TONT 30923 为什么控制面板中的「添加/删除程序」会尝试猜测所有信息?

原文链接:https://devblogs.microsoft.com/oldnewthing/20060609-07/?p=30923

As we saw earlier, the “Add or Remove Programs” control panel used several heuristics to attempt to determine things like program size and frequency of user. Why did it bother doing this at all?

正如早先讨论过的,控制面板中的「添加/删除程序」使用了多种启发式的方式来判断应用程序的大小和使用频率。为什么它要做这种吃力不讨好的事情呢?

At the time the feature was added, disk space was not cheap like it is today. One of the problems users were having was running out of disk space and not knowing what they could safely delete. Thus was born the Disk Cleanup utility, which attempted to guide the user through various things that could be deleted in order to make disk space available.

这个功能最初上线的时候,磁盘空间不像如今这样廉价。用户需要面对的问题之一是磁盘空间不够用了,而又不知道可以放心地删掉什么东西。由此,「磁盘清理工具」诞生了,它会引导用户执行一系列操作来判断可以删掉哪些东西来释放磁盘空间。

In addition to cleaning up temporary files, you could also remove programs that weren’t being used. But how do you know which programs you weren’t using? (Maybe you were using a program without realizing it because it ran automatically.) And how do you know how much disk space would be recovered if you removed a program?

在删除临时空间之外,用户还可以删除不再使用的应用程序(来释放磁盘空间)。然而,用户如何判断有哪些应用是用不到的呢?(有些应用是自动运行的,所以用户可能根本没有意识到它的存在。)此外,用户又怎么能知道移除掉某个应用后能释放多少磁盘空间呢?

That’s where the program size and frequency of use heuristics came in. By providing this information (or at least trying to), the “Add or Remove Programs” control panel could help users decide which programs to remove.

这就是(「添加/删除程序」控制面板项中)应用程序大小和使用频率估算起作用的时候了。通过提供这些信息(至少是试着提供了),「添加/删除程序」得以帮助用户判断要删除哪个应用。

Of course, nowadays, with hard drives in the hundreds-of-gigabytes range, disk space has become so cheap as to be nearly free. The need to remove programs to make more disk space available is largely gone, but the feature remains as a vestigial organ.

当然,如今硬盘容量已按数百 GB 为单位计算,磁盘空间也(相对地)便宜到跟不要钱一样。通过删除应用程序来腾出更多磁盘空间的需求基本已经不存在了,但这个功能就像退化了的器官一样保留了下来。

TONT 31073 在 x86 系统上使用尤达大师(Yoda)可能对您系统的健康有害

原文地址:https://devblogs.microsoft.com/oldnewthing/20060525-04/?p=31073

In former times very cross-platform NTVDM was. If you view NTVDM.EXE in a hex editor, you’ll find the message “Using Yoda on an x86 may be hazardous to your systems’ health” buried inside it.

很久以前,NTVDM 的跨平台程度是非常高的。如果你在十六进制编辑器里查看 NTVDM.EXE 的内容,你会看到里面藏着这么一句话:“在 x86 系统上使用尤达大师可能对您系统的健康有害”。

Yoda was the name of the internal debugger that was used to debug the MS-DOS emulator, also known as the Virtual DOS Machine or VDM. (Buried inside the Yoda source code are such wonderful variables as “luke” and “chewy”.)

Yoda 是用来调试 MS-DOS 模拟器的内部调试器的名字,MS-DOS 模拟器又称作 DOS 虚拟机(VDM)。(在 Yoda 的源代码里还深藏着其它妙妙的变量名,比如 luke 和 chewy(译注:都是《星球大战》梗))。

The Intel 80386 has a mode known as “Virtual-8086 mode” or just “V86 mode” wherein the CPU ran as if it were an 8086, except that if the program did anything interesting like issue a privileged instruction, call a software interrupt, or fault, control would return to the protected-mode supervisor for handling. (Win386 used this same CPU mode to support multiple MS-DOS sessions.)

Intel 80386 处理器有个“虚拟 8086 模式”(或者简称为 V86 模式),在此模式下,CPU 将按照 8086(实模式)的方式运行,不过只要有程序试图执行如特权指令、软件中断或出错之类的行为,就会返回到保护模式的管理之下来处理这一切。(Win386 也使用这一 CPU 模式来支援多个 MS-DOS 会话。)

When running on an 80386-class processor, NTVDM used this mode to do its emulation, making the CPU do the heavy lifting of decoding instructions and emulating them, which took place at very close to full speed. On the other hand, NTVDM on the non-x86 processors (Alpha, PPC, MIPS, etc.) had to implement an entire 8086 emulator, with all the decoding and execution performed in software. Yoda was the debugger you used if you needed to debug the emulator.

当运行在 80386 级的处理器上时,NTVDM 使用虚拟 8086 模式来进行模拟工作,让 CPU 来承担解码指令、模拟行为之类的繁重工作,并且基本上可以全速运行。但另一方面,在非 x86 处理器上(如 Alpha、PPC、MIPS 等等)就要实现一整个 8086 模拟器,对指令的解码和执行工作完全依赖软件模拟。Yoda 就是那个用来调试这个模拟器的调试器。

And that’s why NTVDM has a message warning you not to use Yoda on an x86. Because on an x86, there is no instruction emulator. There is nothing to debug.

这就是为什么 NTVDM 里有一条警告不要在 x86 系统上使用 Yoda 的原因——在 x86 系统上并没有一个 x86 指令模拟器的存在,么得调试工作可做。

(My thanks to Andrew McLaren and Tony Gaston for providing historical background.)

(感谢 Andrew McLaren 和 Tony Gaston 提供历史背景信息。)

TONT 31543 Microsoft Access 的名字是怎么来的?

原文链接:https://devblogs.microsoft.com/oldnewthing/20060413-09/?p=31543

We’ve seen how the names for some Microsoft products had to be changed due to a name conflict. I’m told that the people who had to come up with the name for the database product avoided this pitfall in a clever way: Instead of trying to avoid a name that was already taken, they intentionally used a name that was already taken: By Microsoft itself.

我们已经见识过一些微软产品的名字因为命名冲突而不得不改名的情况。据说要给一款数据库产品的员工巧妙地避开了这一大坑:没有选择不使用已经被占用的名字,而是恰恰相反选择了一款已经被占用的,(而占用它的不是别人,)正是微软自己。

They discovered that Microsoft had a long-forgotten terminal emulator product called Microsoft Access. “Access” sounded like an appropriate name for a database product, so they blew the dust off it and gave the name a new life.

这些人发现微软有一款被尘封许久的终端模拟器产品叫 Microsoft Access。「Access」一听就是个适合数据库产品的好名字,于是他们就为它掸去尘土,并为这个名字赋予了新生。

TONT 31563 为什么微软防护服务的服务名叫 msmpsvc?

原文链接:https://devblogs.microsoft.com/oldnewthing/20060412-09/?p=31563

(This is the first in a series of short posts on where Microsoft products got their names.)

(本文是一系列有关微软产品如何起名的小故事的第一篇。)

The original name for the malware protection service was “mpsvc” the “Microsoft Protection Service”, but it was discovered later that that filename was already used by malware! As a result, the name of the service had to be changed by sticking an “ms” in front, making it “msmpsvc.exe”. Therefore, technically, its name is the “Microsoft Microsoft Protection Service”. (This is, of course, not to be confused with “mpssvc.exe”, which is, I guess, the “Microsoft Protection Service Service”.)

恶意软件防护服务原来的服务名叫 mpsvc,是 Microsoft Protection Service 的缩写,结果后来我们发现,那个文件名居然已经被一款恶意软件给占掉了!于是乎,服务名称就得作出修改,而修改的方式就是在前面加上一个「ms」,使其变成了「msmpsvc.exe」。故而,技术上而言,msmpsvc 代表的是「微软微软防护服务」。(当然还是不要与 mpssvc.exe 混淆了,后者我估计是「微软防护服务服务」的缩写。)

Fortunately, the Marketing folks can attempt to recover by deciding that “msmpsvc” stands for “Microsoft Malware Protection Service”. But you and I will know what it really stands for.

幸运的是,营销人员们通过让「msmpsvc」代表「微软恶意软件防护服务」尝试挽回了损失,不过你我现在都知道它的本来含义了。

TONT 37203 「诱饵」显示控制面板

原文链接:https://devblogs.microsoft.com/oldnewthing/20060410-17/?p=32703

Last time, we saw one example of a “decoy” used in the service of application compatibility with respect to the Printers Control Panel. Today we’ll look at another decoy, this time for the Display Control Panel.

在上次的文章中,我们介绍了与打印机控制面板的有关的、一个为应用程序兼容性而设的“诱饵”控制面板的案例。今天我们来讲另一个案例,这次是为了显示(属性)控制面板的。

When support for multiple monitors was being developed, a major obstacle was that a large number of display drivers hacked the Display Control Panel directly instead of using the documented extension mechanism. For example, instead of adding a separate page to the Display Control Panel’s property sheet for, say, virtual desktops, they would just hack into the “Settings” page and add their button there. Some drivers were so adventuresome as to do what seemed like a total rewrite of the “Settings” page. They would take all the controls, move them around, resize them, hide some, show others, add new buttons of their own, and generally speaking treat the page as a lump of clay waiting to be molded into their own image. (Here’s a handy rule of thumb: If your technique works only if the user speaks English, you probably should consider the possibility that what you’re doing is relying on an implementation detail rather than something that will be officially supported going forward.)

早先开发多显示器支持的时候,我们遇到的一大问题是有为数众多的显示驱动程序是直接“黑”进显示控制面板(做修改)的,而没有使用文档中给出的扩展机制。

例如,某款驱动可能没有选择在显示控制面板的属性页里多加一页的方式,来增加对诸如虚拟桌面之类功能的支持,而是选择直接“黑”进显示控制面板的“设置”页面,然后在里面加上一个按钮。有些选手则更是重量级,选择干脆把整个“设置”页面重写一遍,把所有的控件挪来挪去、放大缩小、藏起这个、显示那个,再把自家的按钮大大方方地摆上台面。

基本上,这些驱动拿着“设置”页面当成了一块粘土,爱怎么揉全看它们自己的喜好。(这里有一条经验法则:如果你的做法只在用户的语言是英语的前提下才会起效,那你多半应该考虑你的所作所为是依赖实现细节、而不是会得到官方支持的做法。)

In order to support multiple monitors, the Settings page on the Display Control Panel underwent a major overhaul. But when you tried to open the Display Control Panel on a system that had one of these aggressive drivers installed, it would crash because the driver ran around rearranging things like it always did, even though the things it was manipulating weren’t what the developers of the driver intended!

为了开发多显示器支持,“设置”页面经历了大量的重构。但(在这之后,)如果你尝试在安装了上文所述的那种激进派驱动的系统上尝试打开显示控制面板的时候,页面会崩溃,因为那些驱动还在照例跑进控制面板里去大闹天宫,却发现他们要改造的那个世界已经不是那样了!

The solution was to create a “decoy” Settings page that looked exactly like the classic Windows 95 Settings page. The decoy page’s purpose in life was to act as bait for these aggressive display drivers and allow itself to be abused mercilessly, letting the driver have its way. Meanwhile, the real Settings page (which is the one that was shown to the user), by virtue of having been overlooked, remained safe and unharmed.

(对此的)解决方案是造一个跟 Windows 95 传统的(显示控制面板)设置页面一样的“诱饵”页面,它的存在意义则是当成香饽饽,让那些激进派驱动们进去按自己的想法大闹一番,同时又确保躲过一劫的、真正向用户展示的设置页面安然无恙。

There was no attempt to make this decoy Settings page do anything interesting at all. Its sole job was to soak up mistreatment without complaining. As a result, those drivers lost whatever nifty features their shenanigans were trying to accomplish, but at least the Display Control Panel stayed alive and allowed the user to do what they were trying to do in the first place: Adjust their display settings.

作诱饵的那个设置页面,除了默默承受驱动的胡搅蛮缠之外什么用处也没有。最后的结果是,驱动们想要通过诡计实现的那些花哨功能一个也没有展现出来,但至少(真正的)显示控制面板好好地活了下来,使用户得以实现它们本来的愿望:修改显示设置。

Day 6575 Windows 95 彩蛋音乐 Clouds.mid 的来源

这篇文章之前我居然没翻译?

原文地址:https://www.brianorr.com/blog/2010/01/14/windows-95-easter-egg-song-clouds-mid/


In early 1995, I was working at Microsoft as an intern software engineer on the Windows 95 team, and was approached to write the music for the hidden Windows 95 Easter Egg.

This ‘Easter Egg’ was tricky to find (see the instructions below), but once found it opened up a window with all the names of who worked on Windows 95, with my music as the theme.

1995 年的早些时候,我在微软公司的 Windows 95 团队中担任实习软件工程师,有人邀请我为隐藏的 Windows 95 彩蛋撰写音乐。

这个“彩蛋”不怎么好找(后附打开方式),不过只要找到了,系统就会打开一个窗口,展示所有为 Windows 95 开发做出贡献的人员名单,而它将会用我的作品作为背景音乐。

The only instructions I was given was that the music should invoke images of ‘clouds’ and feel ‘floating’ and ‘peaceful’ – this is how Windows 95 was going to be marketed. Well, and that it had to play well on all sound cards at the time. For 99.9% of computers, this meant through the Adlib synthesizer emulation of the Creative Labs Sound Blaster card (or equivalent clone). In other words – no sampled instruments, no effects – just simple FM synthesis. General MIDI at its finest.

So with that said, I really couldn’t do too much in terms of interesting instrumentation or sounds; and yes…it’s pretty funny to listen to the tune now. I’ve rendered it out using a GM sound module (which is better) but still doesn’t come close to the realism you’d expect from most computer music today.

我接到的仅有的指示是:这则音乐应囊括“云朵”的印象,并给人以“飘逸”、“平和”的感觉——而这正是 Windows 95 的市场定位。此外,它还需要能在当时所有的声卡上播放出来。对(当时)99.9%的环境来说,这意味着创新公司声霸卡(或者同类克隆)里的 Adlib 合成器模拟水平,换句话说,不许有采样乐器,不许有特殊效果,只能是简简单单的 FM 合成器音效,只能是最纯粹的 General MIDI。

由此,我在富有趣味性的乐器或音效方面大大受限,不过如今再度聆听这首旋律仍是一件乐事。我用 GM(Generan MIDI)的音效模块重新渲染了一下(略有提升),不过与当今多数的计算机音乐的真实度仍然难以相提并论。

Feel free to post comments or send me any questions. Here’s the tune:

请随意发表评论或向我提问(注:原文如此),曲子在这(注:以下内容托管在 Soundcloud 上,可能需要搬梯子):

These are the original instructions to actually see the Easter Egg in Windows 95. Note this doesn’t work in Windows 98 or above, nor under some versions of the Active Desktop under Windows 95.

以下是在 Windows 95 下调出彩蛋的原始方案。注意 Windows 98 及以上版本无效,在 Windows 95 下部分版本的 Active Desktop 下也可能不起效(译注:下面的文件夹命名一个字或一个标点也不能错,包括中间的空格也不能省略):

Create a new folder on the Desktop and name it EXACTLY like this

(在桌面上创建一个新文件夹,严格按照下列内容命名):

and now, the moment you’ve all been waiting for

Then rename it to:(然后将其改名为:)

we proudly present for your viewing pleasure

Rename this folder again to:(最后一次将其改名为:)

The Microsoft Windows 95 Product Team!

Double-click the new folder and enjoy the show!(现在双击这个文件夹,就能看到表演了!)

TONT 31753 为什么有两份『记事本』的程序文件?

原文链接:https://devblogs.microsoft.com/oldnewthing/20060328-17/?p=31753

You may have noticed that there’s a copy of Notepad in %windir%\notepad.exe and another in %windir%\system32\notepad.exe.Why two?

可能你会注意到在 %windir%\notepad.exe 和 %windir%\system32\notepad.exe 分别各有一份记事本的程序文件,为什么会这样呢?

Compatibility, of course.

当然是为了兼容性了。

Windows 3.0 put Notepad in the Windows directory. Windows NT put it in the System32 directory. Notepad is perhaps the most commonly hardcoded program in Windows. many Setup programs use it to view the Readme file, and you can use your imagination to come up with other places where a program or batch file or printed instructions will hard-code the path to Notepad. In order to be compatible with programs designed for Windows 95, there needs to be a copy of Notepad in the Windows directory. And in order to be compatible with programs designed for Windows NT, there also needs to be a copy in the System32 directory.

Windows 3.0 在 Windows 目录下放置记事本,Windows NT 则放在 System32 目录下面。记事本大概是被硬编码到程序里最多的 Windows 组件之一了,很多安装程序都调用它来展示 Readme 文件,可想而知还有多少程序、批处理文件或印刷出来的操作说明里有硬编码的记事本的路径。为了保持与为 Windows 95 设计的应用程序的兼容性,在 Windows 目录下需要有一份记事本程序的副本,同样,为了保持与为 Windows NT 设计的程序的兼容性,System32 目录下也有一份。

And now that Notepad exists in both places, new programs have a choice of Notepads, and since there is no clear winner, half of them will choose the one in the Windows directory and half will choose the one in the System32 directory, thereby ensuring the continued existence of two copies of Notepad for years to come.

如今记事本在两个位置都有一席之地,新编写的程序就可以自由选择了。鉴于没有哪一份是明显的赢家,选择 Windows 目录下那份和选择 System32 目录下的那份的程序大概是一半一半的几率,由此保持两份副本共存的做法还要一直持续下去。

TONT 32453 为什么在NTFS分区和FAT分区上,回收站文件夹的名字不一样?

原文链接:https://devblogs.microsoft.com/oldnewthing/20060131-00/?p=32453

译注:原文第一段比较长,为方便阅读,进行了手工拆分,今后再有的类似情况将不再另作备注。

On FAT drives, the directory that stores files in the Recycle Bin is called C:\RECYCLED, but on NTFS drives, its name is C:\RECYCLER. Why the name change?

在 FAT 格式的分区上,存储回收站文件的目录叫做 C:\RECYCLED,但在 NTFS 格式的分区上则叫 C:\RECYCLER。为什么会有这种变化呢?

The FAT and NTFS Recycle Bins have different internal structure because NTFS has this thing called “security” and FAT doesn’t. All recycled files on FAT drives are dumped into a single C:\RECYCLED directory, whereas recycled files on NTFS drives are separated based on the user’s SID into directories named C:\RECYCLER\S-…. (It has nothing to do with whether you are running English or Swedish Windows.)

FAT 分区和 NTFS 分区上的回收站的内部结构有所不同,因为 NTFS 文件系统有一种 FAT 文件系统所没有的功能,叫做『安全属性』。在 FAT 格式的分区上,所有删除的文件都被直接丢进了 C:\RECYCLED 目录里,而在 NTFS 分区上,回收站则按照用户的 SID 将删除的文件以 C:\RECYCLER\S-…. 的形式区别开来(这与你用的是英文版还是瑞典语版的 Windows 没有关系)。

Suppose the same directory name were used for both file systems, say, C:\RECYCLED. Since it is possible to upgrade a FAT drive to an NTFS drive with the CONVERT utility, this means that a FAT drive converted to NTFS would have a FAT-style Recycle Bin after the conversion. But since the names are the same, the Recycle Bin says, “Hey, look, here’s a C:\RECYCLED directory. That must be my NTFS Recycle Bin!” except that it isn’t. It’s a FAT Recycle Bin left over from the conversion. Giving the NTFS Recycle Bin a different name means that the Recycle Bin shell folder won’t get confused by the “wrong” type of recycle bin directory structure on an NTFS volume.

假设在两种格式的磁盘上,回收站文件夹的名字是相同的,都是 C:\RECYCLED。鉴于系统允许使用 CONVERT 工具将 FAT 格式的分区升级成为 NTFS 分区,这就意味着从 FAT 格式转换为 NTFS 格式的分区,在转换完成后就会有一个 FAT 格式的回收站(译注:上文所说的直接将文件丢进去,不按 SID 区隔的那种)。但由于(回收站的)名字是相同的,那么回收站功能便会认为,『嘿,看,这儿有个 C:\RECYCLED 目录,这肯定是我们 NTFS 格式的回收站没错!』,而事实上并非如此,它只是一个转换后遗留下来的 FAT 格式回收站而已。给 NTFS 格式回收站(目录)一个不同的名字,有助于令回收站功能不会在 NTFS 格式的卷上对『错误的』回收站目录结构产生疑惑。

Yes, the problem could have been solved some other way. For example, there could have been code to inspect the Recycle Bin directory to determine what format it is and ignore it if it didn’t match the actual file system. (Or, if you’re feeling really ambitious, somehow convert from one format to the other.) But that would be over-engineering. You have to write and test the detection (and possibly conversion) code, there’s the risk of a false-positive, the code runs at every boot, and it needs to be maintained whenever either the FAT or NTFS recycle bin format changes. All for a scenario that happens at most once per drive.

的确,这个问题也能通过其他方式解决。例如,回收站功能可以新增一段代码,来判断目录内的格式,并忽略与当前文件系统不相符的情况。(又或者真的很有雄心壮志的话,把不相符的格式转换为相符的也可以。)但是那样就成了过度开发的案例了。你得撰写相关的代码,对检测功能进行测试(可能还包括转换格式的功能),这其中存在判断错误的可能,这段代码会在每次系统启动时运行,并且每次 FAT 或 NTFS 文件系统的回收站格式发生变化时都要维护,而以上所有的麻烦,都只为了一个在每个磁盘上最多只会发生一次的事情。

Or you could change one text string and be done with it. (I could make some really awful “Gordian knot”/”string” remark here but will refrain.)

也可以选择就修改一个字符串(译注:RECYCLER 和 RECYELED 的区别)就搞定了。

TONT 32483 为什么有时损坏的二进制文件会令系统提示『程序太大,不能装入内存』?

原文链接:https://devblogs.microsoft.com/oldnewthing/20060130-00/?p=32483

译注:原文第一段比较长,为方便阅读,进行了手工拆分。

If you take a program and corrupt the header, or just take a large-ish file that isn’t a program at all and give it a “.exe” extension, then try to run it (Warning: Save your work first!), you will typically get the error “Program too big to fit in memory”. Why such a confusing error message? Why doesn’t it say “Corrupted program”?

随便找一个程序来,然后把它的文件头搞乱,或者干脆随便拿一个挺大的、不是应用程序的文件,并给它一个.exe的扩展名,然后尝试运行之(警告:先保存好你正在进行的工作!),通常你会得到一条错误信息:『程序太大,不能装入内存』。为什么是这么令人费解的一条错误信息呢?为什么不说是『程序已损坏』呢?

Because the program isn’t actually corrupted. Sort of.

因为从某种意义上讲,这个程序实际上并没有损坏。

A Win32 executable file begins with a so-called “MZ” header, followed by a so-called “PE” header. If the “PE” header cannot be found, then the loader attempts to load the program as a Win16 executable file, which consists of an “MZ” header followed by an “NE” header. If neither a “PE” nor an “NE” header can be found after the “MZ” header, then the loader attempts to load the program as an MS-DOS relocatable executable. If not even an “MZ” header can be found, then the loader attempt to load the program as an MS-DOS non-relocatable executable (aka “COM format” since this is the format of CP/M .COM files). In pictures:

一个 Win32 可执行文件的开头包含所谓的『MZ』文件头,紧跟着是所谓的『PE』头。如果找不到PE头,那么加载器就会尝试将程序按照 Win16 可执行文件进行读取,而 Win16 的文件头便是MZ后面跟一个NE。如果在MZ头之后既没有找到PE头,也没有找到NE头,那么加载器会尝试将程序按照MS-DOS可重定位可执行文件进行加载。如果连MZ头都没找到,那么加载器就会将其按照MS-DOS不可重定位可执行文件(也叫做COM格式,因为这是CP/M的.COM文件的格式)进行加载。总的来说就是:

MZ PE Win32
NE Win16
其它情况 MS-DOS 可重定位可执行文件
其它情况 MS-DOS 不可重定位可执行文件

Observe that no matter what path you take through the chart, you will always end up at something. There is no exit path that says “Corrupted program”. But where does “Program too big to fit in memory” come from?

很明显,根据上面表格中列出的情况,不管走哪条路最后都会到达某个终点,并且并没有哪个终点是显示『程序已损坏』这条消息的选项。话说回来,『程序太大,无法载入内存』又是怎么回事呢?

If the program header is corrupted, then various fields in the header such as those which specify the amount of memory required by the program will typically be nonsensical values. The loader sees an MS-DOS relocatable program that requires 800KB of conventional memory, and that’s where “Out of memory” comes from. An MS-DOS non-relocatable program contains no such information about memory requirements. The rule for loading non-relocatable programs is simply to load the program into a single 64KB chunk of memory and set it on its way. Therefore, a program with no “MZ” header but which is larger than 64KB in size won’t fit in the single 64KB chunk and consequently results in an “Out of memory” error.

如果某个程序的文件头损坏了,那么在文件头中的一些字段——例如指定程序所需内存数量的值通常会是一些毫无意义的数值。加载器会将其视为一个请求800KB常规内存的 MS-DOS 可重定位应用程序(译注:常规内存上限为640KB),而这就是『内存不足』消息的来源。MS-DOS 不可重定位应用程序是不包含类似所需内存数量之类的信息的,加载这类程序的路子,就是将其装入单独一段64KB内存并运行它。因此,一个没有MZ头、但是尺寸又比64KB大的程序自然无法装入64KB的内存段,由此引发了『内存不足』的错误。

And since people are certain to ask:

顺便一提吧,反正肯定会有人问:

“MZ” = the legendary Mark Zbikowski.

MZ:传奇人物 Mark Zbikowski 的缩写(译注:微软公司的元老级开发者)

“NE” = “New Executable”, back when Windows was “new”.

NE:新式可执行程序(New Executable)的缩写,那时候 Windows 还蛮『新』的。

“PE” = “Portable Executable”, because one of Windows NT’s claims to fame was its portability to architectures other than the x86.

PE:便携式可执行程序(Portable Executable)的缩写,因为 Windows NT 出名的原因之一就是其可以在 x86 平台之外的可移植性。

“LE” = “Linear Executable”, used by OS/2 and by Windows 95 device drivers.

LE:线性可执行程序(Linear Executable),由 OS/2 和 Windows 95 的驱动程序所使用。

TONT 32683 当网站依赖安全漏洞的时候

原文链接:https://devblogs.microsoft.com/oldnewthing/20060112-15/?p=32683

译注:原文第一段超级长,为方便阅读,进行了手工拆分。

Perhaps the biggest risk when making a change in the name of security is all the things that may have been relying on the previously-lax security settings. After all, disabling an insecure feature is easy. The hard part is disabling it while retaining compatibility with people who were relying on that feature.

可能以安全之名做出改变的最大风险,就是那些依赖从前并不那么严格的安全设置的东西。毕竟,关闭一项不安全的功能并不困难,困难的是在关闭它的同时,还能保持与依赖这些功能的人的兼容性。

In the security investigations I’ve been involved with, perhaps the largest chunk of my time is spent trying to find a way to mitigate the security hole without breaking existing customers. (And it’s the Line of Business scenario that is the biggest question mark.)

在我所参与过的安全审查工作中,可能花费时间最多的就是找到一条门路来减缓某个安全漏洞的影响,而不至于破坏既有客户的体验。(并且也是商业用户这条线上的问题最大)

Here’s a real-life example: Consider a sports web site which sells a service to subscribers wherein the site creates a pop-up window whenever a game’s score has changed or some other significant event has occurred. That way, you can leave your browser minimized and go about your day, but when something happens in the game, it will pop up an alert. The round of security changes in Windows XP SP2 broke this site because the rules on positioning of pop-up windows were tightened so that pop-up windows could not appear outside the browser itself. This prevents pop-up windows from being used to cover important browser elements (such as the status bar, the address bar, or a security dialog) and makes it harder for pop-ups to masquerade as system dialogs. But it also broke this company’s business model. And of course, if Microsoft does something that cause you to lose money, you sue. There were probably corporations that had internal web sites that relied on the ability to position pop-ups without restriction. Those corporations no doubt also complained about this change in the name of security.

来举一个现实的例子:假设有一个体育网站向客户销售一种服务,这种服务会在某场比赛的比分发生改变、或有重大事项发生时弹出一个窗口,如此你便可以将浏览器窗口最小化去做别的事,而当比赛出现变化时便会弹出提示。Windows XP SP2的一轮安全更新破坏了这一机制,因为弹出窗口的规则收紧了,现在弹出窗口不能在上级窗口范围之外弹出了。这一改变是用来放置窗口遮蔽浏览器的重要元素(如状态栏、地址栏,或某个安全对话框)的,也让弹出窗口冒充系统对话框的几率大减。然而这项措施也破坏了这家(体育网站)公司的商业模型。理所当然的是,如果微软公司的所作所为让你蒙受了经济损失,你当然会选择起诉。同样的,也有一些企业的内部网站依赖旧有的设计,来将弹出窗口不受限制地进行定位,这些企业也无一例外地抱怨这项以安全之名做出的改变。

As with most security changes that have compatibility consequences, a “safety valve” was added to return to the old insecure behavior for those customers who were relying on it. In this case, you can put the affected sites in the Trusted Sites zone and enable the “Allow script-initiated windows without size or position constraints” setting. But this is just a stop-gap, re-opening the security hole to let this site continue to operate the way it does. The real fix is not to rely on the security hole.

就像多数包含兼容性后遗症的安全更新一样,开发者增加了一道『安全阀』来方便那些仍然依赖旧有的、不安全的行为的客户。在这种情况下,你可以将受影响的网站放进『信任的站点』列表中,并启用『允许脚本启动的窗口不受大小或位置限制』的选项。不过,这只是一道权宜之计,等于将安全漏洞重新打开来,让那些网站可以继续按照旧有的方式运作。真正的修复方式,是不再依赖这些安全漏洞。