back to article A simple HTML tag will crash 64-bit Windows 7

An unpatched critical flaw in 64-bit Windows 7 leaves computers vulnerable to a full 'blue screen of death' system crash. The memory corruption bug in x64 Win 7 could also allow malicious kernel-level code to be injected into machines, security alert biz Secunia warns. Fortunately the 32-bit version of Windows 7 is immune to …

COMMENTS

This topic is closed for new posts.
  1. Occams_Cat

    who uses safari on W7 anyway?

    Safari Web browser...no danger of this bug causing any real damage then!

    1. Steve Renouf
      WTF?

      That was my exact same question!

      Why would anyone want to use Safari, full stop!

      1. Alain

        Why would anyone use SafarI on Windows ?

        I do quite a bit because :

        - I don't trust IE

        - I strongly dislike what Firefox has become

        - I still like Seamonkey but it leaks memory like hell

        - I like Chrome but not enough to let Google know every move I make (so Srware Iron is my friend too)

        - In my experience, Safari is rock solid, keeps a reasonable memory footprint, very seldom renders sites wrong and still has an UI classic enough to fit my old timer's taste

        1. This post has been deleted by its author

          1. Alain
            Linux

            @Bullseyed

            I don't do any online banking from Safari neither any other browser running on top of Windows. No way. So your comment is entirely irrelevant.

            Secure browsing on Windows is an oxymoron, anyway.

        2. Blitterbug
          Happy

          Fair points, Alain, up until...

          ...your last para! Oddly, in my experience (& I have to use the 'big five' browsers daily, across an installed base of several hundred PCs), Safari blows. Hard. I'm an old-skool dev, weaned on assembly language & C, but I appreciate good UI design - which Safari just doesn't have.

          Incidentally, no MS lover here, but IE9 is shockingly good. Really, really good. So the motivation to go hunting to install a 3rd-party browser on new machines just isn't there any more, for me. And it's simply not enough of a religious issue to get steamed up over, any more. IE is no longer the whipping boy of browsers.

    2. Richard Wharram

      Erm

      Posting on Win7 64bit with Safari right now.

      If you don't hear from me again you'll know why :(

    3. DrXym

      Pining Mac users?

      Personally I think Safari for a Windows is a piece of crap not least because it inflicts a pale imitation of the OS X look & feel onto Windows. But I suppose some people might use it, for example Mac users who are running it from work or whatever.

      Still, it sounds like an edge case. I assume that if it's something to do with the height of an IFRAME that safari is blindly trusting the content to be sane and then doing something stupid such as allocating memory which exhausts all physical memory, consumes all system resources or something similar.

      1. JEDIDIAH
        Linux

        Don't cut yourself Balmer

        "Edge cases" are exactly what an OS is supposed to be able to deal with.

        The user or an incompetent programmer can always do something stupid. When this happens, it should not bring the whole system down. It's no longer 1984.

        The system is there to be a gatekeeper, to manage resources , and to sensibly deal with problems including inept and malicious users.

        1. Anonymous Coward
          Anonymous Coward

          The deeply depressing thing about windows has always been that it trained users to expect a level of quality far below what was the norm before windows existed.

          It is no longer 1984 but I used computers in 1984 and the general purpose OSes available at that time were generally very solid and would not let a user program crash the OS. I have run computers running a variety of operating systems of that age for up to ten years with the only reboots following power or hardware failures. Can anyone say that about Windows? It was only when Windows became widespread that people began to accept that computer software was inevitably unreliable. Windows has become much much more reliable than it was historically but incidents like this continue to reinforce the impression that it was extermely poorly designed (if designed at all), with reliability and security being low priorities if they were considered at all.

          1. oddie
            Happy

            Os's of 1984

            I'm open to the posibility that you were running an OS on some serious iron (for 1984) back then, and not an apple/ibm clone/microcomputer, but except for IBM mainframes and things like that the OS's of the time pretty much surrendered all control to any program that were run... depending on the platform free access to memory and registers weren't that uncommon, heck, some (microcomputers) unloaded the OS at the load of a program and you had to restart the machine to get back into the OS.. in the meantime your code had direct access to whatever hardware it fancied.

            U sure your specs haven't gotten a little bit rosy since then? ;)

            1. Michael Wojcik Silver badge

              Re: Os's [sic] of 1984

              "except for IBM mainframes and things like that the OS's of the time pretty much surrendered all control to any program that were run"

              Except for UNIX (including Xenix). And Multics. And VMS, TOPS-10, TOPS-20, MCP, Pick, and GCOS. And those are just only some of the non-IBM-mainframe OSes of the time (that sprang to mind). Many ran on minis and workstations; Xenix ran on PC-class machines.

              For that matter, 1984 was only three years before OS/2 1.0, and only four before Windows/386.

              Lumping all general-purpose non-PC computing into "mainframes and things like that" is a bit like saying "except for cars and things like that, motor vehicles all have two wheels".

          2. Rune Moberg

            crashing the OS

            One or two new hardware devices have been added to the mix since 1984...

            Most of the bluescreens that occur are triggered by third-party device drivers. Windows (unless something has changed recently) is the OS that "enjoys" the most third-party support. The number of developers qualified to write good device drivers can probably be counted on one hand. Fortunately the development kits comes with good fleshed out examples that often only require minor modifications to support simpler hardware devices.

            That said, it is of course extremely serious if a usermode app running as a non-admin user is able to trigger a BSOD. I do not recall something like that happening to me in 17 years of Windows NT/2000/XP/Vista/7 usage. I have of course experienced many BSODs due to badly written device drivers though.

            1. Michael Wojcik Silver badge

              Windows user-mode BSODs

              There have been a number of Windows user-mode BSODs. There was an entertaining one a few years back where just printing a short sequence to the screen of a "command prompt" (shell) window would crash the OS (due to a bug in CSRSS, if memory serves). I verified that one myself, in part just to see how easy it would be to exploit it.

              For that matter, many of the escalation vulnerabilities in Windows (and there have been plenty of those over the years) can crash the system when fuzzed sufficiently. I suspect you can do it using Tavis Ormandy's #GP Trap Handler exploit, for example, with an unprivileged user-mode program.

              In other words, this needn't have anything to do with drivers; nor is it the fault of Safari. (Impressive how many commentators can't understand that simple fact.) It's a bug in the OS, of a sort that's been seen before and will be seen again. It's noteworthy, but not unique.

              And this happens to other OSes too. I remember a bug in the Pyramid flavor of UNIX that was triggered by an erroneous pipe() system call and caused a kernel panic.

    4. Anonymous Coward
      Anonymous Coward

      Browser not important

      The fact that Safari is needed to make this happen is irrelevant - the fact that it happens when it shouldn't be able to is the big issue here.

      1. Anonymous Coward
        Anonymous Coward

        Unless Microsoft are even more incompitant than I think...

        ...and that would be difficult.

        This could be a Safari thing, in that it is installed to run as administrator allowing it to do silly thinks like trash the OS, or more likely being Apple; it has installed a whole bunch of other crap you don't need and were not told about that is running as a privilaged services in the background.

        I installed iTunes on a Vista laptop a few years back, then uninstalled it; after which I was constantly getting issues the the machine because Apple had deleted system dll's!

        I decided it was easier and safer to re-install the OS than try to find everything iTunes had screwed up.

    5. Giles Jones Gold badge

      Those who don't trust IE, don't like Firefox (it has become bloated) and don't trust Google with their privacy perhaps?

      Makes you wonder have a user space application can crash an OS. Usually it is code running inside the kernel space that does that, drivers and the like.

      1. Coward who is anonymous
        Thumb Up

        "Those who don't trust IE, don't like Firefox (it has become bloated) and don't trust Google with their privacy perhaps?"... use SRWare Iron?

      2. Anonymous Coward
        Anonymous Coward

        Well....

        IE, don't like Firefox (it has become bloated) and don't trust Google with their privacy perhaps...

        So use either Iron or Opera.

        Can't belive how many techies have never heard of Iron !

      3. Anonymous Coward
        Anonymous Coward

        "and don't trust Google with their privacy perhaps?"

        because Apple's hands are clean...

        1. Anonymous Coward
          Anonymous Coward

          I don't want to be the product

          " "and don't trust Google with their privacy perhaps?" because Apple's hands are clean..."

          I more inclined to trust Apple because I am their customer. If they don't deliver what I want, they lose business. With Google, I'm the product - it's aim is to please the people who pay them, and that often means intruding as far as they can get into my life.

    6. adnim

      Web devs

      testing their code so that Safari users get the same experience as Firefox users, IE users, Chrome users, Opera users.

      I have 5 browsers installed on this box. I only browse the Internet with Firefox, the other 4 only ever run code from my dev server or local files.

      Now if all browsers were standards compliant and all supported the same feature set, I would only need one.

      1. Oliver Mayes

        @adnim

        Same here, I develop in Firefox then check through IE6/7/8, Chrome, Safari and Opera to ensure everyone can at least use the basic functionality. The amount of time I waste ensuring that each browsers "quirks" are attended to, verges on farcial.

        1. adnim

          @Oliver: Don't know

          why you were voted down. Perhaps the voter thinks farcical means funny?

          It's far from funny, in fact there is no humour at all in messing about with css or conditional html just to get it to look right on several different browsers.

          Have an up vote to negate the down vote

          1. Wyccant
            Coat

            @adnim @oliver

            Farcical amount of time on browser quirks?

            I know that one, trying to point out to a (publically funded/charitable) customer that they are wasting over £600k a year on browser support.

            The response "well corporates like us use xp/IE6 and no way IT are going to let an update change the browser"

            God, I don't even want to keep thinking about how wrong this policy is on every level.

            I don't care if you ARE an IT admin, you're failing to perform your duties, deliberatly causing your employer to waste money and exposing them to the oldest collection of security flaws which they pay you to mitigate.

            and if you happen to be the boss, then more shame on YOU because you're paying this worthless "£$%wit good money and letting THEM tell YOU how your business should operate and blindly trusting them to keep your company safe while ignoring the fact they shun the advice of EVERY major player, including the people that wrote the software in the first place and every worthwhile security consultant ever.

            Mine's the one with the blinding fit of rage spilling out the pocket.

    7. Anonymous Coward
      Anonymous Coward

      Hmmm, because rather ironically given Apple's involvement, people are still free to choose what they can run on their own machines and not just go along with the default supplied or the big names?

      1. Anonymous Coward
        Anonymous Coward

        Apple?

        Pretty sure that was Opera's doing, actually.

    8. Anonymous Coward
      Anonymous Coward

      Maybe if it were the last browser on earth

      I don't even use Safari on my Mac let alone any of my windows machines. I try to keep Apple's crappy software off my machines so no iTunes, Quicktime or Safari for me.

  2. jake Silver badge

    One of these days ...

    Dave Cutler is going to realize that "Personal Computing" isn't exactly what he was doing at DEC ... The world has moved on, Dave. The cognizant use the UNIX[tm] model.

    1. Roo
      Meh

      Much as I think Dave Cutler is wrong about nearly everything

      I do have some sympathy for him. He was sucking on Ken "Unix is snake oil" Olsen's kool-aid teat during his formative years, so seems likely that the Olsen kool aid was still in his blood stream when he went off to Microsoft to re-invent UNIX poorly^W^W^Wwrite NT.

      Also I am pretty sure that Dave had nothing to do with putting "Win32" on top of the kernel, which seems to be where most of these fuck ups come from.

      At the end of the day Dave Cutler et al could have saved everyone the bother by implementing POSIX properly in the first place, like Linus did.

      1. Ken Hagan Gold badge

        I think "implementing POSIX properly" is an oxymoron, isn't it?

        Besides, based on the number of kernel updates I get on this box, it doesn't look like Linus has even implemented Linux properly, yet.

      2. Don Mitchell

        Roo: Total Ignorance about OS History

        I'm impressed that you know Dave Cutler's name, given your lack of knowledge about operating systems or history. When NT was written in 1989, it had dozens of modern OS features that UNIX either did not have or was still in a very confused state. Cutler's impact on UNIX is what is not properly appreciated. I was at Bell Labs when UC Berkeley folks ported BDS to the VAX, and it was pretty clear to us that BSD was UNIX + VMS (virtual memory, a file system that was not journally but at least did not horribly suck like UNIX V7).

        Linux is basically UNIX + NT. So many ideas in modern UNIX come from Microsoft - the use of dynamic linked libraries, device driver interfaces, asynchronous file I/O, journaling file system, etc. All things done by MS operating systems before UNIX. UNIX still lacks the systems engineering design that Cutler and Microsoft brought to operating systems, the modularization and formal interface (e.g. COM) structure. Using BSD in the last 1980s, we had to edit tables and recompile the whole kernel to install a new device driver, since drivers were simply subroutines in a monolithic program.

        Readers who are interested should take a look at Hart's book on Win32 Programming, to see what a kernel design should really look like.

        1. Anonymous Coward
          Anonymous Coward

          "we had to […] recompile the whole kernel to install a new device driver"

          Yep, SCO OpenServer 5.0.4 required a re-link of the kernel to change the IP address. Maybe not as drastic as recompiling the entire kernel, but still hardly something you can do on the fly.

          No idea how DHCP worked on that OS. I have a feeling it didn't, and nor did any Internet link with a dynamic IP address.

        2. eulampios

          acad. Fomenko's history again?

          >>So many ideas in modern UNIX come from Microsoft - the use of dynamic linked libraries, device driver interfaces, asynchronous file I/O, journaling file system, etc

          Actually, dynamic-linking was implemented long before porting VMS onto MS soil, even before Unix, namely, Multics (BTW, the has the DLL hell been fixed already?)

          --jfs (journaled fs) was the first one...

          --etc

          As a matter of fact, is MS suing anyone for the infringement of these (patented) ideas? No, that it is safe to disagree with you. Even if MS has any technological influence on Unix, POSIX and Linux, the counter-influence prevails. MS also is know to persevere in resisting the influence... not for ever. PS was introduced in 2006 decades after csh, ksh bsh, bash etc. Now Win8 is promised to be headlessly available w/o GUI.

          >>the modularization and formal interface (e.g. COM) structure

          This is the funniest part. Where is this modularism? Windows is modular on paper only, cannot be tweaked the same way as other systems.

        3. MacroRodent
          Thumb Down

          no, Microsoft did not invent them

          Re: "So many ideas in modern UNIX come from Microsoft - the use of dynamic linked libraries, device driver interfaces, asynchronous file I/O, journaling file system, etc."

          All those ideas predate Windows and some even Unix. Dynamic linking came from the MULTICS project, like almost every other idea in "modern" operating systems.

          Solaris had dynamic linking very early on (not sure if before or after NT), but in any case the Solaris implementation, which is what Linux copies, is superior to Windows DLL:s in that creating and using dynamic libraries is practically identical to static libraries. In Windows you had to jump through hoops. (Export modules? Strange nonstandard C extensions? what's actually the sharing semantics of global variables in DLL:s in different Windows versions?)

          I agree that older Unix like that 1980's BSD was inflexible in that recompiling or at least relinking the kernel was often needed for minor changes. It was simply showing its age. NT could avoid much of this as a new design, and so could Linux. It does not mean that Linux copied Microsoft, they were both just taking advantage of "new" (actually by that time well-known) techniques.

        4. L.B.

          Don Mitchel: not quite

          Just about al the kernel features of NT where copies of what VMS had been doing since 1978, the only big difference being that VMS didn't go multithreaded until Version 7, on Alpha's (not on VAX hardware).

          If anyone wants to read how a truely secure kernal/OS should be implimented look around for a copy of the (Open)VMS "Internals and Data Structures", it covers everything from boot sequence onwards.

          For those that think not doing multi-threading is bad, they need to realise probably less that 1% of VAX's made had more than one CPU so there was no benefit to be had, and the OS used AST's (Asynchronous System Traps) that made writing software where one process could handle 100's devices, timers, etc... all at once was so simple you wouldn't beleive (plus it's much more efficiant than threading on 1 cpu).

          PS: The "Open" seen with VMS is silent.

          1. Anonymous Coward
            Anonymous Coward

            "Just about al the kernel features of NT where copies of what VMS had been doing since 1978"

            They're not, you know, they're really not. But the number of people who realise where they do originate is negligible. I have the privilege of having seen inside where many came from.

            Other Cutler-inspired projects included a PDP11 OS, and a distributed realtime environment for VAXes called VAXELN. VAXELN had threads and the like before threads were even heard of, *and they were useful* even in the one-processor case.

            VAXELN was an embedded environment where you could think about designing the application rather than driving the hardware (and the network, and all the other non-productive stuff that other RT kernels used to require, and which some still do).

            *That's* as much where the NT kernel concepts come from as from VMS.

            Sadly there's very little written about VAXELN, but I do believe Custer's book mentions it.

      3. Anonymous Coward
        Anonymous Coward

        The fact that you think Unix/Linux is the best just proves you never used a decent OS.

        Dave Cutler is often given far to much credit for VMS, as he was just part of a large team of designers (both hardware and software that created VMS and the VAX hardware together), and that is why VMS is probably to most stable and feature rich OS ever written.

        Unix didn't go 32bit with virtual memory until about a decade after VMS was shipped.

        On VMS the C-RTL/POSIX libraries were nothing but a tiny user mode library that VMS developers avoided if they wanted to do anything: clever, complicated or efficiently.

        1. Michael Wojcik Silver badge

          Where do you people get this stuff?

          Re AC @ 13:11: "Unix didn't go 32bit with virtual memory until about a decade after VMS was shipped."

          Honestly, would it kill you to do five minutes of research?

          VAX-11/VMS was announced in 1977, with the VAX-11/780. BSD3 UNIX had paging virtual memory; it was released in 1979. (UNIX System 7 had swapping, but not paging, in the same year; it spawned UNIX/32V, and then BSD3, before the year was out.)

          1979 - 1977 = 2. 2 < 10.

          VMS is a perfectly good OS - though I suggest you don't try that "most stable and feature rich OS ever written" line in a room full of TOPS-10 or TOPS-20 fans. And personally I think OS/400 / System i gives it a run for its money too, on the stability/features front, even if VMS is probably more fun to work in.

    2. Anonymous Coward
      Anonymous Coward

      It's just as well that no UNIX-inspired OS in the world has ever had a kernel vulnerability exposed to userspace, otherwise your comment would make no sense.

      But you're right, the "everything is a file, except there's ioctl in case it isn't a file, plus random synchronization primitives which aren't files" model is obviously way better than the "everything is a polymorphic HANDLE" model, unless you're some kind of incognizant fool!

    3. Charles Manning

      Talking out of top of head

      I am certainly no Windows fan. but I have met and spoken with Dave Cutler and had an interesting conversation with him back in the NT 3.x days. He's a bloody genius.

      Yes it really sucks that Windows has its own APIs and does not do POSIX, but that was a command decision from above. Dave certainly had the nous to make POSIX happen.

      Back in the NT3.x days, MS was pushing NT for servers as a simpler to use and cheaper alternative to the 386 *nix offerings of the day. To woo over customers they offered POSIX compatibility (that almost worked) and a pushable streams module interface. These were needed to allow companies to port their products to NT.

      The POSIX implementation was really crap though. Performance was horrid. But once companies, like the one I was working with at the time, had got sucked in and committed to NT based products it was too late. You had to port your apps to the Windows API to make them run properly. Even still, we needed a 100MHz 486 to perform a job that had previously needed a 25MHz 386SX.

  3. Forget It
    Flame

    Clearly an Apple plot.

    1. Anonymous Coward
      Anonymous Coward

      Hmmm makes you think doesn't it. When a non-Apple O/S can't even keep control of a badly behaved, rogue app, no matter how shitty it becomes, falls in a heap due a small overrun in a browser app, you just have to wonder.

      1. DrXym

        Who says it's the OS?

        Could be a duff graphics driver told by an app to allocate some ridiculous sized surface, as a consequence of which it crashes and BSODs the OS. Something somewhere should be catching the error though.

        1. Anonymous Coward
          Anonymous Coward

          It's still the OS.

          > Could be a duff graphics driver told by an app to [ ... ]

          No, it couldn't, because apps don't speak directly to graphics drivers, they aren't allowed to; they speak to the win32k subsystem of the OS, which then translates the graphics APIs they invoke into various calls to drivers, and it is that win32k subsystem (like every kernel-mode subsystem or driver) that is completely responsible for validating the input parameters it is passed with and ensuring that it doesn't submit any bad requests to drivers. In other words, a user-mode app attempting to allocate a hugely oversized bitmap or canvas or whatever should not cause the win32k subsystem to generate an insanely-huge allocation request to a device driver. (And the device driver should reject it also, and in fact probably does; we have no evidence, just your supposition that the crash is happening in a driver rather than the core kernel.)

          1. Charles Manning

            Nope, wrong

            It is not up to the OS to make size checks before asking the driver to perform allocations. That is the driver's job. If the driver can't handle the allocation then the driver should return an error.

            The rationale behind this design is that only the driver really knows how big an allocation it can make. The OS should not know. If it did it would have to know the max allocation size for all different graphics cards which is clearly not a good idea.

            Yes, you are correct that this is merely a supposition. That's why (s)he wrote 'maybe'.

  4. MJI Silver badge

    Unlikely combination

    Most Win 7 64 bits I have seen chose Firefox. Including my work PC.

    1. Version 1.0 Silver badge
      Joke

      Firefox

      Coming soon to a browser near yo$%#^CCU NO CARRIER

  5. Anonymous Coward
    Anonymous Coward

    Windows

    Ever so secure and crash free...NOT!

    1. Anonymouse-Coward
      FAIL

      *Cough* Safari

      It is Safari that is the exploited software here, this is what causes Windows to crash.

      1. diodesign (Written by Reg staff) Silver badge

        Re: *Cough* Safari

        Windows should not allow an app - even if malfunctioning - to take out the machine; that's the ultimate fail here.

        C.

        1. Shakje

          So there's no way...

          that an app could take out Linux? Or OSX? Or could take out Android?

          It's all very well getting angry about it, but if you can do it maliciously then you CAN do it by accident.OSes should look to minimise this sort of thing, but it won't protect you from stupid coders. Safari is more to blame than the OS, and it's a bit sad that the article takes the easy route to place the most blame on MS, rather than at least an equal footing.

          1. Anonymous Coward
            Anonymous Coward

            Safari is to blame for crashing Safari.

            Windows is to blame for the whole OS going down.

        2. Wize

          A bit of both to blame but...

          "Windows should not allow an app - even if malfunctioning - to take out the machine; that's the ultimate fail here."

          The fault wouldn't have been noticed if there wasn't a flaw in both W7 and the browser.

          The browser is naughty for not handling the exception properly (as you might still be able to trigger some code injection trick via that door).

          But, as you say, the operating system didn't handle the exception either and should not have allowed the take down by a single program, even if it was trying to do so.

          Smacked bottoms all round.

      2. The Fuzzy Wotnot

        Whoa there MS fanboi!

        How about your oh-so glorious O/S properly contains and shuts down badly behaved apps when they go a little doolally?

    2. Anonymous Coward
      Anonymous Coward

      Re: Windows

      Such an original comment ... not. Sigh. I wish gimps like you would stop posting pointless comments like this and get back to your schoolwork.

    3. Armando 123

      That this can be done in Safari, Opera, or Mosaic doesn't matter: why can it be done by an application in the first place? I'm glad that IE and Firefox are not made to cause this, but ultimate kernel security does not belong in the browser. Yes, checks and caution are nice, but ...

  6. petur

    iTunes

    Didn't iTunes at some point in time force Safari down the users' throat?

    1. Coward who is anonymous
      Mushroom

      "Didn't iTunes at some point in time force Safari down the users' throat?"

      Question is, did they ever *not*?

  7. Alan Bourke
    FAIL

    A MAJOR, MAJOR ISSUE

    for all three of you using Safari on 64-bit Windows 7.

    1. amanfromearth

      Four..

  8. lansalot
    FAIL

    lovely!

    Great timing - thanks so-called white-hats!

    Release your PoC a couple days before xmas holidays... wonderful..

  9. Des5798p
    Windows

    Safari?

    Why in God's name would you use Safari on Windows?

    1. Andy Fletcher

      Users....

      You know what, I use the sentence "Why in God's name would you use [insert application]" pretty much on a daily basis. I'm ignored of course. The other week we spent £500 or so on PhotoShop because someone needed the ability to crop images. Quite frankly, nothing surprises me anymore.

    2. Richard Wharram

      Well...

      I know that Chromium and Firefox are easier to live with but I like the font rendering in Safari. To be honest I use quite a few browsers but for my main reading browser I use Safari at the minute.

    3. Armando 123

      I don't trust IE, Firefox is as bloated as a UN bureaucracy, Opera costs money, and Safari is recognized/tested for by major banking and government institutions. So I can see why.

      1. Anonymous Coward
        Anonymous Coward

        I have been using Opera for quite some time, I didn't know that Opera costs money to use on Linux or Windows.

        1. Anonymous Coward
          Anonymous Coward

          Opera does NOT cost money

          "I didn't know that Opera costs money to use on Linux or Windows."

          It doesn't. It did many years ago, though.

          This is just another case of someone living in the woods with no running water, electricity and mail who is assuming a situation never ever changes. Pretty much similar to most 'arguments' of Linux fanatics against Windows which pretty much originated from the Win95 days.

      2. Anonymous Coward
        Anonymous Coward

        Opera

        Since when does Opera cost money?

        1. Anonymous Coward
          Anonymous Coward

          "Since when does Opera cost money?"

          I think that was about 1997 or there abouts. Similar time frame as netscape becoming irrelavent.

    4. TeeCee Gold badge
      Joke

      Easy one. They missed unchecking the "Install loads of other shiteware" box when installing iTunes for their new iPhone, it's made itself the default browser and they don't know how to undo that.

      Only good reason I can think of.....

    5. Franklin
      FAIL

      "Why in God's name would you use Safari on Windows?"

      I do Web development. Ergo, I use Opera, Firefox, and Safari on Windows and Mac, and IE on Windows as well.

      Don't even get me started on various browser inconsistencies and rendering problems that make it necessary to do that. Point is, I do.

      I can't speak for anyone else, but whenever I hear "Why do you use ___" what I tend to hear is "I personally don't use ____ and therefore I don't think anyone else should either." Which is silly, when you consider how many of these folks also say "and I hate anyone telling me what software I should use."

  10. onester
    FAIL

    guess that steve jobs is still trying to keep apple going as they fall further behind the times of tech guess all the apple sheep that use safari will be the ones that suffer long live chrome and firefox

    1. Greg J Preece
      WTF?

      "guess that steve jobs is still trying to keep apple going"

      I think there's something you should know...

      1. Anonymous Coward
        Anonymous Coward

        Go on then, what?

        (It's not actually that I haven't heard - it's just that I just can't hear it often enough!)

  11. Gadget Rage is BAD
    Facepalm

    Loving the fingers in the ear...

    response to this. As others have already stated, the issue isn't the browser or even how the error is trigger, its the fact that ANY application can cause a system failure like this. If Safari can do it by accident how long before a virus writer makes use of the same exploit to cripple your machine, if they haven't already. Its a proof of concept, doesn't mean it can't happen any other way.

    Sticking your fingers in your ears and saying "la la la, I don't use Safari" isn't going to make the issue go away.

    1. h4rm0ny

      Virus writers

      I agree that it's a flaw in Windows. It seems the days of applications being able to crash the kernal aren't completely behind us yet. (Though imagine this being a headline ten years ago - everybody would shrug and say "it happens all the time" - this being on a news site is a sign of how far we've all come).

      But does anyone still write viruses designed to crash your machine? I thought they were a relic of the old days when people wrote viruses just to be bitter or annoy you, instead of for profit by creating botnets and boosting your bank details. Aside from trying to destroy some poor Iranian centrifuges, I can't remember the last time I saw a virus doing actual sabotage. Do they still do the rounds?

      1. Armando 123

        "But does anyone still write viruses designed to crash your machine?"

        Based on my last XP work box, Visual Studio 2008 sure qualified ...

      2. Ocular Sinister
        Thumb Down

        Crash the machine is the first step

        If they can crash your machine there is a very good chance that with carefully constructed code, they can gain elevated permissions - without blue screening the computer.

        1. Michael Wojcik Silver badge

          "If they can crash your machine there is a very good chance that with carefully constructed code, they can gain elevated permissions - without blue screening the computer."

          Right - or after crashing it. There are exploits that require rebooting, so a mechanism for letting an unprivileged process trigger a reboot (particularly an unsafe one like this) is useful. And, of course, sometimes a DoS is all the attacker wants.

          Really, I don't know why so many people feel compelled to comment on stories like this when it's clear that they haven't studied even the most basic aspects of how common security vulnerabilities work these days. This sort of story always brings out the ignorant armchair pedants.

  12. Ru
    WTF?

    Ignore the application involved...

    The important question is 'how on earth is a simple application failure causing a kernel-level fault?'

    I'm assuming that Safari isn't installing any drivers, of course...

    1. Greg J Preece
      Trollface

      I an *DYING* to find out that it was some underlying hackery on Apple's part, or an API they weren't supposed to be using...

    2. Ken Hagan Gold badge

      Re: how on earth

      The answer is in the article, but perhaps only if you recognise the reference to win32k.sys. You can think of as the kernel-side components of the user interface. I think I'm correct in saying that all Windows apps necessarily use this part of the kernel. Safari just happens to be tickling a bug in there that no-one else has found yet.

      Of course, now that everyone is looking, they'll probably figure it out in a day or so. Early Christmas present for the black hats. Cancelled Christmas holidays for Microsoft's kernel team.

    3. Nick Ryan Silver badge

      Re: Ignore the application involved..

      Not sure if Safari is installing any driver level update or usage processes, but I'm seeing a consistent pattern on Win7 64 where iTunes is installed (and the associated update processes) that system performance periodically tends towards dead snail like. Naturally Task Manager is still reporting 99% idle CPU and <10% HDD access of course... have to love the fact that Task Manager doesn't not count some application levels as using the CPU and while I can understand the problems that may occur in tracking driver level application services, it's frustrating as hell. It may not be a specific iTunes / Apple problem but on systems where this software is *not* installed, these particular problems do not seem to show up.

      Some applications implement their update processes as driver level services to ensure that they work around UAC problems and can update a system without bothering the user. Unfortunately at this level of process the OS protections are somewhat reduced - often required for real device drivers but taken advantage of by update processes.

      1. Mike Street

        No - that's Just iTunes

        "I'm seeing a consistent pattern on Win7 64 where iTunes is installed (and the associated update processes) that system performance periodically tends towards dead snail like."

        I thought that was the default behaviour for iTunes?

        1. Anonymous Coward
          Anonymous Coward

          re: iTunes

          I don't have iTunes installed, but the other Apple software that I've seen uses the Windows Scheduler to carry out updates, so no processes hanging around, until they're needed.

          That's not to say that the update processes triggered by the scheduler don't kill your system, but at least they don't run all the time, unlike other companies' updates.

    4. Anonymous Coward
      Anonymous Coward

      Nah, can't buy that!

      Even a browser driver, were such a thing to exist, still doesn't really excuse the O/S from not gracefully handling an app level exception.

  13. Anonymous Coward
    Anonymous Coward

    I wonder...

    What user account is being used; the default with admin privileges or a non-raised ?

    Also quite disappointing that El Reg didn't include the offending code right into the article itself ;-).

  14. Christian Berger

    If I understand this correctly

    It's about running Desktop GUI applications on Windows... So it has little to do with Safari. So it's a local 'crash' which is only relevant to those few people who run Windows Application servers.

  15. Anonymous Coward
    Anonymous Coward

    "a simple application failure causing a kernel-level fault?"

    See also: "Windows should not allow an app - even if malfunctioning - to take out the machine; that's the ultimate fail here."

    Both spot on, and therefore worth repeating. Frequently.

    Here's how it happened.

    When Cutler started NT, it wasn't quite a microkernel as such, but various chunks were kept separate (different address spaces, different privileges, different access rights...) and communication between them was managed via the local equivalent of an RPC. It was unlikely that any individual application running without Admin rights could crash the whole system.

    There was a performance impact for this robustness though, such that UI-intensive applications (and in particular, benchmarks used by mass-market comics) ran slower on NT than they did on W98 on the same hardware. W98 not having the same protection, it should be obvious that it might run faster. It should also be apparent to those with clue that productivity and performance aren't the same either.

    But this performance difference was unacceptable to Bill, so, over time, NT has lost a lot of its robustness as stuff that has no need (and no right) to be in the kernel has moved into the kernel, for "efficiency" reasons. These unwanted and unnecessary migrations have inevitably increased the vulnerability of the system as a whole to incompetent programming in any particular bit.

    How "efficient" is a crashed machine, Bill-friends?

    Recommended reading: Helen Custer, "Inside Windows NT", Microsoft Press. Explains the way it started, doesn't explain where it all went wrong (how could it, when it's an MS Press book).

    1. Ken Hagan Gold badge
      Boffin

      I recommend you re-read Custer. Yes, the current contents of win32k.sys *used* to be in user space. However, and it's a whacking great however, if they crashed, the session manager (which was waiting on the process handles) was *designed* to go down in flames and take the rest of the system with it.

      The rationale was that no-one ever used a Windows box "headless", so if you lost the UI then you'd be power-cycling the machine anyway, so Windows might as well save you the bother of flipping the big red switch.

      1. Oninoshiko
        Boffin

        That's a FEATURE?

        how about this, restart it. Not the machine, the crashed sub-system. Some of the L4 guys playing with Nitpicker can do it, so it's not impossible.

        (and, they have also proven with a properly built performance oriented IPC system, microkernels can be made pretty damn fast)

        1. Ken Hagan Gold badge

          Yes, that's a feature

          Twenty years ago, you couldn't write a useful Win32 application that didn't engage with the UI. If the UI sub-system crashed, every useful process on the system was inevitably unrecoverable, having had part of its "state" wiped out. You, as OS designer, have two options:

          1) Fail fast. Trigger an immediate BSOD and thereby maximise the chances that the resulting core dump will contain the information needed to diagnose the problem and minimise the chance that data corruption spreads to other processes (since they'll all now be getting garbage from their calls to the UI subsystem).

          2) Pretend nothing has happened. Restart the UI subsystem and assume (against all common sense) that Windows applications are all written so as to be able to detect this and somehow recover from the loss. Maybe log an event so that the sysadmin knows that all files modifed after this date might be corrupt.

          Windows ain't UNIX, not even now. It certainly wasn't in 1990.

          1. Anonymous Coward
            Anonymous Coward

            As Ken says, and as I said earlier, those design decisions were made twenty years or so ago. But x86 has moved on a little in that twenty years, and Ken forgot to mention something:

            "option 3: avoid the failure and the risk of corruption. Revisit those design decisions now that performance is less of an issue, and compatibility with DOS/Win16 apps (and even WinXP apps) is also less of an issue".

            So, dear reader, what progress have Microsoft made in those twenty years, in terms of robustness?

            Even the common or garden antivirus claims to be able to run a risky program in a protected sandbox these days. Isn't that something the OS should be doing for us?

            "Windows ain't UNIX, not even now"

            Indeed not, despite the number of The Great and The Good, people who do know their stuff, people who are now on the payroll at Microsoft Research. Very strange.

            Here's a link to some pictures to refresh your memories of the progress Microsoft have made (by leaving the OS architecture+design in the hands of presentation layer people):

            http://www.wired.co.uk/news/archive/2011-09/16/windows-8-bsod

  16. John Sanders
    Mushroom

    Ignorance is bliss

    I'm loving those comments about this being an Apple problem or a Safari one.

    People, wake up! this is a MASSIVE HOLE in windows.

    1. Ken Hagan Gold badge

      Judging from the down-votes, they're still asleep.

  17. Gordon Fecyk
    FAIL

    Holy crap, another one. I see hope though.

    This is going to be a fun winter with kernel exploits becoming the new (old) attack vector.

    This says something about the Windows user of the 2010s, not using admin access by default, and making the "evil doers" resort to this. The average Windows user is growing up. Finally.

  18. silent_count

    Thanks AC (@13:35 GMT) and Ken Hagan.

    I was curious about what UI code (win32k.sys) was doing anywhere near the kernel.

    Stupid decisions were made. But at least now I get why they were made.

  19. Anonymous Coward
    Anonymous Coward

    Reminds me of the mail of death for Apple mail:

    http://www.securityfocus.com/archive/1/520297

  20. Doug 3

    McFly

    "which contains the kernel portion of the Windows user interface"

    Really, user interface elements in the kernel might be a problem.

    1. Ken Hagan Gold badge

      Re: UI elements in the kernel

      Might be a problem. It's not the way I'd do it, but I've had many more X server crashes than BSODs in my time and for interactive end-users there's not much difference between them.

      If apps are going to share a desktop (keyboard, mouse, screens) then their usage of those needs to be mediated *somewhere* and if you can persuade the mediator to go tits up then everyone with a UI loses it. Most apps aren't written to recover gracefully from that. :)

      At least win32k.sys is all Microsoft's code. If you've got third party drivers, then there's code running at kernel level that the OS designers have never seen, let alone tested. That's not great either. In fact, the Linux crowd consider it so bad that they mark the entire kernel as tainted and won't spend much (any?) time investigating crash reports from such a beast.

    2. Ocular Sinister
      Stop

      X Server still requires root privileges

      I'm as much a fan of linux as the next guy, but X still runs as root. They are edging towards fixing this, but there is still some way to go. And even then, the DRM (no, not that sort!) components will be running in kernel space. Oh, and for legacy cards you will probably always have to run X as root.

      The thing is, modern graphics cards need some fancy memory management to work well, and that sort of management can only be done efficiently (or at all) when the code is running with kernel level privileges.

      1. Alain

        Re: X Server still requires root privileges

        Except running as root != running in kernel mode

  21. Tom 7

    Well thats w7 shot

    a bug like this wont take long for anyone to get to the bottom of

    and reproduction of the same will be out tomorrow and ones that actually get back into the OS and do REAL nasties by the end of the week.

    Remember virus writers dont do xmas - a bit like MS shills.

  22. Peter 39

    business as usual

    This has all the taste of doing stuff in the kernel that properly belongs in user-space.

    Windows has been doing this since forever, and I guess it isn't going to stop. It's not a coding issue, but one of system architecture.

  23. James Condron

    Hmm..

    Just tested, didn't seem to work for me

  24. Thomas Kenyon

    This all seems familiar.

    I remember about 12 years ago a small bit of html that put 4 iframes in a page that referred to itself, managed to take down a Windows 98 machine, a Sun OS machine and a Solaris machine, only machine I tested it on that didn't die was an HP-UX machine running netscape. (The netscape process died).

  25. Anonymous Coward
    Anonymous Coward

    What happens to my X server when I log off ?

    Warning: lots of words.

    "if you lost the UI then you'd be power-cycling the machine anyway" (says Bill. And Ken.)

    Maybe.

    What happens to the X server on a Linux/UNIX box when you log off (or otherwise clean up) a direct-connected interactive session?

    My understanding is the X server (the bit that drives the hardware) shuts down and restarts, if it wants to. The X client stuff (session manager, window manager, apps, whatever) has already gone away as part of the logoff/cleanup process. All resources freed, and if necessary all hardware re-initialised (mouse included, sometimes).

    All done with no reboot necessary in the vast majority of circumstances.

    Now compare with Windows.

    What stops Windows session manager doing something similar in principle to Linux/UNIX where possible? IE at logoff, or after serious application crash bringing down the whole UI, just free up all allocated resources, re-initialise the hardware, and re-start the UI from the top?

    I think the answer is idiot design decisions going back as far as the days of the 486/66 stop it. In particular, the unnecessary co-mingling of UI data and code with kernel data and code stops it. Design decisions relating to getting maximum performance out of limited hardware, design decisions long rendered obsolete by the performance of modern x86 (even Celeron and Atom). But the design hasn't been updated to match modern performance, so the system integrity holes are still there.

    Evidence to the contrary is of course welcome (I'm basing this on XP, ignoring Vista, and assuming Windows 7 and the next server version of Windows hasn't changed this much).

    There should be no important data routinely at risk in the case of a crash of a non-privileged application on a properly designed OS. Windows NT started well, but today's Windows is not a properly designed OS.

    And WNT is not VMS++. Never was, probably never will be.

    @silent_count: thanks for the thanks. Spread the word.

    1. Ken Hagan Gold badge

      Re: What happens to my X server when I log off?

      "My understanding is the X server (the bit that drives the hardware) shuts down and restarts, if it wants to. The X client stuff (session manager, window manager, apps, whatever) has already gone away as part of the logoff/cleanup process. All resources freed, and if necessary all hardware re-initialised (mouse included, sometimes)."

      Yeah. That's not the situation we're facing here. What happens on your X system if the X server crashes whilst all the client apps are still running? Does the X server automatically restart and the clients spot this and restore all their UI state?

      "I think the answer is idiot design decisions going back as far as the days of the 486/66"

      Ah, no. The "idiot" design decisions go back to Windows 1.0 on the 8086. Back then, the hardware didn't support pre-emptive multitasking, so the whole system was driven by posting messages around. Back then, 64K wasn't enough for every window to have its own v-table (like X) and so messages were used instead. Every version is as backwards compatible as possible with the previous few versions, because the customer's investment in closed source apps precludes breaking changes.

      "There should be no important data routinely at risk in the case of a crash of a non-privileged application on a properly designed OS."

      Microsoft would agree. Win32k.sys is not supposed to crash. (It's also "not non-privileged", btw.)

      "Windows NT started well, but today's Windows is not a properly designed OS."

      I'm not sure NT started anything like as well as some people now like to believe. It is better designed now than it was then. We have IO scheduling as well as CPU scheduling. We have process integrity levels as well as DACLs. We have session 0 isolation.

      And if you read the forums from twenty years ago, NT3.1 had its fair share of BSODs too. It looked *very good* compared to DOS-based Windows, but the implementation wasn't perfect. Today's BSOD is news. The same thing twenty years ago might not have been.

      1. Anonymous Coward
        Anonymous Coward

        Personally I don't need to read the forums from twenty years ago, I was there. NT3.1 was almost as new to system and device vendors and driver writers as it was to punters. That's one reason there were so many BSODs (on x86 anyway).

        Of course there have been improvements in NT. It is good to see NT finally dropping some of its Gates-imposed DOS-era baggage as time goes by, but actually maybe the NTVDM wasn't such a bad idea after all, maybe all the Win32 stuff should have lived in a Win32 sandbox too (maybe Vista's "Session 0 isolation" is a step in the right direction), and there's now less excuse for the "efficiency" improvements which led to so much UI code and data being mixed with kernel code and data.

        "We have IO scheduling as well as CPU scheduling. "

        Excellent. How long has Linux had IO scheduling? (Some PDP11 OSes nominally had IO prioritisation too. Nothing new under the Sun.)

        "Microsoft would agree. Win32k.sys is not supposed to crash. (It's also "not non-privileged", btw.)"

        The application in this picture isn't privileged and shouldn't be able to cause a crash like this. Somewhere in this picture (probably in Win32K.sys) is some privileged code which isn't written right and consequently a non-privileged application can bring down the whole system. Whose fault is that?

        "What happens on your X system if the X server crashes whilst all the client apps are still running? Does the X server automatically restart and the clients spot this and restore all their UI state?"

        I don't know, it never happens :)

        More seriously, the apps do the same as they would if they lost a network connection between X app and X device. Because the apps *by design* have no critical kernel info in them, the system carries on, and once the X server is successfully restarted you log in again and continue. Without a reboot.

        Merry christmas.

  26. Bronek Kozicki
    IT Angle

    here is a question

    does Safari implement CSS shaders or WebGL? If it does not and if there is indeed no kernel level software installed with Safari, then indeed it would be Windows bug. Hope to be fixed soon.

    However, if WebGL or CSS shaders are involved, that would mean graphic card drivers is involved as well.

    Lets wait until more of this is known.

  27. Anonymous Coward
    Anonymous Coward

    Optional

    What are you guys all on about?

    (posted from links)

  28. Anonymous Coward
    Anonymous Coward

    Does Safari require admin rights to install?

  29. spellucci
    Joke

    For safety measures

    For safety measures, I'm deleting kernel32.exe from my 64-bit Windows 7 machine as soon as I finish this post.

  30. Keith T

    Obvious solution is to copy Apple

    The obvious solution is for MS to copy Apple, that will be the inevitable result of the blackhats (including the blackhats pretending to be whitehats).

    MS copies Apple, only lets approved programs run on its machines, only lets approved programming tools be used, and levies users heavy fees (via vendors) for keeping them safe.

    Is that really what the blackhats want? A world like Steve Jobs envisioned?

    The other solution is one in which those who produce hacking tools are treated like those who conspire to commit burglary by law enforcement.

  31. P. Lee
    FAIL

    Why use safari?

    It's a question of security vs risk. If you know what you are doing are if you are being targeted specifically, then it is better to go for a secure system. If you don't know how to run a secure system and no-one is after you, then the least risky system would be better.

    Safari (and OSX) offer obscurity which can offer lower risk rather than increased security. What actually provides lower risk depends on your circumstances.

    That said, the issue here is with an OS component not checking its parameters. An app coding error should lead to an app crash, not an OS crash. This isn't to say that Linux and OSX don't have similar issues, but "everyone else has problems" is not an excuse. Never rely on the client (in this case application) to do your validation for you.

    If UI code was put in the kernel (for speed possibly) that's a poor design decision - much worse than a simple bounds check failure.

  32. Stevie

    Bah!

    The problem lies in the Win32 libraries. Hm.

    Do *any* of these preferred browsers come in a 64-bit version, or are they all thunking 32-bit dinosaurs?

    1. Ken Hagan Gold badge

      Re: Bah!

      No, the problem doesn't lie with the Win32 libraries. Win32k.sys is just a name. It's a kernel mode component, so it is is the same bitness as the rest of the OS. Changing your browser wouldn't help, and unless you look at *very* large web pages, there's no benefit to using a 64-bit browser on Windows.

  33. Anonymous Coward
    Boffin

    http://www.longlandclan.yi.org/~stuartl/bye_bye_w7.html

    Does some strange things on Firefox 8.0 (Gentoo Linux AMD64). Konqueror renders a page with a very tall iframe (as you would expect). I haven't bothered to reboot into MacOS X to try Safari, and I don't have any Windows 7 machines.

    I'd be interested to know if any Chrome or Konqueror users on Windows 7 AMD64 strike problems with that page, as that would put the blame squarely at Webkit itself, rather than Safari.

    (Closest we have is one that came with Vista, but that had an exorcism with a Windows XP Pro CD, as we needed to run software that didn't run on Vista.)

    1. tom dial Silver badge
      Linux

      Not a problem with chromium (6.0.472.63 (59945) Built on Debian 6.0.2, running on Debian 6.0.3) or iceweasel (firefox) (3.5.16) on Debian (2.6.32-5-amd64 #1 SMP Mon Oct 3 03:59:20 UTC 2011 x86_64). Nothing much there, but it doesn't kill either browser or OS.

    2. Renato
      Mushroom

      Crashed and burned

      It renders as it should on Firefox 9.0, IE 9 and Opera, and gives a nice BSoD on Safari. I tested this on a Windows Server 2008 R2 SP1, with nVidia GeForce 310M.

      If anyone is interested in reading a stack trace, http://pastebin.com/CvtHSt6u

  34. Anonymous Coward
    Anonymous Coward

    So..?.?

    So from the comments; when Adobe software takes down OSX it's not Adobe's fault, it's Apples?

    1. jake Silver badge

      @AC 01:17

      "So from the comments; when Adobe software takes down OSX it's not Adobe's fault, it's Apples?"

      Yes. Third party code should not be able to take out the monitor/kernel/whatever. On any system. Anywhere.

      That said, might I point out that Adobe's code is crap?

      Two wrongs don't make a right ...

    2. tom dial Silver badge
      Linux

      Absolutely correct.

    3. flying_walrus

      Re:adobe and apple

      Given that world+dog have interpreted Steve's statement that he gave adobe all the time in the world to get flash working on iOS* and they couldn't do it as "I refuse to let flash on iOS devices", I think you're right.

      * I think it was a year after the launch at that point, so adobe had at least 18 months

  35. Sokolik

    ohhowstupidami...

    ...I didn't even know Safari is available for Wintel!

  36. ulric
    Headmaster

    Kernel panic!

    Reminds me of the early days at the university where browsing a few pages with netscape would start swapping and eventually cause a kernel panic on the Sun or Sgi machines. So much for unix's superior design!

    1. Anonymous Coward
      Anonymous Coward

      What would Windows do?

      "browsing a few pages with netscape would start swapping and eventually cause a kernel panic on the Sun or Sgi machines"

      Run out of swapspace/pagefile, at a guess. University sysadmins expecting well-behaved applications not needing a semi-infinite amount of virtual memory?

      What a properly designed OS might do is have quotas on user accounts and/or processes, in order to prevent a single unprivileged user causing a denial of service on everybody else.

      There'd be a slight performance penalty for the privilege and resource usage checking, and a sysadmin overhead in setting the quotas appropriately for the user, but done right you'd end up with a more robust system which, in the case of a luser wanting a semi-infinite amount of virtual memory, would just tell the luser "computer says no", while the rest of the system carries on as before. How brilliant is that?

      If only there was such a properly designed OS available.

      I wonder if HP have one (not WebOS. not PH-UX. What's the other one called?)

      1. Alain

        @AC 22-DEC 09:54

        > I wonder if HP have one (not WebOS. not PH-UX. What's the other one called?)

        VMS? it belongs to HP nowadays.

      2. Tyson Key

        HP's other, other UNIX-esque OS...

        Would that be Tru64? (Which came from Compaq (née DEC), if I remember correctly).

        1. Anonymous Coward
          Anonymous Coward

          Points to Alain and Tyson

          Points to Alain and Tyson for knowing more about HP-owned (but not HP-developed) Operating Systems than 999.745% of HP sales and support staff.

          And what do points make?

      3. Michael Wojcik Silver badge

        Restricting process resource allocation

        I assume the HP OS you're referring to is MPE. Sure, MPE is nice too.

        However, UNIX and its derivatives have also supported restricting resource allocation for many years, via the setrlimit() system call and the ulimit command (actually a shell built-in). If sysadmins choose not to set hard limits for their users, that's administrator error, not the OS's fault. I suppose you could knock the OS for not making it the default, of course.

        And the OS should handle resource exhaustion more gracefully; many UNIX flavors do. (AIX, for example, since at least version 3 has had fairly intelligent handling of virtual memory exhaustion: it starts by killing off non-privileged processes using the most memory, and does so by raising SIGDANGER first, so programs can be written to handle the condition sensibly, before it gets out the big stick (SIGTERM followed by SIGKILL).

  37. Anonymous Coward
    Anonymous Coward

    is someone bulk accepting comments on the forum?

    Merry xmas and all...

  38. mraak
    Mushroom

    Clearly

    It's time we dump this HTML5, it's unstable, crashes machines and is unsuitable for mighty Apple products. Maybe a secure, closed and proprietary multimedia runtime is in order.

  39. Matthew Smith

    <blink>

    <blink>Always knew it was evil</blink>

  40. Anonymous Coward
    Anonymous Coward

    beyond sanity

    100 people write some software, 1 million will try to destroy it, because if they can make a mint selling their software to fix it. Something makes me think if we were just inventing the wheel today, 1 million would be designing roads to break it and offering wheel protectors to stop it breaking. Humanity is such a disappointment.

  41. Anonymous Coward
    Anonymous Coward

    "if we were just inventing the wheel today, 1 million would be designing roads to break it"

    Don't forget the masses of "intellectual property" lawyers who would be blocking the widespread use of the wheel by dragging the participants through the courts.

  42. Gearhead
    Childcatcher

    Merry Christmas Mr. balmer.

This topic is closed for new posts.

Other stories you might like