613 posts • joined 14 May 2007
Security is not a profit centre, so the beancounters will not give it any attention.
Even when a security breach causes untold damage to reputation, customers have not learned to leave - so ultimately, the issue doesn't affect anyone who cares.
That's the price of apathy.
Not so fast.
I frequently use Google to get access to company web pages, because most firms have such an atrocious Web structure that it's far, far easier to find the page you're looking for via Google than to try and find it from their home page.
In many cases, educating end users is not the solution: It's Webmasters who need to be (re)educated.
It was entirely predictable (I should know, I've been predicting this since 1992.)
Britain is not a country that can claim forward planning as a plausible competency. What you see today is the result.
If you think that's bad, just wait until the Russians start cutting off EU gas supplies and start parking a few of their submarines near your LNG terminals.
Re: As someone still running Windows XP x64 ...
Yes, and no: The user profile location is indeed kept on the network, but is cached on the local disk - so network performance is less of an issue than it might seem. (It also allows me to log in from home over a VPN - I'd be a bit stuffed if my profile and documents were only available over the network.)
In any case, the same pause can be seen on non-domained Windows 7 PCs with more than a few files in the Documents folder. By comparison, my XP x64 folder is overflowing with files, yet I don't have to wait ~5 minutes every time I open the folder after logging in.
Re: As someone still running Windows XP x64 ...
I don't doubt that the Windows internals have improved since the days of XP - and if I had a choice of running the Windows 8.1 kernel with the Windows XP x64 userland, I'd jump at the chance.
But I don't have that choice, and the kernel improvements don't matter to the end user, if those kernel improvements come accompanied with so much dross, DRM and other overhead that you cannot turn off, that the end result is worse than staying with XP x64.
I measure the performance of an OS by the speed of the system's response, and how long it keeps me waiting to perform tasks. Windows XP x64 is still a clear mile ahead of Windows 7 in that regard.
Re: As someone still running Windows XP x64 ...
I run XP x64 on 3.6GHz Ivy Bridge Xeon E3-1280s, with 32GB of RAM. More than quick enough, even by today's standards. It's plenty "modern". By the way, I do have AHCI drivers installed on all my kit - I don't install it with IDE mode, simply because it's easier than finding a USB floppy drive and the F6 button on my keyboard. I do it properly, and 5 minutes of effort at install time yields astounding performance every day I use it.
If your last sysadmin was incapable of installing XP properly, that's hardly the fault of the operating system now, is it? He or she probably didn't align the disks to 64k+, either, so it would seem you're not comparing apples with apples.
On the other hand, the Windows 7 POS that I'm forced to use at work is slow (despite running on newer hardware, albeit with half the RAM of my home system), unwieldy - and why it takes bloody ages to open up my Documents folder, I'll never know. With XP, it was click-click, and you were there. With Windows 7, there is a large pregnant pause every time I open up my home folder, and I for one don't appreciate it.
The GUI in 7 is also worse, but that's not as bad as the sheer performance cliff, even on newer hardware.
Sorry, but I'm not buying it - literally or figuratively.
As someone still running Windows XP x64 ...
... I'm laughing at all those people who thought they would be "safe" once they upgraded to Windows 7, an operating system noteworthy for the fact that Microsoft declared it dead in the water after only one service pack.
Wait until you discover that newer hard discs will be coming out soon that no longer emulate 512-byte sectors (only Windows 8 and 2012 support the new 4k sectors) - and you'll be left out in the cold with even XP diehards like myself.
XP was the last decent operating system to come out of the gates of Redmond. 7 is a con, if you upgraded thinking that it had a future: It doesn't. Microsoft wants you in their walled garden - now. That is the real reason they've been pushing Windows 8, even though nobody in their right mind wants it.
Did you check your compiler, to make sure it didn't have a backdoor?
If not, what makes you think a mere code audit of your source is enough to prevent Trojan code from being inserted? This particular security aspect of open source was blown to pieces by Ken Thompson nearly 30 years ago, when he demonstrated the addition of Trojan code using vetted, approved source code that contained NO TRACE of the Trojan code.
What is more, the USAF knew about this sort of thing 30 years ago - so you can bet that the NSA and GCHQ know about it today. There is probably a whole new layer of security exploits in Linux and open source software like OpenSSL, Apache, et cetera, that are based on backdoors in the GNU compiler. Simply hiring eyes to look at the source code won't help you find them.
Open source was supposed to be secure
Please remind me, wasn't open source supposed to make huge security problems like this a thing of the past, because there would be so many eyeballs watching the source code? We've now seen 23-year old bugs in X-windows, plus a 2-year old Heartbleed issue that's helped spew passwords and sensitive information like signing certificates - and now this.
I guess they never figured on apathy.
Re: Depends on the country
As someone who left the UK in 2004 - never to return - I can only agree.
I run into people who have left the UK (some recently, some not so recently), and I hear pretty much the same thing: If the market is broken, the best solution is simply not to waste your time with that market - but to take your skills abroad. It's a small world, and leaving the UK has never been so easy.
I still get calls from UK job agents, hoping to take me on - but in every case, I have to break their hearts when I utter the words "I'm not available for UK work."
Here in Switzerland, none of the pros really worry about the lack of employment rights: If you're good, you'll be hired, paid well and kept on - and if you are crap, you'll end up back on the street pretty fast. Let the wasters worry about a Swiss employer's right to fire anyone without requiring a reason. It keeps them out. :)
Before the US went all Socialist, they had a hire 'em, fire 'em employment ethos. Didn't do them any harm - in fact, it fueled massive growth and opportunities.
Re: Well there we have it
This is old news. Back when I worked for a well-known Dutch bank in Amsterdam in 2007, the bank's management couldn't wait to get rid of its security team.
I've said this before, and I'll say it again: The farce that was RBS (and the more recent Barclays scandal where intimate customer details were sold to predatory third parties in a blatant violation of the Data Protection Act) has taught banking executives that confidentiality, integrity and availability are total non-issues in the modern world of banking. If it doesn't get someone a bonus, it's not important.
There's no real punishment for it, either: Banks can afford to pay the fines (which the CEOs aren't held personally responsible for), and nobody goes to jail.
Re: Next time...
I'd be quite happy to pay for my own patches. Only, I'm not allowed to: Extended support is not available to everyone - and even those who are entitled to buy it have to come up with a justification for Microsoft to take several hundred dollars a year - per PC - off their hands. Yeah, seriously!
Microsoft can go hang, as far as I'm concerned. What I'm hoping for is a serious power outage in a first-world country, caused by viruses infecting (or hackers breaking into) a non-supported XP system.
When push came to shove, politicians spent billions of dollars on a banking system that is somehow "too big to fail" - well now, let's see the same done for all businesses based on XP.
At the end of the day, Windows and Office are licenced, not sold. If flaws in the product allow malicious abuse of those products - and Microsoft decides to do nothing about it, they stand a very good chance of being sued into the ground for defects in their product. They already made their bed by arguing that software licences do not confer end user ownership, so this could get quite interesting if a few power networks get hacked into - and a few grids are brought down.
I have no intention of giving Microsoft an easy time: I will carry on running XP for as long as its useful lifetime permits me to.
One of my first thoughts when I saw C bit-shifting primitives was "OK, so how do I control/see the carry bit?" I also came from an assembler background (6502, 680x0, some ARM and x86 - yuck!) before being introduced to my first C compiler.
To an assembler programmer, C misses out a few pieces. But it's reasonably close to the metal, even if you might want to use a few routines written in assembler (i.e. interrupt handlers) for best results. It certainly beats writing an operating system in Pascal (yes, Apple, I'm looking at you!)
C was (I really should say is) not more sophisticated than BASIC. It was actually considerably less sophisticated.
That's why it was so useful.
Re: I don't get it..
I know a few banks that actually have a no open source policy: They forbid use of open source software.
Well, they'll be laughing this week.
Glad I live in Switzerland...
VAT here is only 8% (and a mere 2.5% on food), and when I stroll over the border to go shopping in Germany, I can import up to 300 CHF worth of goods without having to declare them or pay Swiss VAT at all (but I can reclaim the German VAT!)
VAT-free shopping, in other words, unless you order/import something really big.
The EU's rules and regulations seem to be most useful when you live outside.
The more they speed up the cadence...
...the more commercial customers will say "F*** it, even if we bite the bullet, we'll still be 3-4 generations behind, with no support, in no time. We might as well stick with what we have right now, and save ourselves all that trouble."
Re: New Wheeze
XP 64 bit never worked well - and had a lot of device drivers missing.
Ahem. XP x64 was based on Windows 2003 Server, and 64-bit computing was new at the time. These days, it's pretty darn easy to find drivers for XP x64 - just look for it, or - failing all else, install a driver for Windows 2003 x64. It's the same kernel, so the same drivers will work. x64 is no longer a novelty, after all.
As for it never working well, I have to call bullshit on that one, my friend. XP x64 is not only more stable than the 32-bit variant of XP, but it runs rings around it - and then some. Up to 128GB of RAM is not a problem, and it supports GPT-partitioned disks and multicore CPUs with amazing dexterity.
I'd know: I've been using it for the last few years. Have you?
There are a lot of improvements yo can't see in the user interface in Windows 7 and 8 kernels (read "Windows Internals", if you're interested). Please look beyond the UI widgets - those are just a little part of what an OS is.
Real-world performance (especially in a commercial environment) doesn't bear this out. Not only is Windows 7 absolutely crap at copying files (which could be described as a core OS function), but it has so much bloat that any kernel improvement has been bogged down with so much cruft as to make it irrelevant.
XP (and XP x64) wins, in the real world.
Re: Keep the kids dumb!
My thoughts exactly!
I won't object, at all - I am all for this waste of time keeping future Brits from competing with the likes of me on an international level. Less competition = more profit.
Congratulations to Rory Cellan-Jones and the BBC, but not for the reasons you'd like to think.
Re: My Documents
because, to Microsoft, the idea of separating your OS and data partitions is an unknown concept. It is the norm in Unix since around '75, and other platforms before that. Admittedly, professional Wintel admins do it, kind of, by creating a D: drive, but that is plainly not what Microsoft assumes.
I've always installed XP and XP x64 with an answer file on a floppy disk (for newer PCs, I bring along an external USB floppy drive, which also has F6 drivers on for new hardware - and that does the trick.) Documents and Settings, on any Windows PC I set up, is always on D:\.
Unfortunately, Microsoft never encouraged this or made the process practical for most end users. The Documents and Settings location should have been available with a practical default setting in the Windows installation procedure, just as it is with Solaris and Linux.
These days, you really need to prep a system before you install Windows XP or XP x64 on it, because of Microsoft's idiotic decision to start the first MBR partition on sector 63. Modern hard disks have 4K sectors, which is a bit like installing on a single-volume RAID 0 setup. But a Windows 7 OPK disc/USB key will nicely do the trick of allowing you to partition the hard disk with a 1MB offset, make it active and format it - so once you've done that, you may as well go the whole hog and prep a D:\ drive for your Documents and Settings folder.
But anyone who installs XP or XP x64 without:
a) Partitioning their hard disk with a 64K+ offset
b) Installing AHCI and/or RAID drivers via an F6 driver diskette
c) Prepping the system and storage volumes first (best with an SSD for boot, and HDD for storage)
isn't really getting the best out of their hardware, unless the hardware is ancient.
Microsoft has not made the process for c) easier for Windows 7, unfortunately - and you actually have to install the system with the Users folder on C:\ and then move it later, which seems a tad retarded. Then there's the small fact that a Windows 7 system with a Users folder on anything other than the system drive is not supported when running a service pack upgrade (although, with only one service pack projected in its entire lifetime for Windows 7, maybe that's not such a problem anymore.)
I built my parents a new PC...
...and it's running Windows XP x64 and Office 2003. :)
Just the way I like it: One sniff of Windows 8.1, and it won't matter that it's a Microsoft-supported product - I'll be getting calls every day asking me how to do what was once easy on XP, but almost impossible to guess on Microsoft's new OS.
Sorry, Redmond - but I consider my time to be more important than your profit. Rebuilding a virus-infested machine is pretty easy these days with Acronis, and my parents don't want to learn how to think like teenagers. Neither, for that matter, do I.
Re: The huge difference...
(Tassets are pieces of plate armour.)
Re: Storm in a teacup.
Planting backdoors in many consumer devices (including routers) is supposedly tricky, too - but the NSA and GCHQ have already been there, and done that.
Or are you trying to tell me that the test suite is something the secret services are not privy to?
Re: Storm in a teacup.
If you read and truly understood Reflections on Trusting Trust, you would have already fîgured out for yourself that having the source code for your compiler makes absolutely no difference if you cannot trust the binary compiler you are compiling it with!
I'm personally amazed at the number of open source nuts who downvote me for pointing out this startlingly obvious fact. (It's no wonder that the likes of the NSA and GCHQ are reaping huge dividends on the sheer ignorance out there!) Did you check the binary on your RHEL / CentOS / Debian / Ubuntu install before you started using it to compile code? I don't think so. So how do you know you can trust it?
The answer is simple: You can no more trust your unaudited compiler than I can trust mine. I'm not defending closed-source as more secure: I'm just attacking open source as being significantly less secure than many would think.
Re: @Ben Norris
Hmm, while we're on that subject, Mr. James of John Willmott School (early to mid 1990s) can stand up and take a bow, for being a great head of Technology with an impressive knowledge of engineering, electronics and assembler.
DID THEY FIX THE ALL-CAPS MENUS, YET?
The market has spoken, but Microsoft still isn't taking the hint.
"I don't understand the 'Metro-whatever is SO difficult to use' complaints that go round. Rather, it seems that a lot of that moaning comes from tech professionals (I know a couple, even heavy Linux users), who really shouldn't be that confused by it. You've seen an iPad, right? It's like that."
You have mistaken annoyance for confusion.
By the way, shovels can also be used to decapitate people - but just because a sword is better at that one particular feature does not mean that all shovels should be replaced by swords.
Windows 8 is the sword that workers have been given to dig with, and - understandably - they're quite peeved about it.
Re: What we want to know is...
"That is some mutherfukka multitasking going on there dood (or doodette)"
For some of us, that's just another normal day at the office.
Re: I did my part.
I have to use Windows 7 at work, every day.
It's slow, inefficient and too focused on looking nice, rather than getting the hell out of my way and letting me get on with my work. XP x64 is, by comparison, a breath of fresh air.
When Microsoft stops trying to sell me an "experience" and starts selling an operating system (and maybe also an Office suite that doesn't look like it belongs in the Fisher-Price range), then I might be interested in moving from the (still productive) XP / Office 2003 interface. Until then, I'm stocking up with hardware that will run the software I want to run.
I'm not alone, either: With nearly a third of the world's PCs still running some derivative of XP, that adds up to a hell of a lot of us who aren't buying the new digital snake oil.
Re: What's the point of upgrading
Personally, I don't see myself ever running Windows on a Haswell system, simply because they have decided to stop supporting XP and Windows 2003 on Haswell and above. The drop in performance from having to downgrade from 64-bit Windows XP to Windows 7 is not worth the performance gains you get over Ivy Bridge.
Why bother? Windows 7 can't even copy files properly in cases that XP can easily handle, and copying files is a core OS function. Windows 7 is, to me, not fit for purpose - therefore I won't be using it on a productive system.
I will buy Skylake Xeon E3s in due time, but that will be for running the likes of FreeBSD, Solaris and Linux. I will stick with the Ivy Bridge Xeon E3s and E5s for running Windows. Anything Intel produces in the meantime doesn't interest me at all.
I did my part.
I put together 6 systems based on Asus P8C WS boards, Xeon E3-1280 CPUs, 32GB of memory, nVidia GTX770 graphics and Intel DC-S3700 boot SSDs (mirrored), plus mirrored WD RE 4TB drives for Documents and Settings. Still running Office 2003 Professional, plus a few extras.
Running... drum roll... Windows XP x64 Edition, downgraded from Windows 7 Ultimate licences I bought earlier. I don't expect to have to replace them for some time, as they run like greased lightning.
Re: 32 bit OS in a 64-bit world.
Windows XP x64 is based on the Windows 2003 x64 kernel (exactly the same patches will work on both OSes) - and, given the considerable support 2003 has enjoyed as a 64-bit OS, XP x64 users haven't had to worry about driver or software issues for some time. 32-bit apps run just nicely under x64 - even games - and compatibility was certainly not an issue for me (even though I own a lot of software.)
What's more, I haven't seen a single Windows OS (Windows 2000 and 32-bit XP included) that beat XP x64 in terms of speed, and both Vista and Windows 7 are woefully slow when it comes to most operations (particularly file copying, a core operating system function!) Even with WD's new Advanced Format drives, a properly-prepped and installed XP x64 system is noticeably faster than Windows 7 on the same hardware.
XP x64 supports 128GB of RAM and GPT partitions (just not as a boot drive, but if you're using a SSD as a boot drive, that's not going to be a problem for some time) - and having a monster 8TB+ RAID volume for your documents and settings is no issue. There's plenty of life left in it, long after 32-bit XP runs out of steam.
The difference lies in the value proposition:
I'd pay £450 for a CPU, but I wouldn't switch to Windows 8 even if you paid me £450.
Re: I think Bitcoin will die a death very soon
Ahem, silver is the second most useful substance on Earth, with approximately 10,000 uses. It's beaten only by oil, with around 30,000 uses. Like oil, silver is consumed, often in very small amounts at a time, which makes recovery a lot harder to justify (unlike gold jewelry.)
Given the rate of silver consumption that has occurred over the last 3 decades, the last time there was this little silver stock available on the planet was around 1300 AD. Available silver stocks are around 20% of the quantity available in the 1980s, and consumption is increasing: Many industrial applications have no substitute for silver.
Think on the ramifications of that for a moment, and then tell me - hand on heart - that there is no future in precious metals. Or listen to this guy.
I think Bitcoin will die a death very soon
"The amount of computational power required to mine a Bitcoin has now pushed hobbyists out of the market and specialized ASIC chips are required to perform the calculations needed to generate new currency."
This means, in effect, that Bitcoin mining is more centralised, and vulnerable to attack. It will be attacked in short order, by the same banking cartel that is threatened by Bitcoin's own emergence as a replacement for fiat money that can be conjured out of thin air (with interest payable on every penny, of course.)
If there is one thing central bankers hate above all else, it's competition. However, they're smiling right now, because every penny that's spent on Bitcoin is money that isn't going into gold and silver. When physical supplies of that finally dry up, it will be time to put the pin in Bitcoin.
How many up/down votes you got is not a reliable indicator of how good your plan is.
People are inherently populists, but ideas that are commonplace today (round Earth, heavier-than-air flight, jet engines, nuclear submarines) were, once upon a time, not only works of science fiction - but fantastic science fiction.
Evaluate an idea on its own merits, not on perceived popularity: That's what politicians do, after all - and one only needs to look at their track record to see the merits of taking that path. :)
Of votes, I'm actually most pleased when I post something that heavily divides opinion, with massive numbers of up and down votes: Apathy is easy to find in this day and age.
My guess is that the drone has a small explosive charge on board (a Sony lithium-ion cell would do - how's that for dual-purpose equipment?), which destroys the thing as soon as it's no longer needed. Far easier, cheaper and more practical than spending time, manpower trying to recover it.
Of course, it isn't environmentally friendly, but if you're concerned about that, you would also be against war in the first place...
Re: not just faults
What do you mean, disabling interrupts is not good programming practice?!?
Re: Lets try to look at the facts
Not only that: The computer industry is actively trying its best to make the PC irrelevant as a productivity platform, by loading it down with performance-sapping eye candy, stupid design decisions and the removal of customer choice.
I've put a stake in the ground, bought spanking-new hardware - and intend to run Windows XP x64, Office 2003 and Adobe CS6 on it, for as long as I can.
Re: How many are waiting for Windows 8 to be "retired"? @Steve Knox
Come 1982, the Commodore 64 arrived on the scene, with common graphics and sound capabilities across all 30 million ever sold - and anyone who was serious about anything more than text didn't give the PC a second glance until VGA and the likes of Chris Roberts' Wing Commander came along.
Re: How many are waiting for Windows 8 to be "retired"?
Or even a Windows XP x64 R2 version, licenced and paid for on an annual subscription (£25/year/seat) basis. Some of us consider even Windows 7 a downgrade from XP x64.
Microsoft has shown zero interest in my desires - and until they do, I have no intention of showing any interest in theirs. The PC industry's sales tanked pretty much as soon as MS EOL'ed XP, which says everything that needs to be said, as far as I'm concerned.
NOT BUYING IT.
Last time I used an application with all-caps menus was on my Commodore 64.
What happened to progress?
Re: There's your problem right there.
Maybe they just need a HAM (Human Abstraction Layer)?
I have many fond memories of m68k from my youth.
Crying shame that IBM picked Intel for their PC.
Or they walked into PC World, played with a Windows 8 laptop, laughed, and walked out empty-handed.
That's what I did. :)
Re: Once upon a time...
Nice idea, but most text editors aren't so cooperative when it comes to actioning ANSI control codes: They just print the code you were trying to hide, plus a load of rubbish on the screen, followed by the code you were hoping to obfuscate it with.
You're also assuming (and making a very big assumption, I might add) that the compiler wouldn't choke on those non-standard characters when it came to lexical analysis.