Archive for March 26, 2014

Wednesday, March 26, 2014 [Tweets] [Favorites]

MS-DOS and Word for Windows Source Code Published

The Computer History Museum (via Kyle Sluder):

The Computer History Museum (CHM) announced today that it has, with permission from Microsoft Corporation, made available original source code for two historic programs: MS-DOS, the 1982 "Disk Operating System" for IBM-compatible personal computers, and Word for Windows, the 1990 Windows-based version of their word processor.

MS-DOS:

MS-DOS was basically a file manager and a simple program loader. The user interface was text commands typed on a keyboard, followed by text responses displayed on the screen. There was no graphical output, and no mouse for input. Only one user application program could run at a time. File names were limited to 8 characters, plus a 3-character extension indicating the file type. There were commands like “dir” to list the files in a directory, and “del” to delete a file; you ran a program by typing the name of its executable file.

Microsoft Word for Windows:

It may have been a “small program” but it had some sophisticated features, including support for style sheets, multiple windows, footnotes, mail-merge, undo, and the proportional fonts that the newly emerging laser printers would be able to use.

[…]

The first version for Microsoft Windows was released in late 1989 at a single-user price of $495. It received a glowing review in Inforworld [8] that didn’t flinch at the price: “If your system is powerful enough to support Microsoft Windows, at $495 it is an excellent value.”

Microsoft Word RTF Security Flaw

Jack Clark:

Opening a poisoned Rich Text File (RTF) document allows the attacker to hijack the PC with the same privileges as the logged-in user.

[…]

Microsoft Word 2003, 2007, 2010, 2013, and Office for Mac 2011 are vulnerable, according to Redmond. Microsoft Office Web Apps, Automation Services on SharePoint Server 2010 and 20103, and Outlook 2007, 2010 and 2013 when using Word as the email viewer, are also affected.

Apple Engineer Recalls the iPhone’s Birth

Daisuke Wakabayashi:

In the following six months, before the iPhone went on sale in June 2007, Mr. Christie’s team made other changes. At Mr. Jobs’s urging, they eliminated a split-screen view for email with information about the sender on one side and the message on the other. “Steve thought it was foolish to do a split screen on such a small display,” Mr. Christie said.

iOS Chrome Puts Per-Tab GUID in User-Agent

Thijs van der Vossen:

For some reason, Chrome on iOS now adds what looks like a per-device GUID to its User-Agent string.

This would seem to be a major privacy concern. There’s more information at Stack Overflow.

However, this bug says:

The tabID is then stripped off from the user agent before the request goes over the network. Again: this tab ID is not send over the network, only the normal user agent is send.

The only place the modified user agent is visible from is navigator.userAgent.

This would mean that Web servers don’t receive it by default but that the page does have access to it via JavaScript.

The Right to Read User E-mails

Alex Hern:

Microsoft is not unique in claiming the right to read users’ emails – Apple, Yahoo and Google all reserve that right as well, the Guardian has determined.

[…]

Google’s terms require the user to “acknowledge and agree that Google may access… your account information and any Content associated with that account… in a good faith belief that such access… is reasonably necessary to… protect against imminent harm to the… property… of Google”. Apple “may, without liability to you, access… your Account information and Content… if we have a good faith belief that such access… is reasonably necessary to… protect the… property… of Apple”.

Update (2014-03-27): Mike Arrington (via John Gruber):

A few years ago, I’m nearly certain that Google accessed my Gmail account after I broke a major story about Google. A couple of weeks after the story broke my source, a Google employee, approached me at a party in person in a very inebriated state and said that they (I’m being gender neutral here) had been asked by Google if they were the source. The source denied it, but was then shown an email that proved that they were the source.

The source had corresponded with me from a non Google email account, so the only way Google saw it was by accessing my Gmail account.

Joe Kissell:

In short, even the best privacy policy, crafted lovingly by People Who Really Care™, and agreed to under oath by every employee, doesn’t actually protect your privacy. The most it can do — and even this is a stretch — is provide you some recourse if your policy should be violated. If you can prove that this happens, maybe someone will be fired or maybe you’ll get financial compensation or whatever. But in the United States, even where the law says a company must have a privacy policy, it doesn’t necessarily mean that the privacy policy is legally binding. And if it were, it would still be like any other law: it would penalize, but not prevent, misbehavior.

Update (2014-03-28): Microsoft:

Over the past week, we’ve had the opportunity to reflect further on this issue, and as a result of conversations we’ve had internally and with advocacy groups and other experts, we’ve decided to take an additional step and make an important change to our privacy practices.

Java 8

Andrew Binstock:

What makes Java 8 so compelling is its embrace of the functional programming metaphor. This embrace has two primary expressions: the use of closures (or as Java calls them, “lambdas”) and the adoption of composition as a central approach to development. Lambdas, while not quite full first-class functions, enable passing code as a parameter to a function, within limited contexts. By limited, I mean only the mechanics of it, not the opportunities to do so. As Brian Goetz of Oracle explains in one of this week’s features, once the syntax of lambdas had been finalized and its implementation completed, the Java team found numerous opportunities to use lambdas to streamline the standard libraries. They discovered that not only was the code clearer, but the performance better.

[…]

The new streams feature in Java 8 enables composability. This language trait, recently explained by Walter Bright, enables software to be implemented using a model that operates like this: data source → algorithm → data sink. This model is highly desirable on today’s platforms where such computational streams can be run in parallel and thereby make full use of multicore processors. It is also an excellent fit in processing Big Data.

Java has long supported lambdas in the form of anonymous inner classes, but the new lambda syntax is much more compact.

Overview of WebKit’s CSS JIT Compiler

Benjamin Poulain:

When using the CSS JIT, the task of matching a selector is split in two: first compiling, then testing. A JIT compiler takes the selector, does all the complicated computations when compiling, and generates a tiny binary blob corresponding to the input selector: a compiled selector. When it is time to find if an element that matches the selector, WebKit can just invoke the compiled selector.

[…]

In the most recent versions of the JIT, the compilation phase is within one order of magnitude of a single execution of SelectorChecker. Given that even small pages have dozen of selectors and hundreds of elements, it becomes easy to reclaim the time taken by the compiler.

[…]

There is ongoing work to support everything SelectorChecker can handle. Currently, some pseudo types are not supported by the JIT compiler and WebKit fall backs to the old code. The missing pieces are being added little by little.