原文链接：https://devblogs.microsoft.com/oldnewthing/20050111-00/?p=36743

Wes Haggard wishes that \ would autocomplete to all the computers on the network. [Link fixed 10am.] An early beta of Windows 95 actually did something similar to this, showing all the computers on the network when you opened the Network Neighborhood folder. And the feature was quickly killed.

Wes Haggard 希望（在『运行』对话框或地址栏中）输入 \\ 时，自动完成功能可以列出网络上的所有计算机。Windows 95 的一个早期 beta 版本实际上有一个与此类似的功能，当你打开『网上邻居』文件夹时便列出网络上的所有计算机，然而这个功能很快就被砍掉了。

Why?

为什么呢？

Corporations with large networks were having conniptions because needlessly enumerating all the machines on the network can bring a large network to its knees. Think about all the times you type “\\”. Now imagine if every single time you did that, Explorer started enumerating all the machines on the network. And imagine how your network administrator would feel if their network traffic saturated with enumerations each time you did that.

拥有大型网络的企业对此大动肝火，因为毫无必要地枚举出网络上所有的计算机有将一个大型网络搞到跪的能力。想像一下每次你输入 \\ 的时候。然后再想像一下每次你这样做的时候，资源管理器都会开始枚举网络上所有的计算机。再想像一下每次你这样做时，网络上的巨额流量会让网管的脸有多难看。

Network administrators made it clear in no uncertain terms that having Windows casually enumerate all the machines on their LAN was totally unacceptable.

网管们非常清楚且毫不含糊地表示，让 Windows 随随便便就在局域网上枚举所有计算机是完全不可接受的事情。

The needs of the corporate environment are very different from those of the home network, and Windows needs to operate in both worlds.

企业环境的需求与家庭网络大相径庭，而 Windows 需要在两种环境下都能正常操作。

原文链接：https://devblogs.microsoft.com/oldnewthing/20041215-00/?p=37003

The performance of the syscall trap gets a lot of attention.

有关 syscall 陷阱的效率问题吸引了很多人的注意。

I was reminded of a meeting that took place between Intel and Microsoft over fifteen years ago. (Sadly, I was not myself at this meeting, so the story is second-hand.)

我想起了十五年前 Intel 和微软之间的一次会议。（很遗憾当时我没有亲自在场，所以接下来的故事是转述的。）

Since Microsoft is one of Intel’s biggest customers, their representatives often visit Microsoft to show off what their latest processor can do, lobby the kernel development team to support a new processor feature, and solicit feedback on what sort of features would be most useful to add.

鉴于微软是 Intel 最大的客户之一，Intel 的代表经常到访微软，炫耀他们最新款的处理器的能力，游说内核开发团队支持一项新的处理器功能，并且征求有关有意向添加到处理器中的、最有用的功能类别。

At this meeting, the Intel representatives asked, “So if you could ask for only one thing to be made faster, what would it be?”

在那次会议上，Intel 的代表问道，『如果只有一件事可以提速，你们希望是什么呢？』

Without hesitation, one of the lead kernel developers replied, “Speed up faulting on an invalid instruction.”

内核团队的一位领头开发者不假思索地回答道：『执行无效指令时的出错再快一点。』

The Intel half of the room burst out laughing. “Oh, you Microsoft engineers are so funny!” And so the meeting ended with a cute little joke.

会议室里 Intel 一侧的人们大笑起来，『哎呀，你们微软的工程师可真有意思！』会议在这个小而有趣的玩笑中收场了。

After returning to their labs, the Intel engineers ran profiles against the Windows kernel and lo and behold, they discovered that Windows spent a lot of its time dispatching invalid instruction exceptions. How absurd! Was the Microsoft engineer not kidding around after all?

等回到实验室之后，Intel 的工程师们对 Windows 的内核进行了测评，出乎意料地发现 Windows 花了大量的时间来调度无效的指令异常。这也太荒谬了吧！微软的那些工程师原来并不是在开玩笑吗？

No he wasn’t.

还真不是。

It so happens that on the 80386 chip of that era, the fastest way to get from V86-mode into kernel mode was to execute an invalid instruction! Consequently, Windows/386 used an invalid instruction as its syscall trap.

原来在那个时代的 80386 处理器上，从虚拟8086模式切换到内核模式最快的方法，正是执行一个无效的指令！因此，Windows/386 将无效指令作为了 syscall 的陷阱。

What’s the moral of this story? I’m not sure. Perhaps it’s that when you create something, you may find people using it in ways you had never considered.

至于这个故事教给我们的道理是什么，我并不太确定。大概是当你创造了一项事物时，你会发现人们会用你从未考虑过的方式去使用它。

原文链接：https://devblogs.microsoft.com/oldnewthing/20041202-00/?p=37153

The story behind the 55ms timer tick rate goes all the way back to the original IBM PC BIOS. The original IBM PC used a 1.19MHz crystal, and 65536 cycles at 1.19MHz equals approximately 55ms. (More accurately, it was more like 1.19318MHz and 54.92ms.)

定时器的运行频率是 55ms 追根究底要回到原始的 IBM PC BIOS 上。最初的 IBM PC 使用了一颗 1.19MHz 的晶振，而 1.19MHz 上 65536 个时钟周期所需的时间大约就是 55ms。（更准确的说，应该是 1.19318 MHz 和 54.92ms。）

But that just pushes the question to another level. Why 1.19…MHz, then?

不过这样一解释只是将问题又推高了一个级别，为什么是 1.19 MHz 呢？

With that clock rate, 2¹⁶ ticks equals approximately 3600 seconds, which is one hour. (If you do the math it’s more like 3599.59 seconds.) [Update: 4pm, change 232 to 216; what was I thinking?]

在这样的时钟频率下，2¹⁶ 个嘀嗒（tick）大约就是 3600 秒，也就是一小时。（精确一些的话，也可以说是3599.59 秒。）

What’s so special about one hour?

为什么『一个小时』这个周期那么特别呢？

The BIOS checked once an hour to see whether the clock has crossed midnight. When it did, it needed to increment the date. Making the hourly check happen precisely when a 16-bit tick count overflowed saved a few valuable bytes in the BIOS.

BIOS 每小时会检查一次系统时钟来确定是否跨越了午夜，当这种情况发生时，系统就会将日期向前推进一天。让这种检查机制发生在16位嘀嗒存储器溢出的时刻，可以在 BIOS 中节约宝贵的几个字节。

Another reason for the 1.19MHz clock speed was that it was exactly one quarter of the original CPU speed, namely 4.77MHz, which was in turn 4/3 times the NTSC color burst frequency of 3.5MHz. Recall that back in these days, personal computers sent their video output to a television set. Monitors were for the rich kids. Using a timer related to the video output signal saved a few dollars on the motherboard.

另一个采用 1.19MHz 时钟频率的原因是因为这个值正好是原始设计中 CPU 运行速度—— 4.77MHz ——的四分之一，而这正好又是 NTSC 制式的彩色信号频率的三分之四倍（译注：没有打错，4.77除以3.5约等于4除以3）。当年，个人电脑是将其视频信号输出到电视上的，那时候显示器是有钱人的玩具，而将定时器频率与视频信号关联起来则又在主板上省出了几美元的成本。

Calvin Hsia has another view of the story behind the 4.77MHz clock.

Calvin Hsia 提供了有关 4.77 MHz 时钟频率的另一个角度的故事。（译注：链接已失效）

(Penny-pinching was very common at this time. The Apple ][ had its own share of penny-saving hijinks.)

（那时候一分钱掰成两半花是很常见的事，Apple ][ 有其自己的省钱小妙招。）（译注：链接已失效）

原文链接：https://devblogs.microsoft.com/oldnewthing/20041122-00/?p=37233

If I had a nickel each time somebody asked for a feature that was a security hole…

如果每当有人要求加一个实际上是安全漏洞的功能，我就能得到一个镍币的话……

I’d have a lot of nickels.

那我应该早已攒下了很多钱。

For example, “I want a file that all users can write to. My program will use it as a common database of goodies.”

例如，『我想要一个文件，对所有用户可写，我的程序会用它来作为一个存放好东西的公用数据库。』

This is a security hole. For a start, there’s an obvious denial of service attack by having a user open the file in exclusive mode and never letting go. There’s also a data tampering attack, where the user opens the file and write zeros all over it or merely alter the data in subtle ways. Your music index suddenly lost all its Britney Spears songs. (Then again, maybe that’s a good thing. Sneakier would be to edit the index so that when somebody tries to play a Britney Spears song, they get Madonna instead.) [Minor typo fixed. 10am]

这就是一个安全漏洞。首先，这是一个很明显的拒绝服务攻击点，某用户以独占方式打开它，然后永远不关闭就可以了。此外这还是一个数据篡改漏洞，用户可以打开文件，然后将数据用0全部覆写，或者对数据做一点细微的变动，你的音乐库里所有 Britney Spears 的歌就突然全部消失了。（说实话，这样都还算好的，更加鬼鬼祟祟的人会修改索引，这样等下次有人想播 Britney Spears 的歌时，放出来的却会是 Madonna 的了。）

A colleague from the security team pointed out another problem with this design: Disk quotas. Whoever created the file is charged for the disk space consumed by that file, even if most of the entries in the file belong to someone else. If you create the file in your Setup program, then it will most likely be owned by an administrator. Administrators are exempt from quotas, which means that everybody can party their data into the file for free! (Use alternate data streams so you can store your data there without affecting normal users of the file.) And if the file is on the system partition (which it probably is), then users can try to fill up all the available disk space and crash the system.

安全团队的一位同事还指出了这种设计制造出的另一个麻烦：磁盘配额。谁创建了这个文件，谁就为此付出了与文件大小等同自己的磁盘配额，即便文件内容中大多数的条目都属于其他人。如果这个程序是在你的安装程序中创建的，那么这个文件的所有人大概率会是系统管理员（Administrator）。系统管理员是从磁盘配额管制中豁免的，意味着任何人都可以将任何数据写到这个文件里，而且还不受配额的限制。（如果使用交换数据流（译注：alternate data stream，个人认为译为『备用数据流』更佳，此处采用通行译法）的方式，你还可以将自己的数据存进交换数据流里，而不会影响到其他人的数据）。如果这个文件存放在系统分区中（大概率会是这样），那么用户就可以尝试耗尽剩余的磁盘空间，让系统崩溃。

If you have a shared resource that you want to let people mess with, one way to do this is with a service. Users do not access the resource directly but rather go through the service. The service decides what the user is allowed to do with the resource. Maybe some users are permitted only to increment the “number of times played” counter, while others are allowed to edit the song titles. If a user is hogging the resource, the server might refuse connections for a while from that user.

如果你有一项共享资源想放开给用户折腾，一种比较可行的做法是通过服务。用户需要通过服务而不是直接去访问这项资源，而服务决定了允许用户对这项资源的所作所为。例如，一些用户只有权限增加『已播放次数』的计数器，而另一些用户则可以编辑歌曲的标题等等。如果某个用户对这项资源的访问过于贪婪，服务器可以决定暂停对这个用户提供服务。

A file doesn’t give you this degree of control over what people can do with it. If you grant write permission to a user, then that user can write to any part of the file. The user can open the file in exclusive mode and prevent anybody else from accessing it. The user can put fake data in the file in an attempt to confuse the other users on the machine.

单一一个文件无法给予这种等级的控制，来管制用户可以对其进行的操作。如果你授予用户写入的权限，那用户就可以对文件的任何部分进行写入。用户可以以独占方式打开这个文件，从而阻止其他人对其的访问。用户甚至可以在文件中写入伪造的数据，借此使同一机器上的其他用户感到困惑。

In other words, the user can make a change to the system that impacts how other users can use the system. This sort of “impact other users” behavior is something that is reserved for administrators. An unprivileged user should be allowed only to mess up his own life; he shouldn’t be allowed to mess up other users’ lives.

换句话说，某个用户可以对系统做出变更，而这些变更会影响其他用户对系统的使用。这类『影响其他用户』的行为是保留给系统管理员的权力。没有特权的用户应当只被允许对其自己的生活瞎折腾，而不应被允许去折腾其他用户的生活。

Armed with this information, perhaps now you can answer this question posted to comp.os.ms-windows.programmer a few months ago.

了解了这一点之后，大概现在你就有资格去回答这个几个月前贴在comp.os.ms-windows.programmer上的问题了。

原文链接：https://devblogs.microsoft.com/oldnewthing/20041118-00/?p=37263

If you have both a folder named, say, C:\Folder and a program named C:\Folder.exe and you type C:\Folder into the Start.Run dialog, you get the program and not the folder.

如果有一个文件夹，比如是 C:\Folder，与此同时有一个程序，其路径为 C:\Folder.exe，当你在开始—运行中输入 C:\Folder 时，会运行那个程序而不是打开那个文件夹。

Why is that?

这是为什么呢？

Because it is common to have D:\Setup.exe D:\Setup\… where there is a setup program in the root, as well as a setup folder containing files needed by the setup program.

因为同时在根目录下包含作为安装程序的 D:\Setup.exe 和作为存储安装程序所需文件的 D:\Setup\ 这个目录是很常见的情况。

Before Windows 95, you couldn’t open a folder by typing its name. (If you wanted to view it in File Manager, you had to run File Manager explicitly.) As a result, programs written for earlier versions of Windows would have instructions like

在 Windows 95 之前，你是不能通过输入目录的名字（译注：即输入到目录为止的路径）来打开一个目录的。（如果你想在“文件管理器”中查看目录的内容，你必须刻意去运行“文件管理器”）因此，为早期版本Windows撰写的程序通常都包含有类似如下的操作指南：

• Insert the floppy disk labelled “Setup”. (CDs were for the rich kids.)
  插入标有『Setup』（安装）标签的软盘。（那年头CD是有钱人才用得起的东西）
• From Program Manager, click File, then Run.
  在“程序管理器”中，单击“文件”，然后选择“运行”
• In the dialog box, type “A:\SETUP” and press Enter.
  在弹出的对话框中，输入“A:\SETUP”，然后按下回车键

Since there was no such thing as “opening a folder”, the only option was to run the program A:\SETUP.EXE.

由于并没有（通过运行对话框来）“打开目录”这种操作，（向上面这样做）唯一的结果就是运行了程序 A:\SETUP.EXE。

Windows 95 was required to prefer the program over the folder in order that those instructions would remain valid (substituting the Start button for the File menu).

Windows 95 为了能让上面这样的操作指示仍然有效，（在遇到目录和程序同名的情况时）会优先选择运行程序而不是打开目录本身（当然还要将『文件菜单』替换为『开始菜单』）。

And each version of Windows that prefers the program over the folder creates an environment wherein people who write setup programs rely on that preference, thereby securing this behavior for the next version of Windows.

另外，每个版本的 Windows 这种优先运行程序而不是打开文件夹的环境，又进一步促使用户在设计安装程序时依赖这种设计，进一步保证了这种设计可以被延续到下一个版本的 Windows 中。

But what if you really want to open the folder?

不过，如果你真的想打开那个同名目录怎么办？

Append a backslash to force the path to be interpreted as a folder (A:\SETUP\).

在最后加一个反斜杠（\），使其强制被解释为文件夹（A:\SETUP\）就可以了。