Yes and no. It has become much easier to take down or replace a driver, so while you won't get a BSOD the moment that happens, it will still happen when that is a critical interface to some kernel process. And it makes the whole system less stable in general, as spyware and such would be able to kill things like your keyboard driver.
I've spend eight years automating the managing of large computer networks, including the servers and clients. That's what I'm thinking about.
What is the "kernel"? Is it a single file? Or is it a large amount of files, that together make up the kernel? And if you register a dll, do you make it part of the kernel? And is that something that might happen when installing software?
Good for them.
Well, their former stack was copied and pasted from BSD. That alone makes their whole licensing model invalid.
Yes, and as a programmer, I might wonder why my service isn't working: because Vista suspended it?
You never worked on a helpdesk, did you?
Excuses, excuses. It's equal to not offering any support to older Windows versions anymore. And it would be quite simple actually, as no parts of those older Windows versions use DX. It's a stand alone thing on those. Very low impact, and really easy to do.
Ever managed an automated system to manage a large network filled with computers?
If you use Firefox, a router and a virusscanner, you never have problems with malware. You don't even have to update Windows. That's what I use.
Winsock, the kernel protection mechanism and createprocess?
I won't. But it will be what I have to work with to do my job.
Ok, fair enough.
And that's different from the current XP how? Where you can do the same to things in the kernel space in the first place? Except it also brings down the system since it's in the kernel.
If you really do all that then you'd know about things like Group Policy. And if you did even a little research, you'd know that things like that have been beefed up even more in Vista.
Do you really not understand what the core of an OS is? What are you doing criticizing if you don't know?
The cost of certification per driver several hundred. You don't need WHQL to get a signed driver. It's only to prove that the driver came from you and wasn't modified by any third party. There is no possibility that any hardware manufacturer cannot afford the certification since it costs several magnitudes more capital to design and manufacture the hardware.
Do you know what the BSD license is? The license explicitly allows things like copying code and using it with only an acknowledgement. This isn't the viral GPL license. The stack MS copied is old and growing long on the tooth so they've finally rewritten it.
Then you'd be a retarded programmer since you've explicitly set your service to be low priority and then wondering why it's not being given priority.
I have actually, but that's not the point. MS doesn't provide Windows support for free beyond installation for non-OEM copies. So the kind of questions like that won't get through unless they've signed up for extra support.
Kinda like how Apple releases point releases every year for changes that are considerably smaller? Easy to do. I don't know if you're some kind of genius programmer, but are you truly claiming that the changes in Vista are easy to do?
Let's pretend I haven't. Can you tell me what that has to do with a registry that partitions what the USER installs into their own registry while at the same time still allowing administrators to put in global registry keys?
And? I'm concerned about the rest of the world because malware doesn't always affect me directly. If a large number of computers are flooding the Internet because of some worm, that affects me regardless of whether I'm on my Linux rig or running Windows XP without a service pack.
What kernel protection? That's the change that's in Vista. Win2k3 has a bit of kernel protection implemented though. Are you thinking of DEP?
Not exactly, but sort of. It's a huge pain in Windows to access other profiles, and that's what you need to do to install just about any software. Disallowing that and making everything effected simply part of user space, "because it improves performance", is alike to demanding that users all install their own software, and aren't allowed to call the helpdesk about that.
Please. Trying to make it impossible for users to change anything is akin to making it very hard to do their job (aren't you as an IT professional hired to make things *EASIER* for users???), and it never worked so far.
Well, I wrote a few OSes myself. I think I ought to know.
That depends. Try it and see. It's very fast quite expensive.
"Viral GPL license"? And no requirements? Really. Well, why should Microsoft care? They have more money and lawyers than God. They *WRITE* the law, don't they?
Yeah, sure. And what would happen if everyone gave their service or whatever the highest priority to make sure it works as intended?
I wasn't talking about support from Microsoft. But I agree, that it will increase all the IT budgets again. Good as long as they get paid, right? Who cares about businesses anyway, unless they pay the bill?
You're confusing things. I was answering/asking: how hard would it be to make a DX10 setup for Xp and 2000? It isn't very hard.
Well, you already have to split packages (newly created unattended setups and such) into a system (admin) and user part. But that change requires checking and rebuilding all existing packages.
Do you visit all your neighbours every week to make their computers malware free?
No, the storing of dlls and such in the dll cache and other places, and the mechanism that determines what to restore.
Fine.
No, I'm dyslectic.
Agreed.
No. I think it is a good thing for a company to try and make money.
Do I care one way or the other?
First off, putting stuff in user space tends to reduce speed. Second of all, WHY THE HELL WOULD INSTALLING PROGRAMS HAVE ANYTHING TO DO WITH THE KERNEL SPACE? It shouldn't. It better not. And because they sometimes do, it's being stopped now.
Easy for a user is uniformity. Have you really worked with real people before?
I've only written the most basic of OS's in a course and even I know that registering DLL's really doesn't have anything to do with modifying the kernel.
Why would I try? I'm not a manufacturer. Neither am I a person releasing a very popular driver that thousands would use (like Omega). In either case, acquiring a few hundred dollars to sign the driver wouldn't be hard. Plus there's a test mode for developers to install unsigned drivers.
Beside the point. They took the stack from BSD as specifically allowed by the license. Now they're rewriting it from scratch. So what's the problem here?
The highest priority is only allowed for core OS services. Theoretically an user service cannot have the highest priority. This is one of the things being done in Vista that's being heavily tested because it's not quite perfect yet since deadlocks still occur occasionally.
Not really. I was referring to the so-called "power users" who aren't. They know enough to look at free memory (average person doesn't really care when the computer is running smoothly) and complain. Really not a large enough group to affect IT budgets that much but loud enough to perhaps affect MS to do something about it.
First off, DX10 is only one small part of the changes in Vista. Second of all, even that isn't trivial.
Do you even use Windows? That doesn't apply at all. As long as the application doesn't really delve deep into the system, most applications will work to some degree as is. Obviously for a new OS you'd need to check and perhap recreate automated installations, but that's nothing to do with the new improved registry.
No, but I do hope they would at least have a firewall of sorts and update their Windows. If they all move to Vista, so much the better since it's impossible to expect them to move to Linux.
Unless they're using IE7. It's still flawed, but significantly better.
That was added. It wasn't rewritten from scratch.
While I know of what has been dropped and what has been modified to be included, I'd question you this instead: What do you miss practically from what was originally with Vista?
Vista is going to do that. I'm serious. Just for kicks, I gave someone I knew Vista RC2 because she did not play games. She's just purchased a new computer that's fairly powerful but did not have a copy of Windows XP yet so I mentioned that the Vista RC2 is useable until June.
No comment.
No. It doesn't. Never heard of the overhead required to switch from user to kernel space and vice versa?
Regsvr32.exe. Register dll/ocx/whatever. What do you think that does? Ever made or packaged an application?
Yes, with people who complained that they have to call the helpdesk when they need to print a presentation on transparent. And have to wait days or weeks for it.
Sigh. You have no idea how many times I discussed all those arguments already. Or wrote all the programs and procedures that made all that happen.
The Windows kernel is dynamic. For example, it requires a function to get keypresses. And while the syntax of that function is fixed, you can supply a new one.
A few hundred dollars is very optimistic. And it takes a long time.
Ah, but how do we know they rewrite it from scratch? It's much easier just to copy and paste the Linux functions. And who would know? It's not as if Microsoft is allowing anyone to see all their sourcecode.
Yes, but if you write a service, most of the time you need it to become or replace a core OS service. And there are plenty of programs that have nothing to do with hardware that use and require services.
Since when is Microsoft going to do something about stuff like that? It mostly increases the workload and budget of other IT companies or departments.
Why would that be interesting?
Yes, for games and most of my job.
Normally, you don't. That's half the point of making packages in the first place. The other half is in not having user interaction.
Yes. But there is a difference. Under Windows, each profile runs in it's own Windows VM, where it assumes it has full control. DOS, and all that.
Why? Software firewalls only work partially, and generate a lot of calls to the helpdesk. And with a hardware firewall that does NAS and Firefox, you don't need either.
*WHY* should they move to Vista? What would be the point?
Agreed. It's a Firefox clone.
Ok. We don't know.
- The new networking model (no more different APIs, depending on the type of service)
Yes, I agree. They don't know or care, and just want Vista because "it looks nice and is new!". Although, they want it for free as well.
An irrate remark that I retract.
Depends. In general, however, kernel space tends to be faster because it's closer to the hardware. Depending on design and the ability of the hardware, user space can be faster for certain applications. Such as graphics since the batching reduces the context switches.
Registers the DLL for availability. Did you REALLY think it attaches itself to the kernel? For your information, this still works in Vista because it doesn't have anything to do with patching the kernel.
Enlighten me then. How does Vista change this besides the fact it's a new OS.
Tell me you don't really think this has to do with patching the kernel.
Optimistic when it's already been announced? This isn't WHQL testing, this is driver signing. The only part that really matters is certificate revocation.
You're actually saying that MS went and copied Linux code? Why bother when they could copy the stack from BSD again?
No there isn't and there shouldn't be anything that needs that. Your earlier example of the keyboard handler is clearly not something you'd need to patch the kernel for. Furthermore, if you were writing your own process for a MULTITASKING system, why should it dominate everything including the underlying OS? For that matter, name something that really needs that much domination and runs on top of Windows rather than on its own.
I only mentioned this because DX10 is not trivial. Considering the MS plan for consolidation of the PC gaming platform, it makes business sense to make it available only for Vista.
You make packages so that you can implement and deploy quickly an environment that's pre-defined. If you're going to change that pre-defined environment (say by replacing the OS with a new one) by definition you need to check if things break. You'd do that even for updates, much less a new OS.
No... there's no VM sandbox in Vista. There is a nominal sandbox safe mode for Vista's version of IE7 though.
Which is why I said it was a large undertaking to implement the new model while retaining most of the backwards compatibility of the old system. And it works quite well in this regard. Things like AV break not because of the partitioning but because the kernel access is now denied.
?
It can't have been rewritten because it didn't exist before. So we do know it was added. However, this is one of the larger changes in SP2 to be sure.
I'm actually not sure what you mean by this.
Which is... in Vista, called .Net 3
I love it when people bring this one up. What did you plan to do with this?
This was promised for Vista? Hmm, I'll have to check up on it. Because if you're thinking about Indigo, that's not what was promised.
You can't seriously not know how to turn off error reporting.
DRM for the HD generation? Well, when they come up with a way to playback HDCP protected content on Linux I'll be concerned. Except it'll also be ported to Vista.
The kernel isn't something like a single file. It's a lot of files working together. Hell, there are even multiple HALs, so it's actually quite likely that two computers with an identical, fresh install of Windows XP use many different kernel files.
three easy examples from programs I wrote recently:
That depends. If you do it right, it doesn't matter what hardware you use, what version of Windows is running or what other programs are installed. Companies like that, because each user can have his or her own custom computer, while it saves money in not having to upgrade everything all the time.
Each and every user (administrator, system, the .NET and IIS users, etc, as well) all have their own virtual Windows machine. And if it isn't interactive, you get no keyboard or mouse input, and your screen output isn't visible.
If they work: kudos to the designers, who took nothing for granted. Microsoft still broke a lot of stuff, though.
How many people don't have a hardware firewall nowadays? Do you have ASDL? Check. You've got one.
Is there going to be a .NET 3 for XP?
I'm a programmer, and I specialize in automating workplace and network management. With a focus on user satisfaction. In short, I am constantly checking and updating files, and generating and showing statistics about it.
Well, it takes me minutes even with XP, for the basics. And I sit behind freshly installed computers or ones from other people pretty regulary. It's a very major irritation.
You don't get it. It has nothing to do with being forced to pay Microsoft and Hollywood whatever they demand.
Yes, you're right, I mixed up my terms.
It seems to me that you're really using the wrong tool for the job. It may be constraints of your employer but those gotchas you're running into are there by design.
This isn't true of any NT Windows. Unless you're using the term Virtual Machine is a way that's not the norm.
I use cable myself, but I do know some people who are using ADSL AND don't have a hardware type "firewall". This may be different with ADSL2 but I haven't done my homework on that.
There could be a partial implementation. The actual CLR is the same as .Net 2 and it's the new portions of the so-called pillars of Vista that aren't. It would require backporting the new subsystems to a "XP Super Service Pack 3" to allow the rest to work. But the number of systems to revamp pretty much warrant a new OS.
The indexed fast search covers much of this, but frankly, the real problem is how Windows was designed in the first place. It's slowly being fixed, but frankly there's too much backlog of things to keep from breaking for this to be resolved any time soon.
This has been compartmentalized and separately implemented in Vista. So you get your instant search without having as much overhead from turning the entire filesystem into a database.
This is actually a separate design flaw in Windows and would not be resolved by WinFS.
In a single user situation I agree. But in a situation where there's a great number of computers, this would've been set in the group policy.
So you can go play normal unprotected HD content. Just like before. You don't have to buy the protected content from Hollywood.
[/QUOTE]
ASDL has been cracked several times in the past, and it is particularly ineffective in 32-bit address space where searches and statistical probes are practical, especially against fault tolerant multiprocess servers, where a probe which causes a segfault merely results in a restart of the child process.
Moreover, Vista has already had injection attacks carried out against the kernel at the last BlackHat conference, but a surprisingly-not-fugly female hacker
Despite the fact it requires UAC approval (not hard to engineer given "security dialog fatigue" and maybe some phishing techniques to manipulate the display and trick someone into clicking something), it totally destroys the "secure path" of the kernel that was required by the HD-DVD consortium. Raw decoded rippers would not be possible.
Then there is Microsoft's stupid decision to try and rewrite the TCP/IP stack from scratch, something they are uniquely unqualified to do, especially given the 20 year history of exploits against TCP/IP stacks and the exceedingly long maturity process of the BSD and Linux NET stacks. Most people agree it's almost guaranteed to be a source of attacks for years to come.
