The hole in IE that Chinese hackers used to hack Google is now fixed.
This particular exploit involves the hacker directing users to malicious Web sites where the real hacking work is done. A combination of bad publicity and a real security threat had Microsoft security programmers working overtime on a patch that covers IE 5, 6, 7 and 8.
More
Posted by Doug Barney on 01/22/20102 comments
It took nearly two decades, but a vulnerability in the Windows kernel that affects nearly all versions has been found.
While it took 17 years to uncover, it also took Microsoft over six months to issue an alert once the vulnerability was known. Fortunately, this elevation-of-privilege vulnerability requires the hacker to have network credentials and local access.
More
Posted by Doug Barney on 01/22/20102 comments
I admit it: I'm a huge fan of Sun Microsystems. I like companies with creativity and guts. Sun is no me-too company.
But it soon may no longer be a company at all as the European Union this week approved Oracle's proposed $7.4 billion buyout. It's such a done deal that Larry Ellison is planning a Hugo Chavez-style five-hour company and press event next week on the matter.
More
Posted by Doug Barney on 01/22/201019 comments
If the world ran on Firefox or Chrome, Google might still be committed to censoring in China. But with more than half of the market still in IE, hackers took advantage of a bug in the Microsoft browser to hack into the Gmail accounts of Chinese activists.
That's what prompted the Sino-Google conflict and led to Google threatening to take away the special version of its software that censors out anti-government content.
More
Posted by Doug Barney on 01/20/20102 comments
Google and Microsoft agree on less than Scott Brown and Martha Coakley, so it's no surprise they differ on clouds. Both companies' views are clearly informed by their pasts. In the case of Microsoft, it's always sold software meant to be installed on hard drives with files stored locally. Google is all about the Internet.
All this came out in a debate last week at the New York Technology Council. As you might expect, Google feels that everything can and should be done in the cloud -- with few or no exceptions. Microsoft believes in the cloud, in part because that's what the market believes and in part because it's the natural evolution of software. But Redmond feels that while some stuff should be in the cloud, there's also a critical role for old-style clients. Redmond sees a hybrid approach where data can be split between the two models and even synchronized.
More
Posted by Doug Barney on 01/20/20102 comments
Earlier this week, I reported that Panasonic was moving a huge number of users from Exchange to LotusLive, a cloud-based e-mail and collaboration suite. Some of you wrote me, arguing that Panasonic was already a Notes shop and had just a handful of Exchange users. And you were right!
More
Posted by Doug Barney on 01/20/20101 comments
Readers have plenty to say about the possibility of Google shuttering its Chinese operations over a dispute about that government's censorship practices:
I think Google would be doing the right thing to pull out of China. China continues to violate a lot of human rights, and its people are largely exploited due to the control the government exerts on its population. If they were a free people, they would learn their own worth and make more money. Our people would stop shopping at Wal Mart, our trade imbalance would even up, U.S. companies could export their goods, our employment would go up, and everything wrong with this picture would start to get righteous again.
Besides, if Google stays and censorship becomes an accepted practice, how long before the Obama-nation follows suit?
-Mel
I'm rather annoyed that you published this blog with as little information as you did. This whole situation with Google and China extends far beyond the business scope of the geopolitical climate, and extends to inter-country relations. I would suggest that you specifically state how Google has been "[invading] privacy" for years. Also, I would like to remind you that iDefense and McAfee have released more information on the attack which you undermined by saying it was from a "Chinese group" to see what "dissidents were up to." McAfee and iDefense have said the attack is more sophisticated than any attack they have ever seen on any private company. They also said the attack was not just on Google; they say that 34 independent companies were attacked and even Google said in its blog that "intellectual property"
was stolen. The companies go on to suggest that it was not simply a group in China that launched the attack, but it seems more likely that the Chinese government was behind it.
In my opinion, I think that Google's decision to change its policy in China is a retaliation to the attack. Ordinarily, cyberattacks are kept largely secret, and Google's decision to make this public could mean that it wants the Chinese people to see this all fold out and recognize how damaging their government's censorship laws are to freedom of information. However, to present the other side of the story, it is also possible that Google is making this public to provide a good reason for leaving China, where it is the No. 2 search engine behind China's Baidu.com. (This is unlikely, though, because the Chinese market still accounts for a significant income.)
-Scott
Although I applaud Google for taking a stand, I don't really buy its reason ("because this information goes to the heart of a much bigger global debate about freedom of speech"). Financially, it really isn't a big deal for Google, at least over the next three to five years. Its projected revenues in China are minimal compared to the hoped-for migration of businesses and governments to Gmail. And Google realizes that it will not win those other accounts if its e-mail is easily hacked and it doesn't stand up against it. If you don't think so, reread their blog; the first bullet is essentially, "It's not only us."
Google has spun some negative publicity into positive by being proactive in finding the breaches (and notifying those other companies that weren't as smart as Google in figuring it out) and by taking a stand against human rights violations. This gives potential customers a warm-fuzzy about Google's security when it was actually breached. Not bad spin. Microsoft, on the other hand, has an enormous potential for sales (or savings of sales) in China. China helped save almost $2 billion in counterfeit sales by busting a pirate ring in 2007. I think MS would be pretty buddy-buddy with China over that, freedom of speech violations be damned. As always, follow the money.
-Joseph
More
Posted by Doug Barney on 01/20/20100 comments
Google is apparently ready to give up on the world's most populated country all because it censors the Internet.
It seems disingenuous of Google to threaten to leave China when Google invades privacy and has for years allowed China to dictate what searchers see on their Google results pages. In fact, Google built a special version of its search engine for China that "self-censors."
More
Posted by Doug Barney on 01/18/20109 comments
Bruce praises MSDN for making Office upgrades a little less painful on the budget:
If I were not a developer, I would probably never buy another version of Office again. But I have Office "everything" for reason: MSDN. I got the subscription a number of years ago when I realized I could get it and save a huge ton of money on software. For $2,499, I get everything and then some, plus all of the updates. Included in this deal is Office in whatever flavor you want. They also throw in MapPoint and Project and all of the other bells and whistles. And yes, this includes the OS too. And the nice thing about it is that you get the REAL install DVDs and you get to install the software any darn way you want without Dell, HP, etc. making choices for what to leave out. And believe me, they do leave things out which force you to either install new parts -- which may or may not be on the install DVD they give you.
So basically, what we get through MSDN is what you would call the retail version, but you end up paying less than retail. If you are in academia, this is DEFINITELY the way to go as the academia price for MSDN is dirt cheap. I wish I was in that world, but I'm not.
-Bruce
More
Posted by Doug Barney on 01/18/20100 comments
Microsoft gets a bad rap for security, some of it deserved, some not. Meanwhile, other vendors operate with un-blackened eyes even though their software has more holes than an old Alaskan fishing net.
Last week, we reported that Oracle sent out two dozen patches in its latest round. Now, we find out that Adobe is patching many versions of Adobe Reader.
More
Posted by Doug Barney on 01/18/20102 comments
Massive Exchange shop Panasonic is giving the Microsoft e-mail platform the boot, not just switching vendors but fundamentally changing the way its e-mail is handled.
LotusLive offers a service-based approach to mail, Web conferencing, social networking and collaboration.
This deal ain't no small potatoes. Panasonic could have over 300,000 users on LotusLive in the coming years. Bet the Microsoft rep who handles Panasonic mail didn't have a very merry Christmas!
More
Posted by Doug Barney on 01/18/20107 comments
As we discussed Wednesday, software licensing is a tricky thing. The licenses are written by lawyers in consultation with software folks. Can you say complex?
One of the hidden secrets of Windows and Office licenses is they don't allow for machines to be rented. Instead, thousands of Internet cafes, rental companies and gaming centers around the world have paid a subscription fee -- or pretended nothing's wrong.
More
Posted by Doug Barney on 01/15/20100 comments