OT Windows 10

About 1984 I worked with a guy who talked about selling his print sub-routine for big bucks. It forced his Epsom printer to do a carriage return. That guy was a real trip.

Reply to
Vic Smith
Loading thread data ...

There are a couple of very distinct attitudes towards "intellectual property". Some folks think their ideas are extra special -- as if the idea itself is the most important thing! Other folks realize that the idea is cheap -- it's the development that separates the men from the boys (perseverance, resources, resourcefulness, etc.). Others see everything as "obvious" (often in hindsight) and, as a result, not worth the effort to protect/capitalize upon.

After my first patent, I became so disillusioned about the whole process that I've steadfastly refused to get involved with any patents on any of my work. When you look at some of these "inventions", you can't say anything other than "What a joke"!

Reply to
Don Y

Generally I also look at a computer as a "tool" and as long as it isn't broken it's not obsolete. Just because you can make holes with a laser doesn't make a drill obsolete, but if and when the time comes you need to drill holes that are not round, getting a laser (or a cnc mill) might become a good idea. And when you start having to change bits on the drill on a regular basis, upgrading to a good keyless chuckon the old drill can improve it's functionality significantly without having to replace it.

And yes, there are times when a second drill is a good tool to have at your disposal - even if it is a hand cranked one.

Reply to
clare

The trouble with patents is they are totally useless if you don't defend them - and the cost of defence usually excededs the value of the patent by a significant margin over the long term.

Reply to
clare

| The use of these well known ports (80/53/443/137) may be innocent.

That's really not a relevant question. The man testing had chosen all possible privacy options. It's his computer. Microsoft had no business rigging the system to call out.

How did we get to a point where we presume someone breaking into a house had innocent reasons and has done nothing wrong, unless we actually catch them running off with a TV set?

Reply to
Mayayana

| > My webpages are all lean and coded by | > hand with no need for script, ActiveX, | > Flash, JSON, HTML5, or anything else | > other than vanilla HTML and CSS that's | > been supported for many years. Nothing | > "cutting edge". Nothing overly complex. | | I'd be dead without script and JSON. Basically there isn't any 'webpage' | there.

You mean you use something like Wix? you're right, there's no webpage there. It's essentially script-based software, served to a URL request. Unfortunately, that also makes security almost impossible.

Reply to
Mayayana

| The XP option has long set sail -- I'm *sure* MS is no longer | making XP licenses available (to non-profits or ANYONE!). |

Not so. I posted a link in my first post in this thread. Of course there are other issues, like the fact that hardware and software support will be ending eventually. But right now one can build an XP box, buy an XP disk, and install nearly anything except Photoshop on it.

| And, the normal update cycle of 7even is determinedly moving | those boxes to the W10 model. At some point, one can expect | 7even to simply *become* W10. Installing a "tuned" version | of 7even (selectively NOT installing updates that compromise | it) and then locking it down (as I did with XP) will leave | those boxes as "vulnerable"/compromised as running XP in 2016 | would. |

I'm running XP. I don't consider it to be especially vulnerable. It's not even being targetted at this point. And nearly all security risks involve the software, not the platform.

Reply to
Mayayana

I have IE 11 running on Win 7-64. Installed with no drama at all. Overall, Win 7 has been a very stable platform for me, at least as good as XP was. Explorer does sometimes close and reload some pages, IDK what that's all about. It didn't seem to do this in previous versions, but there were some other changes I made recently too.

Reply to
trader_4

The hosts file -- until the addresses on the LAN change.

Reply to
rbowman

formatting link

This is one example with samples. ESRI builds their API on top of the dojo toolkit. The samples use the online ESRI data but we would be pulling from our own servers, tiled or dynamic map services, geocoding services, routing services, plus additional data in JSON or KML format.

This is not ours and Seattle is using Bing rather thanESRI. but this is the general idea:

formatting link

We don't do public facing web apps so security is not an issue.

Reply to
rbowman

I tried that a few years ago. It was okay but had some issues iirc.

Reply to
rbowman

They've come close. The default for Server 2008 was to download and apply patches automatically. The people in a 911 dispatch center get a little testy when the server reboots in the middle of calls. It's easy enough to change the setting but that means the server never gets the updates until you absolutely have to reboot and then there can be a hundred or so.

Windows was never meant for the five nines world.

Reply to
rbowman

Ask SCO about that. There was a court ruling last week that suggests their ship is going down for the last time.

Reply to
rbowman

Sorry to know your experience with Symantec. If you need any help with Symantec Endpoint Protection just let us know. -Chetan

Reply to
csavade

formatting link

Reply to
bob_villain
[snip]

They tried to hide it, but ME was just as much DOS-based as 98.

[snip]
Reply to
Mark Lloyd

OhMiGosh! Nobody can be THAT stupid -- for more than say *two* hosts?? What a maintenance nightmare...

Reply to
Don Y

A box sending a request on port 53 can be doing so as part of network discovery. Or, are you claiming "call(ing) out" should also include being able to detect the immediate environment? Locate network shares on the local intranet? etc.

You also don't know what the software was *trying* to do at the time. E.g., Windows machines have long tried to "validate" their licenses. If I build a new 7even box and DON'T let it phone home, it will complain that the product has not been "activated". Should MS require the user to expllicitly perform the activation step? ("Please connect me to an active internet connection and let me contact my activation server as part of the terms of the license agreement that you accepted when you installed this software. I will not allow you to use this software until you do so")

First loads of IE always want to run off to some startup page at microsoft. Is this convenience? (so the user sees SOMETHING when he invokes the browser without explicitly specifying a URL in the invocation) Or, a surreptitious attempt by Microsoft to notice yet another instance of it's product coming on-line?

The adage "innocent until proven guilty". No one has shown the content of these connection attempts. How do we know it isn't just a "helpful attempt" to provide information (even advertising services: sign up for your free hotmail/mslive account, today!) to a CUSTOMER?

It's too easy to get caught up in paranoia/conspiracy theories. I like seeing conclusive *data* before forming an opinion.

I build "appliances". You typically can't sit down at a console (nor telnet into my devices). How do I provide information to the user regarding the proper operation of the device when I may only have a tri-color LED with which to convey that information? He can't examine my network status "on command". He can't force me to ping some remote host so he can see if the ICMP packets are being sourced from my network interface and passing through *his* firewall. He can't see if I am "seeing" his incoming connection attempts, etc.

So, I intentionally perform some specific, observable actions on startup to provide myself with information about my environment AND let him observe how I am integrating with that environment. And, use information from those actions to decide whether my LED should glow GREEN, YELLOW, or RED -- or blink some obscure "error code" (that will send him running for a cheat sheet that explains its meaning, likely causes and potential remedies).

When a BofH starts beating his chest about my device's "misbehavior" (it's spying on us; its trying to probe the firewall; it's trying to access our web server; etc.) I ask his boss how they would like me to redesign the device -- and how much they would like to add to its cost (to provide for those features).

The cincher is reminding the boss that this will be yet another device that *his* IT department will then have to maintain (instead of a turnkey appliance).

"Leave it the way it is. Bob, go back to work..."

The author of the article could have designed an experiment where he captured some of the traffic (to a masquerading host as well as to the actual GENUINE hosts -- does the content differ?). Instead, he just captured the low hanging fruit.

And, of course, there's no guarantee that the nature of the traffic won't change when he "wakes up" and actually starts USING the box!

Or, that the box isn't simply "being coy" -- biding its time until it thinks no one is watching it before sending out its data ("Hey, I've got this big disk that I can use to REMEMBER all the stuff I want to send home... why should I do it *now*??")

Reply to
Don Y

Exactly. Patents only make sense to big corporations with intimidating legal departments.

From the standpoint of a naive teenager, "patent" sounded like something neat and impressive: "Wow! This must be a really GOOD idea if it is patented!"

But, it's like watching sausage being made: the reality is often very different (i.e., it's just "who got there first and who was willing to pay the filing fees and preparation fees")

If you want to protect something, go the trade secret route (copyright if it makes sense -- but, you're still left trying to locate counterfeits and argue that they are, in fact sufficiently identical to your original work). Trade secret, however, relies on treating your employees well enough that they won't spill the beans. Even NDA's only require that you treat it as you would YOUR OWN information (so, a guy who is loose with his own personal data can't be held to a higher standard with yours!).

Or, by far, the best approach is to simply always have something better that keeps customers coming back to you! Let competitors copy your functionality (which can usually be done in less effort/time than it took you simply because you've already done most of the thinking for them: "What should it do, how should it work") but you spend your time and money coming out with the NEXT, *better* device ("Why would I want that competitor's device? It doesn't have these other new features, capabilities, etc.")

Reply to
Don Y

Yeah, but the reboot(s) are to apply the patches. Imagine if they simply forced a reboot to ensure everything was starting from a "known state"? (Don't worry about memory leaks or data corruption; just reboot often enough that the consequences never manifest!)

One strategy for high reliability devices is to deliberately reboot them so they are in a known state. I.e., instead of a big loop, just let it run one iteration and arrange for HARDWARE to kick the reset at about the same time. Note that this differs from a watchdog which is NEVER intended to trip -- doing so is a sign of a failure!

But, you don't do this (regular resets) to HIDE flaws but, rather, prevent anomalous conditions from hanging your product (e.g., a bit getting flipped in some flag that controls your code/loop)

Yup. So, you defer the updates -- which means the problem gets bigger as well as the cost of the eventual "fix"... which means you postpone it still more...

It's hard making things that "just (continuously) run". My automation system is never intended to see a reboot. So, how do you introduce updates? Major configuration changes? New hardware? You have to address these possibilities in the initial design -- you can't "retrofit" them!

Reply to
Don Y

HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.