Linked by Thom Holwerda on Tue 18th Sep 2007 19:58 UTC, submitted by Adam S
"Before I launch into my tirade, I need to make a confession. I like Vista. I use it daily, but I also use it with the full knowledge that it's a pre-service pack 1 OS from the boys in Redmond. That necessarily means it will have glitches, bugs, and annoyances. That's a given. I'm willing to put up with all those headaches. But there were several things I was really looking forward to in Vista that are simply missing in action or broken. These are features I'd really hope would improve my productivity and make life a little easier."
Thread beginning with comment 272599
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Vista isn't bad, just boring...
by nalf38 on Wed 19th Sep 2007 17:01
in reply to "RE: Vista isn't bad, just boring..."
Member since:2006-09-01
I get it, I just think it's amazing that any user would stand for it when this is implemented relatively seamlessly in Linux and OSX without a million-trillion-bagillion freaking UAC prompts. It's a big win for Windows, yes, but only for Windows. When you put it alongside with how Linux and OSX deal with user priveleges, it's a GIANT LOSER.
RE[3]: Vista isn't bad, just boring...
by makfu on Wed 19th Sep 2007 17:13
in reply to "RE[2]: Vista isn't bad, just boring..."
Member since:2005-12-18
"I get it, I just think it's amazing that any user would stand for it when this is implemented relatively seamlessly in Linux and OSX without a million-trillion-bagillion freaking UAC prompts. It's a big win for Windows, yes, but only for Windows. When you put it alongside with how Linux and OSX deal with user priveleges, it's a GIANT LOSER."
Exactly how is it more seamlessly implemented in other platforms? On my ‘nix boxes I have to SU or get prompted for credentials for admin apps, utilities or global actions, JUST LIKE on Vista, but I have to carry out at least eight keystrokes for my password. Any other solution, such as a suid bit, trust this app or the “unlock” model that certain other systems use, are potentially dangerous and programmatically exploitable (see MOAB archives for examples).
RE[4]: Vista isn't bad, just boring...
by nalf38 on Wed 19th Sep 2007 21:44
in reply to "RE[2]: Vista isn't bad, just boring..."
Member since:2006-09-01
Vista asks you for permission for a lot more than installing apps. I had to give Vista permission to allow my antivirus software to run, which I wouldn't have even needed on another OS. I had to give it permission to allow me to burn a CD; I think I even had to give it permission to play a CD. UAC even initially prohibited Diskeeper from running until I gave it permission.
Yeah, fine, suid bits are exploitable, but there has to be a balance somewhere. Vista's take on the situation seems to be that literally everything the user does is a security risk.
RE[2]: Vista isn't bad, just boring...
by Dave_K on Wed 19th Sep 2007 17:47
in reply to "RE: Vista isn't bad, just boring..."
Member since:2005-11-16
Understand that you can do EVERYTHING RIGHT from a user standpoint (e.g. not downloading suspicious apps, running AV, etc.) but you can STILL get owned through no fault of your own. Running your processes with super-user privs is equally dangerous on EVERY platform. So, for your own sake and others, leave UAC on and just live with the freakin prompts.
Without UAC the situation's no worse than in XP. With a router's hardware firewall, a software firewall, up to date security and AV software, and care taken with the apps I install and use (I don't use IE), the risk seems pretty small.
I'm pretty careful with personal information, so the worst thing that's likely to happen is that I have to wipe the system and restore from backups. Even if I had to do that once a year it would be a lot less annoying than the day to day irritation from UAC.
I'd rather take that risk than have to put up with Microsoft's ridiculous nagware.
News
Linked by Thom Holwerda on 05/18/13 21:06 UTC
"At the end of a week in which Electronic Arts confirmed it wasn't developing a thing for the Wii U, one of the software engineers in EA Sports' Canada studio, in a series of since-deleted tweets, disparaged the console as 'crap' and suggested Nintendo should give up on hardware altogether. 'The Wii U is crap. Less powerful than an Xbox 360. Poor online/store. Weird tablet', tweeted Bob Summerwill, listed as a senior software engineer at EA Canada, in a reply to a tweet posting a link about EA's no-Wii U news. 'Nintendo are walking dead at this point'." The Wii U is turning into the 21st century's Virtual Boy.
Linked by Thom Holwerda on 05/18/13 7:37 UTC
"In NixOS, the entire operating system - the kernel, applications, system packages, configuration files, and so on - is built by the Nix package manager from a description in a purely functional build language. The fact that it's purely functional essentially means that building a new configuration cannot overwrite previous configurations. Most of the other features follow from this." Interesting approach. A Linux distribution, sure, but with some very refreshing ideas about system configuration.
Linked by fran on 05/18/13 1:38 UTC
Google added, among other features, C/C++ support to its new version of AIDE. From Android-IDE, "Now you can write parts of your app or your whole app in C/C++ on your device. AIDE supports the Standard Android NDK toolchain (GCC 4.6 + Bionic, STL, ...). No changes are necessary if you want to build an app developed on a PC with Eclipse. C/C++ development is fully integrated: Build errors appear in the error list and files can easily be navigated to with Go to file. The editor supports C/C++ syntax highlighting."
Linked by Thom Holwerda on 05/17/13 23:35 UTC, submitted by kragil
Ars nails it: "The answer is that Google did announce what amounts to a fairly substantial Android update yesterday. They simply did it without adding to the update fragmentation problems that continue to plague the platform. By focusing on these changes and not the apparently-waiting-in-the-wings update to the core software, Google is showing us one of the ways in which it's trying to fix the update problem."
Linked by MOS6510 on 05/17/13 22:22 UTC
"It is good for programmers to understand what goes on inside a processor. The CPU is at the heart of our career. What goes on inside the CPU? How long does it take for one instruction to run? What does it mean when a new CPU has a 12-stage pipeline, or 18-stage pipeline, or even a 'deep' 31-stage pipeline? Programs generally treat the CPU as a black box. Instructions go into the box in order, instructions come out of the box in order, and some processing magic happens inside. As a programmer, it is useful to learn what happens inside the box. This is especially true if you will be working on tasks like program optimization. If you don't know what is going on inside the CPU, how can you optimize for it? This article is about what goes on inside the x86 processor's deep pipeline."
Linked by Thom Holwerda on 05/17/13 22:15 UTC, submitted by Tom
"It was the only moment I heard regret slip into Otellini's voice during the several hours of conversations I had with him. 'The lesson I took away from that was, while we like to speak with data around here, so many times in my career I've ended up making decisions with my gut, and I should have followed my gut,' he said. 'My gut told me to say yes.'" The world would've been a much different place - Apple would have been less dependant on Samsung for its chips, which probably would've meant less money for Samsung to develop its Galaxy business.
Linked by Thom Holwerda on 05/16/13 21:41 UTC
Glass is getting some love at Google I/O as well. New applications have been released - Facebook, Twitter, Evernote, Elle, Tumblr, and CNN. Perhaps more interesting: the newly announced Google Glass Developer Kit will allow offline applications and direct hardware access - great for hacking and expanding Glass' potential. This kit will really allow hackers to put Glass through its paces.
Linked by Thom Holwerda on 05/16/13 17:04 UTC
"But Beck and Merrill decided that simply banning toxic players wasn't an acceptable solution for their game. Riot Games began experimenting with more constructive modes of player management through a formal player behavior initiative that actually conducts controlled experiments on its player base to see what helps reduce bad behavior. The results of that initiative have been shared at a lecture at the Massachusetts Institute of Technology and on panels at the Penny Arcade Expo East and the Game Developers Conference." Absolutely fascinating stuff. I'm a League of Legends player, and to be honest, the community isn't nearly as bad as some make it out to be. I'm happy Riot games has the guts to employ science to address the issue.
Linked by Thom Holwerda on 05/16/13 13:17 UTC
"Android and iOS, the number one and number two ranked smartphone operating systems worldwide, combined for 92.3% of all smartphone shipments during the first quarter of 2013 as Windows Phone crept past BlackBerry for 3rd place. According to the International Data Corporation Worldwide Quarterly Mobile Phone Tracker, Android smartphone vendors and Apple shipped a total of 199.5 million units worldwide during 1Q13, up 59.1% from the 125.4 million units shipped during 1Q12." Windows Phone doubles from a few to twice few, iOS loser market share as its growth is slower than that of the overall market. BlackBerry continues slide into irrelevance.
Linked by Thom Holwerda on 05/16/13 12:06 UTC
"According to the latest research from our Wireless Smartphone Strategies service, global Android smartphone profits reached US$5 billion in total during the first quarter of 2013. Samsung dominated and captured an impressive 95 percent share of all Android smartphone profits." Wow.More News »
Sponsored Links
Member since:
2005-12-18
"UAC is another thing that I quickly turned off, it's easily one of the most worthless and irritating 'features' I've ever encountered in an OS. Of course protecting users is important, but constantly nagging them with virtually meaningless messages is an utterly stupid was of doing it. After a while I think most people are just going to stop reading them and click OK no matter what. Still, it's not really a big deal as it's easy enough to get rid of this nonsense. "
UAC is NOT just about the prompting. In fact, the requests to elevate are of only minor benefit. HOWEVER, that applications that do not require elevation are running with least user privileges and lower integrity (in the MIC model) IS THE BIG WIN!!! Let me repeat that: Running IE, FireFox, Word, mIRC, MSN messenger, AIM, GAIM, Outlook, Eudora, Adobe Reader, etc, etc, etc, as a standard user BY DEFAULT is the BIG WIN with UAC.
If you disable UAC, and you keep your account in the local admins group, the security token generated for each of those processes you launch is now running with God privleges and high integrity. This is bad. Period.
Example scenario on XP or Vista with UAC disabled: I run “superduper IRC client”, which it turns out has a buffer overflow problem when parsing certain IRC output and as a result is a target for an automagic remote code exploit (yes, this has happened). Since I, the script kidiot on the other end of the exploit now has control of that process (via the injected payload), and that process is running with NT Administrator (God/root/etc.) privileges, I can embed all kinds of terrible things in the payload code, such as cross-process code injection (via debug facilities), loading a kernel mode driver, disabling malware protection, and patching the kernel (and don’t believe for one second your anti-malware software will mitigate because it most certainly is the first thing to get nuked). With UAC enabled these automatic silent attacks ALL WOULD FAIL and your machine would stand about 99% better chance of not getting owned.
Also, when disabling UAC, you also disable IE protected mode which runs IE with low Integrity, which prevents iexplore.exe from writing to files/registry entries belonging to your profile which even prevents profile hijacking when running with least privilege. A good example of this is how IE 7 with PM and UAC enabled protects against attacks leveraging flaws such as the animated cursor exploit. While the vulnerability existed in Vista, it was mitigated by IE7 Protected Mode because the MIC model wherein IE7 runs with low integrity, and communicates with higher integrity components via a broker process, protected the profile and shell components from this attack preventing profile based malware infection.
Understand that you can do EVERYTHING RIGHT from a user standpoint (e.g. not downloading suspicious apps, running AV, etc.) but you can STILL get owned through no fault of your own. Running your processes with super-user privs is equally dangerous on EVERY platform. So, for your own sake and others, leave UAC on and just live with the freakin prompts.