11.24.08

Eye on Microsoft: Vista/7 Trouble and More Security Chaos

Posted in Apple, GNU/Linux, Google, Microsoft, Security, Vista, Vista 7, Windows at 3:36 pm by Dr. Roy Schestowitz

THERE is a large heap of things to cover today, so we’ll dive right into it.

Vista/Vista7

The Vista case revealed a lot of ugly secrets, such as Rob Enderle's intimate relationship with Microsoft. In evidence preceding the Ballmer deposition, it is also shown how sloppy a CEO he is.

Grammar check optional for Microsoft boss Steve Ballmer

Newly-released emails in the Microsoft ‘Vista capable’ lawsuit not only demonstrate that Microsoft managed to piss off HP as well as Dell with its confused approach, but that people who are running busy companies don’t have time for full stops.

[...]

Quite frankly, this reads more like an MSN chat transcript than a CEO trying to resolve a potentially major partner crisis. Memo to Steve:

* Full stops can make it much easier to read sentences.
* Please avoid meaningless phrases like “I am not even in the detail of the issues”.
* Outlook has had a spelling and grammar checking facility for some time; using it more often might be sensible. After all, you never know when internal email might end up in a court document these days.

Windows Vista is still being rejected and GNU/Linux chosen for the server, according to this survey.

This survey continued the trend with 64% of users preferring to evaluate on Windows. Of interest is that 91% do not intend to use Vista but instead are staying with XP or Windows Server 2003. The logical conclusion from the analysis is the open source community either deploys on Linux, or stays with the Windows operating systems it has, not moving to Vista.

Eric Raymond, citing the Vista trouble, talks of Microsoft as a falling empire. He explains why in his personal blog which recently returned to life.

There’s another problem. Vista is so dead that Microsoft is already touting its successor “System 7″. Not end-of-lifing XP on schedule means they’ll actually have to support three different operating systems for at least the years until System 7 ships, and some time afterward. Even Microsoft is going to feel the strain, and ISVs are likely to play safe by writing to the minimum (XP) specification.

Raymond may be considered biased, but even a Windows-oriented Web site, Neowin, has published the article “Six reasons Microsoft will continue to lose market share.”

Microsoft has positioned itself at the top, a top that is targeted by hundreds if not thousands of companies. They have spread themselves from their core identities and they are opening themselves up for a loss of market share. For this article market share is defined as a broad term where Microsoft will lose users from its user base to its competitors.

Readers respond to this almost angrily.

Windows Vista 7 [sic] is not in a better position and according to the editor of The Inquirer, all that vapourware strategy might do a lot to lift GNU/Linux.

Microsoft CEO, the shy and retiring, softly spoken Steve Ballmer admitted that this was happening and seems to be slowly walking away from Vista.

[...]

It could be that this will be the moment for Linux to make its long awaited rise to fame. If firms want to cut costs but upgrade hardware then Linux ideas are probably the only way to go forward. Indeed some companies will be able to keep their older hardware for a bit longer.

Vista 7, it is worth remembering, is just another Vista.

Yet when InfoWorld gave Windows 7 a through benchmarking and shakedown, the result was the same ill foreboding that accompanied pre-release Vista (and proved all too accurate).

Online Business

We mentioned Jerry Yang earlier in the day. As everyone probably knows by now, he was pressured out, essentially giving room to Microsoft cronies who accommodated the company’s highest ranks (even Board of Directors) over the course of the past few months. Meanwhile, others pounded on Yang with Microsoft’s encouragement.

Yahoo has been struggling for months to improve its financial performance, but things have gone from bad to worse for the company this year, and its stock has sunk to a closing price of $10.63 on Monday. First, the company thwarted Microsoft’s unfriendly attempt to acquire Yahoo outright, and later just its search business, though Yahoo appeared to grow more interested in a deal even as Microsoft grew cooler. At one point, Microsoft offered to acquire the company at $33 per share.

Fortunately, Yahoo has begun negotiating with AOL.

Observers must be wondering whether, in internet economics, a negative added to a negative gives a positive. In other words, whether two losers getting together can do something against the apparently overwhelming competition from Google. The failure of Microsoft’s takeover bid for Yahoo this summer has already drawn criticism, in view of both Microsoft’s rather luckless efforts at internet search and Yahoo’s weak position. It is equally questionable whether an amalgamation between the troubled Yahoo internet group with Time Warner’s wobbly online subsidiary AOL, has any better prospects of success. According to German press agency DPA, Yahoo is negotiating a takeover of AOL.

According to the latest surveys, Google continues to gain, so there’s no real effect on them.

Google Inc.’s lead widened in the U.S. search market over Yahoo Inc. and Microsoft Corp. in October, a report shows.

Motivated by Boycott Novell, InformationWeek published this article about Microsoft’s latest attack on Google (via former seniors):

Two of ClickStream’s employees, CEO and co-founder Cameron Turner and senior research analyst Kim Anderson, used to work at Microsoft.

ComputerWorld covered this too, citing Boycott Novell as its source.

Mobile

On the face of it, Windows Mobile continues going the way of the dodo. Here are some of the latest reports which are left to readers’ judgment:

1. Microsoft’s mobile strategy has gone missing

Against this background, Microsoft’s continued tardiness in developing its own mobile strategy gets more worrying. At the company’s Professional Developers Conference recently, Windows Mobile was notable by its absence — and not for the first time. No clear guidance has been given for the next major revision of the software, and the trends are not good. It is now commonplace for flagship Windows Mobile handsets to come with a non-Microsoft web browser — a sign that something is badly broken.

2. Microsoft falls behind in mobiles

Microsoft chief executive Steve Ballmer – in Sydney the other day for a software developers conference – was quick to pour scorn on Google’s new Android mobile phone system when he turned up at a Telstra investor briefing.

3. Microsoft fixes Windows Mobile 6.1 email bug

Microsoft has patched a Windows Mobile 6.1 bug that left some users unable to send messages until they deleted and recreated their email accounts. The “Windows Mobile 6.1 POP and IMAP Send Mail Patch” is downloadable now, the company says.

This belated fix is also mentioned here. These are almost signs of neglect.

Failing Hardware Businesses

Microsoft’s CEO recently called Zune and XBox360 “funny products” because the company is unable to derive profit from them. Microsoft is now “hiding from the Zune,” as Matt Asay puts it.

The Seattle Post-Intelligencer spots – or, rather, doesn’t spot – the Zune in Microsoft’s new advertising for that uber-social iPhone “competitor.” According to Zune marketing director Adam Sohn, this is on purpose: “We’re trying to funnel people from the software side….You don’t have to buy the device immediately.”

Regarding XBox360, same old, same old. Microsoft’s servers are probably down again. There’s malfunction.

This weekend, Xbox Live is experiencing connectivity issues again and the company can’t find a solution yet. Larry Hryb, known by the pseudonym Major Nelson, said in his blog that these issues were resolved on Friday, only to correct himself on Saturday and reveal that “some folks are still having issues” and that “the Operations center is investigating.”

Hype Factor

The main thing going for proprietary software vendors is marketing. Lots of marketing! Just how much? Almost half a billion dollars for Apple, per annum. It’s about the same as Vista, which is a product, not a company. For Microsoft, it’s well over a billion overall.

Update: Microsoft spends more on advertising across all of its combined businesses than Apple does, but its Windows business is what competes most directly with Apple. Microsoft’s total advertising budget across all of its businesses, including Windows, Office, Xbox, and all the enterprise stuff, was the following (from the 10K): “Advertising expense was $1.2 billion, $1.3 billion, and $1.2 billion in fiscal years 2008, 2007, and 2006, respectively.”

This is also covered in:

1. Apple spends almost $500 million on ads

Apple spent $486 million on ads last year, up from $467 million the year before, and $338 million in 2006, according to a filing with the SEC. The ‘Get a Mac’ campaign was launched in mid-2006.

2. Analysis: Apple Ads More Effective Than Microsoft’s

Todd Bishop has crunched the numbers and found that Apple’s advertising success over the last year has paid off.

Microsoft’s marketing push is now becoming more desperate than Jerry Seinfeld and “Mojave”, not to mention mischievous guerrilla tactics.

Microsoft’s new ‘I’m a dork’ store

[...]

I’m a Microsoft critic, but it’s depressing to watch the company make such a lame attempt at creating its image as trucker “I’m a PC” hats. It can and should do better.

Microsoft is also using photos of its competitors’ products to promote its own.

Microsoft Using Apple’s Macbook Pro In Promotional Material?

[...]

[S]ometimes one encounters stuff that is just too good to pass. So that other day my dad bought a new HP Pavilion desktop, and since I am the geek in residence I ended up setting it up for him.

Priceless. Almost pathetic in fact.

Security

Quite a huge mess in the past week. Here is a quick roundup.

First of all, there is a kernel flaw in Windows Vista. Watch Microsoft’s schedule for addressing it:

A flaw in Vista’s networking has been found that can crash the system, but no fix is expected until the next service pack

Microsoft recently admitted that it took it 7 years to fix a bug, but now it’s coming up with excuses. A reader wrote to us about it, claiming that “the liars spinning press releases for Redmond claim that the patch was 7 years in the making because it would disrupt existing services. Contrast that to what they did with XP SP2, broke darn near everything…

http://news.cnet.com/8301-1009_3-10096611-83.html
http://www.theregister.co.uk/2008/11/17/ms_explains_patch_delay/
http://www.techworld.com/security/news/index.cfm?newsID=107034

“I guess what must have happened was that the hole started driving more people back to Samba,” he added.

Here is another new example.

Worm Risk Spurs Critical Microsoft Patch

This marks the first time since April 2007 that Microsoft has released a fix outside of its normal Patch Tuesday cycle; it was sparked by lessons learned from worm epidemics like Blaster and Slammer, which cost users billions of dollars to disinfect in 2003.

They also did this in Christmas. All versions of Windows had a “Critical” flaw which required an emergency patch..

Here is another new flaw that affects Microsoft Communicator and is highlighted in several Web sites right now.

Researchers at VoIPshield Labs have pinpointed a wide range of denial-of-service vulnerabilities in Microsoft Communicator, the unified communications that features business-grade instant messaging , voice, and video tools.

With such insecure-by-design systems [1, 2] abound, no wonder even kids can become botmasters and/or cyber-criminals.

Teen hacker confesses three-year crime spree

Known by the online handle of Dshocker, the 17-year-old Massachusetts hacker also admitted he breached multiple corporate computer systems, called in bomb threats and engaged in credit card fraud. The defendant, who was identified only by the initials N.H., pleaded guilty to charges in court documents that included one count each of computer fraud and interstate threats and four counts of wire fraud.

Symantec warned about unprecedented turbulence.

Symantec is warning of a sharp jump in online attacks that appear to be targeting a recently patched bug in Microsoft’s Windows operating system, an analysis that some other security companies disputed Friday.

Symantec raised its Threat Con security alert level from one to two because of the attacks, with two denoting “increased alertness.” But other vendors, including Arbor Networks and McAfee, said they were seeing no such activity.

Will there be more zombie PCs to join a faction of about 320 million? It sure looks like it, but the following article is peppered with ‘vapourware speak’.

Fake Windows “Antivirus” Code Infected 1 Million Computers

Even with Windows 7 in pre-Beta stage, Microsoft is emphasizing the need for end users to run security software with the operating system, indicating that it is working with members of the industry in order to have the first antivirus products tailored for the Windows client as early as the Beta development milestone. Fact is that the necessity to install security solutions is valid for all Window operating systems, not just Windows 7, but at the same time, there are some antivirus products that users need to steer clear of. Just in November, Microsoft contributed to removing malicious code posing as Windows antivirus solutions from approximately 1 million computers worldwide.

More of the same here:

Known as Kardphisher and “in the wild” since April, 2007, last week the malware author of this trojan horse mimicking the Windows XP activation interface while collecting the credit card details the end user has submitted, has made significant changes to visual interface and usability of the trojan, consequently improving its authenticity. Guess what happens when a gullible end user falls victim into this social engineering attack?

Zombie PCs aside (they spew over 100 billion SPAM per day), Microsoft is named the fifth most spammer-friendly harbour.

The software giant debuted on the list earlier this month at number 9 (one being the worst), and has slid over the past few days down to number 5. Spamhaus says spammers and scam artists are abusing Microsoft’s live.com and livefilestore.com properties to redirect visitors to sites that peddle fake pharmacy products, porn and Nigerian 419 scams.

Due so so many compromised machines, espionage and DDOS attacks ensue:

1. Pentagon Hit by Unprecedented Cyber Attack

“We have detected a global virus for which there has been alerts, and we have seen some of this on our networks,” a Pentagon official told FOX News. “We are now taking steps to mitigate the virus.”

[...]

Military computers are often referred to as part of the Global Information Grid, or GIG, a system composed of 17 million computers, many of which house classified or sensitive information.

2. Net bombarded by heaviest ever attacks this year

Online networks suffered their heaviest brute force attacks to date this year, with more sites than ever coming under sustained assault.

With so much trouble around, what would Microsoft do? Maybe ‘pull a Netscape’? It has just decided to bundle its security products with Windows, thereby gaining unfair advantage over a more advanced competition. Below we have some selective coverage.

Rivals: Low share led to drop of OneCare”

[...]

In a statement, Rowan Trollope, the senior vice president of consumer business at Symantec said:

We view this announcement as a capitulation by Microsoft, and a reinforcement of the notion that it’s simply not in Microsoft’s DNA to provide high-quality, frequently updated security protection.

Well, Symantec’s CEO has just announced his retirement/exit.

Here is some more coverage of interest:

1. AVG Sees Uphill Battle for Microsoft in Its Launch of Free Anti-Virus Software

Microsoft will also likely contend with a severe backlash from dissatisfied channel partners, whose margins and unit sales will be negatively impacted as a result of the free product offering, AVG believes.

2. Microsoft’s Morro Incites Mixed Feelings From Competition

Microsoft’s Morro, its new free antimalware software scheduled to be released next year, will probably not be a threat in the long run, major security companies say.

3. Microsoft kills Windows Live OneCare and Equipt subscription services

Microsoft’s Equipt — which Microsoft launched in July of this year — is dead and Microsoft is having to go back and pull copies of Equipt from the channel (Circuit City in the U.S. and DSGI in the U.K.). Microsoft is offering customers a pro-rated refund for the service and allowing purchasers to keep Office Home & Student edition for free forever, Microsoft officials said.

4. Microsoft give students the finger, once again

I wrote about Microsoft Equipt some months ago, and now that people are starting to buy it, they’re pulling it from the ranks. They’re pulling the product from all shelves, online and offline, but on the plus side, they’re allowing subscribers to get a pro-rata subscription refund and they’re letting you keep the Office Home & Student edition for free, forever.

This marks the death of yet another Microsoft product/service, this time the short-lived Equipt. It was Symantec’s CEO (or someone equally senior) who warned that without competition in this area, products will become very poor yet irreplaceable. This is a recipe for further problems where defenses are predictable, uniform, universal and therefore easier to consistently defeat. It’s not good for anyone. According to today’s BBC article, on-line crime is now estimated at billions, but should this be surprising at all? █

Permalink  Send this to a friend