Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:Thank goodness it's not just me. (Score 1) 549

I was the same.

Really Windows 10 is from what 8 should have been from day 1. Windows 7 aero was gorgeous and I loved Windows instant search and was more secure with a lot less bugs than XP when it was new. But times change.

My only complaints with 10 is it collects data like a phone, was very buggy when it was (most fixed), and there are 2 versions of control panel one that is mobile, and other is the classic. There are times it shows up. Other than that it's fine and I like the newer features like the Hyper-V virtualizer, quicker boot times, mobile app support for running Hulu on my Surface tablet, much better battery life, and quick resume from hibernation times. It works fine now. I whined about the lack of aero but part of it is still there and MS is now working on materials UI that gives a similiar look. It's pretty stable and feels more modern now.

But really old people just complain how it looks or why did they have to change this etc. THis was a terrible story

Comment Re:User Experience (Score 1) 549

What MS should do is hire an actual User Interface Designer. I know they haven't had one since at the latest 2002. Vista, 7, 8 and now 10 are all progressively more painful to use and hostile to the user, so it's obvious they don't have one on staff.

I'm not even talking about the crap they try to shove down our throats for marketing purposes, but even down to the little things. The login screen in xp/2000 era was simple: username, password, domain. Then you got vista, where you had to click a button to get the login interface, or click another to change the default user, then hit the right button to login ( instead of the more obvious button which allowed you to change your login account ).

It's absurd. So much so I don't know an admin who doesn't cringe with each new release of windows and office. We know they changed some small UX thing that's going to confuse our users and will result in untold hours in support.

They do. Hipsters under 30 want flat UIs and think bubble gum buttons in 3d look dated. THey want mobile apps and to have the same UI between their phones and their pcs for stuff like Yammer and MS teams. MS is listening to them as well .... old farts like us do not upgrade software like the younglins do so MS is targetting them.

The windows XP/2000 screen looks like a green screen or punch cards with ehhh to anyone under 30.

Comment Re:Read the summary, then add.. (Score 1) 549

We will likely use Windows 7 long after EOL. There really aren't any other good options for our business, right now. I'm surprised that nobody else has stepped in to fill the gap, yet.

I was the same. I had to get with the times as people wanted to have me upgrade my MCSE and I hated Vmware workstation with a passion. Hyper-V which is on WIndows 10 was the reason. I found a few bugs last year but they are fixed. Windows 10 is what Windows 8 should have been.

Windows 10 :
1. Lighter and quicker on my hardware and boots silly fast on a ssd
2. Can run Netflix and Hulu on my 2nd monitor or my tablet when I am on a plane when not working through the appstore
3. Has work folders which are pretty cool in setting up offline versions of files with less hassle and bugs than CSC with Windows XP and 7
4. Can use a pin to sign into desktop and tablet which is quicker than a password
5. Supports device lockdown for system admins
6. Supports MDM for intune device settings and lockdowns to run corporate apps securely without a VPN
7. Cached work credentials in addition to a home account for MDM to access corporate resources without a VPN
8. Much better power management
9. Pen support for One Note on my surface

Seriously the story submitter doesn't like change because it looks funny. WTF this is slashdot, not a place where people whine about change and settings. Did we all just age past 40 and no longer coffee drinking coder hipsters from the 1990s anymore?

Comment Bawawawa I hate change (Score 1) 549

Seriously it's getting old and unprofessional. I feel slashdot is turning into the ITs version of info wars or Rush Limbaugh with Microsoft as the liberal to rail against complete with it's own alternative reality and facts and everyone else is fake news.

News flash. Don't like Windows don't run it. I may have go to the register or somewhere else if this keeps up.

Comment Re:An error? (Score 1) 142

I can think of two ways. Way one: you contract out the development to a company that has a paid version and an ad-supported version. They accidentally give you the ad-supported apk to push to your customers instead of the paid one. Way two: you have an internal project to see if you can push down the up-front cost of a phone by pushing ads in various places (as the Kindle Fire does on the lock screen) and using that to subsidise the cost. You have the same people working on it as the normal system and one of them accidentally pushes to the wrong repo.

Comment Re:Whatya gonna do? (Score 2) 142

The difference is a lot lower at the higher end. My partner has just replaced her ageing Nokia 1020 (really nice phone and the hardware is still pretty solid, but Windows Mobile 8.1 doesn't get security updates and has almost no third-party apps) with a second-hand Samsung. A similar iPhone is only 20-30% more expensive, but the killer is the lack of third-party OS support. When an iPhone stops getting security updates, it's basically dead. When a moderately popular Android device stops getting security updates, you can install LineageOS on it and it remains useable (my first-gen Moto G is older than her Nokia and a lot slower, but it's still getting fortnightly updates from LineageOS and I expect to keep using it until it physically dies).

Comment Re:well, he's not wrong (Score 1) 488

What if the pointer points beyond the end of some chunk of malloc'd memory?

Then you will get a trap. The bounds are set at malloc() time and cannot be extended (except by the code in malloc, which holds a pointer to a larger area which it can subset).

Merely checking array bounds is insufficient for any non-trivial C program.

Checking the array bounds is sufficient. Checking the bounds of the static type, is not.

Comment Re:Idiots everywhere... (Score 1) 323

Forcing the companies to provide the means to unencrypt all the data passing through it's services provides very little benefit

It provides no benefit, because the bad people will not use the backdoor'd encryption, they will use something else (if they buy a copy of Applied Cryptography second hand then they can just type in the cost listings for some secure algorithms and use their own version). On the other hand, the existence of a backdoor intrinsically makes a system insecure, so everyone else suffers from making it easier for criminals to gain access to their messages.

Comment Re:Cheap bounds-checking is possible: Cheri CPU (Score 1) 488

I am the author of the CHERI C/C++ implementation (and a bunch of the instructions and key parts of the abstract model). A few corrections:

does pointer bounds and 'const' qualifier checking and some protection of C++ private member variables in hardware

We don't enforce const in hardware, because it broke too much code. For example, the C standard library function strstr takes a const char* argument and returns a char* derived from it. Our hardware doesn't permit you to add permissions to a pointer (or increase its bounds), and so the returned pointer also lacks the store permissions. Instead, we add __input and __output qualifiers that allow this to work: if you cast a pointer to an __input-qualified one then the compiler removes store permissions and no pointer derived from that pointer can be used to modify an object.

sufficient to replace the security properties of virtual memory (with the caveat you can't unmap a page without killing the process)

CHERI doesn't require that you throw away the MMU and some things work a lot better when you compose the two. The MMU is good for coarse-grained isolation, CHERI is good for fine-grained sharing. You can use the MMU to revoke objects (unmap the pages), without having to find and invalidate all pointers (which we can do - a couple of my students and I have added accurate garbage collection to C).

It's implemented in FPGA and only requires a few gates over a standard MIPS and is working with comparable performance without any exotic kinds of cache memory.

Note that we do rely on tagged memory, though we are able to efficiently implement this in commodity DRAM via a tag cache (some of my colleagues have done some great work on improving the efficiency here). We need one tag bit per 128 bits of memory (the tag bit tells you whether an aligned 128-bit value contains a pointer or normal data), so 256 bits per page. You can read 256 bits from a single DRAM read, so anything with vaguely good cache locality rarely needs to pull the tags from DRAM.

It's only "approaching" because I don't think it can solve use-after-free

We can implement an accurate garbage collector in C with CHERI. Some of my current work is attempting to push the performance of this up to where C programmers will be willing to just leave it on, because they won't be able to measure a slowdown vs malloc / free. For the Java interop work that I published at ASPLOS this year, we did very coarse-grained revocation, allowing the JVM to invalidate pointers that the native code held for longer than it claimed that it would, thus preventing any spatial or temporal memory safety violations in C code from affecting the Java heap in any way.

Comment Re:well, he's not wrong (Score 2, Interesting) 488

It's just way way way too easy to write buffer overflows in C

Technically: it's too easy to write buffer overflows in most implementations of C. The C specification makes accessing beyond the end of a buffer undefined behaviour. That means that an implementation is allowed to do whatever it wants (and doesn't have to do the same thing consistently). Most implementations implement this as 'trample an arbitrary memory location', but it's completely valid to transform it into a recoverable trap. My research group has proposed a small set of CPU extensions that we're talking to vendors about adopting that allows an implementation of C (which I've created and which we're able to build complex C programs with) that provides these guarantees. Any out-of-bounds array access for us is a CPU trap, which the OS turns into a signal. You can then either kill the process, unwind the stack and kill the thread, or recover in some other way.

Slashdot Top Deals

If A = B and B = C, then A = C, except where void or prohibited by law. -- Roy Santoro