1. They will produce only 2000 of those per year.
2. The product for OLED was selected not to be practical but newsworthy. Everyday Joe cares about TV-s, although he won't buy this one, he'll read about it, so newspapers will write about it. Consider: OLED has shorter pixel life and wastes less power than LCD+light. Where is this useful? Laptops (limited energy and no constant use). Where is it harmful? TV-s (constant use and unlimited AC power).
3. The design is made to impress, not be practical. Notice they put the tuner down in an ugly box to show off the very thin OLED display (no backlight). Notice the off-center hinge, designed to stress how light the screen is (puts unneeded stress, however small, on the materials).
Bottom line is, of course, great that someone is pushing OLED for something bigger than a camera preview screen. But it's NOT mass produced product. They make just few units, to make the news.
It's a product straight from the PR department. I suspect Sony Rolly will have similar fate.
Those aren't products made to sell, they're made to rebuild the image of Sony as the cool tech company. However, years ago they were the cool tech company which mass produced goods that are at the same practical, high tech, and luxury.
Those new gadgets don't send the same message. Wish them good luck with this, maybe if they keep producing gadgets like those at this pace, at some point they'll hit a homerun again...
Who's panicking? You're panicking that you won't have a primary language to live on.
You gotta honestly tell me, how did you manage to read my post and understand 100% the opposite of what I said O_O.
I am just stunned. I realize the majority of people here are probably monolingual and probably living in North America, but the majority of posts here seem to be along the lines of "Well it doesn't affect me, so who gives a f**k?"
Stop your flapping mouth and think a little: who it DOES affect? No one. It simply affects no one but linguists.
I'm not living in US, and not living in a country where English is official language. I know my language, and I know English. Anything affecting me negatively so far? Let's say I move to US (as I got several job offers already) and have kids there. My kids will likely know only English. Are they affected? They get to learn English, and this is ok to them, they don't need to learn a language (my native) which they can't use.
It's a simple mechanism of changing generations and the older generation dying out with some of their unique professions, abilities, knowledge.. and languages.
This is why we don't live forever, and have kids which start anew. So people like you, who prefer to panic at the face of constant change, don't have the chance to sit forever, stopping natural development and progress of cultures.
My father spoke five languages - none of which I learned to speak more than a few mumbles here and there. But I could see how different languages were better at expressing different emotions, different ideas, different viewpoints in life.
All of us realize each language has various different unique characteristics. But things are created and lost every day. As I said in a previous post, it'll be great for scientists to store this in an accessible data bank for us to refer to, but keeping it artificially alive is pointless, if people find no use for it (yes, even if I can express my foot itch better in another language than English).
If you're so enraged at our "small mindedness", how come you ALSO didn't learn those 5 languages? It's easy to criticize, how about you put your actions where your mouth is then?
The reason languages go extinct.. is YOU. Either start learning those 5 languages, or don't criticize people for daring say what you do out loud (in English, nevertheless).
Clearly it is meaningless to talk about this kind of change in a time frame of days, so the only reason to state "every 14 days", instead of a more meaningful figure like 250/decade would be to try to manipulate the listener into action.
You're happy they didn't enact the dying languages as little furry animals with watery eyes, wearing labels so we know which language they represent. Then shooting them to pieces.