I put together ievms because IECollection and IETester don't accurately represent true standalone IE versions. Things like PNG transparency polyfills and Flash/JS communication will not work as expected with those tools. Plus you'll have to manage your own (licensed) Windows instance.
IE7: 13GB
IE8: 8.4GB
IE9: 13GB
Currently, the script will leave the compressed RAR files in place, which means you're looking at something like 45 freaking GB if you don't prune them manually (in ~/.ievms/vhd/). This wasn't a big deal for me on my company workstation, but kinda sucks on my Macbook Air, so I'll be adding a cleanup option shortly. You probably don't need to keep the compressed files around anyway since we take a snapshot like you mentioned.
DLL hell solved indeed. How many versions do you keep?
For what it's worth, the DLLs in System32 are projected out of WinSxS with hardlinks, so they should not take up extra space. You still have the multiple version thing, however that can be somewhat mitigated by making service packs permanent[1].
Personally speaking, I would love to see Google release an offical, downloadable ChromeOS images that could be used with VMWare or Virtualbox. Something like that could be a real boon for some users.
The magic in ChromeOS is the hardware Google uses from the Chromebooks. There is an unofficial site with images for Chromium(?)OS but it doesn't look pretty.
Beyond that I hope they have some better fonts on the Chromebooks.
I can't imagine what would one do with a ChromeOS VM when you have native Chrome builds available. Once the novelty factor wears out (and it does, pretty quickly), there is nothing to be done except delete the vm.
Otoh, I see the value in a secure device like the Chromebook and I think this is what ChromeOS is selling, not just the actual OS.
FWIW, my copy of Parallels 6 has a "Download Chrome OS" in its File menu. Last time I tried it, after some delay I was met with a functional copy of Chrome OS (I don't even recall having to answer any questions).
You can't get the VMs to pass WGA so they are only good for 30 days before they have to be reset; which pretty much makes them only good for testing / qa purposes.
This seems like a very reasonable decision on Microsoft's part: they make it easier / legal / quick to test on their platform and more people will support and develop on it.
I dunno, it could be useful for a number of things.
For example, I know a few online banking solutions that are IE-only. The most you need there might be a certificate, so resetting the vm every 30 days isn't such a big deal.
I try to keep the VMs as small as possible anyhow and if you need data, you keep it in a VM shared folder that you map in the Windows guest.
Don't worry I'm sure some bean counter crunched the numbers and they decided it was an acceptable risk.
I mean, if you want a fully functional pirated version that doesn't expire every 30 days and you never have to activate you don't exactly have to look very hard, or far.
Bad trend in the open-source community. Please don't ask your users to install stuff this way. Not that you can't be trusted, it leads to people dropping their guard.
This comes up every time an install script like that is used, and in a lot of cases, it's a warrantless criticism.
Projects like this are obviously targeted towards developers as they're hosted on github. If you really want to check out what the script is doing, just look at the file. Or better yet, clone the repo and use it/install however you want.
I understand your point and I'm open to suggestions on how to assuage any security concerns while maintaining convenience. I don't know if users are more likely to read and understand the source if it's provided only as a separate download, however. Perhaps just a big honkin warning in the README?
Is it particularly worse than downloading and blindly running the code in separate steps? I don't think the majority of users have ever extensively audited the software they run, so it's not exactly a new trend. If you are capable of evaluating this script, you already know how to do it.
I kind of view bash piping as the worlds easiest install package.
Unequivocally, it is dangerous to run random pieces of code from the internet, it just seems odd to me that if this same code was in a nice packaged install wizard nobody would say anything about it.
If you install a package via the package managers on debian, ubuntu, fedora, and other major distros you can be reasonably sure that the packages aren't malicious because they've been security reviewed before they made it into APT/YUM/etc. Downloading some shell script off the internet and running it without even reading it first is a really bad idea by comparison.
So, you mean like everything on OSX and Windows, where you don't have such package management systems with (long-standing, trustable) benevolent hosts? Yeah, downloading some application off the internet and running them is a really bad idea - how is this worse?
edit: how about iOS? There have been news entries about them sending data where they shouldn't - that's a curated host. iOS is a lot more sandboxed, but that doesn't make the danger nonexistent.
> If you install a package via the package managers on debian, ubuntu, fedora, and other major distros you can be reasonably sure that the packages aren't malicious because they've been security reviewed before they made it into APT/YUM/etc
When people are delivering software that isn't in the official repository, downloading a script and running it is no less secure than the alternatives.
> Bad trend in the open-source community. Please don't ask your users to install stuff this way. Not that you can't be trusted, it leads to people dropping their guard.
And what will be the right way to do it? The way people don't drop their guard? `./configure && make && sudo make install`? Or `sudo apt-get install`? How are any of these or many other options seemingly better than this?
You probably mean 'add-apt-repository foorepo && apt-get update && apt-get install foopkg' or 'dpkg -i foopkg' (as root) because as is, 'apt-get install' is innocuous given one uses the default trusted, signed and whatnot repos.
I'd support this more if they weren't using https - since the user's going to run it anyway, there's no real advantage over any other means of getting this file onto their system. Well-known http:// urls are worse since they allow interesting spoofing attacks if they become popular.
xdissent[1], the author of this package, is a HN user, but he has negative karma because his fourth comment was snarky and got heavily downvoted. Even though he's aware of the ban he clings to this handle and continues to post messages seen by almost no one (he posted twice on this comment page [2,3]). The rest of the messages eversince the incident have been fine (enable "showdead" in the user control pannel if you want to read them).
Since he seems attached to the handle, it would be nice if he could be upvoted back to the positive side so that he can once again participate.
He's got three upvotable posts in history (before the ban). His karma is currently at -32. This means that he needs 11 brave souls to break even. You know what to do :).
pygy_ you are my hero. I'm speechless in a different sense than earlier today. Thank you and everyone who up voted me and thanks for reaffirming that karma works.
xdissent: you appear to be still banned (at least, 4 hours after my post, you still were). Since you now have a positive karma, could you answer this post as a test?
I don't seem to see his posts unless I enable "showdead".
I didn't even know karma worked this way on HN. Quite ridiculous, IMHO, to completely hide someone if their karma runs too low. Especially if it can happen by unfortunate accident and ends up hiding a positive contributor completely from view--basically means the system is broken.
The dead-ban system makes the life of the moderators much easier by starving trolls who would otherwise create a new account as soon as they got banned. At HN's scale, it is necessary.
This case is unfortunate, though, but I guess that's why the showdead option exists.
I don't know if a negative karma turns on an irreversible ban flag, or if going back to positive will alleviate the ban. If not, I'll write a mail to pg.
You may want to repost your earlier answers in this thread.
2011/9/3 Paul Graham <pg@ycombinator.com>
>
> fixed
>
> 2011/9/3 Pierre-Yves Gérardy <pygy79@gmail.com>:
> > Hello,
> > would it be possible to unban xdissent?
> > See http://news.ycombinator.com/item?id=2955023 for the details.
> > Kind regards,
> > -- Pierre-Yves
I have, on occasion, wanted to write almost exactly this script - but the thing that stopped me was that VirtualPC apparently emulates a slightly different IDE controller than VirtualBox, and so when Windows XP starts up in the new VM, it doesn't have a driver installed for the IDE controller, can't find its own hard-drive, and blue-screens. It's possible to edit the registry to install the required driver, but that requires booting into Windows... a Catch-22 if ever there was one.
I was eager to see how the problem had been solved... but apparently Windows Vista and Windows 7 don't have that particular problem, and the IE6 VM (with Windows XP) just says "IE6 support is currently disabled".
That's kind of sad; at least for the light web-development I've done, IE7 and IE8 aren't nearly as fussy and hair-pulling as IE6.
The IE6 VM from MS runs XP, which doesn't natively include drivers for any of the VirtualBox network adapters. That means ievms wouldn't really be of much great utility unless it could install one of those drivers for you. Unfortunately licensing restrictions prevent me from including the drivers (or even an OS to boot and install them). I'm still looking for a solution and will update the docs if I can figure it out.
I've found IEtester to be really keen to cache code, to the point of having to clear cache's in settings sometimes - clearly not great for development.
Only last week I downloaded the IE9 VM's mentioned here, but got the never ending BSOD-reboot loop when trying to use them in VirtualBox. This is going to make my day when I get back in the office next week!
How do you get away with saying: "With a single command, you can have IE6, IE7, IE8 and IE9 running in separate virtual machines." - when in the first paragraph it says IE6 is not supported.
65 comments
[ 1.8 ms ] story [ 127 ms ] threadIE 1.0 to IE 8.0 as standalone versions in a single installer.
Most importantly, why does my page not work in IE7, even though it works in IE7 mode in IE9?
http://stackoverflow.com/questions/5993222/why-does-my-page-...
IE9’s emulation of older IE document modes makes this easier but those emulations are not exact.
http://blogs.msdn.com/b/ie/archive/2011/02/04/testing-multip...
Rough VM size estimates:
IE7: 13GB IE8: 8.4GB IE9: 13GB Currently, the script will leave the compressed RAR files in place, which means you're looking at something like 45 freaking GB if you don't prune them manually (in ~/.ievms/vhd/). This wasn't a big deal for me on my company workstation, but kinda sucks on my Macbook Air, so I'll be adding a cleanup option shortly. You probably don't need to keep the compressed files around anyway since we take a snapshot like you mentioned.
What's weird is that there's a jump from 8.4 GB to 13 GB on Windows 7. What is on the IE9 vhd that isn't on the IE8 vhd?
Edit: Nevermind, from the official link the IE9 vm comes with additional tools.
For what it's worth, the DLLs in System32 are projected out of WinSxS with hardlinks, so they should not take up extra space. You still have the multiple version thing, however that can be somewhat mitigated by making service packs permanent[1].
[1] http://blogs.technet.com/b/joscon/archive/2011/02/15/how-to-...
For example, qemu-img convert -O qcow2 Win7_IE8.vhd Win7_IE8.qcow2
I can't imagine what would one do with a ChromeOS VM when you have native Chrome builds available. Once the novelty factor wears out (and it does, pretty quickly), there is nothing to be done except delete the vm.
Otoh, I see the value in a secure device like the Chromebook and I think this is what ChromeOS is selling, not just the actual OS.
Which is basically the only reason I do have an old Windows XP vm on my Mac.
This seems like a very reasonable decision on Microsoft's part: they make it easier / legal / quick to test on their platform and more people will support and develop on it.
You can just roll back to that snapshot at the end of your 30 days and everything will continue to be usable.
For example, I know a few online banking solutions that are IE-only. The most you need there might be a certificate, so resetting the vm every 30 days isn't such a big deal.
I try to keep the VMs as small as possible anyhow and if you need data, you keep it in a VM shared folder that you map in the Windows guest.
I mean, if you want a fully functional pirated version that doesn't expire every 30 days and you never have to activate you don't exactly have to look very hard, or far.
Bad trend in the open-source community. Please don't ask your users to install stuff this way. Not that you can't be trusted, it leads to people dropping their guard.
Projects like this are obviously targeted towards developers as they're hosted on github. If you really want to check out what the script is doing, just look at the file. Or better yet, clone the repo and use it/install however you want.
Unequivocally, it is dangerous to run random pieces of code from the internet, it just seems odd to me that if this same code was in a nice packaged install wizard nobody would say anything about it.
edit: how about iOS? There have been news entries about them sending data where they shouldn't - that's a curated host. iOS is a lot more sandboxed, but that doesn't make the danger nonexistent.
If you do, what's the difference?
When people are delivering software that isn't in the official repository, downloading a script and running it is no less secure than the alternatives.
And what will be the right way to do it? The way people don't drop their guard? `./configure && make && sudo make install`? Or `sudo apt-get install`? How are any of these or many other options seemingly better than this?
http://www.microsoft.com/download/en/details.aspx?id=11575
xdissent[1], the author of this package, is a HN user, but he has negative karma because his fourth comment was snarky and got heavily downvoted. Even though he's aware of the ban he clings to this handle and continues to post messages seen by almost no one (he posted twice on this comment page [2,3]). The rest of the messages eversince the incident have been fine (enable "showdead" in the user control pannel if you want to read them).
Since he seems attached to the handle, it would be nice if he could be upvoted back to the positive side so that he can once again participate.
He's got three upvotable posts in history (before the ban). His karma is currently at -32. This means that he needs 11 brave souls to break even. You know what to do :).
1. http://news.ycombinator.com/user?id=xdissent, comments: http://news.ycombinator.com/threads?id=xdissent
2. http://news.ycombinator.com/item?id=2955430
3. http://news.ycombinator.com/item?id=2955411
.
Edit: 58 minutes later: -10. Thanks to the upvoters.
I didn't even know karma worked this way on HN. Quite ridiculous, IMHO, to completely hide someone if their karma runs too low. Especially if it can happen by unfortunate accident and ends up hiding a positive contributor completely from view--basically means the system is broken.
This case is unfortunate, though, but I guess that's why the showdead option exists.
I don't know if a negative karma turns on an irreversible ban flag, or if going back to positive will alleviate the ban. If not, I'll write a mail to pg.
You may want to repost your earlier answers in this thread.
I was eager to see how the problem had been solved... but apparently Windows Vista and Windows 7 don't have that particular problem, and the IE6 VM (with Windows XP) just says "IE6 support is currently disabled".
That's kind of sad; at least for the light web-development I've done, IE7 and IE8 aren't nearly as fussy and hair-pulling as IE6.
W7 trial iso will work without a key, it will just shutdown every 30 minutes which is fine for testing purposes.
IEtester also has debugbar which sometimes is even better than some firefox tools I use.
The automation might be mired in some obscure clause on either end, but it's just doing things you can legally do by hand.