Mailinglist Archive: opensuse (3605 mails)
| < Previous | Next > |
[SLE] [OT] Re: FYI: OpenSUSE vs Vista
- From: "Bryan J. Smith" <b.j.smith@xxxxxxxx>
- Date: Sat, 03 Jun 2006 07:56:06 -0400
- Message-id: <1149335766.2958.89.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
[ This will be my last off-topic post on this. I recommend finding a
Windows support list if anyone wishes to discuss further (I run one such
group). Just a suggestion, I'd love to discuss this stuff, but I'm
over-staying my welcome on these topics since this is a Linux list. ]
On Fri, 2006-06-02 at 12:46 -0700, kai wrote:
> Like any idiot would actually use Vista. I tried it just for kicks and laughed
> so hard at the pathetic nature of Vista. I couldn't believe MS would make an
> OS worse than XP, but they've managed.
Windows Vista (the client) has implemented 0% .NET in the core. The
_only .NET technology in the _entire_ NT6.0/Longhorn line is "Indigo" --
which is for NT6.0/Longhorn server. Indigo is sandboxed .NET Internet
(but _not_ ADS, LAN, SMB, etc...) services. The idea is to sandbox
off .NET from insecure Win32 internals of NT that have gotten
progressive hacked and re-hacked from NT 3.51 "Daytona" on-ward
(including ultimately by-passing _most_ security in NT 5.1 XP, which
then XP SP2 partially "re-hacked" back to NT 5.0 2000 standards).
Yes, Indigo is basically giving us what we already have in Java. ;->
Understand most "Vista technologies" aka "WinFX" is _out_ and quickly
becoming _vaporware_. This is a 100% repeat of "Cario" (aka "Consumer
NT) then "Cario tecnologies" then 100% _Vaporware_ -- almost year by
year (1991-1996, now 2001-2006). This includes Microsoft's own tools
division _not_ releasing a "pure" Visual Studio .NET, and still
incorporating various "Chicago-era" code -- largely for Visual Studio 6
compatibility. That then results in many other issues. Then
Microsoft's own application division throws the .NET development books
in the trash ... and that's what we continue to get ... trash!
Probably the biggest insight I can give is on Visual Basic. Microsoft
complains that they must continue to support the Visual Basic 6 run-time
in Vista because of Independent Software Vendors (ISVs). The reality is
that Microsoft's _itself_ is still _heavily_ using VB6 code internally.
This frustrates most of Microsoft's core architects. Which is why it is
not surprising that after a "2nd time" with "Longhorn" ("Cario" being
first), that Microsoft's core architects have _fled_ to Google.
I have predicted 100% of Microsoft's moves in this regard since 2001 --
not because I'm "smart" -- but because we called it "Cairo" 10 years
ago. Just follow the same history.
E.g., most people don't realize that WinFS, formerly CarioFS, is
actually a set of "bug fixes" to the serious, core issues with how NTFS
is designed and intertwined with the NT Security Accounts Manager (SAM)
and its in-filesystem Security ID (SID). What was designed to be a more
secure filesystem turned into a (pun)self-fsck'ing(pun) base.
One of the reasons why Linux can't "safely" write to NTFS is because NT
systems can_not_ "safely" write to other NTFS filesystems created by
another NT system either! That's where the "NT domain" model comes in
NT from LAN Manager -- turns the local SAM of the Registry of the
"promoted domain controller" into the "network-wide SAM" (and why all
DCs forget their own, local registry SAM). This is _still_ how it works
in ADS (despite Microsoft saying otherwise). As a Windows professional,
this is _crucial_ to note -- because you _never_ want to write local SAM
SIDs to a NTFS filesystem, which _can_ happen on a non-DC file server.
Microsoft tried to mitigate this with NT5+ (2000+) Logical Disk Manager
(LDM) aka "Dynamic Disc" by reserving sectors for writing key SID info.
But that only prevents the filesystem from getting corrupted, it does
_not_ mean you won't lose Access Control Entries (ACEs) on files in a
NTFS filesystem if you write to it with another NT installation (or
other OS) that didn't create the NTFS filesystem. Worse yet is how _no_
NT version offers a "read-only" NTFS mount, which Linux at least does --
although NT 5.1 XP/2003 _will_ refuse to even "see" a NTFS filesystem
created with another SAM _unless_ it's in on a LDM volume.
This is just one clusterfsck of NT.
I was really looking forward to MONAD in NT 6.0 -- a "pure" NT 6.0
environment for parsing, scripting, etc... It was supposed to be the
foundation of a new parsing engine for Exchange, SQL, etc... Especially
Exchange -- which _all_ versions (including 2003) have a very _broken_
parser that has buffer overflows up the wazzu. I found one in 1999 (and
told Microsoft about it then, and got beat to a pulp for doing so and
threatened _not_ to report it to CERT) and I can _still_ exploit it in
Exchange 2003 (and we did at a Fortune 20 financial company).
But MONAD is now a "WinFX technology" and not in Vista.
The "Avalon" presentation system in NT 6.0 Longhorn client "Vista" is
0% .NET. It's trying to chuck the Graphical Display Interface (GDI)
foundation of NT, which is rather impossible. The GDI wasn't a bad idea
in the original NT 3.1 on-ward, but how the GDI was used was the
problem. First off, one of Gates' personal, _bone-head_ ideas was that
all NT programs _must_ be tied to the GDI. For 3D, the GDI would use
OpenGL -- which wasn't a bad idea, but implemented in a way that made it
_impossible_ for "Chicago" to use (hence the creation of "Direct DOS
Memory Map" aka "DirectMM" then "Direct2D" and the subsequent
"Direct'X'" technologies for Windows 95 -- long story). But the fact
that the GDI was fixed to hardware would plague NT and cause it to not
have "multiuser" capability until Citrix hacked a virtual GDI solution
with "MultiWin" (which is the underlying foundation of WinFrame and,
subsequently, Terminal Server which is actually built into all NT5+/2000
+ versions).
The new Windows Graphics Foundations (WGF) is an API that new programs
will be written to, while the subsystem handles legacy GDI
compatibility. The problem is that WGF 1.x is basically DirectX 9 --
and has seriously _missing_ features -- things that Microsoft normally
relies on proprietary extensions from ATI or nVidia for (since DirectX
is largely a set of wrappers to hardware, and does not have an
Architecture Review Board, ARB, like OpenGL). WGF 2.0 -- based on a
more complete and new DirectX 10 -- was supposed to be in Vista -- but
is was a serious undertaking to actually attempt to match even base
OpenGL in core geometry setup (which is why OpenGL is still used for
professional graphics), so WGF 2.0 is now a "WinFX technology."
Hence why SuSE Linux 10.1's compiz smacks Vista's Avalon silly on
anything less than a 3GHz CPU, 1GB RAM, NV4x/R400 GPU.
In conclusion ...
The best and most "pure" .NET environment can be found from Novell.
It's called Mono and the whole reason why Miguel liked .NET is because
it is very "UNIX-like" in security and API.
Too bad Microsoft itself isn't using it -- other than for "Indigo."
Then again, Digital created NT/Win32, and they didn't use it either.
--
Bryan J. Smith Professional, technical annoyance
mailto:b.j.smith@xxxxxxxx http://thebs413.blogspot.com
-------------------------------------------------------
Illegal Immigration = "Representation Without Taxation"
--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx
Windows support list if anyone wishes to discuss further (I run one such
group). Just a suggestion, I'd love to discuss this stuff, but I'm
over-staying my welcome on these topics since this is a Linux list. ]
On Fri, 2006-06-02 at 12:46 -0700, kai wrote:
> Like any idiot would actually use Vista. I tried it just for kicks and laughed
> so hard at the pathetic nature of Vista. I couldn't believe MS would make an
> OS worse than XP, but they've managed.
Windows Vista (the client) has implemented 0% .NET in the core. The
_only .NET technology in the _entire_ NT6.0/Longhorn line is "Indigo" --
which is for NT6.0/Longhorn server. Indigo is sandboxed .NET Internet
(but _not_ ADS, LAN, SMB, etc...) services. The idea is to sandbox
off .NET from insecure Win32 internals of NT that have gotten
progressive hacked and re-hacked from NT 3.51 "Daytona" on-ward
(including ultimately by-passing _most_ security in NT 5.1 XP, which
then XP SP2 partially "re-hacked" back to NT 5.0 2000 standards).
Yes, Indigo is basically giving us what we already have in Java. ;->
Understand most "Vista technologies" aka "WinFX" is _out_ and quickly
becoming _vaporware_. This is a 100% repeat of "Cario" (aka "Consumer
NT) then "Cario tecnologies" then 100% _Vaporware_ -- almost year by
year (1991-1996, now 2001-2006). This includes Microsoft's own tools
division _not_ releasing a "pure" Visual Studio .NET, and still
incorporating various "Chicago-era" code -- largely for Visual Studio 6
compatibility. That then results in many other issues. Then
Microsoft's own application division throws the .NET development books
in the trash ... and that's what we continue to get ... trash!
Probably the biggest insight I can give is on Visual Basic. Microsoft
complains that they must continue to support the Visual Basic 6 run-time
in Vista because of Independent Software Vendors (ISVs). The reality is
that Microsoft's _itself_ is still _heavily_ using VB6 code internally.
This frustrates most of Microsoft's core architects. Which is why it is
not surprising that after a "2nd time" with "Longhorn" ("Cario" being
first), that Microsoft's core architects have _fled_ to Google.
I have predicted 100% of Microsoft's moves in this regard since 2001 --
not because I'm "smart" -- but because we called it "Cairo" 10 years
ago. Just follow the same history.
E.g., most people don't realize that WinFS, formerly CarioFS, is
actually a set of "bug fixes" to the serious, core issues with how NTFS
is designed and intertwined with the NT Security Accounts Manager (SAM)
and its in-filesystem Security ID (SID). What was designed to be a more
secure filesystem turned into a (pun)self-fsck'ing(pun) base.
One of the reasons why Linux can't "safely" write to NTFS is because NT
systems can_not_ "safely" write to other NTFS filesystems created by
another NT system either! That's where the "NT domain" model comes in
NT from LAN Manager -- turns the local SAM of the Registry of the
"promoted domain controller" into the "network-wide SAM" (and why all
DCs forget their own, local registry SAM). This is _still_ how it works
in ADS (despite Microsoft saying otherwise). As a Windows professional,
this is _crucial_ to note -- because you _never_ want to write local SAM
SIDs to a NTFS filesystem, which _can_ happen on a non-DC file server.
Microsoft tried to mitigate this with NT5+ (2000+) Logical Disk Manager
(LDM) aka "Dynamic Disc" by reserving sectors for writing key SID info.
But that only prevents the filesystem from getting corrupted, it does
_not_ mean you won't lose Access Control Entries (ACEs) on files in a
NTFS filesystem if you write to it with another NT installation (or
other OS) that didn't create the NTFS filesystem. Worse yet is how _no_
NT version offers a "read-only" NTFS mount, which Linux at least does --
although NT 5.1 XP/2003 _will_ refuse to even "see" a NTFS filesystem
created with another SAM _unless_ it's in on a LDM volume.
This is just one clusterfsck of NT.
I was really looking forward to MONAD in NT 6.0 -- a "pure" NT 6.0
environment for parsing, scripting, etc... It was supposed to be the
foundation of a new parsing engine for Exchange, SQL, etc... Especially
Exchange -- which _all_ versions (including 2003) have a very _broken_
parser that has buffer overflows up the wazzu. I found one in 1999 (and
told Microsoft about it then, and got beat to a pulp for doing so and
threatened _not_ to report it to CERT) and I can _still_ exploit it in
Exchange 2003 (and we did at a Fortune 20 financial company).
But MONAD is now a "WinFX technology" and not in Vista.
The "Avalon" presentation system in NT 6.0 Longhorn client "Vista" is
0% .NET. It's trying to chuck the Graphical Display Interface (GDI)
foundation of NT, which is rather impossible. The GDI wasn't a bad idea
in the original NT 3.1 on-ward, but how the GDI was used was the
problem. First off, one of Gates' personal, _bone-head_ ideas was that
all NT programs _must_ be tied to the GDI. For 3D, the GDI would use
OpenGL -- which wasn't a bad idea, but implemented in a way that made it
_impossible_ for "Chicago" to use (hence the creation of "Direct DOS
Memory Map" aka "DirectMM" then "Direct2D" and the subsequent
"Direct'X'" technologies for Windows 95 -- long story). But the fact
that the GDI was fixed to hardware would plague NT and cause it to not
have "multiuser" capability until Citrix hacked a virtual GDI solution
with "MultiWin" (which is the underlying foundation of WinFrame and,
subsequently, Terminal Server which is actually built into all NT5+/2000
+ versions).
The new Windows Graphics Foundations (WGF) is an API that new programs
will be written to, while the subsystem handles legacy GDI
compatibility. The problem is that WGF 1.x is basically DirectX 9 --
and has seriously _missing_ features -- things that Microsoft normally
relies on proprietary extensions from ATI or nVidia for (since DirectX
is largely a set of wrappers to hardware, and does not have an
Architecture Review Board, ARB, like OpenGL). WGF 2.0 -- based on a
more complete and new DirectX 10 -- was supposed to be in Vista -- but
is was a serious undertaking to actually attempt to match even base
OpenGL in core geometry setup (which is why OpenGL is still used for
professional graphics), so WGF 2.0 is now a "WinFX technology."
Hence why SuSE Linux 10.1's compiz smacks Vista's Avalon silly on
anything less than a 3GHz CPU, 1GB RAM, NV4x/R400 GPU.
In conclusion ...
The best and most "pure" .NET environment can be found from Novell.
It's called Mono and the whole reason why Miguel liked .NET is because
it is very "UNIX-like" in security and API.
Too bad Microsoft itself isn't using it -- other than for "Indigo."
Then again, Digital created NT/Win32, and they didn't use it either.
--
Bryan J. Smith Professional, technical annoyance
mailto:b.j.smith@xxxxxxxx http://thebs413.blogspot.com
-------------------------------------------------------
Illegal Immigration = "Representation Without Taxation"
--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx
| < Previous | Next > |