alaskana98 shares an article called “What Really Happened with Vista: An Insider’s Retrospective.” Ben Fathi, formerly a manager of various teams at Microsoft responsible for storage, file systems, high availability/clustering, file level network protocols, distributed file systems, and related technologies and later security, writes: Imagine supporting that same OS for a dozen years or more for a population of billions of customers, millions of companies, thousands of partners, hundreds of scenarios, and dozens of form factors — and you’ll begin to have an inkling of the support and compatibility nightmare. In hindsight, Linux has been more successful in this respect. The open source community and approach to software development is undoubtedly part of the solution. The modular and pluggable architecture of Unix/Linux is also a big architectural improvement in this respect. An organization, sooner or later, ships its org chart as its product; the Windows organization was no different. Open source doesn’t have that problem… I personally spent many years explaining to antivirus vendors why we would no longer allow them to “patch” kernel instructions and data structures in memory, why this was a security risk, and why they needed to use approved APIs going forward, that we would no longer support their legacy apps with deep hooks in the Windows kernel — the same ones that hackers were using to attack consumer systems. Our “friends”, the antivirus vendors, turned around and sued us, claiming we were blocking their livelihood and abusing our monopoly power! With friends like that, who needs enemies? I like how the essay ends. “Was it an incredibly complex product with an amazingly huge ecosystem (the largest in the world at that time)? Yup, that it was. Could we have done better? Yup, you bet… Hindsight is 20/20.” Read more of this story at Slashdot.
View original post here:
Why Windows Vista Ended Up Being a Mess
An anonymous reader shares a Gizmodo report (condensed for space): For nearly two weeks, the company’s official Twitter account has been directing users to a fake lookalike website. After announcing the breach, Equifax directed its customers to equifaxsecurity2017.com, a website where they can enroll in identity theft protection services and find updates about how Equifax is handing the “cybersecurity incident.” But the decision to create “equifaxsecurity2017” in the first place was monumentally stupid. The URL is long and it doesn’t look very official — that means it’s going to be very easy to emulate. To illustrate how idiotic Equifax’s decision was, developer Nick Sweeting created a fake website of his own: securityequifax2017.com. (He simply switched the words “security” and “equifax” around.) As if to demonstrate Sweeting’s point, Equifax appears to have been itself duped by the fake URL. The company has directed users to Sweeting’s fake site sporadically over the past two weeks. Gizmodo found eight tweets containing the fake URL dating back to September 9th. Read more of this story at Slashdot. 
An anonymous reader quotes Quartz: “How screwed am I?” asked a recent user on Reddit, before sharing a mortifying story. On the first day as a junior software developer at a first salaried job out of college, his or her copy-and-paste error inadvertently erased all data from the company’s production database. Posting under the heartbreaking handle cscareerthrowaway567, the user wrote, “The CTO told me to leave and never come back. He also informed me that apparently legal would need to get involved due to severity of the data loss. I basically offered and pleaded to let me help in someway to redeem my self and i was told that I ‘completely fucked everything up.'” The company’s backups weren’t working, according to the post, so the company is in big trouble now. Though Qz adds that “the court of public opinion is on the new guy’s side. In a poll on the tech site the Register, less than 1% of 5, 400 respondents thought the new developer should be fired. Forty-five percent thought the CTO should go.” Read more of this story at Slashdot. 
An anonymous reader quotes a report from VentureBeat: Hewlett Packard Enterprise announced what it is calling a big breakthrough — creating a prototype of a computer with a single bank of memory that can process enormous amounts of information. The computer, known as The Machine, is a custom-built device made for the era of big data. HPE said it has created the world’s largest single-memory computer. The R&D program is the largest in the history of HPE, the former enterprise division of HP that split apart from the consumer-focused division. If the project works, it could be transformative for society. But it is no small effort, as it could require a whole new kind of software. The prototype unveiled today contains 160 terabytes (TB) of memory, capable of simultaneously working with the data held in every book in the Library of Congress five times over — or approximately 160 million books. It has never been possible to hold and manipulate whole data sets of this size in a single-memory system, and this is just a glimpse of the immense potential of Memory-Driven Computing, HPE said. Based on the current prototype, HPE expects the architecture could easily scale to an exabyte-scale single-memory system and, beyond that, to a nearly limitless pool of memory — 4, 096 yottabytes. For context, that is 250, 000 times the entire digital universe today. Read more of this story at Slashdot. 
A US online pet store has exposed the details of more than 110, 400 credit cards used to make purchases through its website, researchers have found. From a report on ZDNet: In a stunning show of poor security, the Austin, TX-based company FuturePets.com exposed its entire customer database, including names, postal and email addresses, phone numbers, credit card information, and plain-text passwords. Several customers that we reached out to confirmed some of their information when it was provided by ZDNet, but did not want to be named. The database was exposed because of the company’s own insecure server and use of “rsync, ” a common protocol used for synchronizing copies of files between two different computers, which wasn’t protected with a username or password. Read more of this story at Slashdot. 