“A few days’ testing of Windows 7 has already disclosed some draconian DRM, some of it unrelated to media files. A legitimate copy of Photoshop CS4 stopped functioning after we clobbered a nagging registration screen by replacing a DLL with a hacked version. With regard to media files, the days of capturing an audio program on your PC seem to be over (if the program originated on that PC). The inputs of your sound card are severely degraded in software if the card is also playing an audio program (tested here with Grooveshark). This may be the tip of the iceberg. Being in bed with the RIAA is bad enough, but locking your own files away from you is a tactic so outrageous it may kill the OS for many persons. Many users will not want to experiment with a second sound card or computer just to record from online sources, or boot up under a Linux that supports ntfs-3g just to control their files.”
I’ve found it strange how (almost) all media around the intertubes has been “in love” with Windows 7 which is just Windows Vista slightly decrapified and slightly optimized – coming out 3 years after Vista first came out. The whole thing seems to be a success story in lowering expectations.
This whole DRM thing is the first big mainstream negative piece about Windows 7. Hopefully, the first of many.
And in case you missed it when it first went around the blogosphere: Is it Windows 7 or KDE 4?
In this video, we take to Sydney’s streets to find out what people think of what they think is a Windows 7 demonstration. The net result? Mainly, people just didn’t like Vista.
There is no easy way to create application shortcuts (a shortcut to an application that may or may not have arguments). It’s extremely easy to do in Windows and Ubuntu (<your-favorite-nix/linux-distro>) but not in OSX.
I’m sure that as usual, some idiot apple zealot (sorry for the pleonasm) is going to try (yeah try, comments moderated but they still try) to post a comment saying how that’s a good (great) thing, Steve Jobs is a genius and I’m dumb for not knowing that it’s such a good thing or even knowing what a shortcut is (like when I posted about the iPhone lacking a SDK and guess what? It will get one – in your face zealot ).
Back in January I said that I believed Windows Vista would be “usable” in a year’s time or so. After 8 months without any real progress towards that goal (I tried Vista again), I no longer believe that will be the case. I know SP1 will eventually come out but I doubt it can fix something that broken. Instead, maybe by SP2 Vista will be more or less fixed.
So umm if you’re not a gamer and/or don’t really need DX10, it’s probably a good idea to stay away from Vista until 2009 at least (and no guarantees it will be usable by then).
Posted: April 10th, 2007 | Author:lrei | Filed under: Uncategorized | Tags:freedom, html, News, Slashdot | Comments Off
The Internet is a funny place indeed. It’s filled with trolls and self righteous idiots who like to argue with each other pointlessly. Both of each often delusional to the point of thinking themselves important people…
Today on slashdot: Bloggers Propose Code of Conduct. Did I mention these people have a lot of free time on their hands? This has to be among the most stupid thing I’ve ever heard. In Internet speak: WTFLOLBBQ?!? Yeah I know it makes no sense but it is clearly called for.
Some people (or just one person, who knows) made a anonymous comments insulting and threatening some random blogger I never heard off. If you’ve been around The Internets for more than a couple of weeks you probably know that stuff like that happens very very often. In fact there are people who do this for fun on a daily basis, one could call them professional trolls if they were being paid. The blogger in question instead of doing what normal people do and ignore the nasty anonymous comments instead reasoned that if the Secret Service takes all threats against The President Of The United States Of America seriously, she should do likewise. Ahhh! Delusional paranoia – it feels good to know I’m important!
Enter the other half of the pointless Internet discussions: the self righteous idiots who think they can argue with trolls and defeat them thanks to their principles and moral superiority. These people decided to jump to the defense of the delusional blogger and a lot of pointless, boring blog posts ensued taking the signal-to-noise ratio of the Internet down another notch.
This would’ve been lame enough by itself but why stop the stupidity here? Know that the issue was hot, Tim O’Reilly had to jump in! I doubt Tim O’Reilly is dumb enough to think this lame Code of Conduct for bloggers would ever change anything so my own personal opinion is that he just wanted attention (or publicity, whatever you want to call it).
Jeff Jarvis already made a good post (though a bit too long for me to bother reading it in full) about this blogger code of conduct.
I have this to say: this is MYblog. You don’t like it? Don’t read it. I really don’t care. I’ll say what I want to say. You have a problem with it? Hint: comments are disabled.
That said, I always appreciate corrections (yeah, sometimes I’m wrong – hard to believe right?) and I’m usually willing to clarify any issue. For example, I often make comments about software I use(d). And sometimes the people who write it happen to be monitoring technorati or whatever. They are always welcome to email me asking me to elaborate on any comment I made or whatever.
Blogs are meant to express their writers opinions (etc). If blogger A wants to insult person B in his blog, that’s his prerogative. The rest of us can chose to read it or not. And after reading it, we can chose to ignore it if we want. Or take sides. Freedom is a wonderful thing and we should be very careful when we consider limiting it in any way – voluntarily or otherwise.
It will undoubtedly be fun to watch the “me too” blogs jump on the code of conduct bandwagon and display their stupidity with pride. It will become a sort of “lack of quality/personality/etc” banner to unite them.
It has been all over the news for the past couple of weeks or so. The US-CERT released its Cyber Security Bulletin 2005 Summary and while I’m not one to doubt human incompetence the fact that this report was put together by someone who supposedly understands the concept of “operating system” makes me think it might’ve been more than just incompetence. At issue is the fact that the bulletin for some reason decided to divide the vulnerabilities by what operating systems they affected, to quote the report: “Software vulnerabilities are categorized in the appropriate section reflecting the operating system on which the vulnerability was reported“. So far so good. Unfortunatelly whoever put it together, apparently, doesn’t understand what an “operating system” is. So according to that Cyber Security Bulletin only two operating systems exist: Windows and Unix/Linux. And so under that classification, the US-CERT bulletin states:
“There were 5198 reported vulnerabilities: 812 Windows operating system vulnerabilities; 2328 Unix/Linux operating vulnerabilities; and 2058 Multiple operating system vulnerabilities”
We all know how competent and umm… competent the press is. There is no point in blaming this on the “Microsoft Press Machine” though I’m sure they were happy to give a hand to the more useless members of the press, the fact is they didn’t have to. Out of the majority of the reporters out there, the few that actually understand anything about what they are reporting on are usually incapable of doing anything more than just copying a press release into a text processing program and changing the words a bit as well as occasionally asking for quotes from “experts” – people usually attached to a big company that has something to lose by telling the whole truth. And I’m not even going to mention their need for sensationalist headlines… oh wait I just did. All this said, it was obvious to everyone with half a brain that the words in the US-CERT bulletin were going to be interpreted/transcribed by the press as “Windows is more secure than Unix/Linux” or even more appallingly as “Windows 3X safer than Linux“.
I don’t know what makes me more sad: the fact that the tech press still doesn’t know that security of an operating system cannot be effectively measured by number of vulnerabilities alone, the fact that they don’t know that “Unix/Linux” actually consists of a large number of different operating systems OR that the US-CERT doesn’t know it – or at least decided to pretend it didn’t know, in which case the question becomes “Is it worse to be incompetent or corrupt?”
And now, for the facts. First of, like I said before, “Unix/Linux” isn’t an operating system but rather a large number of very different operating systems like for example IBM’s AIX, Apple’s Mac OS X, RedHat Linux and NetBSD. As if this mistake wasn’t big enough, somehow, the US-CERT decided that a vulnerability in firefox was a “Unix/Linux”-specific problem even though the majority of firefox users are probably runing it in Windows. You can argue that most open-source OSes include firefox as the default browser and this a firefox vulnerability is more or less analog to a IE vulnerability in Windows (even though IE’s integration into Windows is much greater than FF’s in any Linux distro) but the bulletin in question makes no distinction between software integrated into the OS and third party software.
When the vulnerabilities are properly broken down by OS, the picture we get is quite different:
All of Microsoft’s discovered security exploits for Windows only amount to a pretty reasonable 44. Microsoft products in total (including MS Office, Internet Explorer, ASP.NET and the like) comes to 122.
(…)
Individual Unix distributions faired very well: Apple Mac OS X clocked in at 21 vulnerabilities, tied with IBM’s AIX. HP-UX had only 15 vulnerabilities. SCO had only nine.
For the top Linux distributions, things look peachy. Red Hat had seven vulnerabilities; Suse 12; Debian 10; and Gentoo a mere five.
Non-Linux open souce distribution FreeBSD clocked in with 13, while ultra-secure NetBSD maintained its reputation with two vulnerabilities reported.
* 22 Technical Cyber Security Alerts were issued in 2005
* 11 of those alerts were for Windows platforms
* 3 were for Oracle products
* 2 were for Cisco products
* 1 was for Mac OS X
* None were for Linux
And more:
US-CERT’s list of current vulnerabilities contains a total of 11 vulnerabilities, six of which mention Windows by name, and none of which mentions Linux.
And like RedHat said comparing Linux with Windows: “fewer vulnerabilities were critical and patches were brought out more quickly.“.
And to make matters worse, all this talk about windows being more secure than the so called “Unix/Linux” operating system, the whole WMF drama is unfolding: first an Exploit Released for Unpatched Windows Flaw, then a New IM Worm Exploiting WMF Vulnerability, followed by Microsoft to Patch WMF Exploit Early and what is a drama without a hero? More dramatic. In typical MS fashion, the final exclamation point: Two New WMF Bugs Found. For 7 days a fairly serious vulnerability remained unpatched by Microsoft… what more can I say?
As a result the computer security community will be drinking its milk from a carton with the word “MISSING” in the back, right above a picture of US-CERTs credibility. Will it ever be found?
Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.
I’m trying out tor. So far my only problem with it is the relative slowness of the network I’ve experienced (around 5 secs to open a webpage that would otherwise be instantaneous). I tried it with Mozilla and Xchat and it seems to work as advertised. To those that are considering using it I recommend setting it with an alternative client software. For example, I’m a firefox user but while using tor I use Mozilla. I could’ve used firefox with the switchproxy extension but I don’t need privacy for most of what I do on the internet (who cares if I visit slashdot 10 times a day?) and the speed penalty of using tor makes it impratical for common browsing. Since I’m rarelly visiting only one page at the same time (call it multitasking or lack of concentration) – I usually have around ten tabs open – using tor with firefox becomes sort of anoying. I configured mozilla to always use tor and whenever I need privacy browsing the web I use mozilla. Same thing for IRC. mIRC uses normal net, Xchat uses tor.
I’ll try it out further and make a new post sometime later.
Yes the interview was on slashdot, yes another ignorant slashdot story.
Points made:
– Standards Committees suck; (well know fact)
– The same ideas keep cropping up over and over again in different forms; (Sort of true)
– We’re making zero progress in computer security; (Not really, we’re just moving very slowly and everytime a problem is fixed a new one appears. Solutions to common problems are taking too long to be developed and too long to be adopted. For example, the buffer overflow problem – even without the actual secure programming that should prevent it, solutions exist that make exploiting buffer overflows much harder if not impossible. Yet they took too long to be developed into something that’s pratical to implement and they are taking too long to be implemented)
– Deny:ALL by default better than Allow:ALL by default but requires more work. (well known fact)
– Hosts managed by security people aren’t much better than common hosts because security practitioners have very little power; (well known fact)
– There’s enough blame for everyone. (Sort of true but I don’t believe in blaming the users. If my car breaks down, I can’t fix it and if I break a bone, I can’t fix it. How can I expect John the mechanic or Jane the doctor to fix their computers? Also I don’t blame the hackers. They don’t create the problems they just point them out. For that, I’m thankfull not angry.)
Posted: June 1st, 2005 | Author:lrei | Filed under: Uncategorized | Tags:Hardware, html, News, Slashdot | Comments Off
I remember a conversation I had with João Paredes (Chefax R&D) a couple of years ago about using FPGAs instead of microprocessors in high-performance/super computers. João did hint it in a comment under his interview at OSnews:
I’ll just give you a hint: it’s amazing what one can do with FPGA’s.
The FPGA supercomputer will be more powerful and efficient than a conventional system of similar physical size.
Will it also be cheaper? I was a bit skeptical when João told me about his idea and I still am. I did notice a couple of ifs on that article:
“f it can be made easy enough to program”
“If we can get these [programs] to work, we’ll know that we have a general purpose solution”
Is Iomega going to finish the Blue-Ray vs HDDVD war by killing both formats with its 800GB DVD?
Now I want the Debian Linux/Gnome based Nokia 770. More info at mobileburn,InfoSyncworld and for developers there is Maemo: “Maemo is a development platform to create applications for Nokia 770 Internet Tablet and other maemo compliant handheld devices in the future“. Shortly after Nokia announces patent support to the Linux Kernel.
Xbox 360 OS is apparently a deravative of the original Xbox OS (makes sense) which in turn is a derivative of Windows 2000. Also on /. there was a link to Inside the Xbox 360, part I: procedural synthesis and dynamic worlds – “The present article covers these features in detail, from the processor’s triple-core design, to its caches, deep pipeline, lack of an instruction window, and expected performance“.
).