The first is a reiteration that the first year is free, for the 'supported lifetime' of the device. There is room for MS to make things tricky and MS hasn't responded to the comments on those fronts. The latter was just an article saying that Apple had great success in getting *their* userbase to upgrade when they gave it to them for free. Neither is supporting the inevitable success of a subscription model.

On DirectTV and HBO, those are both companies that have *ALWAYS* been subscription model from their inception. I don't know why yet-another-subscription offering from them supports an assertion that everyone going to subscription. It's a matter of apples and oranges. People subscribe to content (stories, movies, shows, new music), but not to things like the player software. I suppose one thing that *could* make sense is for Windows 365 to be a branded effort to bundle some Azure/Skype/Cloud capacity service with the OS, which ties into things that are a bit more along the lines of a subscription model, but the OS itself cannot realistically be a subscription service.

Of course google doesn't sell the hardware either. Part of MS' problem is that they can't decide if they want to be like Apple or Google and are aiming for an odd mix of both and their own legacy self.

Well, for one, that's very limited. It only applies for devices that microsoft approves and only if the manufacturer agrees to promote Bing. If you are buying a conventional laptop, MS is not quite so... generous.

For another, the reason for how selective it is tells you how tenuous the situation is. MS only allows it if they think the device competes with iPad. At some point, either MS gives up displacing iPad or succeeds. Either way it's not indicative that MS wants to keep up the practice for any longer than they absolutely must.

Actually, MS has been a bit cagey there. I assumed as most did that they meant a one year 'amnesty' to get everyone off of windows 7/8 onto 10 and not make people afraid to buy windows 8 devices today. But they said 'free for supported life of product' without indicating who is defining the supported life of the product. It could be tied to vendor warranty, it could be until MS doesn't actually compile for that architecture. They didn't clarify. They also didn't provide guidance on what happens for the non-upgrade case or after that first year. This combined with some MS executive saying 'no, Windows 10 won't be free, but are exploring alternative monetization strategies' has produced more confusion than clarity. MS is making licensing more and more complex. For example, Office is suggested to be free, but only if your monitor is 8" or smaller.... They are doing very bizarre maneuvers reminiscent of IBM mainframe shenanigans. A fair number of businesses moved away from the mainframe more about IBM's complex licensing rather than any technical merit or even cost.

Not if everyone rejects them.

On all fronts, the competition has been hurting them by reduced/no OS licensing cost inflicted on the consumer and/or vendor. For Apple, it's to push hardware, for google to push ecosystem. In both their major competitor's cases, they are making inroads by using the OS as a giveaway as a means to a more profitable end.

MS doubling down on charging for the OS would only help their competition. If they are serious about enabling their ecosystem, they need to restructure things so those goals fund the OS development, not require the OS development to pay for itself.

MS also misunderstands another facet. They think a rolling release OS is critical to their success. They think they need the OS to be able to incorporate new function on a whim. They probably feel that way as they are impatient to have Windows 10 come along to fix what they did wrong in Windows 8. The problem is no one was demanding features out of Windows 7. The sin in windows 8 was inflicting undesired features, not being slow to deliver features. A rolling release will mean that MS customers pissed with some major design change are less able to latch on to some MS sanctioned safe haven (e.g. today it is windows 7) and look harder at jumping on OSX, IOS, Android, or a desktop linux depending on the area. Enthusiasts may bitch and moan about not having Lollipop 5 minutes after it releases, but 99% of the world would just as soon have their device work basically the same way day to day.

The idea is to create so many they couldn't help to jump back and forth. To (hopefully) leak into another brane and (hopefully) leak back.

If they just sit in the middle of nowhere, it's a hope that an abnormally large source from another brane just happens to emit in that particular spot at the right time. In other words, beyond improbable.

Though better, that still provides attackers with a ready-to-roll dictionary (after a rainbow table attack) tailor made to the salted passwords.

Read: They are terrified they didn't handle things right and might have some sort of injection attack somewhere.

Well, not necessarily but it does suggest that they have it in plain text *or* fail to use a salt, which is nearly as bad.

Unless you have a rootkit made of a signed linux kernel with kexec enabled. At which point you can boot all day long with unsigned stuff in the middle. Which is one reason why a mechanism where SecureBoot could have told the difference between Microsoft and Linux would have been better. MS has to worry about how *everyone's* functionality can go as potential threats into the system. In short, Secureboot is *also* a mitigation with similarly large gaps as a mitigation.

To be loaded as a driver, the driver must be signed. Yes an exploit in a driver means that things could be circumvented, but the attack vector gets increasingly difficult to navigate. You have to know about a set of driver bugs that are ubiquitous enough to bother exploiting and hope the market hasn't patched over the issue before being caught. Also the chances that said bug can be exploited in a manner to perform a targeted attack on the system partition....

In short, yes a kernel-level bug could still hypothetically let some malware at it if some sort of namespace isolation were applied in the obvious case. In practice I see that as a small attack vector. I would wonder if the fact that MS has to liberally allow other OS vendors to get signed bootloaders presents as practical a risk as the 'uncloseable' vector of a kernel exploit to circumvent OS level protection.

I would have had less of an issue if the firmware shipped without signing key until your OS vendor of choice registers their key at OS install time, rather than having the key from MS pre-applied to random board before any OS were applied, meaning only those seeking to *replace* an OS would have to sweat tearing down Secureboot setup. This would also have left MS to be able to more strictly certify that the bootloader is *Microsoft* rather than some other boot loader that MS also signed to make a good show of being in a competitive marketplace. As it stands, it's on one hand too restrictive and yet not measuring a specific enough thing for optimal security.

In Windows, it's not unheard of that a piece of malware with sufficient access interjects itself where the next boot will be picked up before the OS has a chance to set up it's own protection. Of course my complaint is that this vector would have easily been sidestepped without a huge firmware mess. If the OS set up access to that area as very very very very special, requiring signed code within the OS to modify that section of the platform, then the problem would have been solved. You want to write to the *system* partition? Oh, you need a special signature from the OS vendor to get that access. Otherwise processes are running in a namespace that silently masks the existence of the system partition.

What are the chances that a vendor that declines to update 4.3 to 4.4 would be willing to do an update for a 4.3.x if Google bothered to do it.

I think it smells bad, but trying to target users with vendors holding back 4.4 but willing to do another 4.3.x update is tricky. This is why google moved toward moving stuff in a more modular fashion: to get the ability to update relevant portions without demanding the vendor get in the middle.

Of course, in that case you still don't need the fake engine. The natural sound of the engine is plenty adequate. Ford more screwed with the tone to make it sound like a bigger engine. Pull the fuse and you still hear it, just sounds different.

There are plenty of videos now of people doing comparitve drive with the fuse in or out. With fuse out, it sounds much more like one would expect a 4-cylinder turbo to sound. It's not exactly terrible, but it is markedly different than the sound of the V6. The manipulation brings it more in line with a larger engine for people too insecure to be reminded they are driving a 4 cylinder.

I can understand the perspective that a single repository for more of the userspace resembles the *development* of traditional Unix systems, the argument made is usually not about where it is developed, but reducing the principle of having small simple utilities with straightforward interactions with other componets. For example, Most traditional Unix systems have terrible implementations of a shell interpreter and things like fileutils. It is an awkward, but not too terrible a situation since you can replace that stuff with GNU equivalents trivially without horribly breaking the OS. An administrator that understands enough to write scripts can discern the nature of interaction even if that administrator isn't a full-on software developer. systemd design trends in many ways toward requiring someone needing to dig in to have more development competency than previous designs. As a developer, I understand the attraction of some of the architecture choices, but I think they lose perspective of what it's like to be an administrator on the ground. Someone who doesn't live and breath your code has a harder time wrapping their heads around how it should be working when something requires customization, replacement, or debug.

In general, systemd is all-or-nothnig about a lot of things. They figure out a way to achieve what could be considered a sensible goal, but then go about it in highly disruptive ways. The sense is they throw up their hands and say 'well, this is the only way to do it, and it's worth it' rather than rethinking how the end could be achieved in a less disruptive way.