The clipboard is a data buffer used for short-term data storage and/or data transfer between documents or applications used by cut and paste operations and provided by the operating system. It is implemented as an anonymous, temporary data buffer, sometimes called the paste buffer, that can be accessed from most or all programs within the environment via defined programming interfaces. A typical application accesses clipboard functionality by mapping user input such as keybindings, menu selections, etc. to these interfaces. The semantics of the clipboard facility varies from one operating system to another, can vary between versions of the same system, they can sometimes be changed by user preference. When an element is copied or cut, the clipboard holds every available format of it, since at this point, it is not known which format is needed when the content is pasted; the core functionality of the clipboard provided by the operating system can be extended by applications and clipboard managers.
Windows and macOS support a single clipboard transaction. Each cut or copy overwrites the previous contents. Paste operations copy the contents, leaving the contents available in the clipboard for further pasting operations. Clipboard data is stored in the computer's RAM. Drag and drop enables users to drag and drop information from one control to another similar to the functionality of cut and paste from the users view, but it doesn't affect the clipboard. Clipboards as buffers for small text snippets were first used by Pentti Kanerva when he used it to store deleted texts in order to restore them. Since one could delete a text in one place and restore it in another, the term "delete" wasn't what one would expect in this case. Larry Tesler renamed this in 1973 as cut and paste and coined the term "clipboard" for this buffer, since these techniques need a clipboard for temporary saving the copied or cut data. Applications communicate through the clipboard by providing either serialized representations of an object, or a promise.
In some circumstances the transfer of certain common data formats may be achieved opaquely through the use of an abstract factory, for example Mac OS X uses the a class called NSImage to provide access to image data stored on the clipboard, though the actual format of the image data backing the object is hidden. The sending and receiving application negotiate the formats which can be transferred in between them, oftentimes with the active GUI widget responsible for providing acceptable type transformations; the pasteboard allows for transfer of common items such as URLs, images, attributed strings, sounds. The operating system and GUI toolkit may provide some common conversions, for example converting from rich text to plain text and vice versa. Various type identifiers for data transfer are supported by modern operating systems, which may automatically provide acceptable mappings between type systems, such as between MIME and Uniform Type Identifier. Clipboard hijacking is an exploit in which a person's clipboard's content is replaced by malicious data, such as a link to a malicious web site.
The standard paste operation copies the most recent transaction, while specialized pastes provide access to the other stored transactions. These managers also provide a window that displays the transaction history and allows the user to select earlier copies, edit them, change their format and search amongst them. Since most operating systems do not save the clipboard contents to any persistent storage – when a user logs out or reboots the system the clipboard contents are deleted – an added functionality is to save the clipboard persistently. Another example is making the local clipboard work with online applications by saving the clipboard data to the online location upon a copy or cut event, making this data available to online applications for pasting. Clipboard managers can serve as tools to overcome the limitation of software not supporting copying and pasting; the clipboard in Microsoft Windows holds one item in multiple available formats. Every item has at least one clipboard format, but can have different types of format of the same data.
The three different types of possible formats are: standard formats, registered formats private formats for internal useUp to
Windows Error Reporting
Windows Error Reporting is a crash reporting technology introduced by Microsoft with Windows XP and included in Windows versions and Windows Mobile 5.0 and 6.0. Not to be confused with the Dr. Watson debugging tool which left the memory dump on the user's local machine, Windows Error Reporting collects and offers to send post-error debug information using the Internet to the Microsoft or stops responding on a user's desktop. No data is sent without the user's consent; when a dump reaches the Microsoft server, it is analyzed and a solution is sent back to the user when one is available. Solutions are served using Windows Error Reporting Responses. Windows Error Reporting runs as a Windows service and can optionally be disabled. If Windows Error Reporting itself crashes an error report that the original crashed process produced cannot be sent at all. Kinshuman is the original designer of Windows Error Reporting in Vista, the same design and implementation, present in current Windows versions. Microsoft first introduced Windows Error Reporting with Windows XP.
Windows Error Reporting was improved in Windows Vista. Most a new set of public APIs have been created for reporting failures other than application crashes and hangs. Developers can customize the reporting user interface; the new APIs are documented in MSDN. The architecture of Windows Error Reporting has been revamped with a focus on reliability and user experience. WER can now report errors when the process is in a bad state for example if the process has encountered stack exhaustions, PEB/TEB corruptions, heap corruptions, etc. In earlier OSs prior to Windows Vista, the process terminated silently without generating an error report in these conditions. A new Control Panel applet, "Problem Reports and Solutions" was introduced, keeping a record of system and application errors and issues, as well as presenting probable solutions to problems; the Problem Reports and Solutions Control Panel applet was replaced by the Maintenance section of the Windows Action Center on Windows 7 and Server 2008 R2.
A new app, Problem Steps Recorder, is available on all builds of Windows 7 and enables the collection of the actions performed by a user while encountering a crash so that testers and developers can reproduce the situation for analysis and debugging. WER is a distributed system. Client-side software detects an error condition, generates an error report, labels the bucket, reports the error to the WER service; the WER service records the error occurrence and depending on information known about the particular error, might request additional data from the client, or direct the client to a solution. Programmers access the WER service to retrieve data for specific error reports and for statistics-based debugging. Errors collected by WER clients are sent to the WER service; the WER service employs 60 servers connected to a 65TB storage area network that stores the error report database and a 120TB storage area network that stores up to 6 months of raw CAB files. The service is provisioned to receive and process well over 100 million error reports per day, sufficient to survive correlated global events such as Internet worms.
In the Microsoft Windows Error Reporting system, crash reports are organized according to "buckets". Buckets classify issues by: Application Name, Application Version, Application Build Date, Module Name, Module Version, Module Build Date, OS Exception Code/System Error Code, Module Code Offset. Ideally, each bucket contains crash reports. However, there are two forms of weakness in the WER bucketing: weaknesses in the condensing heuristics, which result in mapping reports from a bug into too many buckets. For example, if you compile your application one more time without any changes Module Build Date will changes however and same crash will be placed to another bucket, and weaknesses in the expanding heuristics, which result in mapping more than one bug into the same bucket. For example, if two different bugs crash inside strlen function because they call it with corrupted string there will be only one bucket for both; this occurs because the bucket is generated on the Windows OS client without performing any symbol analysis on the memory dump.
The module, picked by the Windows Error Reporting client is the module at the top of the stack. Investigations of many reports result in a faulting module, different from the original bucket determination. Software & hardware manufacturers may access their error reports using Microsoft's Windows Dev Center Hardware and Desktop Dashboard program. In order to ensure that error reporting data only goes to the engineers responsible for the product, Microsoft requires that interested vendors obtain a VeriSign Class 3 Digital ID or DigiCert certificate. Digital certificates provided by cheaper providers are not accepted. Software and hardware manufacturers can close the loop with their customers by linking error signatures to Windows Error Reporting Responses; this allows distributing solutions as well as collecting extra information from customers and providing them with support links. Microsoft has reported that data collected from Windows Error Reporting has made a huge difference in the way software is developed internally.
For instance, in 2002, Steve Ballmer noted that error reports enabled the Windows team to fix 29% of all Windows XP errors with Windows XP SP1. Over half of all Microsoft Office
In computing, a process is the instance of a computer program, being executed. It contains its activity. Depending on the operating system, a process may be made up of multiple threads of execution that execute instructions concurrently. While a computer program is a passive collection of instructions, a process is the actual execution of those instructions. Several processes may be associated with the same program. Multitasking is a method to allow multiple processes to other system resources; each CPU executes a single task at a time. However, multitasking allows each processor to switch between tasks that are being executed without having to wait for each task to finish. Depending on the operating system implementation, switches could be performed when tasks perform input/output operations, when a task indicates that it can be switched, or on hardware interrupts. A common form of multitasking is time-sharing. Time-sharing is a method to allow high responsiveness for interactive user applications.
In time-sharing systems, context switches are performed which makes it seem like multiple processes are being executed on the same processor. This seeming execution of multiple processes is called concurrency. For security and reliability, most modern operating systems prevent direct communication between independent processes, providing mediated and controlled inter-process communication functionality. In general, a computer system process consists of the following resources: An image of the executable machine code associated with a program. Memory. Operating system descriptors of resources that are allocated to the process, such as file descriptors or handles, data sources and sinks. Security attributes, such as the process' set of permissions. Processor state, such as the content of registers and physical memory addressing; the state is stored in computer registers when the process is executing, in memory otherwise. The operating system holds most of this information about active processes in data structures called process control blocks.
Any subset of the resources at least the processor state, may be associated with each of the process' threads in operating systems that support threads or child processes. The operating system keeps its processes separate and allocates the resources they need, so that they are less to interfere with each other and cause system failures; the operating system may provide mechanisms for inter-process communication to enable processes to interact in safe and predictable ways. A multitasking operating system may just switch between processes to give the appearance of many processes executing though in fact only one process can be executing at any one time on a single CPU, it is usual to associate a single process with a main program, child processes with any spin-off, parallel processes, which behave like asynchronous subroutines. A process is said to own resources. However, in multiprocessing systems many processes may run off of, or share, the same reentrant program at the same location in memory, but each process is said to own its own image of the program.
Processes are called "tasks" in embedded operating systems. The sense of "process" is "something that takes up time", as opposed to "memory", "something that takes up space"; the above description applies to both processes managed by an operating system, processes as defined by process calculi. If a process requests something for which it must wait, it will be blocked; when the process is in the blocked state, it is eligible for swapping to disk, but this is transparent in a virtual memory system, where regions of a process's memory may be on disk and not in main memory at any time. Note that portions of active processes/tasks are eligible for swapping to disk, if the portions have not been used recently. Not all parts of an executing program and its data have to be in physical memory for the associated process to be active. An operating system kernel that allows multitasking needs processes to have certain states. Names for these states are not standardised. First, the process is "created" by being loaded from a secondary storage device into main memory.
After that the process scheduler assigns it the "waiting" state. While the process is "waiting", it waits for the scheduler to do a so-called context switch and load the process into the processor; the process state becomes "running", the processor executes the process instructions. If a process needs to wait for a resource, it is assigned the "blocked" state; the process state is changed back to "waiting". Once the process finishes execution, or is terminated by the operating system, it is no longer needed; the process is removed or is moved to the "terminated" state. When removed, it just waits to be removed from main
Graphical user interface
The graphical user interface is a form of user interface that allows users to interact with electronic devices through graphical icons and visual indicators such as secondary notation, instead of text-based user interfaces, typed command labels or text navigation. GUIs were introduced in reaction to the perceived steep learning curve of command-line interfaces, which require commands to be typed on a computer keyboard; the actions in a GUI are performed through direct manipulation of the graphical elements. Beyond computers, GUIs are used in many handheld mobile devices such as MP3 players, portable media players, gaming devices and smaller household and industrial controls; the term GUI tends not to be applied to other lower-display resolution types of interfaces, such as video games, or not including flat screens, like volumetric displays because the term is restricted to the scope of two-dimensional display screens able to describe generic information, in the tradition of the computer science research at the Xerox Palo Alto Research Center.
Designing the visual composition and temporal behavior of a GUI is an important part of software application programming in the area of human–computer interaction. Its goal is to enhance the efficiency and ease of use for the underlying logical design of a stored program, a design discipline named usability. Methods of user-centered design are used to ensure that the visual language introduced in the design is well-tailored to the tasks; the visible graphical interface features of an application are sometimes referred to as chrome or GUI. Users interact with information by manipulating visual widgets that allow for interactions appropriate to the kind of data they hold; the widgets of a well-designed interface are selected to support the actions necessary to achieve the goals of users. A model–view–controller allows flexible structures in which the interface is independent from and indirectly linked to application functions, so the GUI can be customized easily; this allows users to select or design a different skin at will, eases the designer's work to change the interface as user needs evolve.
Good user interface design relates to users more, to system architecture less. Large widgets, such as windows provide a frame or container for the main presentation content such as a web page, email message or drawing. Smaller ones act as a user-input tool. A GUI may be designed for the requirements of a vertical market as application-specific graphical user interfaces. Examples include automated teller machines, point of sale touchscreens at restaurants, self-service checkouts used in a retail store, airline self-ticketing and check-in, information kiosks in a public space, like a train station or a museum, monitors or control screens in an embedded industrial application which employ a real-time operating system. By the 1980s, cell phones and handheld game systems employed application specific touchscreen GUIs. Newer automobiles use GUIs in their navigation systems and multimedia centers, or navigation multimedia center combinations. Sample graphical desktop environments A GUI uses a combination of technologies and devices to provide a platform that users can interact with, for the tasks of gathering and producing information.
A series of elements conforming a visual language have evolved to represent information stored in computers. This makes it easier for people with few computer skills to use computer software; the most common combination of such elements in GUIs is the windows, menus, pointer paradigm in personal computers. The WIMP style of interaction uses a virtual input device to represent the position of a pointing device, most a mouse, presents information organized in windows and represented with icons. Available commands are compiled together in menus, actions are performed making gestures with the pointing device. A window manager facilitates the interactions between windows and the windowing system; the windowing system handles hardware devices such as pointing devices, graphics hardware, positioning of the pointer. In personal computers, all these elements are modeled through a desktop metaphor to produce a simulation called a desktop environment in which the display represents a desktop, on which documents and folders of documents can be placed.
Window managers and other software combine to simulate the desktop environment with varying degrees of realism. Smaller mobile devices such as personal digital assistants and smartphones use the WIMP elements with different unifying metaphors, due to constraints in space and available input devices. Applications for which WIMP is not well suited may use newer interaction techniques, collectively termed post-WIMP user interfaces; as of 2011, some touchscreen-based operating systems such as Apple's iOS and Android use the class of GUIs named post-WIMP. These support styles of interaction using more than one finger in contact with a display, which allows actions such as pinching and rotating, which are unsupported by one pointer and mouse. Human interface devices, for the efficient interaction with a GUI include a computer keyboard used together with keyboard shortcuts, pointing devices for the cursor control: mouse, pointing stick, trackball, virtual keyboards, head-up displays. There are actions performed by programs that affect the GUI.
For example, there are components like inotify or D-Bus to facilitate communication between computer programs. Ivan Sutherland developed Sketchpad in 1963 held as the first graphical co
Mark Eugene Russinovich is a Spanish-born American software engineer who serves as CTO of Microsoft Azure. He was a cofounder of software producers Winternals before it was acquired by Microsoft in 2006. Russinovich was born in Salamanca and was raised in Birmingham, United States, until he was 15, when he moved with his family to Pittsburgh, Pennsylvania, his father was a radiologist and his mother was a business administrator of his father's radiology practice in Pittsburgh. Russinovich is of Croatian ancestry, he was introduced to computers. He was able to write programs for it. At age 15, he bought himself his first computer, a Texas Instruments TI99/4A. About six months his parents bought him an Apple II+ from his local high school when it upgraded the computer labs to Apple IIes, he wrote magazine articles about Apple II. In 1989, Russinovich earned his Bachelor of Science degree in computer engineering from Carnegie Mellon University, where he was a member of the Pi Kappa Alpha Beta Sigma chapter.
The following year he received a Master of Science degree in computer engineering from Rensselaer Polytechnic Institute. He returned to Carnegie Mellon, where he received a Ph. D. in computer engineering in 1994 with thesis titled Application-transparent fault management under the supervision of Zary Segall. From September 1994 through February 1996 he was a research associate with the University of Oregon's computer science department. From February through September 1996 he was a developer with NuMega Technologies, where he worked on performance monitoring software for Windows NT. In 1996, he and Bryce Cogswell cofounded Winternals Software, where Russinovich served as Chief Software Architect, the web site sysinternals.com, where Russinovich wrote and published dozens of popular Windows administration and diagnostic utilities including Autoruns, Regmon, Process Explorer, TCPView, RootkitRevealer among many others. From September 1996 through September 1997 he worked as a consulting associate at OSR Open Systems Resources, Inc. a company based in Amherst, New Hampshire.
From September 1997 through March 2000, he was a research staff member at IBM's Thomas J. Watson Research Center, researching operating system support for Web server acceleration and serving as an operating systems expert. Russinovich joined Microsoft in 2006. In his role as an author, he is a regular contributor to TechNet Magazine and Windows IT Pro magazine on the subject of the Architecture of Windows 2000 and was co-author of Inside Windows 2000. Russinovich is the author of many tools used by Windows NT and Windows 2000 kernel-mode programmers, of the NTFS file system driver for DOS. In 1996, Russinovich discovered that altering two values in the Windows Registry of the Workstation edition of Windows NT 4 would change the installation so it was recognized as a Windows NT Server and allow the installation of Microsoft BackOffice products which were licensed only for the Server edition; the registry key values were guarded by a worker thread to detect tampering, a program called NT Tune was released to kill the monitor thread and change the values.
Russinovich wrote LiveKD, a utility included with CD Inside Windows 2000, 3rd Edition, as of 2017 available to download. In 2005, Russinovich discovered the Sony rootkit in Sony DRM products, its function was to prevent users from copying their media. In January 2006, Russinovich discovered a rootkit in Norton SystemWorks by Symantec Corporation. Symantec directly removed the rootkit, he analyzed the Windows Metafile vulnerability and concluded that it was not a deliberate backdoor. This possibility had been raised – albeit tentatively – by Steve Gibson after a cursory investigation of the nature of the exploit and its mechanism. Russinovich's novels Zero Day and Trojan Horse were published by Thomas Dunne Books on March 15, 2011 and September 4, 2012. Both are in a series of popular techno-thrillers, that have attracted praise from industry insiders such as Mikko Hypponen and Daniel Suarez. A short story, "Operation Desolation" was published just before Trojan Horse and takes place 1 year after the events of Zero Day.
Book 3, Rogue Code: A Novel deals with vulnerabilities of the NYSE. It has a foreword by Haim Bodek, author of The Problem of HFT: Collected Writings on High Frequency Trading & Stock Market Structure Reform. Computer books Solomon, David. Inside Microsoft Windows 2000. Microsoft Press. ISBN 0-7356-1021-5. Russinovich, Mark. Microsoft Windows Internals. Microsoft Press. ISBN 0-7356-1917-4. Russinovich, Mark. Microsoft Windows Internals. Microsoft Press. ISBN 0-7356-2530-1. Russinovich, Mark. Windows Sysinternals Administrator's Reference. Microsoft Press. ISBN 0-7356-5672-X. Russinovich, Mark. Microsoft Windows Internals, Part 1. Microsoft Press. ISBN 0-7356-4873-5. Russinovich, Mark. Microsoft Windows Internals, Part 2. Microsoft Press. ISBN 0-7356-6587-7. Novels Zero Day: A Novel. Thomas Dunne Books. March 15, 2011. ISBN 0-312-61246-X. Operation Desolation: A Short Story. Thomas Dunne Books. August 7, 2012. ASIN B0080K37P2. Trojan Horse. Thomas Dunne Books. September 4, 2012. ISBN 9781250010483. Rogue Code. Thomas Dunne Books.
May 20, 2014. ISBN 9781250035370. Articles "Inside NT's Object Manager". Windows IT