Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:I don't think so (Score 1) 465 465

- It is an icon, and all icons except this one represent applications. It breaks the metaphor.

What? Icons represent objects. Computer, Network, your files and folders are all representing objects rather than programs. Technically, even your program icons represent objects - an object or series of objects that describe the function of your program.

Why should Recycle Bin get the short stick?

The concept of an undelete-store has some merit, but it absolutely needs to have a limited lifetime for its content.

You can do this yourself. Right-click > Properties.

- It is hard to find as it has no fixed location.

By default (sorted by name) it's always in the same place (usually the first icon, unless you've chosen to enable the user profile icon, Computer, or Network. Even then, its place is retained however you sort it.)

And it eats icon space without good reason.

A good reason might be considered "I need to quickly retrieve my file! Oh, if only there were a metaphor for taking things out of the trash!"

And unless your desktop is full of icons, there's no practical loss of real-estate. And even then, it's not really like one icon'll make a difference.

- Because it has no fixed position, the notion of drag&drop to it is fundamentally broken.

Rebutted per above.

Delete has to be a fixed gesture or command, not a variable one, as it is a unique operation.

A fixed gesture? How is dragging it to the same place not a "fixed gesture"?

Besides, it's drag and drop that's a variable gesture. The Recycle Bing just happens to be one of the many valid values for that variable.

In addition, having it as an icon is accident-prone.

Accident prone? What happens if I want to launch the last icon in a list, so I hit End then Enter, except oops, I hit the delete key by mistake? It's no less likely than accidentally dragging it over a 64x64 pixel icon of a recycle bin and accidentally letting go. And even then, it's not a problem because you can simply go back and retrieve it.

In my view, the recycling bin is one of the results of Microsofts attempt to allow users to stay incompetent, instead of requiring them to lift their competence level a bit and become proficient. If you consider how much time people spend to learn how to read and write, refusing to learn a bit more in order to be a competent computer user is just plain stupid.

The recycle bin is meant to be a saftey net for when things go wrong (and don't try and tell me they don't go wrong,) What happens if the backup had failed for whatever reason? If the file was created then deleted before the backup ran? If the last backup was corrupted? It's useful even if you've "lifted" your "competence level".

There are people who abuse the Recycle Bin, but there are people abuse most systems.

(And given that most of these "stupid" people complained about the new start menu, the new taskbar, the ribbon, et al, I really don't think Microsoft's doing them any favours.)

Comment: Re:Big Bank and Evolution (Score 1) 495 495

Evolution, in comparison, explains the 'why' completely.

To be accurate (at least, as far as I know), evolution doesn't address the why at all - it leaves that up to other fields (which do so sufficiently). Evolution merely explains the *what* - that is, what happens.

To paraphrase, evolution by itself is rather weak, since it's mainly rules based on evidence. The strength of evolution comes when combined with other related fields, as they appear to confirm the conclusions drawn by evolution. The same is true for the big bang theory which, when combined with other stuff such as inflation, seems to paint a universe consistent with our own.

Also, cosmic background radiation. Ha! :p

Comment: Re:Missing Reason (Score 1) 789 789

Actually, I read about this the other day. Rumor has it, the language requirements actually do have a purpose, that is making sure the apps work with the new profiled multitasking setups. Supposedly cross compiled apps don't behave in the same way and individual threads can't be halted to save battery and processing power the same way that native apps can.

Whether or not that is true is a bit above my head. The claim has been made that all of Apple's fancy tricks with threat pausing, fail completely with cross-compiled apps and as a result those apps perform very badly with regard to battery drain. This is somewhat supported by the fact that Apple has applied this only to the version of iPhone OS that includes multitasking and not to older versions including current development for 3.x.

It's not true. iPhone 3 apps are quit when one returns to the home screen in iPhone 4, just like always, so existing apps will work just fine.

And there's no technical reason for cross-compiled apps that do take advantage of multitasking to behave any differently - to the OS, they *are* native apps.

Comment: Re:Yeah sure (Score 1) 320 320

It could happen to any browser to have the same security flaw in 3 different versions

Er, yes. Believe it or not, Microsoft doesn't have this super-scanner thing that can predict all possible outcomes of all possible combinations of code. Nor does anyone else, for that matter. And, of course, security flaws don't just magically point themselves out when a new version is released.

Additionally, while the vulnerability is in all three versions, the exploit used in the attacks will only run in IE6.

DESPITE claimed complete rewrites of the code.

This is the first time I've heard of this. If you're referring to the layout engine, I'd like to talk to you about the difference between layout engines, scripting engines, and the browser itself. A flaw in the latters would be unaffected by a rewrite of the former.

Comment: Re:Yeah sure (Score 1) 320 320

Er, isn't a complete rewrite what's supposed to happen when the developer increments the main version number (like going from IE 6 to IE 7)?

Er, no? Because that would be stupid?

A major version is merely where the developer feels that they've done enough to warrant a new major version. Sometimes, code does get rewritten, but it's usually never a complete rewrite. Rewrites take time and (if you're selling stuff) money, with no guarantee that the code you're writing is better than the code your replacing. If developers who didn't rewrite their code release multiple versions in the time it takes for you to release one, you more likely than not end up loosing users.

Netscape 6's complete rewrite, taking around three years, was one of the major contributers to the browser's downfall against Internet Explorer, which was able to get three major versions out in the time it took for Netscape to get version 6 out the door.

Comment: Re:?Senior? (Score 1) 318 318

And using your logic, we should give up on vaccines because some people are allergic. Heck, we should give up going outside because sometimes we might get sick, maybe.

That is to say, nice strawman.

The trend, for the past decade, has been less and less malware targeting the OS and browser, and more and more either targeting third-party plugins such as Flash or the user (that is, a trojan horse.)

I'd even warrant an estimate that 75-80% of active malware today merely has to convince the user to run it - no privilege escalation, no code injection, no buffer overruns needed. Just desire ("media codecs" for videos/porn) and fear ("OMG U HAV OVA 9000 VIRUSES CLIC HEAR TO FIX!!!lolz11!").

Comment: Re:Digital medical records (Score 1) 553 553

The physiological data can be gleaned from a third party health data collection repository, a healthcare smart card, a real-time physiological sensor" it is so mind bogglingly privacy invasive that truly only M$ could have come up with it, especially for that line alone.

Your tin-foil hat is showing. I especially like the part where you assume that Microsoft is going to do this all, oh, I dunno, without your permission.

I'd imagine this could be utilised in positive ways, for example, if someone puts themselves (or if parents put their child) on a diet, and try and forgo gaming until they reach a milestone, the sensor could bar you from using your Xbox 360 until such a time. The other obvious application is something like Wii Fit, where the avatar would resemble your actual... er, rotundness. (No one said this would be used on your Xbox Live avatar, merely that your in-game representation could now resemble you.)

"In addition, the physical characteristics can include psychological and demographic information such as education level, geographic location, age, sex, intelligence quotient, socioeconomic class, occupation, marital/relationship status, religious belief, political affiliation, etc. Such information can be useful in enhancing social interaction as well as adjusting how an avatar performs in a competitive virtual environment." you really couldn't make up a story where a company would be stupid enough to put that into a patent.

I dunno, it could just mean they're covering all the bases. The fact is, you're assuming this will be used for PURE EVIL MWAHAHAHA!!!

Geographical information could be useful for rerouting you to local servers, and age could be used to seperate the LOLZ !#$% YEAH I AM TEH AWESOEM tweens from the older people, or to enforce parental control systems. Other information could be used if you wish to set up a game with only like-minded people (for example, only atheists or only LGBT).

Just because you don't see a use doesn't mean it's not useful.

Comment: Re:PROOF! (Score 2, Insightful) 284 284

Linux audio. Just... Linux audio.


Most of the senior engineers at the time were working on Windows Server 2003. The people working on Longhorn were less experienced, and after a bit they started to put their pet projects into Windows, similar to the Copland fiasco Apple went through. (The difference was probably pride rather than fear of getting fired, like "see that? That's my idea!", but meh.)

Jim Allchin wrote his "I'd buy a Mac" memo here.

After they shipped Server 2003, they tried to clean up the Longhorn mess - first by cutting out some of the projects, then by stripping it down and then building up to Server 2003-level. Only then did they decide it was too unworkable, and decided to rebuild straight from the Server 2003 codebase.

Not trying to refute anything here, just giving some background info. Yeah, they definitely could have done a lot better, but they also could have done worse, and I'm not sure that open source would have helped them at all.

Comment: Re:This IS already being done in Linux (Score 1) 657 657

One might assume that the system described in the patent may be able to theoretically detect only the function in which the part requesting elevation is being run and elevate it only for the duration of it's run. That's not what UAC does either, although it does do something similar.

After I posted this, I thought of another method this could be done: the OS prompts the user, then turns around and does the task itself. This would prevent code vulnerabilities (apart from OS ones), although we arrive again at the point where the OS is far more chatty than what we have now.

it may have been the way it was originally

Designed. It may have been the way it was originally designed.

Even if you use Preview you can still muck up.

Comment: Re:This IS already being done in Linux (Score 1) 657 657

Regarding launching a GUI window when a privilege violation occurs, this is precisely why Windows got the "Allow or Deny" reputation it got. You really don't want to authorize every little action.

The implication is that it would only do this only when it detects you don't have sufficient privileges, and then prompt you for an admin user name and password who has these privs. This is a Good Thing - it bars from malicious software taking advantage of silent elevation for a period of time (on systems such as gksudo). It also makes running as limited users feasible on Windows (as opposed to Windows XP, where you could do almost nothing on a limited account.)

Admittedly, what the patent describes is not the same as UAC (as described below), otherwise it'd be far more chatty than it is now. I did hear that in the early builds of Longhorn (post-2004 reset) that had UAC, it was far more chatty than it was when Vista was released, so it may have been the way it was originally

(However, Windows does detect if a program is denied privileges without asking for UAC, then asks you if you want to configure it so it will launch as admin next time you launch it (after prompting, of course.)

Also note that on Windows Vista and up in limited accounts, UAC shows you a list of admin accounts and prompts for their password when you click on one. I've noticed quite a few people are not aware of this, so I might as well throw it in.

Further, when it comes to a typical desktop environment, a rights system should not be so complex that there are more than about two classes of users anyway---those who have the rights to modify system files and those who are limited to their own files.

By this definition, every OS's rights management system is overly complex.

A simple explanation is this: Windows uses a system where rights are defined both at the user, admin and system level. Some users may have rights over files that other users don't. The system described in the patent would scan for users that have privileges to operate on the file, and bring them up.

Right now, I believe (I may be wrong) UAC merely brings up a list of users with greater privileges than the current user (i.e. admin users.)

Also, I'm under the impression (based on the patent) that Windows is temporarily elevating the privileges of the application itself, which means that you now have a much larger chunk of code that must be checked for security holes, lest malicious individuals co-opt the application for nefarious purposes. Such a design also makes it very hard to adequately use code signing to ensure the authenticity of the code running with elevated privileges, thus allowing security holes in the app to readily be exploited and turned into the equivalent of root holes just by the user clicking "Allow".

One might assume that the system described in the patent may be able to theoretically detect only the function in which the part requesting elevation is being run and elevate it only for the duration of it's run. That's not what UAC does either, although it does do something similar.

UAC works in two main ways:

a) the program is explicitly told to elevate. This happens at launch, and will elevate the entire program.
b) the program uses COM to elevate and run a portion of code (usually in a DLL file). This can occur any time during the program's run time, and will only elevate the function being run.

I'm not sure if Linux has an equivalent for the latter, so if it does, I wouldn't mind knowing. But the former is basically the equivalent of gksudo.

(Arguably, non-elevated-ness shoould not be an excuse for not performing security audits of your code, since anyone can sudo/runas your software. Realistically, I recognise that one may not have the time if one is independent, but then I believe you should get someone to review or look over your work.)

I'd like to add that in Windows Vista and above, there's no concept of a user like Linux's 'root'. Even when an app is elevated, there are restrictions on what it can do.

Comment: Re:Revisionist History (Score 1) 770 770

That is revisionist history in the extreme.

The only revolutionist history I see here is your comment.

a) it frustrated people,

Every new OS does that to some extent. People are baffled by this new OS that screws with their muscle memory, renames stuff, adds new features that they are unsure of the reasoning behind, and takes away features that they liked.

By that metric, every version of Windows, of Linux, and the Mac OS thus far have been failures.

b) it caused many working Windows systems to no longer work,

Again, same with any OS. Is Snow Leopard a failure for losing people's data? I would say no, because success is a measure of the number of people who got it to work, not the number of people who didn't.

c) it created confusion without end.

This is basically analogeous to a), so my response there basically covers it.

You can even use this simple product metric - it was so bad that the company that made it decided to call the fixed version by a completely different name.

Wow, XP was so derided, rejected and shunned that they decided to call their next OS a completely different name, Vista! Wait...

You might want to disagree with me as a happy Vista user - but that makes my point. You might WANT for reality to have been that Vista was great and poor, poor Microsoft was unfairly slagged and misunderstood - but that is not Vista's history.

If you're willing to believe anything Apple puts in their ads, sure, Vista is a failure. However, in the real world, it is being used by between 20 and 25% of the world's computers - that's one-in-five to one-in-four. That's a staggering amount for any new OS to obtain witin three years.

Do you even remember Longhorn? How that failed to materialize? How Vista was supposed to be all of the Longhorn goodness that was supposed to be ready for prime-time release?

I remember Longhorn. Essentially, Longhorn died when they restarted from scratch in 2004 - the execs at Microsoft realised that there was no way they could complete it in any kind of time scale, so they scaled it back. And there's nothing wrong with that. Remember Copland, perchance?

Besides, we have most of the pillars of Longhorn today - we have Fundementals (Least Privilaged Control/UAC), Indigo (the new networking stack and collaberations API) and Avalon/WPF. We have most of the features WinFS would have provided in instant search and Libraries. The only thing I can think of that's missing is the flashy animations, the notifications history in the sidebar and the complete rewrite of core applications into .NET.

You do know that Vista wasn't just some follow-on to XP that didn't get a fair shake, yes? And if it was supposed to be the transition to anything, it would have been to the lauded claims of Longhorn?

Longhorn was originally supposed to be a point release. It even shows in the codename - it was named after the Longhorn Bar that sits between the Whistler and Blackcomb mountains, the idea being to get from Whistler (XP) to Blackcomb (the major release after Longhorn), you would have to go through Longhorn.

Soon after it's inception, however, it begain to accumulate features. More and more of the features slated for Blackcomb began to find their way into Longhorn, until PDC'03, when it had become a major release. The PDC demo was awesome, and externally, Microsoft was saying that nothing was wrong.

Internally, however, it was spiralling out of control. Similar to Copland, people were beginning to haphazardly put their own pet projects into the codebase. This fact, coupled with the fact that the best engineers at Microsoft were working on 2003 Server, is what drove Jim Allchin to write his famous "I'd get a Mac" memo - he'd decided that enough was enough, and enlisting the help of Brian Valentine (for his experience in shipping products) and Amitabh Srivastava (his career at Microsoft had been mainly testing and deploying quality control systems), reset development to the newer Windows 2003 Server codebase, enacting stricter rules on what could be put in the codebase.

If anything failed, it was Longhorn.

Anyway, Vista did turn into a transitionary OS of sorts - it introduced a new driver model, a new networking and audio stack, new developer technologies such as Avalon, and a better security model that forced developers to program for the least privilaged user. By the time Windows 7 came around, most devices supported by their manufacturers already had drivers availible (unliked Vista), and most programs supported by their developers now assumed least privilaged access (which is always a good thing).

No matter how successful, to say it didn't serve as a transition from old to new shows a grave misconception in history.

Comment: Re:Hey things take time. (Score 1) 114 114

STREAMS was always meant to be a temporary solution - it was slow and clunky, but it served as a stopgap while Microsoft worked on their own TCP stack.

Incidentally, when they ported STREAMS, they also ported the command line tools ("ftp", ect)that came with them, which were themselves ports of BSD's command line tools. Since the programs worked, they saw no reason to replace them.

Of course, when the tech press discovered they were ports (via disassembly, IIRC), they went crazy about it, as tech press does. And thus was born the myth that Windows NT's network stack was based on BSD's.

(Of course, all this is moot since Microsoft completely rewrote the network stack in Vista.)

The major difference between bonds and bond traders is that the bonds will eventually mature.