12.22.08
Eye on Microsoft: Opposition Links
IT WOULD TAKE quite a while to cover them all properly, so here is just a big group of links.
Windows Vista
· Opinion: How is Microsoft with Vista like the Big Three automakers?
With Gates long gone and the Google-obsessed Ballmer in charge, I don’t think there’s any real question about it. Microsoft has become yesterday’s news. The only real question is how long its fall will take and how it will play out.
· Microsoft launches Concentration Breaker 3.0 [Joke]
Microsoft has proudly announced a raft of new ways to frustrate users and lower productivity with its new version of its celebrated Concentration Breaker software.
Although this PC is aimed at home and small business users, the Out Of Box Experience would make many of the people I know in those categories uncomfortable. First, the network connection didn’t work. I know enough to dig down to the Network Connection applet and restart it, and it worked fine. Would your mother know to do that? Mine certainly wouldn’t.
· Vista OOBE Part 3: Networking Problem with Some Routers
I might be picking out which sledgehammer to use on my new computer if not for an article in Windows Secrets last week. Since I was awaiting for my HP PC with Vista, the headline “Microsoft DHCP Bugs Make Windows Lose Networking,” caught my eye. The problem described by Windows Secrets is exactly the problem I have with this new system.
The appearance of the Aero Glass interface makes Vista Vista, and it’s pretty, but nothing special. I’ve seen multiple Linux distributions from years back that did many of the things Vista has, and we won’t go into the Vista versus Leopard discussions.
I have two big problems with the interface. First, and most important, it slows Vista down. I have a new Intel Core 2 Duo E8400 processor running at 3.00GHz with 3GB of RAM, and Vista’s snap and presentation lags behind XP and Ubuntu Linux, both running on old Pentium 4 boxes with 512MB and 768MB of RAM. Sure, people suggest turning Aero Glass off for a speed increase, but do you have Vista then? In name only, but it looks like XP, albeit a slower, more ornery XP.
· Demand Still Strong For Vista-XP Downgrades
Although downgrade rights are part of the Vista EULA and have no expiration date, Microsoft is currently scheduled to stop providing the media for downgrades to OEMs on July 31, 2009. The Microsoft spokesperson said customers will still be able to access their downgrade rights after that date by contacting Microsoft, but didn’t specify how that process would work.
“That’s one of the most bizarre things I’ve ever heard,” said one system builder, who asked not to be named. “Can you imagine the kind of resources Microsoft would have to allocate to handling downgrade rights phone calls? It doesn’t seem like that would make sense for them financially.”
· Microsoft Extends XP Availability For Distributors
Distributors say the best part of the new arrangement is that they won’t have to take title to the reserved XP licenses until they’re sold to an end user, which helps them avoid having to sit on inventory for several months, which is a major concern in a low-margin business.
Windows Mobile
· Can Microsoft make its future mobile?
Apple is minting it with its sleek but expensive iPhone. And only a few months ago internet search giant Google entered the field with its Linux-based Android software, designed to power internet-savvy mobile phones.
[...]
But the real Achilles heel of Microsoft’s devices was their abysmal user interface – firmly wedded to the look and feel of old-fashioned computer desktops, a concept that doesn’t work on small screens.
· Does Microsoft prefer the iPhone to Windows Mobile?
Who would have thunked it, not only has Microsoft released a dedicated iPhone application but it has not yet developed a version for the Windows Mobile platform.
More here.
XBox
Previous lawsuits are worth attention.
· Microsoft knew about Xbox 360 disc-scratch problem, employee claims
Microsoft knew prior to the Xbox 360’s launch that the console can damage discs if gamers tilt the unit while a disc’s spinning inside, documents from a lawsuit focused on the problem reveal.
The revelation was made by Hiroo Umeno, a Microsoft programmer, in an ongoing case that was filed with the Seattle District Court in July 2007. The plaintiffs are seeking class-action status on behalf of affected gamers, but the documents containing Umeno’s confession have only just been unsealed at the court, according to a report by website Seattle Tech.
· Microsoft Knew About Xbox 360 Damaging Discs
As per an unsealed document in a Washington lawsuit filed last week at Seattle, Microsoft was aware about Xbox 360 damaging game discs before it was introduced in November 2005.
More details can be found here, here, here, and here.
· ‘Red Ringed’ Xbox 360s still dog Microsoft
If you look online, you’ll find lots of people like Travis. Really angry people. Every game enthusiast site has multiple forums dedicated to the Red Ring problem – home remedies on how to solve it, condolences for people who’ve just experienced it, and gamers claiming to be on their fourth, sixth or ninth Xbox 360
Web Operations
Amid major departure:
· Will the Microsoft Live Search turmoil ever end?
As other pundits have noted, Microsoft needs to try something — anything — new to fix its Online Services business.
Microsoft’s query share is stagnating, in spite of the company’s continued attempts to tweak business models with programs like Live Search Cashback. And its decision to focus on a handful of key verticals hasn’t done a whole lot to improve Microsoft’s search mindshare or marketshare, either.
· Microsoft rolls back some changes to Hotmail
In late September, Microsoft began rolling out a new Windows Live Hotmail, drawing a fierce reaction among many users of the e-mail service.
Hotmail users complained about specific bugs in the new Hotmail. They also said the changes were largely unnecessary. Microsoft, for instance, combined two previous versions of Hotmail — a lightweight version, known as “classic,” and one better for faster Internet connections, known as “full.”
· Live Search Continues to Lose Ground to Google
While Microsoft is focusing on the organic evolution of its search engine, Live Search continues to lose ground to Google. With Chief Executive Officer Steve Ballmer trumpeting commitment to take down the Mountain View-search giant, the reality delivers an entirely different perspective on the market performance of Live Search.
Security
· DHS and Cybersecurity: Yes, No, Maybe So?
There’s no question DHS is a troubled agency and it’s doing not nearly enough to prepare for a potential Cyber 9-11. But I’m skeptical of the idea that Washington will do better by simply moving the responsibility to another part of the government.
Last week, a group of outside experts recommended cybersecurity be moved from DHS — which “isn’t equipped to protect the federal government against cyberattacks” — to an office within the Obama White House. Many members of the Commission on Cyber Security for the 44th Presidency “felt that leaving any cyber function at DHS would doom that function to failure,” according to its recently-released 96-page report.
One of our readers writes: “While there is no known variant for Linux, BSD, Solaris or OS X, these users can be affected anyway if there is an infected Windows user in the vicinity. So, yet again we have use of Windows affecting even people who have taken steps to use systems designed for Internet use. By connecting their Windows computers to the net, they are causing harm to everyone else. Just as dumping trash anywhere outside of a designated dump or land-fill is illegal in the physical, the electronic equivalent, that of running Windows, should also be actionable. Those who have chosen to purchase and deploy Microsoft products ought now be pursued legally to recover the cost of spam and malware.”
A Microsoft magazine writes:
· Microsoft Ends 08 with Two Security Battles
Just when the software giant thought it had sated the public’s desire for answers regarding a zero-day vulnerability that was thought to only affect IE7, yet another new bug had been identified over the weekend with SQL Server database. The kicker here is that a seasoned hacker could in theory use the IE bug to then deploy the SQL Server bug. A report from Austria-based SEC Consult Advisory said it’s possible for outsiders to target the vulnerability remotely on Web sites that link search boxes, customer databases or other Web apps to SQL Server. Redmond was still investigating both flaws as this post went up and, as per procedure, said it will issue workarounds and possible patches in the future as part of its normal monthly security bulletin release.
· First Look: Five Browsers in One
But all is not perfect in Wired-land — and perhaps it can take some of the money it saved on all those fonts to hire some better headline writers. My beef is with a recent cover story about Ray Ozzie: “Can This Man Save Microsoft?” Given that I follow Redmond’s finances — which seem to set a new record each and every quarter — I was confused by the premise.
Also:
· Hackers Use IE Bug to Taint Word Docs
Attackers are exploiting the just-patched vulnerability in Internet Explorer (IE) by hiding malicious ActiveX controls in Microsoft Word documents, a security company said Thursday.
“Inside the document is an ActiveX control, and in that control is a line that makes it call out to the site that’s hosting the malware,” said David Marcus, the director of security research and communications for McAfee Inc.’s Avert Labs. “This is a pretty insidious way to attack people, because it’s invisible to the eye, the communication with the site.”
· IE8 and IE7 Mitigations Failed Against the MSHTML.DLL Critical Exploits
On December 17, 2008, Microsoft released in excess of 300 distinct updates for all supported versions of Internet Explorer, packaged as MS08-078, in its rush to patch a critical vulnerability in the systems, which was under attack at least as early as December 9. Not only was the security flaw actively exploited in the wild (allowing for remore code execution), but the majority of mitigations built into the Windows operating system were useless to stop attacks, according to Michael Howard, senior security program manager in the Security Engineering group at Microsoft.
· Windows For Submarines: Please Tell Me This Is A Hoax
The British Royal Navy is actually boasting of rolling out a new “next generation” installation of Windows 2000 and XP on their entire fleet of 11 nuclear submarines, and they’re so pleased with it they want to do the same to their battleships. I am not making this up– they are boasting and they are happy, and they are saying “next generation” with straight faces.
[...]
I’ve seen reports that say they replaced a SPARC/Solaris infrastructure, though I haven’t been able to verify it. This has me so flummoxed I am at a loss for words– they’re claiming a savings of 22 million pounds over the next ten years. A savings from what? Is your fleet of nuclear submarines really a good place to penny-pinch? I doubt they’re saving any money anyway, and I’ll bet money that Microsoft did the TCO and ROI “studies”.
More background here.
· Hackers bypassing IE patch with Word bugs
Attackers are exploiting the just-patched vulnerability in Internet Explorer (IE) by hiding malicious ActiveX controls in Microsoft Word documents, according to security researchers.
“Inside the document is an ActiveX control, and in that control is a line that makes it call out to the site that’s hosting the malware,” said David Marcus, the director of security research and communications for McAfee’s Avert Labs. “This is a pretty insidious way to attack people, because it’s invisible to the eye, the communication with the site.”
· Does the Internet Need its Own Police Force?
Criminal activity for financial gain remains the driver for the massive increase in Internet threats. Today’s malware is produced by highly organised criminal gangs using increasingly sophisticated techniques. This year has seen increasing botnet activity around the world.
· U.S. Computers Generate Most Malware
Too many compromised computers
“Not only is the U.S. relaying the most spam because too many of its computers have been compromised and are under the control of hackers, but it’s also carrying the most malicious Web pages,” said Graham Cluley, senior technology consultant for Sophos. “We would like to see the States making less of an impact on the charts in the coming year. American computers, whether knowingly or not, are making a disturbingly large contribution to the problems of viruses and spam affecting all of us today.”
OK, about now my editor is going to be wondering where on earth this column is. It should have been in his hot, sweaty hands hours ago, but as I was beginning to write about a couple of searching tools my Windows XP SP2 machine started acting up. Again.
You might remember a few months ago the problems I had with deferred procedure calls. These recently returned in a minor and transitory way that may be related to my current annoyance, which is that Microsoft’s Internet Explorer 7 is acting weird.
· Worldwide alert on Microsoft browser
MORE than 500 million internet users around the world are at risk from a major flaw discovered in Microsoft’s Internet Explorer software that can give criminals access to personal details, including banking passwords and log-ins.
· Vulnerabilities in several virus scanners
Secunia and IVIZ Techno have published reports of vulnerabilities in virus scanners. A vulnerable ActiveX control in Trend Micro’s online scanner House Call can allow an attacker to infect a PC and then all that is needed is for the victim to visit a malicious site. The problem can be found in House Call 6.51.0.1028 and 6.6.0.1278. Users should remove the Housecall_ActiveX.dll and then visit the HouseCall site and install version 6.6.0.1285.
Apple
· iPhone Dev Spends $500k on Development, Still Not Approved by Apple
Apple’s App Store is an interesting, exciting and frightening place all at the same time. iPhone application developer Chris Nikkel knows this first hand. His application “Newber” has spent nearly 75 days waiting for approval from Apple, and he has yet to hear a word.
You may have heard this week, that iTunes was going DRM-free. Of course, it didn’t happen. Apple’s iTunes, under Steve Jobs, is still stubbornly the only major distributor of DRM-encumbered music at a time when Amazon, Rhapsody, Napster, eMusic, Magnatune, 7 Digital and more are all selling music without restriction.
Leftovers
· Three Sentenced for Selling Pirated Software
Court documents accused the three men of operating Web sites offering pirated software for download from early 2006 to September 2007, the DOJ said. The three men promoted their business by purchasing advertising from major Internet search engines. They processed more than $1.2 million in orders during their time in business, the DOJ said.
· Barack Obama Doesn’t Own a Microsoft Zune
Political maneuvering extends far beyond the reaches of Washington. In fact, the Barack Obama PR machine extends all the way to Redmond, Washington and Cupertino, California, resulting in quite the little scandal even before Barack Obama officially takes the greatest office in the land.
