Trying to game the system by releasing patches hours before the contest doesn't actually help.
And yes, you can only win pwn2own with a previously unpublished vuln.
Loading User Information from Channel 9
Something went wrong getting user information from Channel 9
Loading User Information from MSDN
Something went wrong getting user information from MSDN
Loading Visual Studio Achievements
Something went wrong getting the Visual Studio Achievements
@magicalclick:Windows updates all the time? Ummm.... It updates on the tuesday of the first full week of the month. There are non security updates pushed towards the end of the month (not sure when, probably the last full tuesday), but that's it (except for OOB releases).
- Repository for universal meta/data storage? (for files, for application files, application data, managed, unmanaged)- Windows Search uses Repository?
How would such a beast help customers?
Remember that the Windows team no longer builds features for the sake of building features (or because the feature is "cool"). That practice ended with Alpha Longhorn. Instead every new Windows feature needs to be directed at a particular end-user scenario. What end-user scenario is enabled by such a universal storage system (that's not already implemented)?
If you're going to speculate about Windows features, you should keep that in mind. Start with the end-user scenario and go from there, don't start with a feature and say "man, that would be cool".
@drummer47:Not true. Windows development is broken up (roughly) into 4 pieces. The first is market research, the second is product planning, the third is development, the fourth is testing (obviously testing goes on through the development phase but the point is that no new features are written in the last piece).
The market research stuff for Windows 8 started before Windows 7 shipped, but actual product planning didn't start until sometime after Windows 7 shipped (after all, the Windows team was busy shipping Windows - they didn't have time to do planning).
@felix9:I beg to differ (having been on the NT team when it was first developed). Rick's research folks didn't help Dave Cutler design NT, he and his team were perfectly capable of designing it themselves. I'm not aware of any suggestions from research that were adopted in NT 3.1. Read Greg Zachary's Showstopper for more details on the NT 3.1 development process.
@rhm:Which is interesting. I recently saw an interesting talk by Charlie Miller about jailbreaking. One of the interesting aspects that people don't touch upon is that according to Miller, jailbreaking iOS disables every bit of security infrastructure in the iPhone. So it does far more than just enabling running 3rd party apps.
As I understand it (and please note that I have no direct knowledge of this - my knowledge of Stuxnet comes from what I read on the news), the malware contained 0days for XP, Vista and Windows 7. There are elements in the quoted article that don't jive with other things I've read about Stuxnet.
I'm not saying the article is incorrect. Just that what the article says is different from what other people have written about this issue.