Summary: PR spin from Novell and money-grabbing moves that promote proprietary software rather than Free/Open Source software

OVER in YouTube, Novell keeps advertising Vibe [1, 2, 3], but how long might it take to see the Windows bias of this product? Well, here we have it right from Novell’s own mouth:

Novell Vibe Add-in for Microsoft Office lets you create or update a document in Vibe directly from MS Office. The new Vibe Add-in feature is integrated into the MS Office environment so users can seamlessly edit and save files directly into Vibe in near real time without leaving the comfort of their MS Office environment.

We previously showed how other Novell communication products got integrated with Microsoft Skype, a reminder of which is here.

Novell’s other products now target Macs, but still, not a word about GNU/Linux. To quote a press release about GroupWise 2012 and something else about Mac support, GroupWise now boasts “iPad support”. More of that Mac hype can be found here, in one among few Novell announcements that we can find. The point we are trying to make is, Novell does nothing to advance GNU/Linux or even Open/LibreOffice in the enterprise. This was very different before the deal with Microsoft. In fact, Novell gave its patents to Microsoft and Apple.

As we find in the news, more GroupWise customers are ditching the platform. Here is one new example:

Utah will be moving off Novell GroupWise, which currently is being used by the state’s executive branch. Novell is based in Provo, Utah.

Even Utah rejects Novell. What a blow. Considering the roots of Novell, this is symbolic too. This other new article states that:

When Macomb County officials a year ago began researching the best method to replace its existing Novell GroupWise technology, the Sheriff’s Office expressed concerns over security.

“I’m all for saving money and doing what’s right on the taxpayer side, but until we have assurances that information is going to be sent securely, we’re going to stay on the GroupWise platform,” said Sheriff Anthony Wickersham, who is concerned about emailing criminal information, driver’s license records and addresses.

GroupWise is not secure either. It’s all very perceptual and Novell used FUD in this case.

Here we have another company that tells us about Novell getting quite rusty in the enterprise:

Much interest in Resara Server has come from Netware users, who are under pressure to modernize their networks. With Novell’s future uncertain, and the prospect of a costly investment in Suse Linux Enterprise or Microsoft Active Directory, Resara Server offers an attractive and cost-effective exit strategy. “The direction of Novell’s products in recent years required us to look at other options”, says Daniel Hedblom, System Administrator for the Sollefteå school district in Sweden. “We moved to Suse from Netware, but the resource needs for mono and .net made Zenworks unusable for us. Resara Server and Samba4 is a much cleaner solution, and we are glad to have found it”.

Novell’s future is indeed “uncertain”; the company itself was sold and the buyer is grappling with debt while GroupWise, for instance, keeps losing customers and the spin department says that there is momentum even where there is none (GroupWise is being ditched in large deployments). To quote:

It’s a new day for Novell and GroupWise, and the future is bright.

It’s nonsense. It’s Novell’s “PR blog” and it shows. Over at YouTube too it’s just a lot of promotional/marketing videos for GroupWise [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11] spread artificially by marketers rather than users. A look at Novell news summaries [1, 2] reveals more of a rotting company which is now clinging onto proprietary software (even Microsoft and Mac promotion) for cash. Novell deserves no sympathy from the FOSS world. It had its good days but in 2006 it defected. █

Summary: The cost of Nokia’s virtual handover to Microsoft and the failure to do anything except feed Android enemies

WHEN ELOP left Microsoft we predicted that he would be trouble and when he signed a deal with Microsoft we said it would be about patents. We were right. It was the same with Novell, which had its patents end up in Microsoft’s belt. Here are the posts we wrote about CPTN before Nokia signed a deal with Microsoft:

• CPTN Shows Microsoft Becoming a Patent Agitator Like Kodak, Whose Time is Long Gone
• Microsoft-run Patent Cartel Retreats Following Formal Complaint, But Why? (Updated)
• Microsoft Patent Cartel (CPTN) Dodges German Federal Cartel Office
• Benjamin Orndorff From Microsoft/Gates and Ellis Represents the CTPN Patents Cartel
• OIN is Very Different From CPTN and UNIX Risk is Revisited
• In Defence of OIN and Android
• SCO, CPTN, and UNIX
• From UNIX Battles to .NET Battles
• Free Software Foundation’s Statement on Microsoft/Novell/CPTN Patent Attack Against Software Freedom
• A Paralegal’s Take on Microsoft’s Latest Anti-Google (and Anti-FOSS) Moves

According to this one report among many, Nokia is doomed (more layoffs of course) because Windows doesn’t sell:

When Microsoft launched Windows Phone a year ago, Microsoft proudly told the world that they shipped 2 million Windows Phone smartphones by HTC, Samsung and others. They soon were spooked, however, when the sales dwindled and dried up and stopped giving the sales breakdown. By the Spring, Microsoft insisted all Windows Mobile smartphones be counted together with Windows Phone – even as these two platforms are incompatible. And still the sales of ‘the third ecosystem’ kept falling, down to about 500,000 units by Q3. And early numbers from Q4 from Microsoft’s best market, the USA, reveal that even more than a year after its launch, Windows Phone sales are still severely lagging its older and obsolete cousin, achieving only 1.4% or about 520,000 units. Windows Mobile meanwhile refuses to die, and in the USA achieved 2.4% market share of new sales according to Nielsen or about 890,000 unit sales.

Thus if you remember seeing a ‘Microsoft’ market share in smartphones somewhere near 2% for Q3, that includes the better-selling Windows Mobile, and the newer and supposedly better so-called ‘third ecosystem; Windows Phone has far less than 1% market share globally.

We now need to keep track of where Nokia’s patents are going. Nokia has a big mountain of patents and it is feeding trolls with Microsoft’s guidance (MOSAID for example, but we will write about it separately). In order to sign the deal with Nokia Microsoft reportedly paid just a quarter of a billion dollars, which is ridiculous. It’s nothing like the rumoured billions. Nokia’s filings reveal that Elop merely passes the keys of Nokia to Steve Ballmer and the company that Elop himself was still a top shareholder of. He should have been sued, maybe even jailed, but the law doesn’t work this way; it sympathises with white-collar crime like collusion, bribes, and obstruction of justice. But that just leads to a different sort of debates that would suit another type of Web site. █

–Steve Ballmer, Microsoft CEO

Image from Wikimedia

Summary: Microsoft is reportedly still working on tying FOSS to Microsoft Windows

Microsoft loves to “embrace” projects that pose a threat to Microsoft because what better way to eliminate competition than to control and subvert it?

Although it may be too early to jump to any conclusions, The H suggests that Microsoft gets its claws on Node.js, a popular FOSS project:

Cloud9, makers of the Cloud9 IDE, have announced that they will be working with Microsoft to allow Node.js applications created in the Cloud9 IDE to be deployed to Microsoft’s Azure cloud platform. The open source, event-driven, JavaScript-on-the-server Node.js platform was ported to Windows last year with the support of Microsoft.

Microsoft just wants everything to run on Windows, even if it’s FOSS. This is something to keep an eye on. █

Summary: Experts insinuate that Windows won’t make it in portable devices and Microsoft tries using legal (or illegal) instruments to distort the market instead

MICROSOFT is desperate to make a dent in the phones and tablets market, seeing damn well and also acknowledging that the desktops/laptops business is not growing anymore. The x86 monopoly is having a quiet crisis and Intel is still scrambling to find ways to evolve (Atom wasn’t it).

Windows applications are typically compiled only for 32-bit Intel-conformant architectures (and sometimes 64-bit too). As soon as Microsoft steps out of x86 world, it has almost no applications, so the inertia is gone. Analysts realise that Windows on ARM is a non-starter and to quote this latest example from the news (there are several new ones):

Microsoft’s Windows 8 OS was shown on a handful of prototype ARM-based tablets at the Consumer Electronics Show this week, but almost no one was allowed to try it out.

There is nothing impressive about it and certainly a lot less applications than Android/Linux has got. Microsoft is suddenly the underdog, whereas Linux is among the market leaders. This is why Microsoft thinks it can afford to distort the market, being the corrupt company Microsoft has always been. First it tried to force ARM devices to be crippled and thus made unattractive for Linux and then it got worse.

A few days ago we wrote about UEFI fears being confirmed. Microsoft cannot use the ‘security’ excuse for a platform that has about 0% in ARM devices. It’s just about blocking the real dominant platform on new devices, notably Android. Microsoft managers cheat because they command no share there and Mr. Pogson, among several news sites, was quick to respond.

It’s been a few years since Microsoft really shot itself in the foot by making itself look really unfriendly, and someone at the company must’ve been missing the pain. A careful read of the company’s “Windows 8 Hardware Certification Requirements” document has revealed draconian policies that require vendors to block the installation of other operating systems on ARM devices.

First, a bit of history. Earlier this fall, Microsoft briefly made waves when it announced that Windows 8 would require that UEFI (the successor to BIOS) Secure Boot be enabled on all systems that ship with Windows 8 installed. Secure Boot uses vendor-provided signed keys to ensure that the OS in question has been properly validated. The concern was that this process could be used to effectively prevent the installation of Linux on ARM products.

Helios has his own take too:

From recent news, it seems that Microsoft banned booting of Linux or any other operating system on ARM based Windows 8 devices. From this decision of Microsoft, it seems that they are ready to war with GNU/Linux operating system. Due to the UEFI secure boot protocol, any other OS rather than Windows 8 can not run on ARM based devices.

Here is the good take of Muktware:

When Microsoft published The Certification Requirements for Windows 8 it was evident that the company wanted to use the secure boot to lock Linux out of such hardware, thus creating a Windows only hardware. The discovery lead to a strong protest from the FLOSS community. Microsoft allowed the non-ARM hardware to be able to run Linux if the hardware vendors chooses to allow that. But as we saw the arrival of ARM on desktop Microsoft “wasted no time in revising its Windows Hardware Certification Requirements to effectively ban most alternative operating systems on ARM-based devices that ship with Windows 8.”

The illegality of this is also being debated in the news:

Microsoft has been discovered to have changed its requirements for the upcoming ARM version of Windows 8. The change essentially will prohibit ARM devices, including PCs, from running operating systems other than Windows 8 after they ship to customers.

Specifically, Microsoft recently amended its requirements for ARM Windows 8 System Builders. Unlike Windows 8 for Intel-compatible (x86 & x64) machines, the ARM version of Windows 8 will not be sold to the public. To purchase an ARM version of Windows 8, you will have to purchase a device with it pre-loaded (similar to Windows CE devices today, such as Windows Phone). The new requirement calls for utilizing UEFI Secure Boot, a technology that forces manufacturers to instruct devices to boot code certified by the manufacturer for the device.

If the hardware is to be digitally signed for Windows only, how does that benefit anyone except Microsoft? Even Microsoft boosters are not trying to defend or provide coverup for what Microsoft is doing here. Yes, even those who are like PR agents for the company find themselves disagreeing with Microsoft. Varghese notes that antitrust might not be a possibility here:

For one, the PC world is dominated by Intel, which is a founding member of the UEFI. Hence, in the case of Intel-based devices, Microsoft’s requirements are close to those required by this body.

Secondly, ARM devices could be locked down without any fear of customer backlash as there was no support for older versions of Windows; on the PC platform, this was not the case. Customers who did not like Windows 8 might like to load Windows 7 or XP and would be angered if they could not.

And finally, the SFLC pointed out, there was no chance of anti-trust concerns being raised with regard to mobile devices as Microsoft had a very small share of the market. The reverse was the case with the PC and Windows.

How about a lawsuit then? Why should Microsoft be allowed to get away with it after numerous convictions for monopoly abuse? This is how Microsoft distorted the market in the past — by cheating time after time whilst everyone was too passive, trusting an “invisible hand” perhaps. █

Summary: Personal and financial damage incurred due to security flaws in Windows

WE NO longer cover stories about the inherent insecurity of Microsoft Windows (it’s a repetitive issue), but sometimes we make the exception. According to this report which Slashdot has highlighted:

Personal banking information and other data from perhaps tens of thousands of students, faculty and administrators at City College of San Francisco have been stolen in what is being called “an infestation” of computer viruses with origins in criminal networks in Russia, China and other countries, The Chronicle has learned.

At work for more than a decade, the viruses were detected a few days after Thanksgiving, when the college’s data security monitoring service detected an unusual pattern of computer traffic, flagging trouble.

Guess what? Microsoft is unlikely to be held liable. Thus, the best solution is to just avoid its products. █

Summary: Why the weakest link is Microsoft Windows (which therefore should not be used for storing sensitive information), whereas Android is just the target of a lot of FUD this month

TECHRIGHTS targets and addresses FUD, but sometimes the FUD is already sufficiently debunked by others, so a citation would do. There is some new FUD about Android and we put many links about it in our daily summaries, notably those which cite Chris DiBona.

Matt Asay says: “In the case of Android, which is apparently a malware-maker’s dream, Google’s open-source programs manager Chris DiBona has already gone on the defensive, arguing: “Virus companies are playing on your fears to try to sell you BS protection software for Android, RIM, and, iOS.”"

The short story is (for those who missed it), rogue applications that the users themselves have to foolishly install can do bad things. Surprise, surprise. These are not viruses, not even when the BBC uses this lie. If people want programs that spy on them and occasionally ask for more money, they can install Windows. Heck, many OEMs already install this malware whether the user wants it or not, due to secret bundling agreements.

In other headlines we find reports of Windows allowing intrusion into NASDAQ: [via "FBI Blames NASDAQ Hack on UnPatched Windows, Bad Firewalls"]

Forensic investigators found some PCs and servers with out-of-date software and uninstalled security patches, Reuters reported, including Microsoft Windows Server 2003. The stock exchange had also incorrectly configured some of its firewalls.

Microsoft ‘quality’ at work. Here is a warning about putting Microsoft in charge of people’s medical records (where leakage can have devastating effects on the public). Mr. Pogson has this to say:

In an attempt to persuade Australia to allow Australian government documents to be stored off-shore, M$, in a discussion paper wrote, “Any company with a presence in the United States of America (not just those with headquarters or subsidiaries in that country) may be legally required to respond to a valid demand from the United States Government for information the company retains custody over or controls, regardless of where the data is stored or the existence of any conflicting obligations under the laws of the country where the data is located”.

Only a few days ago we explained why governments should not do business with Microsoft (and other proprietary software vendors for that matter). █

Summary: A couple of new posts/articles about Microsoft Windows and what they teach us about this platform’s viability

THE PLATFORM which made “computer viruses” analogous and often synonymous with Windows viruses just keeps delivering and disappointing every time. According to this, the Windows kernel has unpatched flaws with exploits out there. To quote:

The Duqu malware used to steal sensitive data from manufacturers of industrial systems exploits at least one previously unknown vulnerability in the kernel of Microsoft Windows, Hungarian researchers said.

It is without great shock that we also learn why Windows can never be used reliably on a server, which — if compromised — makes is hard to diagnose the cause. To quote a new post:

Imagine if there were 50 PCs, 100, or more. I would be scared to look and see what other errors are occurring on other Windows 7 PCs in the company. Administrators have better things to do, than comb through useless log files. Way to go Microsoft, a quality operating system here with Windows 7. It’s no wonder Windows isn’t used for mission critical appliances, and GNU/Linux is instead. I’m not saying that GNU/Linux logs are the best, but they are pretty good and usually have information that I can use, to help pinpoint the error a little bit. GNU/Linux does not, and I repeat, does not have this amount of useless garbage in its logs like Windows does.

How long before Microsoft Jack appears at the scene to produce some promotional Microsoft comments in ZDNet UK? Usually it does not take long for Microsoft zealots like Jack to do this in that site.

A reader sent us some more links, one about the decline of Microsoft’s Web browser and another titled “Microsoft unlikely to patch Duqu kernel bug next week” (evidently).

“Time [for the] world to choose Linux,” concluded our reader. █

Summary: The presence of Microsoft-friendly entities in the FLOSS (free/libre open source software) world stressed in the context of a new announcement

THERE are some particular companies and small firms that brush shoulders with those in the FLOSS world. Such firms often have roots in Microsoft and their goals align with Microsoft’s. This should not be surprising. Those who familiarise themselves with antitrust exhibits will soon realise that Microsoft strategises this way. It even uses words like “infiltrate”. Microsoft wants to tame and control its own opposition, e.g. by repelling and ousting elements in it (e.g. FSF) that are risky to Microsoft’s business goals.

Black Duck (see Wiki) is one of the companies that were created by a Microsoft marketing executive to now serve as a de facto authority on the subject of Free/open source software licences. The SFLC has publicly complained about bias in Black Duck and over the years we did a lot to explain what Black Duck is really doing (ignore all the PR which is very well laid out and repeated). Black Duck is a proprietary software company with proprietary software, software patents, Microsoft deals, and FOSS FUD. There is absolutely nothing there which is FOSS, except the data it is digesting to sell proprietary software for Microsoft Windows only. Black Duck is often marketed as “open” something, but it’s just a scam. It’s not open at all, these are just gymnastics in semantics. According to IDG, it wasn’t until now that Black Duck’s Code Sight software even ran on anything other than Microsoft’s own proprietary Windows platform. To quote:

Black Duck Code Sight 2.0, out now, is also the first version of the software to run on Linux servers, in addition to being able to run on Microsoft Windows servers.

Yes, so people can now run proprietary software on a GNU/Linux server for the purpose of scaring themselves because their proprietary software might be misusing Free software. Quite the FOSS advocacy tool, eh?

Black Duck is not alone in this business. One of their rivals, ‘Open’Logic (not open) is run by a guy from Microsoft. This whole monkey business has helped Microsoft validate its FUD against Free software code (while denying FLOSS firms their voice). Apparently it also makes some ‘former’ Microsoft executives rich, all at the same time. What a winning strategy. █

“You want to infiltrate those. Again, there’s two categories. There’s those that are controlled by vendors; like MSJ; we control that. And there’s those that are independent. [...] So that’s how you use journals that we control. The ones that third parties control, like the WinTech Journal, you want to infiltrate.”

–Microsoft's chief evangelist

NOVELL is a mess, but it still serves Microsoft’s interests rather well. Microsoft calls the shot at SUSE and Novell uploads new videos that promote its brand, even though it is deprecated.

When customers get the choice between Microsoft Windows or Microsoft Linux then companies like this one offer a false sort of choice. Back in the days Novell also offered OOXML as a “choice” (symbolic) and look what it’s coming to. In a matter of days we shall post more detailed analysis of Novell/Attachmate/SUSE. █

Summary: More evidence of the declining impact of Microsoft Windows

IN OUR page about Vista 7 we have accumulated many reports about the variant of Vista that enjoyed a huge marketing budget. Pogson writes about the desktop monopoly sinking in relation to Vista 7, which according to this report does not received a warm welcome from businesses, still. To quote:

Computerworld’s survey reveals that only one quarter of businesses have migrated to ’7′ and most are still using XP. The reasons are many, but they all boil down to one thing. The migration to ’7′ is not a good investment.

In relation to Vista 8, Steven J. Vaughan-Nichols adds that it is a “bad bet” for the following reasons:

Given my choice of desktops, I’m running Linux, but over the years Windows has gone from being a bad joke of a desktop operating systems–Windows ME and Vista–to being a reasonably good choice-Windows XP SP3 and Windows 7. But Windows 8? What the heck is Microsoft thinking?

After looking at Metro, Windows 8’s default interface, for the last month, all I see a lame, reactionary response to iPad and Android. In a broader sense, it’s Microsoft’s response to the move away from the desktop to smartphones and tablets.

This is why we choose to focus on Apple quite so increasingly. Microsoft is still chasing a form factor that is not quite growing. Within a few years it seems likely that Microsoft won’t be around to hurt Linux/Android as much as Apple does. We used to focus more on Novell as well. The goal has always been the same — to defend software freedom, whoever its greatest foes may be. █

Summary: The lesser-realised problem with machines that are made to include TiVoization for Microsoft compliance; more “security” FUD from Microsoft

IT has been a while since we last wrote about the UEFI scandal [1, 2]. Nothing has actually been resolved, despite the comforting sense that the authorities have been informed and Microsoft issued a statement (which was no reassurance).

Several years ago we wrote some articles about the impact of Windows Vista on the environment, but it wasn’t until someone from Asia pointed this out that we realised TiVoization seriously impedes reuse:

Consumers Don’t Own Computers “Designed for Windows 8″, and They Go to Landfills Earlier (Side Effects of “Trusted Computing”)

Microsoft Windows 8 alpha is released and downloadable. But no, I am not recommending it. Nor am I denouncing it in favor of GNU/Linux (well, not in this article anyway). What you should be aware of and concerned about as a consumer is those machines labeled as “Designed for Windows 8″. Much more so if you care about the environmental and humanitarian problems caused by e-wastes, for these machines will end up much faster as e-wastes than the ordinary machines manufactured now.

Machines labeled as “Designed for Windows 8″ have to support UEFI. UEFI is said to have many nice features, which I am not knowledgeable about and will not discuss. But I can assure you that one of those features is a downright hoax, scam, and lie. The “secure boot” feature in UEFI is claimed to make your computer more secure by disallowing intrusions from untrusted sources. This and certain other features in UEFI are important elements of Trusted Computing, a mechanism advocated by Microsoft and other big IT companies. The claim is that booting a computer from an untrusted source (such as a tux usb key which has applications in tourism, education, environment preservation, LOHAS, and ethics) is a security threat and should be avoided.

There is just one tiny problem: it’s not you, the consumer, who gets to decide who is to trust. The propaganda claims that the consumers are too dumb (well, ok, actually phrased in a much more polite way) to make their own decisions about whom to trust. (“Microsoft or Chao-Kuei?”) Software booting from an untrusted source may contain rootkit, for example, which would gain absolute control of your computer. The real, unsaid intention, however, is to prevent consumers from using alternative players and readers on alternative operating systems to circumvent the human-right infringing and infamous Digital Rights Management. If the big IT companies let you decide whom to trust, then they cannot trust you as a DRM-abiding consumer. With the secure booting mechanism in UEFI, the IT companies finally can trust that you will not be able to ask your computer to do what is best in your interest, for example exercising your fair use right and other rights requested in the digital consumer bill of right.

This abusive behaviour from Microsoft (and Apple) should not be tolerated silently because it is yet another example of using “security” to pass new and self-serving rules that harm everyone’s freedom. In a similar vein, Microsoft is smearing the free Web browsers/competition, very much as usual (although the competition does not quite do that itself). This latest attack too uses “security” and to quote The Register:

Microsoft has unveiled a website aimed at raising awareness of browser security by comparing the ability of Internet Explorer, Mozilla Firefox, and Google Chrome to withstand attacks from malware, phishing, and other types of threats.

Your Browser Matters gives the latest versions of Firefox and Chrome a paltry 2 and 2.5 points respectively out of a possible score of 4. Visit the site using the IE 9, however, and the browser gets a perfect score. IE 7 gets only 1 point, and IE 6 receives no points at all. The site refused to rate Apple’s Safari browser in tests run by The Register.

We recently saw how Microsoft's friend used "security" to derail Free/open source adoption in Bristol. █

Summary: Deadly drones that depend on Windows become victims of intrusion and potentially control from the outside

DESPITE what Bristol might laughably claim, Microsoft is just about as bad as one can do for security and the monthly reminder (those numbers are fake by the way) should not be ignored. Patches aside, many news sites say that a Windows virus has hit the drone fleet of the US army. There’s a comforting thought, eh? With rockets on board, crackers can play war plane simulator with a real miniature (but well armed) plane. People have rightly started asking, why not just use Linux? One blogger writes: “Because the level of skill required to crack a Unix-like OS is much higher than that needed for a Microsoft OS. Further, properly configured Unix-like systems are much more robust than Microsoft systems. Were Military forces using properly configured and properly secured Unix or Linux systems we would not see items like these below being reported.

“”I just had a, “What were they thinking?!”, moment while reading this article at ars technica: Computer virus hits US Predator and Reaper drone fleet. First, it is not a “computer virus”, it is a Microsoft operating system virus. Second, using Microsoft operating systems for any critical Military computer systems is just wrong. I know the US Military has specifications for rugged computer systems that must be made in the USA. That makes sense. What does not make sense is the fact that the US Military will accept Microsoft operating systems on its critical, sensitive hardware at this date in time. That is like specifying a bank vault that can withstand a nearby nuclear blast, but allowing the builder to install a screen door for access to the vault. It is just a Bad Idea!”"

Here is another report about it. Wired says that “Military network security specialists aren’t sure whether the virus and its so-called “keylogger” payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command.”

Not so reassuring.

Drone issues such as this are just another reminder amongst other incidents that we mentioned before — incidents where the US military is put at risk because of Windows . To quote Microsoft’s Allchin, “It is no exaggeration to say that the national security is also implicated by the efforts of hackers to break into computing networks. Computers, including many running Windows operating systems, are used throughout the United States Department of Defense and by the armed forces of the United States in Afghanistan and elsewhere.”

“Microsoft Appears to Have Blacklisted Oxford University” says another report, showing us what Microsoft “security” really is achieving:

Microsoft’s motives for action is unknown, Oxford’s semester is about to start

We received word from Oxford University in the UK today that Microsoft Corp. (MSFT) has blacklisted the campus for unknown reasons.

The reasons are actually known. Microsoft is too incompetent or arrogant to implement security properly. █

Summary: Microsoft’s unwanted changes to the basis of Windows are likely to backfire in a major way

THE NEEDS of users aside, too little attention is being paid to what Microsoft does to de facto standards. Christine Hall takes a look at the booting scandal we recently wrote about, stating that there might be an agenda (which would upset OEMs):

Secure boot is the sort of security solution Microsoft loves. Back in the days when Windows was even less secure than it is now, one of their security solutions was to have software vetted and signed. Although this might have helped enterprise customers a bit, it did little to make the home user more secure, as any software would still install normally after clicking through an “are you sure” warning. If this scheme did anything, it hurt small vendors who couldn’t afford to go through the process of having their software approved by Redmond.

Secure boot is the same sort of scheme, except this time there’s no “are you sure” screen to click through. If a user is trying to install an operating system (or even run one from a live CD) on a machine with secure boot enabled, that operating system will have to have unlock keys to enable hardware devices. These keys are provided to the creator of the operating system at the whim of the hardware makers.

I can’t begin to explain the number of things wrong with this system. To begin with, for this feature to fulfill its intended purpose, the keys must be kept secret. Nobody but the hardware maker and, perhaps, the OS distributor, can have access to them – meaning they probably must be kept in binary form with no source code being made available.

Dr. Dobbs is meanwhile expressing scepticism about Vista 8 for the following reason:

Redmond once again pushes developers to forgo existing technologies and adopt a new UI and APIs — despite the lack of compelling benefits.

Techrights no longer covers Windows as much as it used to. Windows seems like it is already on its way out (gradual exit) because form factors change and Microsoft cannot keep up. But just worth noticing is this alienation of developers. Remember what Microsoft’s CEO was sweating about. All those developers who embraced KIN, SideKick, Windows Mobile, WP7, XAML/Silverlight and so on got seriously screwed. The next post will cover the death of the Zune. █

Summary: How Silverlight died and why it is highly probable that Microsoft will always fail in the mobile arena

OVER a year ago we explained the connection between Vista Phony 7 (WP7) and Silverlight. That was just before Silverlight died. What’s amazing is that a lot of people forget that the fall of Silverlight is a prelude to the fall of WP7. One loosely depends on the other.

Windows Mobile was a massive failure that cost Microsoft a lot of money before Sidekick and KIN injured Microsoft as well (Microsoft tried to hide those losses). Just like in search, Microsoft keeps swapping brands, always with the same outcome and the same amazing losses.

According to this, Microsoft may have started a disinformation campaign for WP7. To quote Christine: “I can’t swear this item is Microsoft FUD, but it sure smells that way. On Wednesday a writer on CNET’s Microsoft beat reported on a study released by NPD Group. Although the article is never quite clear on exactly what is being studied (unless I missed something – tell me), the point seems to be that lots of potential buyers just can’t wait to get their hands on Windows Phone 7. Again, I could be wrong, but this sounds like the beginning of some sort of Redmond financed campaign to me.”

Since it is based on XAML to an extent, its fate is closely related to that of Silverlight, whose own people say was “destined to fail”. Quoting the new blog post:

Why Silverlight was destined to fail and my time as one of its custodians.

[...]

Death of Silverlight is sad, but at the same time good. Yes I said it, as for years I’ve sat behind this product watching it grow in an amazing ways across the globe. It went from this science project existence that I remember saying it wouldn’t last through tot his highly competitive technology that had both Microsoft and Adobe at each other’s throats over.

The war between Adobe ended though and over time the technology become somewhat a questionable approach to solving a whole bunch of issues within the .NET community.

So how did we arrive at this point? Here’s my mini memoirs of my time at Microsoft and in the Silverlight Product Management / Evangelism space.

It’s a long read, but take some time to stick process it all. I’ve left out a whole heap of juicy crap, simply because it would turn into a novel!!! And you wouldn’t believe me if I wrote it anyway.

The failure of Silverlight will cascade down to other Microsoft products. Vista was supposed to make a lot out of XAML and it failed. █

–Former Microsoft manager

Summary: Dubious ‘gifts’ from Microsoft (to the only users Microsoft sees as valued) are being converted into cash through eBay

IT MIGHT be years before Vista 8 is available for use, so we try not to mention it. Just mentioning it would help Microsoft, but it is already failing, so we thought we should make a quick post without linking to any promotional material.

“Microsoft calls it a “gift”, but we just call it a bribe and we are not alone.”As we expected all along, Microsoft was bound to bribe some bloggers or influential people for positive coverage (see this previous time). Microsoft does this every time and some days ago it gave 5,000 free Samsung-built tablets. According to reports, some of these ended up on eBay because recipients were not impressed and preferred turning Microsoft’s tablet bribe into cash. Microsoft calls it a “gift”, but we just call it a bribe and we are not alone.

Tim Anderson, who was among the recipients of such bribes when Microsoft started the Vista 7 PR campaign (and only selected people had access to it), has been posting numerous articles about Vista 8 recently. One of those articles speaks of the .NET switch. The headline might seem negative, but it’s just the usual Anderson. It’s all about Microsoft, Microsoft, and how we should all keep track of Microsoft developments (not its abuses). █

Summary: Why Microsoft’s erosion in the server side (usage-wise, not revenue-wise) is likely to further motivate erosion on the desktop

HE WHO controls the back room will also dominate the client side, be it cellphones and desktops or whatever. It’s a well known fact and one that must really worry Microsoft.

Major Microsoft outages may lead to ASA intervention for false advertising. There is this new article about the Hotmail outage, sent to us yesterday by a reader. This whole downtime mess helps demonstrate what happens when one relies on Windows and other Microsoft products. Just watch how Microsoft fails to tackle ARM compatibility issues, even in the mythical Vista 8 which lacks support for browser plugins and is likely to suffer a backlash similar to Vista’s when it’s out in 2 or more years. It has been advertised since April 2009, 4+ years in advance (a time period throughout which a GNU/Linux distribution might have 8+ new versions released).

Going back to Web services, this is where GNU/Linux is clearly winning as we noted some days ago. The Inquirer has this to add:

Microsoft’s IIS webserver is the second most widely used webserver daemon after Apache. While it never occupied the top spot, at one point in 2007 it was starting to get close to Apache’s hugely popular webserver software. However since 2008, its market share plummeted and while it still manages to hold onto second place, there’s the best part of 50 percentage points difference between Apache and Microsoft’s IIS and the Vole’s IIS apparently is back to the level of market share that it saw in 1997.

Apache’s HTTPD webserver is popular for two reasons. It runs on just about every operating system out there, and it can be implemented in other products such as Oracle’s own application server products. Microsoft’s IIS, on the other hand, is closed source and runs only on Windows, so it’s no surprise that it lags behind Apache’s more robust and flexible sofware offering.

Microsoft failed so badly that it decided to just hijack Yahoo and eventually iinstalled a henchwoman there. Microsoft might be preparing to formally scoop up Yahoo! and maybe Nokia too, at least at a later stage (when it becomes cheap). Check out the news following Microsoft's passage of Nokia's patents to patent trolls (an antitrust issue):

Finnish mobile phone company Nokia has been deleted from the Stoxx Europe 50 index, a benchmark index owned by Deutsche Börse and the SIX Swiss Exchange Group that tallies the top 50 largest European corporations.

Late in August, Stoxx announced that Nokia would be delisted from the Stoxx 50 index, along with three banks: Intesa Sanpaolo and Unicredit from Italy, and GRP Societe Generale from France. Meaning the former powerhouse mobile phone maker is no longer big enough to be considered one of Europe’s biggest corporations.

Steve Ballmer keeps talking about Windows phones that don’t exist yet (see articles in the the previous post) and Microsoft is trying to make people think of about mythical versions of Windows rather than today’s version of Windows. What does that tell us? █

“In the face of strong competition, Evangelism’s focus may shift immediately to the next version of the same technology, however. Indeed, Phase 1 (Evangelism Starts) for version x+1 may start as soon as this Final Release of version X.”

–Microsoft, internal document [PDF]

FOLLOWING its malicious attack on Yahoo!, Microsoft became best evidence of its own demise on the Web. It no longer sought to create compelling products and make these available; instead, Microsoft tried to derail its competitors, preferably stealing their customers in the process. Once they got some crony installed, everything Yahoo! had which was of value to Microsoft got passed to Microsoft or put under the leadership of former Microsoft executives. According to this bit of news, Yahoo! is already well too infected by the Microsoft virus. “MALWARE DISTRIBUTORS have managed to get their rogue ads displayed on Bing and Yahoo when users search for popular software downloads,” says The Inquirer. “Since these ads always appear at the top of the page before the actual search results, and since the rogue websites they point to are near perfect copies of the real ones, the attack most likely has a high infection rate.”

This is why it’s good to limit Microsoft’s presence on the Web. It is nothing but trouble. In other interesting news, “Microsoft’s web server is losing ground” to the point where even Netcraft's flawed statistics show Microsoft approaching single-digit market share. To quote:

Apache has been the most widely used web server on the Internet since the early days of the Web. It still is. The second-most popular web server has been, and still is, Microsoft’s Internet Information Server, IIS. But Microsoft’s web server is now losing ground.
It wasn’t always like this. For quite some time, IIS was gaining ground on Apache, but the tide changed in 2007. Since then Apache has recovered much of its previous dominance, reaching a 65% market share, while the market share for IIS has dwindled below 16%, less than half of what it used to be. That’s a pretty steep drop, bringing the IIS market share back to what it was in 1997, 14 years ago.

In reality, based on the claims of some people, Microsoft’s real IIS market share was somewhere around 12%, whereas Apache and GNU/Linux market share in this area were all along impressive. In September 2008 Steve Ballmer was quoted as saying that “[f]orty percent of servers run Windows,” but he probably used flawed measures/methods. He would only wish for such a high market share. Where servers are concerned, Microsoft may be making money, but it’s not making much an impact. Zero-cost operating systems work a lot better and the Microsoft-taxed distribution, SUSE, is still niche product (for Microsoft lovers such as SAP). █

Summary: In the midst of Wikileaks drama we learn that an executions-savvy regime will benefit from Windows cracks

“Windooze insecurity puts Iranian dissidents in mortal danger,” states the subject line of an anonymous USENET post, quoting this article. “A Dutch CA called DigiNotar,” says the poster, “was hacked by Iranian hackers, likely with the intention of intercepting SSL traffic (Gmail, Facebook etc.) of Iranian activists and freedom fighters. I checked DigiNotar’s website and guess what operating system they’re using? You guessed it! WINDOOZE ASP.NET!!!

“So now Microsoft will have blood on its hands. Its insecure graphical-shell-pretending-to-be-an-operating-system is now possibly responsible for the deaths and prosecution of many Iranians!! [..] THIS COMPANY SHOULDN’T BE SPLIT UP, IT SHOULD BE SHUT DOWN”

“And as long as otherwise respectable companies insist on e-mailing me “slide shows” in the form of IrfanView .exe files because “it’s so user-friendly”, Windows will remain as secure as a wet paper bag.”
      –Richard RaskerA more moderate Dutch poster, Richard Rasker, wrote separately: “I guess we’ve all heard how a Dutch Certificate Authority by the name of Diginotar, formerly used by even the Dutch IRS authority and countless city councils, has screwed up severely, when their systems were breached by Iranian hackers, who managed to poison the world with many hundreds of bogus certificates. Then they screwed up even more by hushing up about the hack for months — a huge no-no in a world where trust is the highest good.

“And now it turns out that the screw-up has soared to even greater heights. In case you wondered what OS these people were using, here’s the answer:

http://webwereld.nl/nieuws/107833/fox-it–diginotar-gebruikte-niet-eens-virusscanner.html

“For those who don’t understand Dutch:

“Fox-IT: Diginotar didn’t even use a virusscaner

Fox IT has delivered a devastating verdict on Diginotar’s infrastructure. The company didn’t adhere to agreements and procedures. Even elementary security measures were totally absent.

These are the conclusions from an investigation by Fox IT into the security breach at Diginotar, as passed by Webwereld and NU.nl through a governmental source. It turns out that all operations were taking place from within one single Windows domain. This made it possible to gain access to the certificate administration from any work station; logging in to one’s work station was sufficient to get access to the systems. This is a mortal sin in the world of IT security. In addition, Diginotar was already aware of the abuse of its certificates as early as July.

No secure zones
Even when issuing certificates for government use, standard security rules were trodden underfoot. The government’s PKI computers operate from within a secure vault, and should never have been connected to Diginotar’s network. Yet even on those machines, investigators found evidence that connections had been made to the Windows domain.

…” [no virus scanner ... no proper logging ... no strong password enforcement ... inadequate intrusion detection ... hackers got & used administrator rights ... certificates chucked in an easily accessible database ... etcetera]

“Now I won’t say that this could never have happened in a Linux environment,” notes Rasker, “but for a screw-up of these truly epic proportions, Windows is the OS of choice — because it traditionally “makes things easy”, and because Windows users are traditionally not used to working with proper permissions, secure networks and strong passwords.

“And as long as otherwise respectable companies insist on e-mailing me “slide shows” in the form of IrfanView .exe files because “it’s so user-friendly”, Windows will remain as secure as a wet paper bag. QED.” █

WHAT sure seems like federal corruption in Tamil Nadu led to the forcing of Windows. All new computers will need to have Microsoft Windows paid for, even if the user chooses to run GNU/Linux. Watch the dodgy official resorting to damage control. They even use Microsoft talking points. This one says that “the freedom of the students to choose the operating system of their choice is encouraged.” Freedom of “choice” is the Microsoft spin, which misses the point that they still have to pay for Windows whether they want to or not and Windows is not freedom, it’s being subjugated to a monopoly abuser from abroad. Let them lie. They are used to it. Indians should not let this one slip aside because this is part of a pattern, as we covered in posts such as:

• Microsoft’s EDGI in India: Fighting GNU/Linux in Education
• Microsoft’s Expansions in India and EDGI in India Lead to Call for a Boycott
• India Moves to Free Software, So Microsoft Fights Back with Gentle Bribes and Partners

Windows respects “freedom of the students to choose the operating system” like someone who boards the plane has the freedom to refuse the full-body X-Ray scanners in Manchester Airport, in which case the passenger is refused access to any departing flight. It’s the mere illusion of choice. The picture below is censored by the way, but this is what every single passenger in Manchester is required to give the government in exchange for plane access these days, never mind the catastrophic effects of cancer (risking more lives and in the long term causing more deaths than all airplane terrorism combined). █

Summary: Rise in Windows traffic on the Internet, but not the desirable type of traffic (RDP attacks)

Check out this piece of news: [via]

It’s retro day in the world of Internet security, with an Internet worm dubbed “Morto” spreading via the Windows Remote Desktop Protocol (RDP).

F-Secure is reporting that the worm is behind a spike in traffic on Port 3389/TCP. Once it’s entered a network, the worm starts scanning for machines that have RDP enabled. Vulnerable machines get Morto copied to their local drives as a DLL, a.dll, which creates other files detailed in the F-Secure post.

SANS, which noticed heavy growth in RDP scan traffic over the weekend, says the spike in traffic is a “key indicator” of a growing number of infected hosts. Both Windows servers and workstations are vulnerable.

Bravo, Microsoft. █

Update: Incidentally, Nokia’s developer network has just been cracked. Based on some tests, the site runs Windows. Netcraft says it ran Windows, but it is now hiding behind Akamai (Linux). Some case sensitivity tests seem to confirm that It runs Windows.