3613 posts • joined Thursday 14th June 2007 08:27 GMT
"An ActiveX component is just a native DLL or EXE. It can literally do anything it likes, OS security permitting"
That's quite a big if, since one of the functions of any half-decent OS is precisely to sandbox user-level processes with "address space, heap, stack and file storage space separate from other apps or the OS" that you mention earlier on. ActiveX got its deservedly dismal reputation because Microsoft did not do this, so you ended up with arbitrary code from untrusted sources running with all the (usually administrative) privileges of the logged-on user.
Re: Infrastructure and dick-swinging
In the case of railways, a really big infrastructure project that has the added advantage of being one that you can stop and restart as cash-flow permits, would be to replace all of the existing 19th century lines and signalling with something from the 21st century. You'd increase capacity everywhere you did this (because signalling is a limitation almost everywhere), you'd presumably electrify the whole network (so it could run on carbon-free electricity if you'd bothered to build the generating capacity), and you wouldn't upset any Nimbys.
"No windows tax makes it cheap."
Does it? I thought the cost of an OEM Windows licence was so low that it was similar to the markup you might have to add to a non-Windows machine make up for the lower sales volume. I can't think of any convincing evidence I've seen in the last 20 years that suggests machines without Windows are cheaper than machines with.
Re: Next phase?
I imagine that would breach the treaty on putting weapons into space. That was, what, 1970 or so and survived a couple of decades of Cold War. Treaties on chemical and biological weapons also survived over the same period. When you are dealing with countries, rather than isolated nutcases, there is *some* recognition that there are lines neither side wants to cross.
Re: Unix phone
Wouldn't you need to quote that command line argument?
Re: evidence that this is doomed
Most curious. Why would even the most hardened nerd want a console on a phone when they could just SSH in from a nearby (or even not so nearby) machine with a proper keyboard and screen? (Come to think of it, why aren't *all* poxy small devices maintainable using a nearby machine with a person-sized interface?)
Re: A method
@A J Stiles: I think I heard that legend with the nationalities reversed. (It's a good story either way, of course.)
Re: In some regards, he has a point though
Agreed about the time factor. I assume that those who set exams reckon that as long as they can write down the specimen answers from the marking scheme in the time available, the time is long enough and students who need longer to write their own answers deserve to be penalised. I wonder, though, if it wouldn't be a better test of academic achievement if students were given twice as long, so that everyone had enough to time write down their best answers.
I'd also point out that I can produce a reasonable diagram or map with a pencil and paper in about a tenth of the time it takes to persuade some wretched drawing package to do it. In the sciences or humanities, that's quite important. In maths, too, I can scribble working far faster (and better laid out) than I can with the (otherwise beautiful) software methods. This proposal only works for exams that are just essay writing.
Also agreed about BYOD. Great way to give an advantage to better off students who can bring their own devices rather than use the rubbish ones provided for free, Also, the "best" students can prepare their device the night before with lots of stuff that doesn't show up on a cursory scan but is magically enabled during the period of the exam itself as long as the right fingerprints are present.
"Another thing - as a comer from another country, I find it rather ridiculous that bills issued by utility companies can be used to do things like open bank account in one's name."
I'm not sure what coming from another country has to do with it. Plenty of UK-born folks don't understand this point either, but ... the bank doesn't care who you are or whether that is your real name. What it cares about is being able to identify you when you come back the next day to withdraw some cash. Utility bills indicate that other organisations facing the same problem have found these particular credentials and address details to be sufficient. The systems works, costs next to nothing, and annoys the control freaks at the Home Office. What's not to like?
Re: *If* true that would make the Standard Model a pretty blunt tool.
"I think I saw that documentary, too, donkeys years ago."
I don't know about the documentary, but you've remembered the experiment and, yes, this is fairly old stuff. I found out about it from Martin Gardner's "Ambidextrous Universe", which was itself first published before my time. I think he was the one who introduced the Ozma problem of talking to anti-aliens.
Re: Anything new going on?
W8sp1 is not unexpected. The appearance of a straight-to-desktop option and the return of a Start menu, however, would be two things that Microsoft (well, ok, Sinofsky) swore blind would never happen. If the rumours are true, these two things are unexpected.
But I suppose you can still argue that they are not "anything new". :)
Re: MS must have anticipated this
A better conspiracy theory is that someone high up knew that the only way to get Sinofsky out (of) there was to give him unlimited rope. Microsoft's behaviour these last ten years makes sense as a largely hidden but bloody war of corporate politics amongst executives who have been gifted with a monopoly so secure that it doesn't matter what they release.
Re: Number of business downgrades
Microsoft will know (from Windows Activation telemetry) how many of those Win8 licences have been used to license a Win7 box. If the figures were encouraging, I imagine that we'd have heard.
Re: "it does take up screen space"
"Funny how all those people using that argument against the Ribbon have never found out that you can minimize it to show only tab names and still work with it - since when you mouse over a tab name the Ribbon shows that tabs' content."
Not funny at all. We had to wait several years before Microsoft's usability experts realised that such a thing might be a good idea. Give it a few more years and perhaps they'll realise that they could replace all the graphics with purely textual command descriptions. Then, as the sun begins to swell into a red giant, they might have the inspired idea of using an underlined character within the text to indicate the keyboard shortcut for each command.
It may seem ancient but...
...it actually only came into this world in 2009 and will (as a "component") enjoy the support lifecycle of the parent OS at the time of release.
On the other hand, MS may well argue that IE9 is the version of this "component" in the most recent service pack for Vista or 7. Their long-standing policy is not to support older SPs after a couple of years of the new one being available, so presumably IE8 is already out of support on those platforms. That would leave just XP (which is famously dead next Spring) or XP Pro Embedded (which lives on until Dec:2016).
"Will it ever go commercial? I don't think so, it will always be hugely expensive."
Its not just expensive, it *more* expensive ... when compared to a fully featured suite for conducting meetings over the internet or building a transcontinental rail link that can carry people in comfort rather than cubic-close-packed. The long-term future of mass transit by air is already doubtful.
Re: International treaty vs national law
"Under what passes for our constitution it is generally held that no Parliament can bind its successors"
I think you are being rather over-cautious here.
Under the prevailing laws of Nature, it is an indisputable fact that no institution can bind its successors, no matter what any rule book might say. As evidence, I cite *every* country that has ever overthrown a previous regime or gained independence from a colonial master.
I suppose the contrast is being drawn with normal contracts, which can generally outlive the individuals who signed up to them as long as the institution they were part of continues to exist within the same legal system. There, however, it is the containing legal system that binds the successors, not the original players. The differences are so obvious that I'm surprised the "Parliament can't bind its successors" idea is treated with so much respect.
Re: The result is that..
I have to say that if I were ever on a jury then I'd *assume* that any party who routinely scrubbed the copyright out of metadata was doing so with malicious intent. For a major media organisation to do so (with all their legal advice) is scandalous.
I think the standard rejoinder is that you also expect to be able to hand over any left-over cash reserves or property to your kids when you die, rather than have the taxman impose 100% death duties or have some random businessman break into your house and walk off with it.
Re: An opportunity for AV companies
"I seem to remember that this is how virus scanners *used* to work"
It's similar, certainly, so we know it is scalable up to quite ridiculously large numbers, but there is a difference. Traditional AV uses signatures of unknown EXEs to see if they contain known viruses. I'm suggesting using the signatures of known EXEs to see if they contain unknown viruses.
Re: Wrong audience
Actually, I think you are dead wrong. Whilst it is true that anyone specialising in cyber-warfare probably isn't running XP, there are plenty of other criminal types who use computers in much the same way that I use a car. For example, I believe Bin Laden's hideout had a number of Windows machines.
Re: An opportunity for AV companies
"You are assuming there is trust in the signing process?"
No, I am not. I am assuming that the AV vendor builds the whitelist themselves and verifies that (for example) the version of Firefox.exe on the customers machine matches one of the versions of Firefox that the AV vendor has seen in their own lab.
I am also assuming that the bad guys can't just switch to Trojanising *unpopular* software, because their infection strategy depends on popularity. Therefore, the whitelist would not need to be unmanageably large in order to be effective.
"These are not actually compulsory; but..."
And neither is my driving licence or passport, both of which I have. It was the compulsion that was the problem.
Re: and you trust ...
No, I don't trust any of these people, but banks and Google can't send me to jail if I chose not to hand over some information one day.
Re: Accounting for the specific impacts of climate change on women
Is "transactional sex" the kind that you can roll back, undoing all the side-effects, if you later decide it wasn't a good idea?
Re: the chumps at Terminal 5
...will only see a watch. Unless you stick an entirely unnecessary "Nuclear" symbol on the front face, they won't treat it any differently from a Casio.
An opportunity for AV companies
Most popular software packages are digitally signed these days. It would be fairly simple to write code to check a list of a hundred or so "most popular" packages (all recent versions) and check that their certs are correct. It wouldn't take very long either, since the cost is essentially one pass of your directory tree plus one signature check for each of the whitelisted apps that it finds. As "heuristic" checks go, this strikes me as whole lot more useful than hosing your OS, which is what some of the AV companies seem to do.
If the AV companies won't bother, perhaps MS would like to consider it for their own monthly malware scan (from Windows Update). Since I'm a generous bloke, I hereby put the idea of "using digital signatures for their intended purpose" into the public domain.
Re: how would their programme differ from that of the Republican Party?
They'd be less obvious about it.
The scientific illiteracy of this proposal is, in fact, the reason why I'm going to give this guy the benefit of the doubt and assume he is an idiot rather than an enemy agent.
Re: A poor anaysis from Reg readers (sorry).
"The military are actually pretty good at this, because..."
Sorry? You're citing military R&D as a pretty good example of cost-effective research?
Hmm. Others might beg to differ.
Re: Indiana Pi Bill
No, that is not all. You forgot another lesson from history, one that Republicans might be more comfortable with.
*That's* what happens when politicians decide on funding priorities.
Like peak oil, you mean?
So we can now look forward to a future of ever-increasing production capacity for iPhones, which are then sold at far higher prices than any analyst would have thought possible a few years ago. Gosh. Tim must be soiling himself at the prospect.
Re: 119 MB is lightweight?
It's about the same as XP, but I'm old enough to recall that XP was considered by many to be "bloated beyond belief" when it first came out.
Re: Since this is ask-a-stoopid-question-Friday
"The black hole will actually form at some point on the _surface_ of the neutron-star, right?"
I would imagine that's right, as long as you substitute "event horizon" for "black hole".
Actually one of the reasons why the rod *couldn't* be incompressible is because the effects of inter-atomic forces can only propogate at the speed of light.
Re: Nick, we love you so much!
Well, duh! That's because not enough people voted for him.
So what are you going to do instead? Vote for someone you disagree with, but who is likely to get enough votes to actually do what they promise?
Bring your own app
Managers bypassing the IT department in favour of cheaper (having ignored all externalities) solutions that are directly under their own control? Whatever next? You'll be telling me next that Duran Duran are top of the charts.
Re: And in the Microsoft World
"MS will re-release Windows XP - Blackberry PI (or BeagleBoard) edition."
An ARM build of desktop Windows with a support lifecycle extending to 2018? If only.
"Normal human beings find it repulsive."
Do they? Oh well, one more way in which I (and many friends) are abnormal then. The tragedy is that so many normal human beings *don't* find it repulsive when it is another human picking out the targets and doing the killing. I suspect the nice distinctions are lost on the dead person and their surviving friends and relatives.
Distinguishing between human and robotic killing systems is a "four legs good, two legs bad" argument. I can see valid moral arguments around the decision to go to war, whether you are killing enemy combatants or passing civilians, and whether you are removing them from the battlefield in a humane way. Indeed, a robotic army might actually be a more humane way to tackle a human enemy if the robots used less effective but non-lethal weaponry, trading higher robotic "casualties" for a lower death toll on the enemy side. But then, when the US announced research into non-lethal weaponry, people were upset about that, too, since it apparently lowered the moral barriers to war and death, er...
Re: Well done
"We know this because our emissions are *larger* than the atmospheric CO2 increase."
Which proves there are other processes at work that neutralise man-made emissions. It doesn't prove that there aren't other processes that also release CO2 that are also being partially neutralised by these processes.
Who's idea was it to quote a very low temperature in Fahrenheit in the first place? That's just daft.
Re: Dark matter signal - this is a MAYBE at best
It's no joke. 3-sigma only means 99.98% if the variables in question are normally distributed (or you know the correct distribution and can correct for it). If you are doing research, you don't necessarily know that. You also don't know about any "opera-like" cabling problems that might mean you are talking out of your socket.
Before you can claim 5-sigma certainty, not only must you be certain of your data, you must also be certain that the experiment is doing what you think it does and your model is correct. Simply collecting more data won't help you with either of those.
Re: "It's not."
Surely the fact that we drift away when the sync is absent merely confirms that we are synchronising with it?
Re: Testing updates prior to release
There's a perfectly good economic reason. Testing costs time. If your competitors reach the market first because you are stuck in testing, then even if you eventually deliver a better product, all your potential customers are now locked-into your rival. Your customers are then faced with the cost of switching to you versus the benefits of doing so. Therefore, unless your testing has produced a *markedly* better product (perhaps because your rival is truly dreadful), it doesn't make sense for the customer to switch and so you go bust.
Doing no testing is idiotic, but so is trying to expunge all bugs. The sweet spot is somewhere in between and that means the sweet spot is "slightly buggy". For a complex product, the sweet spot will be "really quite buggy, actually".
Re: Not even signed
Why does this not surprise me? Ah yes, if they knew about digital signatures, they would understand the wisdom of white-listing anything signed by the Windows kernel team.
These idiots are now the umpteenth AV firm to destroy installations by allowing their "advanced heuristics" to trump the mathematical near-certainties of a digital signature. It's getting beyond a joke. This is not an unfortunate mistake. This is a fundamental design flaw. This is *negligence*.
Re: "And this, ladies and gentlemen, is why most people prefer to run Windows..."
I think even the ARM build of Win8 would struggle to run on a pi, although I'm sure someone would do the port (just for kicks) if Microsoft open-sourced the code.
Re: Barnes and Noble
B&N are a US company with (presumably) excellent US legal advice. Based on that advice and the knowledge that they wouldn't be seen as the foreigner trying to stick it to a decent American company, they chose to call Microsoft bluff.
A Korean, Japanese or Chinese company, with less experience of the US system and a nagging suspicion (see Apple versus Samsung) that the court wasn't completely unbiased, might reasonably look at exactly the same legal case and decide that *they* would be better off settling out of court.
Re: Not paying for patents
Wikipedia disagrees, and offers (by Wikipedian standards) fairly good evidence. I suppose you can reasonably debate when the idea of a patent became a real "thing" independent of the whims of the monarch. One can certainly make the case that "Rule of Law" only became real in England after the Civil War, which doesn't pre-date the Englightenment by much. Still, the idea that it was in the state's interest to protect inventors, is certainly Medieval.
Re: "So glad I'm over 40, and won't live..."
Planning on dying young, are we? Coz the Luddites have us on a pretty steep trajectory. 30 more years of this and there won't be any major infrastructure left. Your power plants have a finite lifespan and aren't being replaced. Any wealth that might be fed into repairs (let alone growth) is being diverted up the noses of special interest groups or into white elephant projects that showcase some exciting new technology that (it turns out) isn't quite ready for prime-time yet and won't be cost-effective even when it is.
"And isn't nuclear on the way?"
Not in the UK, where EdF has realised that "fear of the light going out on their watch" means that politicians can be offered take-it-or-leave-it contracts with 40-years price guarantees waaaay in excess of any likely market rate. The last I heard, Mr Osborne has opted to "leave it" but that only means we'll have no nuclear power.
Right now, your best bet is probably that ITER will prove to be expectedly simple and effective. (So don't hold your breath then.)
"So, in the interest of prior art..."
"...we invite El Reg readers to tell us [...] in the hope that [...] making it public here will significantly increase the chance of you one day getting to use it."
Sorry, but prior art no longer counts under the US rules. It's "first to file" over there, not "first to invent". This is one of the reasons why the system stopped working 20 years ago. (The other being that the US also disregard "obviousness".)
The US no longer checks for either of the key principles (novelty and non-obviousness) that were the bedrock of the international treaties that set up the system. The system will remain broken until the rest of the world recognises that the US voluntarily withdrew from the system 20 years ago and so no patent granted in the US since then has been valid outside the US. Sorry, my American friends, but a deal is a deal and you can't expect others to uphold their side (honour your patents) after you renege on your side (checking them properly).