Posts by Eddie Johnson 376 publicly visible posts • joined 23 Oct 2007
>Of course Windows allows separation of data and programs - how would roaming profiles work if not?
Search the web, the general consensus is that roaming profiles don't work any more.
I've been running roaming profiles since WinNT and with each version of Windows (2k, XP, Server 2003, etc) it becomes more and more of a struggle. Profiles are now so bloated I've heard of people in other shops talk about logins taking 25 minutes - over 1Gb LAN. I've personally seen an XP+2003 combination take 5 minutes to login and that's with less than 50M payload. Adobe Reader (circa 7,8, haven't used it since) installs its 100M setup file into a roaming profile folder and then attempts to infect any computer you log in to.
The registry is the number one place MS screwed the pooch with regard to backup/restore, its monolithic (or dualistic?, tri...) nature and its inability to fail gracefully doom most attempts to restore software - settings are spewed all across HKLM, HKCR and HKLU and some .ini and .dat files in 3-4 different profile folders, some roaming some not.
I've seen some well written apps that, when started, will inform the user that settings have been lost and offer to recreate them. Far too many follow the MS Office example: "Tahoma Font not found, try reinstalling the application!"
You voice a popular opinion from people who have fast, cheap broadband connections. Let me just say that not everyone has the same circumstances as you. Many people are unable to get decent broadband and most people are unable to get decent broadband at a reasonable price. I don't consider $100 to $130 for combined cable/internet/phone to be at all reasonable. In many suburban to semi-rural areas of the US that's the best you can do - and I'm not talking about the truly rural areas - there your choice is dial-up or satellite.
There have been numerous times when I was following MS instructions for a particular task (eg relocate print spool folder) and their instructions include a reboot. Instead I just stop/start the related service (eg spooler) and everything goes fine.
They are just lazy and can't be bothered to test dependencies that way so they go with the nuclear option of always rebooting. It's just laziness and poor organization that led them to lose track of dependencies. 95% of the reboots can be handled by starting and stopping services and/or processes. A lot of other "required" reboots that involve reloading modified registry settings in HKCU can be done just by killing the shell and your running applications survive, you don't even have to log out. But MS will never tell you that.
>>The only tablet experiences folks had (aside from mini-tablet-ish smartphones, of course) were with those hyper-lame – or, to be kinder, hyper-specialized – Windows tablets from days gone by.
Well yea, if by "days gone by" you mean now and by "hyper-specialized" you mean "general purpose Windows machines."
We're running Panasonic Toughbook tablets and they still rock, way more useful than any iCrap or Netbook out there. The only downside is their price but Toughbooks live up to their name.
>>When Phorm started collecting data, there was uproar. When Amazon announced the same thing, it seemed as if no one cared.
"Started" and "announced" are 2 completely different things. I'm just as concerned and appreciate being informed as this is enough to prevent me from purchasing one.
HP has been circling the drain for years. They used to make good quality hardware with fair to poor drivers and software. I saw the decline begin in the 90s when they offshored their calculator division to Singapore, since then they've become an American company in name only. Now they want to abandon the thing they were good at to follow the herd to the "easy money" in services. It used to make me sad but since their last 2-3 generations of printers have been complete crap I say full speed ahead with the collapse.
>Are Newzbin right to release methods of bypassing Cleanfeed? No, but BT's friggin counsel told the court that this would be the end result. Talk about making a ruling without any thought of the future.
For the judge to have made that distinction would be for him to admit that the courts are not all powerful, not something a judge is often willing to do.
All the talk of auto configuring, self healing fabric is great but the Internet can not be viewed as friendly territory where every other switch and router is trusted. Just think back to the Chinese traffic grab a few years ago and consider the implications of a few forged hop counts that can cause traffic to be routed from New York to Washington DC via Beijing or Tehran. That trust mistake was made 40 years ago with the initial design and should not be repeated.
Once you acknowledge the trust issue all the automated solutions collapse and the hierarchical arrangement makes sense - rings of trust are more accurately branches of trust and you stay as far from the root as possible. Fabric only works within limited areas of trust and the best way to interconnect these zones will still be hierarchical.
Advice to consider modem speed when designing web pages is hardly dated. There are quite a few sites today which probably look good over the designers 100Mb Ethernet but fail badly on a 1Mb cable or DSL line. And yes, there ARE still 4kbps dialup users even if you think they aren't your target market. Some rural US users have no choice - and when I say rural I'm not talking about Wyoming - I'm talking about outer suburbs of major cities where cable doesn't go and you're 3 miles from the phone office - too far for DSL.
Verity should certainly know the more things change the more they stay the same.
Tell that to all the dead 400,000 MTBF drives on my bench. None of them are anywhere close to 45 years old. You know how they come up with these numbers?
"Hey Joe, does 1 million hours sound impressive enough?"
"No, lets make it 2 million to be safe."
"What do we use to justify that?"
"Well, I ran it for a week straight in my mother's house without AC or power conditioning. That should be good enough."
The moral of the story is you can't guarantee the life of a device until the device has actually existed that long. Hard drives haven't existed for 50 years. I bet there isn't a single device out there that lasts its MTBF, even in the cleanest environment, much less a typical one.
Or you start getting lots of false positives because people fail to rigorously post their updates and hashes together. The kind of companies that are constantly posting a stream of bug fix versions are the very ones that also manage to screw up the hashes a decent percentage of the time - because they are too lazy to check themselves.
This just proves a theory off mine, the so called "legacy free" computers with no PS2 style mouse and keyboard connectors are a dumb idea. Not to say this exploit couldn't have happened over a PS2 connection (given the microcontroller aspect) but its certainly a lot easier via USB. I've steered away from a number of recent motherboards for their lack of PS2 ports.
2 basic security rules would have prevented this attack, always be suspicious of "free" gifts and never allow users access to USB ports. This reminds me of the viruses spread by free thumb drives given away at trade shows.
I eagerly await a study of how 4:3, 16:9 and 2.35:1 aspects relate to how the human eye works. I'm convinced 4:3 is the best aspect for how our vision works and I despise looking at life thru a gun slit - or watching a 2.35 production. It sucks you can hardly buy 1600x1200 monitors anymore, the shortscreen crap has taken over.
Then I'd say its the fault of the manufacturers and resellers marketing this stuff to home users and small business. Your position is that these devices shouldn't be used without the oversight of a skilled $100K a year specialist, that sort of knocks the bottom out f the whole "internet telephony is cheaper" argument doesn't it?
I actually agree with you, these things are not for home users and small biz, despite the marketing lies.
[/Ken Olsen mode]
Absolutely correct Tom. Some of the worst behaving apps I've seen come out of Redmond, they seem fundamentally incapable of following their own rules. How many times have you installed patches only to find a pile of crap left behind in the root directory? They seem to delight in abusing the power of the system account. They are utterly incapable of properly using a TEMP directory, even when one is provided for them. Once I had a foreign drive mounted on a Windows system for some testing and MS used IT as TEMP.
The one major app that I have to name and shame that is not Microsoft's is Quickbooks. There is no way that POS should get a Windows logo. Way too many versions have required all users to have local Admin rights.
HDMI may be leading edge with A/V jacks for the oldest backward compatibility but I'd like to see component video there too for a supposedly high end product.
I'd also like to see more coverage of the alternative media formats like DivX as there tend to be caveats in this area, eg what are the maximum DivX resolutions?
I'm sure he would explain that MS is doing a lot. Trustworthy Computing, DRM and all the crap MS and Intel tried to do years ago that the public resoundingly rejected. And Win7 is the answer to all the problems if only those penny pinching users would upgrade their hardware and software.
Don't think that I'm defending MS, I think they have failed miserably and really don't have a clue how to proceed - but they can certainly produce a lot of evidence that they have thrown hundreds of millions of dollars at the problem. They are the proof that throwing money at a problem is not always a solution. From my perspective it looks like every person at MS (at least with any authority) is a moran because they always make the wrong choice. They always choose the complex solution over the simple one, they paper over bad construction rather than fixing the core problems and they consistently fail to follow their own software design standards. The biggest weakness of their OS is now its bloated size.
A "cloud" is not a physical entity, its a graphical representation on a schematic that essentially means "not our responsibility." Apparently it's not Amazon's responsibility either. If your company trusts their core business to this model they deserve to be offline, permanently.
This is the equivalent of hosting your company web site on Geocities unless your hosting agreement provides guarantees for not just hosting costs but also lost revenue.
Tuning software to a specific benchmark is like studying for a test you have access to - you only bother to learn what you know will be asked. The only valid benchmarking results from running against a benchmark the testees didn't have access to in advance.
Your goal is to have the benchmark results be scalable to the real world and if the testees are allowed to tune specifically to the benchmark this will not be the case unless the coders are volunteering to tune their code to each and every user's actual code also.
Fire the 10% who clicked and achieve a 10% budget savings while most likely lowering your productivity by a much smaller percentage as these were not the brightest of the bunch. You may even find productivity increases now that the chaff has been removed. That's one of the paradoxes of business, a lot of times adding more employees reduces production.
"VMware is, after all, just a glorified way of multi-tasking apps in servers and, originally, PCs, that was necessary because Windows and Unix were so crap at the job."
Glad to finally see someone say that in print. Now can we take the next step and fix the failed piece of the stack, rather than put another layer on the stack? Virtualising OSes is an acknowledgment the OSes are failing to do what they promised in delivering a multiuser/multitasking environment . If you were swapping apps in and out rather than whole OSes the disk load would be that much smaller. This is yet another case of poorly implemented software driving the demand for faster hardware just to keep your head above water.
"Heap-exploitation mitigation made its Microsoft debut in Service Pack 2 of Windows XP, and has since been refined in later OSes. It works by detecting memory that's been corrupted by heap overflows, and then terminating the underlying process. The technology was a significant advance for Microsoft. Practically overnight, an entire class of vulnerabilities that once allowed attackers to take full control of the targeted operating system were wiped out."
I suspect this is why Explorer (not IE) has become such an unreliable piece of crap. Since every crappy app you install has some pointless shell extension it installs into Explorer I find Explorer getting terminated ridiculously often. I always bitched that it was so poorly written that it couldn't manage to write an error event identifying the culprit (and thus shaming the companies involved into cleaning up their shell extensions) but the problem is that Explorer isn't generating an exception on its own - its being whacked by this guard process.
How elegant.
On Netware I simply edited my Autoexec.ncf:
set Start Of Daylight Savings Time = (MARCH SUNDAY SECOND 2:00:00 AM)
set End Of Daylight Savings Time = (NOVEMBER SUNDAY FIRST 2:00:00 AM)
# set Start Of Daylight Savings Time = (APRIL SUNDAY FIRST 2:00:00 AM)
# set End Of Daylight Savings Time = (OCTOBER SUNDAY LAST 2:00:00 AM)
20 years later and MS still hasn't caught up.
You can fool some of the people all of the time and all of the people some of the time but anyone still running Adobe Reader after ~10 years and ~10 major versions of this crap is the fool of all fools. But hey, all you need is another 100M download to solve the problem - or at least delay it for another month.
Sorry, the OSs which are still running IE6 most likely are doing so because MS illegally and illogically tied the browser to the OS. I bet NT4 and Win2K where you are not allowed to install any never version that are responsible for a large percentage of the IE6 instances. NT4 never had a remote auto patching facility and 2K issues its last patch 6 months ago so I doubt MS has the ability to force feed a poison pill to very many culprits.
Frankly MS is now getting what they deserve - for not making IE7/IE8 available to Win2K users years ago, while Win2K was still supported. They tried to use the tie-together to force people to upgrade OS+Browser, instead many people chose to upgrade neither.
Another way they screwed theirselves was by not allowing 2 browser versions side by side. That would have allowed corporates to upgrade to IE8 for internet while using IE6 for legacy intranet stuff.
I'm just curious how much money and how many consultants it took to come up with the CSDA acronym. I'm actually surprised they didn't spend a few hundred thousand more for something like TRIGGER - Transmitter, Receiver, Intelligence Gathering Gateway and Emergency Requisitioner.
MTBF figures are a complete joke anyway. If any of them were close to realistic most of us would never see a hard drive fail.
A 400,000 hour MTBF is 45 years of 24/7/365 usage. Even assuming half the drives fail before that the failure rate before 10 years should be tiny. Considering that probably no drive has ever lasted 40 years how can they publish this BS?
Nice to read someone else's experience. I've been considering 2 similar projects, one for my company and one for a friends business which is forced to run over a wireless link due to a lack of cable or DSL access. I'm in a hilly area and some of the stuff like radiolabs.com's 5 mile bridge kit caught my eye. Erecting 50 foot towers seems affordable to me, they can be home brewed for less than the cost of a year's wireless bill a piece.
Every desktop computer in my organization has PS2 connectors for keyboard and mouse on the ATX motherboard. Is there a new ATX standard or a replacement I'm not aware of?
This is a good reason why they should be kept too, showing the downside of a universal USB connection. While I'm sure someone could mount an attack thru them it would be a heck of a lot harder than for Joe Sixpack to just plug in a USB thumb drive.
as thinking up some nonsense word like Kin or Bing or Bloop or Pow or something like that?
How 'bout Kerzam? K names are all the range for little Millennium babies. Oh, wait we're shooting for only 3-4 letters so the ADHD crowd can remember it even when stoned.
I'm off to watch the Batman show for inspiration.
ROM Boot could work... If the software development model wasn't based on going to market with alpha code then releasing a never ending series of patches to almost get it up to release level just in time for it to be end of lifed in favor of the shiny new alpha release.
In some ways I think the internet has destroyed software quality because it made it too easy for developers to release known buggy or nonfunctional code. How many times have you purchased software, delivered on a CD and had it fail to install, only to be directed to download something different? One of Quickbooks recent releases was like this - they were shipping CDs that didn't work then forcing people to make 600M downloads.
"and the creation of a new post to make sure they are enforced."
This guarantees the regulations will be toothless then. They need to be laws not regulations, with the full weight of huge fines and criminal penalties or they will be a joke. There is already an infrastructure to ensure laws are enforced. Personally I think an important provision is not to preempt citizens from the right to sue. That way when (not if) the government fails to enforce the laws those affected to file suit in conjunction with the EFF or other parties.
I would bet that the regulations will be written in such a way that this is prevented though, so when a Republican administration declines to enforce the law in all but the most egregious cases consumers will have no recourse. That's the typical government path - create regulations and an entire infrastructure to administer them, then do little more than investigate and cajole the violators. How about a minimum fine of $100 per person/record for violations, "accidental" or not. One million customers 'accidentally' violated? That would be a significant deterrent.
>>unless some experts have checked it
Surely everyone posting here on El Reg is completely overqualified to do so and probably reads the complete source to everything they download. I will undertake this once I finish reading Dapper Drake and get it installed. Yeah, It's taken a few years to get thru, not much plot in the middle.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
