* Posts by h4rm0ny

4544 posts • joined 26 Jul 2008

Microsoft and NYPD install big data crime-fighting system

h4rm0ny
Silver badge

Re: Quis custodiet ipsos custodes?

"Ooh, look you've read Watchmen. The point of the phrase is that it's targeted at vigilantes, police, by definition, are watched by the state."

Actually, the latin is attributed to Juvenal and traditionally always been about political corruption - i.e. who shall make sure the the police obey the law? You've almost entirely inverted the original intent by saying it refers to vigilantes. The film Watchmen might (don't know) but the latin quote isn't from there unless they repeated it.

2
0
h4rm0ny
Silver badge
Joke

Re: A reprieve of sorts

At least it's not Google. The police would just have to look for anyone whose targeted ads were knives and balaclavas.

0
1

Valve opens Steam store to non-gaming software

h4rm0ny
Silver badge

@Richto

"Well at least they might make some money out of this instead of wasting resources porting stuff to Linux that no one but a tiny herd of nerds will ever use..."

Are you the new BIG DUMB GUY? You showed up about a month ago and almost every post you make is a put down of Linux. They're not even supported or show any great knowledge of Linux. You're such an obvious troll just trying to stoke up anger and create rifts between users of different operating systems. I mean are you hoping that someone will think you're a MS employee or something and storm Redmond? You read like an eight year old in your slavish and ill-informed bias.

And I'm a well-noted Windows-fan in these parts! But you know, an actual one who respects the amount of work that goes into any modern OS, not an idiot troll trying to stir up factionalism. Just sit down and shut up.

32
2

French minister: 3 strikes anti-piracy rule a 'waste of money'

h4rm0ny
Silver badge

Re: Against human rights.

"You can and you should."

No, you shouldn't. Or have you just completely thrown out that punishment should be proportionate to the crime? Someone pirates goods, then a proportionate punishment is to charge them for the cost of what they have stolen, plus a fine so that there is a discincentive to just stealing whatever it is you would buy otherwise. If people distribute your goods, then a greater punishment is likely appropriate. But cutting them off from social interaction for piracy, making it difficult for them to work or participate in education? How is that an approrpriate response?

3
0
h4rm0ny
Silver badge

Against human rights.

You can punish people for piracy, but you can't cut off Internet access as a punishment. Ignoring the issue of that being near unenforceable outside of prison, it is fundamentally wrong. So much of learning, cultural interaction and communication with friends, family, work has moved onto the Internet now, that you'd effectively be branding a big "PARIAH" sign onto the person. You'd be making it hard for them work, to interact with others.... They wouldn't even be able to use most modern phones!

5
1

Microsoft offers alternative Lync-like web chat spec to W3C

h4rm0ny
Silver badge

Re: What Opera said...

OOXML is a monster-bastard of a specification though. (As is ODF). OOXML spec runs to well over ten thousand pages (iirc). This draft comes to (I am guestimating from a scrolling web-page without page breaks), about twenty pages? The latter is obviously going to be orders of magnitude easier to conform to by any party. I can't see any reason why it would be a problem. And it's not like MS would have any unilateral power to change an accepted spec any more than anyone else would.

"MS learned a long time ago that if you have the wherewithal you can ram through your chosen option regardless of whether it is the best choice for the wider community."

This is why I posted links to the specifications - so that people could form judgements based on technical merit, which is after all what matters. I presume that given the spec would be equally implementable by all, that you would want the one that is best technically to be adopted. So basically, have you looked through them yet?

Or alternately, you're reassured by W3C's long history of consistency, never having partial specifications and developing standards long before industry gives up and just starts doing its own thing in frustration. ;)

1
0
h4rm0ny
Silver badge

Re: Hold fire on the hate....

I linked to the drafts below - you sound like someone who will understand the details in them. But I think anyone with a reasonably good IT background can get a feel from both of them. Compare equivalent snippets of the security handling between the two documents:

Draft X

interface CertificateInformation {

static CertificateInformation getLocalCertificate ();

readonly attribute ArrayBuffer certificate;

readonly attribute DOMString subject;

readonly attribute CertificateFingerprints fingerprint;

};

dictionary SrtpSecurityDescription {

DOMString encrypt = "AES-CM";

boolean encryptRtp = true;

boolean encryptRtcp = true;

unsigned short keystreamPrefix = 0;

DOMString authenticate = "HMAC-SHA1";

unsigned short n_a = 160;

unsigned short n_tag = 80;

DOMString keyDerivation = "AES-CM";

unsigned long keyDerivationInterval = 0;

ArrayBuffer key;

ArrayBuffer salt;

unsigned long? windowSizeHint;

unsigned long long rtpPacketCount = 281474976710656;

unsigned long long rtcpPacketCount = 2147483648;

ArrayBuffer? mki;

};

Applications that establish peer-to-peer transports require that the IP addresses of a peer are signaled to the remote peer. This can pose a privacy exposure even though an IP address can only be loosely correlated with a person. For instance, it is possible to use IP addresses to determine the physical location of a person.

In some applications, establishing a peer-to-peer transport occurs prior to establishing user consent for the session. This can be necessary to remove the delays associated with transport setup that might otherwise occur after session acceptance. Exposing IP address information prior to acceptance provides the initiator of the session a way to collect the IP address of even an unwilling peer.

Applications are encouraged to only signal relay ports prior to gaining explicit consent from users.

End Draft X

Draft Y

To Do: Discuss privacy aspects of this from a finger printing point of view - it's probably around as bad as access to a canvas :-)

End Draft Y

The second one simply doesn't have a lot of what the first example has. It shuffles the whole area off elsewhere as far as I can see - and holes in a specification lead to fragmentation.

0
0
h4rm0ny
Silver badge

What Opera said...

"We look forward to assessing it on its technical merits."

Whichever is the best protocol wins, imo. It's not as if any of us already have existing VoIP built into our web-browsers already and would have to shift.

The two current specifications are here so people can make informed judgements rather than knee-jerk.

MS Design

RTC Draft

If we go with something inadequate at this stage, it will lead to far greater fragmentation down the road if people have to produce their own work-arounds or alternates.

4
0

Doctor Who to unwrap new sidekick in Christmas TV special

h4rm0ny
Silver badge

Re: Daleks?

"How is it down to budget? They've already made a whole bunch of Tellytubby Daleks"

They made five - one of each colour. They had to destroy two of them to create the stone Daleks in Pandorica Opens / Big Bang which leaves four. I presume they have more of the old ones. That's all I know anyway - I just read a news story saying that with how tight the budgets are in the BBC now, they had to go back to the old ones if they wanted to do them again any time soon.

0
0
h4rm0ny
Silver badge

Re: Daleks?

No - it's a bad thing. I liked the big colourful Daleks.

But apparently the decision was more to do with budget than anything else. Personally I'm just saddened to see them back. I like the Daleks, but under RTD they just got silly. One Dalek was a deadly threat. Then you got five Daleks and they were more easily dealt with. Then you got hundreds of Daleks and they were barely a threat. Then you got millions of Daleks and they were dispatched by the thousand. The more Daleks you got, the less deadly they became.

I'll retract my opinion if they actually become scary again, but I fear more RTD-style "Daleks are scary because I tell you they are, even though they never achieve anything".

8
2

Apple: Samsung was in 'crisis' over our iPhone awesomeness

h4rm0ny
Silver badge

Re: Conflation

Those are interesting images. The packaging certainly looks very similar to Apples. But then Apple's design motif is very minimalist. It's a white box with a picture of the product on the front. If Apple had a swirly circle and line design and Samsung did the same, it would be easy to sue. But it's a white box - can you really patent minimalism? And it's just packaging. Are Apple really able to sue because the box that the device comes in is similar? Are they arguing that the box is a significant part of the purchasing decision? Similarly, the advert looks very similar, but it's again minimalist, no different to any number of perfume ads or other products. And again, are they suing over the product being similar or for doing similar marketing material?

The cable interfaces are ridiculous to sue over. USB is a standard interface. Are Samsung expected to stick spikes on the plug or something to make it look different? The speaker looks like a rip-off.

Taken individually, none of these convince me. Taken in aggregate it builds to a picture of some influence, but that influence seems to be mainly in the area of packaging and marketing, rather than the actual device. I wasn't aware that Apple were suing over similar marketing rather than purely about the device. I think it's a pretty weak basis for a claim by Apple and I'm not really convinced suiing has an ethical basis here as I'm not 100% convinced that similarity of packaging or ads are a legitimate basis.

2
2

Microsoft's Office 2013 app-maker cloud drenches developers

h4rm0ny
Silver badge

Re: @h4rm0ny

"You speak of sandboxing as if it is a good thing. It can be; but sandboxing Office apps. takes away a major functionality aspect."

Well, I think you have taken my term sandboxed in too strong a way. You should really go and read the blog post in the article and the link from there to the developers' guide for this which gives a lot more detail than I can here. The runtime is sandboxed. So it can't go running away with your processor, can't muck around with other processes or use any old DLL however it likes as VBA apps could. The application can only (so far as I understand it) communicate with Office via a Javascript API they have written. But I think that's less limiting than you realise. Regarding your specific example:

"For example; in my Office 2010 I have a lot of address information stored in Outlook. Whenever I need to write a letter I use a Word template (VBA) which then accesses the address list in Outlook to retrieve the contact information I need"

From my reading of this, there's no reason you can't do this. I think you are thinking that an app gets embedded in a document or spreadsheet and is then sandboxed within and thus cannot get the information from Outlook's address book into your Word template. Correct?

What you (or a developer creating such an App) would do, would be create a "manifest" file, which is a description of the application in terms of what it can and cannot do, and when you installed the application, you'd be able to review these permissions and check they were what you wanted the App to have access to. The Manifest file also shows when and where the application shows up. So you could make it an App inside Outlook if you wanted (or in Word if you preferred), and when you ran it, assuming it had the right set of permissions, it would be fine to read addresses from Outlook, find the appropriate template and create your letters. You might find this interesting as it goes into how the permissions break down. Check out the diagram about 3/4 the way down. As you can see it's possible to give or withhold permissions in a far more sophisticated and elegant way than was possible with chunks of VBA or DLLs. That page is specific to Outlook but it will give you a good idea.

"And there's plenty more where that came from. Searching OneNote information and being able to setup stats in an Excel sheet. Going through all the Word documents marked as "bill" on my system from Excel, when identified it grabs information from the document such as payments and tax and such. All data is then put into a graph which helps me keep an (easy) overview of company revenue."

There's nothing in there that I think shouldn't be just as possible with the new system. But you'll be able to lock it down in ways that you cannot with VBA. When I mentioned sandboxing, I was primarily talking about a sandboxed runtime, though of course it also sandboxes what data sources it can communicate with based on the manifest file. E.g. if when you install it the manifest file says it can only talk to server.mycompany.com, then that's all it can talk to. It can't go off and talk to server.myrival.com.

"Office was build for interaction... If they need to sandbox the whole thing online then my conclusion would be that MS Office wasn't build for this."

Honestly, I think you should probably take a few hours to read through some of how Office 2013 and Win8 are set up for development. You obviously have a lot of experience and can put together a good argument. But I genuinely think you haven't actually read through these documents as you have some significant misconceptions about some of these things. Don't rely on El Reg for detailed analysis of this stuff, judge it for yourself!

2
1
h4rm0ny
Silver badge

Well it's sandboxed code which is more than can be said for plugging most VBA applications into your system. The "Cloud" can also be your own servers. I don't imagine many big companies will be using SkyDrive for their storage. The Javascript is because you can use HTML5 + JQuery for the UI which is probably nicer and easier to develop with than all those VB-style forms. There's a lot more expertise floating around for GUI design in web applications than there is in VBA. It's probably less likely to be exploitable for malware / spyware as you suggest because unlike some VBA-based plugin you install, this doesn't need to install or modify DLLs or other system files. It's a lot more than "post a form using HTML GET from my spreadsheet."

0
1

Microsoft Surface slate: Acer, resellers predict a riot

h4rm0ny
Silver badge

Re: Whatever is bad for Microsoft is good for everyone else.

Richto - you keep posting these sorts of comments. Linux is an impressively secure operating system. I don't know whether it is slightly better or slightly worse than Windows 7, but last time I checked they were comparable. Most security failures result from user behaviour or bad configuration, not failures in the software. And that is true of both Windows and Linux. Windows 7 is a good operating system. So is 8 in my opinion. I'm very enthusiastic about both. But lets also have a little respect for Linux. It is perfectly allowable that both can be good. Operating Systems are not football teams.

6
0
h4rm0ny
Silver badge

Re: They're going to cost too much

"So I think Microsoft could be in trouble. The high end tablet is desirable but too expensive. The low end tablet is gimped and probably expensive too."

I'm probably going to buy one (you can probably guess that from my enthusiastic posts ;), but I've been putting off buying a new machine for a while (trying to land on the right side of the next technology push). If you consider it more costly than it is worth for you, it may still be a good thing because it will almost certainly encourage other manufacturers to produce similar machines that are cheaper. I think MS are making this as a reference machine for others to follow.

1
1
h4rm0ny
Silver badge

Re: Whilst one can of course have various opinions about both the new os and............

Acer have the most to worry about. You don't see Toshiba or Lenovo getting all panicky about a new entrant to the market.

2
2
h4rm0ny
Silver badge

Re: "we may sell a few million, I don't know how many"

"Dear God Almighty. A multi-billion dollar corporate CEO actually dares to come out with a statement like that? Can you ever imagine Gates, Jobs or anyone else saying such a crass thing?"

Sounds pretty much perfect as a threat, to be honest. If the other manufacturers don't start producing better quality products, they'll just order another million. And they'll keep doing it until better quality hardware for Win8 appears. In this scenario you don't want to give a hard number, you want to keep it open ended as all good threats should be.

2
1
h4rm0ny
Silver badge

Re: Let them riot

The following quote from Acer made me laugh: "It is not something you are good at, so please think twice"

Acer wouldn't object if the Surface was a worse product than their own. They're more concerned about it being better. Statements from MS about "we might sell a few million" and that they'll only be selling them directly, not through the "channel" begin to point more strongly toward the Surface being a tool to make manufacturers up their game, rather than an actual plan to enter the hardware market in a large capacity. I'm well in favour of that - if MS can get the others to up their game, that's a great thing, imo.

5
2

Why women won't apply for IT jobs

h4rm0ny
Silver badge

Re: seen job adds lately ?

"Dear women, if you really do want a career in IT, and if people like me really do make the industry so women-unfriendly, feel free to push your way through ... IT is a ruthless industry, no matter who you are; the weak and fickle need not apply."

It is better to choose people on the basis of their technical ability than their ability to deal with aggressive people because their technical ability is ultimately what you want from them. If you find that the environment makes something unrelated to technical ability a factor - e.g. ability to put up with prejudice, then better to change the environment so that it is no longer a factor. Do you really think it is efficient to filter out technically gifted applicants because they don't want to put up with sexual inequality or prejudice?

8
3
h4rm0ny
Silver badge

Re: I must of missed

"If women want to work in IT there is nothing stopping them and if there is and it is nothing to do with ability to do the job then that needs to be addressed "

There is certainly something. The farther East you go (India, Eastern Europe), the more sex ratios in IT balance out. In India, programmers are apparently around 50:50 in balance of the sexes. Which pretty much rules out biological differences and puts the blame on culture.

10
2

Microsoft opens app store for Office 2013

h4rm0ny
Silver badge

Re: Do other than sales and marketing types use Office?

"Yet more from you? Obvious Microsoft shill. Do fuck off and let us enjoy our moaning that something else is about to be monetized."

Sorry. My bad.

0
0
h4rm0ny
Silver badge

Re: Do other than sales and marketing types use Office?

Yes. Most of the corporate world uses Office. You can do a huge amount more with Office than you can with Google Apps, both in terms of pure functionality and in terms of locking down data, rolling it out and maintaining it.

Particularly those that do not want to hand all their data over to a company that has a business model based around data mining and selling you to advertisers. Take a look at the file permissions system in Server 2012. It's not exclusive to Office, but it will give you an idea of the sort of thing that appeals to many big businesses in having an MS infrastructure. You can DRM files to be accessible only by certain machines, user accounts, geographical locations or when on a particular VPN. It can even run regular expressions on documents so that any spreadsheet with a Social Security Number or a document with a particular keyword gets automatically locked down. And that integrates with SharePoint which integrates with Office 2013. I'm not really an expert in Office - there are a lot of other use-cases - but this is one that I care about which would not be possible so far as I know with Google Apps. (aside from my preferring the interface in Office 2013).

0
2
h4rm0ny
Silver badge

Re: web applications that are hosted within Word, Excel, and the other Office component,

"What could possibly go wrong?"

Less than it used to. Would you rather great chunks of dubious third-party VBA code that have wide-ranging access running under your user account, or would you prefer sand-boxed plug-in web-applications that observe things like the same-origin policy, have a unified approach to installing and uninstalling all apps, no ability (or need) to install or modify DLLs, managed interaction with the user's UI rather than throwing up Modal windows wherever it wants. In fact, a unified GUI system for all applications based on HTML5 and JQuery. It's nice stuff. Even isolated for performance purposes so that it can't just run away with your system resources anymore. Seriously, the neophobia around here is getting out of control.

2
4
h4rm0ny
Silver badge

Re: The era of commercialisation hath begun...

"I mean; Office 2010. I fire up Word, and I want to start a new document, say a contract. I simply select new document, go to the templates section and from there I can search a whole collection of templates straight from office.com"

I'm not sure how you're finding that to be different in Office 2013. I have the preview running on Windows 8 and the first thing that happens when I start Word is I get a large page of templates with big colourful previews so I can see what they look like. On the left is a list of my recent documents and a link to browse for other documents. Additionally, along the top is a search box to search through online templates and a menu offering further categories such as Letters, Labels, Cards...

So it sounds like you actually still have everything you just asked about right on the opening screen for Word. None of this has suddenly shifted to being a pay model in Office 2013.

"I hope we do realize the risk here... Its not unimaginable that Microsoft will simply provide less software and features themselves, and let the gaps be filled in by (paying!) 3rd parties. So effectively getting customers to pay more while they actually get less."

That may happen, but the point is that there is no evidence of it and no change toward it in 2013. The introduction of an Office store is a good thing. Firstly, it provides a central way for makers of Office plugins to market and sell their goods, encouraging developers to produce them, especially small developers who would struggle to self-market and sell add-ons and greater ability to know they wont get ripped off. Secondly, it provides greater security for us the user because we have a central system where we can see add-ons are signed and see reviews on it, we can be sure if it is updated we know about and get that update, we can search for what we need in a central place. Basically, win-win for developers and users.

1
4

Microsoft upping Office 365 fees for resellers AGAIN

h4rm0ny
Silver badge

Re: Would *anybody* trust their business to the cloud ?

Not me. I will be using Office 2013, but I'll be setting up our own Server 2012 for our "cloud". We'll get the same benefits but all data will be under our control and in Europe.

2
0

AMD borrows $300m to fill war chest

h4rm0ny
Silver badge

It doesn't make sense. But our financial markets are obsessed with immediate payout based on changes in value, rather than actual value.

0
0

France's biggest Apple reseller shuts up shop

h4rm0ny
Silver badge

Re: "Pomme de discorde".

That was the first thing that I thought of when I saw the name. I wonder if they have 23 members and I wonder exactly what sort of revenge they might take?

0
0

Microsoft tightens grip on OEM Windows 8 licensing

h4rm0ny
Silver badge
Pint

Re: You know, I keep seeing you posting the above...

I'm really sorry. I may have made a mistake with your username. I have repeatedly read from posters here that you wont be able to install Linux on PCs that Windows 8 comes on. I must have posted polite corrections on that at least five, maybe six times now. And yet, people still keep posting this. I've even linked to the actual hardware requirements and highlighted the relevant parts, but the factoid seems to popular to kill.

I saw your post, I recognized your username and thought you were the same person who I had politely corrected last time. At which point I went and lost the polite part.

I'm really sorry. Based on your reaction, I must have misremembered the username. I apologise unreservedly. Even if I'd got the right user, my tone would have been out of character for me. You called me a "fellow Microsoft admirer" - ironically I actually spend more time on Linux than I do Windows (though increasingly via a VM). But the endless biased bashing of what I see as really good moves and work by MS has really done my head in. This place gets more like Slashdot every day. Different tastes are one thing, but actual factual errors that are easily checked are being trotted out repeatedly to bash MS and I just can't see how people can rationalise that to themselves. I saw your post and thought you were someone else (they'd previously asked me for proof about Secure Boot which I'd provided via the actual hardware requirements document) and flipped.

As I say, even if I'd got the right person, I should have stepped away from the computer first.

Beer, because I owe you one. Sorry. :(

1
0
h4rm0ny
Silver badge

Re: Well you are overlooking something

"No, "Secure Boot" makes no difference to LInux security, just as it makes no difference to Windows security. And for the same reasons."

There are actual attacks now found in the wild in which malware attempts to subvert the boot process. By attacking at this level before other secuity measures kick in, a machine can be compromised. Security software that runs at the OS level can't stop something that kicks in during the boot process, which is why Secure Boot is introduced because it can. Ubuntu are also implementing this, though they are going to route of making their own key.

I'm sure you understand the aim of Secure Boot and what it does, so why do you say that it makes no difference? I am interested.

1
0
h4rm0ny
Silver badge

Re: Well you are overlooking something

"If you think using a MS server to validate your Linux key is a good thing then you do not understand Linux at all."

Thanks, but I've been using Linux for a long time (at least since 1997 as I remember installing SuSE Linux 4.4). There is nothing to stop Fedora, Ubuntu or a group of Linux distributions together, managing their own key. In fact, Red Hat looked into exactly that. But they found that it would cost millions to manage the infrastructure, keep an eye on what the different parties that wanted to submit things were asking them to sign, etc. So they decided to just buy a key from Microsoft because it was cheaper. There's no inherent difference in getting the key from MS. It doesn't give MS some kind of control over Linux. No more than if I buy a digital certificate from Verisign instead of setting up and promoting my own CA gives Verisign control of me. If I ever wanted to, I could go back to doing it myself or get one from someone else.

You say I don't "understand Linux". With respect, I've been using and programming on Linux for well over a decade long before all these pre-compiled distros were flying around. With respect, I think it's you who do not understand what signing the OS means. It's a good thing. If Fedora's distro cannot load unsigned code, that is inherently more secure than if it can. That's what the secure boot process is all about and why it exists.

2
0
h4rm0ny
Silver badge

Re: Well you are overlooking something

What Fedora are doing is actually a good thing, imo. The registration fee for a new key is trivial (US$99). What is significant is changing the kernel so that only signed modules can be run. That significantly increases security. Secure Boot makes Linux more secure just as it does Windows and for the same reasons. I expect to see Ubuntu follow suit sooner or later. I would actually prefer that they do it sooner as it makes everything more secure.

1
0
h4rm0ny
Silver badge

Re: @plashbios - Will not be buying win 8..

"Phone MS, got that. Get a reply, especially an intelligent/useful reply that's another story."

When I need to call to reactivate an OS, it took under five minutes. Called, explained why I needed it, they gave me a new code. That was some time ago though. For the past few years, I've never needed to call them - I just activate online.

1
0
h4rm0ny
Silver badge

Re: building it yourself just isn't an option.

"That's my understanding too - but I just tried to find a statement to that effect on Microsoft's web site. I failed... Got any current links?"

I actually do, because someone asked for actual links on this site before. I've highlighted the relevant parts.

You can find the MS hardware certification requirements on their website. Here is a link to the PDF of them: MS Hardware Certification Requirements

I'm just going to copy and paste this from the last time I was asked to back up my statement (though why people are so keen to tell others that PCs are locked down, I have no idea):

"If you skip down to the section on UEFISecureBoot (begins on page 118) it is covered in this section. As per usual, when you actually get into the detail it's more complicated, but the summary version that it is a requirement to be able to disable secure Boot on x86 is correct. Relevant passages below:

"17. Mandatory. On non-ARM systems, the platform MUST implement the ability for a physically present user to select between two Secure Boot modes in firmware setup: "Custom" and "Standard". Custom Mode allows for more flexibility as specified in the following:

a. It shall be possible for a physically present user to use the Custom Mode firmware setup option to modify the contents of the Secure Boot signature databases and the PK. This may be implemented by simply providing the option to clear all Secure Boot databases (PK, KEK, db, dbx), which puts the system into setup mode.

b. If the user ends up deleting the PK then, upon exiting the Custom Mode firmware setup, the system is operating in Setup Mode with SecureBoot turned off.

c. The firmware setup shall indicate if Secure Boot is turned on, and if it is operated in Standard or Custom Mode. The firmware setup must provide an option to return from Custom to Standard Mode which restores the factory defaults.On an ARM system, it is forbidden to enable Custom Mode. Only Standard Mode may be enabled.

18. Mandatory. Enable/Disable Secure Boot. On non-ARM systems, it is required to implement the ability to disable Secure Boot via firmware setup. A physically present user must be allowed to disable Secure Boot via firmware setup without possession of PKpriv. A Windows Server may also disable Secure Boot remotely using a strongly authenticated (preferably public-key based) out-of-band management connection, such as to a baseboard management controller or service processor. Programmatic disabling of Secure Boot either during Boot Services or after exiting EFI Boot Services MUST NOT be possible. Disabling Secure Boot must not be possible on ARM systems."

3
0
h4rm0ny
Silver badge

Re: building it yourself just isn't an option.

"Vic, you have a point but we're talking about Linux here and how MS are going to lock non-MS OSes out on shop-bought PCs, so I reckon full DIY will suddenly become rather attractive!"

You know, I keep seeing you posting the above and I keep posting polite corrections. I have to start wondering why you prefer to keep repeating the false information when you must know it's not correct. PCs - i.e. x86 computers are not "locked", you can install a non-MS software on them just as you always could. It's part of the requirements to get the Windows 8 certification that a physically present user be able to disable this. ARM devices that WindowsRT will run on are not "PCs" any more than an iPad is a PC.

So direct question to you because I recognize your username - why are you knowingly posting incorrect information when it's been pointed out to you as wrong multiple times. How do you rationalize dishonesty? Do you think that you are spreading misinformation in a "good cause" some how?

1
4
h4rm0ny
Silver badge

Re: End of the world.

"At least Windows has far fewer security vulnerabilities than OS-X or Linux. Just imagine if either of those were market leader - everyone would be hacked to shreds."

Okay. I'm calling this right now. You are either a strong Linux advocate pretending to be a Windows fanperson in order to false-flag and make those who like Windows sound stupid, or you are hopelessly biased to the point of blindness. Linux and Windows 7 have comparable security models and comparable numbers of vulnerabilities found and patched. You're basically trying to attack what you see as the Windows camp, by posting incorrect and offensive remarks on behalf of it. Linux security is not perfect, but nor is Windows. Most security problems are the result of user mistakes / irresponsibility - not the software.

3
2
h4rm0ny
Silver badge

Re: Will not be buying win 8..

MS have stated that you'll be able to do a clean install, you wont have to install Win7 and then use an upgrade process to reach 8. You just need a valid Win7 licence key apparently.

1
0

Climate change behind extreme weather, says NASA

h4rm0ny
Silver badge

Re: Hush, now.

"The article was wtitten by James Hansen, you can take it as read that when he refers to Climate Change he is referring to human-caused climate change"

Which unfortunately makes debate more confusing. Maybe it's not deliberate, but it has the effect of making what he says hard to argue with, because the way he phrases is it (as well as being a tautology) makes it sound as if anyone who disagrees with him disagrees that the climate changes, which is far from the case. It's like the "have you stopped beating your wife" sort of debating trick - slow your critics up and force them to start explaining something they shouldn't have to explain.

5
1
h4rm0ny
Silver badge

Re: Hush, now.

But the climate is changing all the time anyway. If we have more "extreme" weather now than we did before, that is "climate change" because it is a change in the climate. It's a circular argument.

Did they mean to say it is a result of Anthropogenic Global Warming (i.e. human caused increase in mean global temperature) instead of a result of "climate change". Because saying the latter is both meaningless and a kind of implicit strawmanning of AGW-skeptics by implying our position is that the climate never changes, which is not the position of any except a ill-educated fringe at all.

14
0

Valve: Games run FASTER on Linux than Windows

h4rm0ny
Silver badge

Re: "Linux driver support is way inferior to Windows."

"OK, well we can start with There is no iTunes driver from Apple, no way of updating Windows Phones, No Direct X 11.1"

I'm not sure what an "iTunes driver" would be. iTunes is a program, not a piece of hardware that required a driver in any accepted sense of the word. (And incidentally, I did get iTunes running on Debian a long time ago - took me about four hours). Similarly, whilst it's true that there's no way of updating a Windows Phone on Linux (that I'm aware of), you cannot blame Linux for the lack of it - that's a lack on MS's part there! Actually, so is the DirectX 11.1, I would think.

"I'm bored already"

Really, it's pretty easy to find a substantial list of things that are problematic on either platform. But given that Windows is the more common platform by far and so manufacturers are far more motivated to write drivers for it than for Linux, it's a testament to Linux that it has as excellent and comprehensive support as it does!

6
0
h4rm0ny
Silver badge

Re: Am I missing something...

"Why has valve got its knickers in a twist about the Windows Apps Store? Surely their marketplace content could just be accessed via a FREE downloadable app which connects to their own marketplace?"

I'm not sure that a Metro app would be able to install other Metro apps, but it's not necessary anyway. You can still install software on Windows 8 without using the Marketplace. It's WindowsRT that is more limited and (unless I'm wrong), Valve are not selling games to ARM-based platforms - those are low-powered things much less suitable for playing graphics-intense games on.

The reason Valve is going mental over the Marketplace is not because they would be forced to use it (maybe in the future, but I doubt for a long time), but because it competes with them. Steam is a way of selling software securely (i.e. customer knows what they're getting, seller knows there's some DRM protection). So is Marketplace. If you have Marketplace, maybe you don't need Steam.

"Also, where are the stats of running their game on W8, especially since it is supposed to have many performance improvements over W7, including graphics enhancements."

If they'd compared it on Windows 8, I doubt it would have looked nearly as good for OpenGL. Not that I'm criticizing OpenGL, but the version of DirectX they tested it on is (a) the version before the latest one (the latest one DirectX11.1 came out in February and is also the default in Windows 8 and apparently has significant performance improvements); and (b) it's not exactly a rigorous scientific test. They are apparently only using the functionality from DirectX 9 (a few version behind the latest - it's an old game) and the result of their test, if we're being complete here, is not that OpenGL is faster than DirectX (it may be, it may not be), but that they were able to get it faster than DirectX. They apparently tweaked a lot of code to get there and I doubt they did the same for DirectX as it is obvious that Valve are very far from unbiased.

So it's an interesting report, but not complete.

2
1
h4rm0ny
Silver badge

Re: cor

Maybe it does, maybe it doesn't. It seems that Valve were comparing the latest available OpenGL with a DirectX version well over a year old (11.1 is the new version and is in Windows 8 - apparently has a lot of performance improvements after a year of refinement). But your linked video is not very strong evidence, I'm afraid to say. Something more formal is needed than judging by eye if one stutters a little.

3
0
h4rm0ny
Silver badge

Re: GL faster than DX

Agree with most of the above, but I think a single dedicated distribution would be inviting a lot of extra work (not just creating, but maintaining) for very little benefit and some downsides. If you created a single new Linux distribution that played games you would effectlvely kill off any other distro outside the serious server space - so Redhat and Debian would keep on rolling, Ubuntu would take a body blow that it might never recover from. So it would be bad for the Linux ecosystem, imo.

Any DRM system for Linux would be operating at the Kernel layer. So why not have it go into all distros? You'd need something that all different package managers could plug into, but that's actually a lot less hard than the DRM system itself.

So basically yes - it would be wrong to just give Ubuntu an advantage. But making a new distribution that was the only one with good games support would be the same situation but with $distribution rather than Ubuntu.

1
0

How one bad algorithm cost traders $440m

h4rm0ny
Silver badge

Somewhere, someone, is feeling awful right now.

They probably think, if they'd just set some config variable or added some check, and that it's all their fault. I wonder how they will choose to respond? Will they tear themselves apart, will they blame others (rightly or wrongly), will they shrug and say that it's just money? I wonder.

1
0

Apple 'wanted to stuff Twitter with dollars' to fill iTunes with twits

h4rm0ny
Silver badge

But with Google I can't stop them mining my data. With Windows I just have to not link it to a Facebook or Twitter profile.

2
0

Microsoft dumps Metro from Windows 8

h4rm0ny
Silver badge

ExMetro

They should call it "ExMetro". Short, still to the point and everyone knows what it refers to. Shows an ability to show good humour too.

MS - you totally have my permission to use this. Call it "ExMetro". It's what lots of people will call it anyway.

0
2
h4rm0ny
Silver badge

Re: how long has WinPhone been shipping with Metro?

WP7 interface was never called Metro officially - that's always been the GUI for WIn8. It's just that many kept calling it 'Metro' because of the tiles. Incorrectly really as FKAM is also the APIs and other features that weren't in WP7.

1
2
h4rm0ny
Silver badge

Re: They should do it the Apple way...

"From reports elsewhere, it appears it is a German cash & carry outfit that are complaining about it."

But surely trademarks have to be in the same area? I.e. you can have Apple the music label and Apple the computer maker, because they're not (at the time, anyway) overlapping. How can a "cash & carry" (that means a shop, btw?) be overlapping with a O/S GUI?

7
0

HP and Dell to 'unveil Windows RT slabs in October'

h4rm0ny
Silver badge

Re: Interesting, but too little too late.

I agree with your whole post but can't quite bring myself to mod up anything that uses the term "iSheep".

2
1
h4rm0ny
Silver badge

Re: Not an iPad.

"Err the RT doesn't come with a keyboard, it's a add on case."

Both versions of the Surface, the ARM and the x86 version, come with keyboards. Possibly you are getting confused with the Stylus which only comes with the Pro (x86) version.

0
0

Microsoft unleashes Windows attack tool

h4rm0ny
Silver badge

Re: CRITICAL SECURITY ISSUE: Windows located on computer

"Not that I'm calling you an idiot or anything"

Because that would be rude. ;)

"if you visited http://web.nvd.nist.gov and searched for Linux in the vulnerability database and then searched for Windows you might come to your own conclusions about idiocy..."

Just did a search on "Linux" and "Windows" exactly as asked, for the last three months to get an up to date feel for things. Got 119 results for Linux, 143 for Windows. They look in the same sort of region to me. But I suppose it is a small difference so you're right, I guess. MS are indeed better at finding and identifying vulnerabilities than Linux.

Do you see how statistics are dangerous without examination? I'm not even saying that the above interpretation is right, I'm just saying that without careful examination, the simplisitic search doesn't show what you want it to say, and it most certainly doesn't counter my own point which was that the vast majority of security failures are due to the user, not the software and that this is true of Linux, Windows or Mac.

4
0

Forums

Biting the hand that feeds IT © 1998–2018