The Windows 7 beta has
leaked out beyond the small base of testers Microsoft originally intended, and I for one don't think Microsoft is the least bit upset.
In fact, Microsoft seems to be talking more about Windows 7 than about its shipping products. And its Vista commercials mention Mojave (the code name for Microsoft's Vista taste test) way more than Vista itself. Let's face it: Vista is the Blagojevich of the PC market. Everyone wants to steer as clear as possible.
So far, the beta reports for Windows 7 are pretty positive -- all the more reason for Microsoft to want broader distribution. If you're jonesin' for Windows 7, check out BitTorrent now, or just wait a bit for when Microsoft itself has a broader release.
Have you tried the beta? If so, how's it going? Reports welcome at [email protected].
Posted by Doug Barney on 01/05/2009 at 1:16 PM0 comments
Despite Apple's reputation, Macs need protection, too -- as these readers will attest:
I get weekly reports from US-CERT about cyber threats. One of the recent ones was about OS X. Actually, most of the weekly ones are about open source software and, increasingly, OS X. I guess in the downturn of the economy, folks figure they are getting a bargain buying their software at the "dollar store" (OK, Macs from Neiman Marcus). I guess you get what you pay for -- disposable software or a gated community with holes in the fence.
-Dan
Many years ago, a friend gave me a disk of files for my Mac SE. At least one of the files was infected with a virus. My Mac became infected also. I immediately bought an anti-virus program and removed the virus. That lesson taught me the importance of running an anti-virus program, and I have done so ever since. I've never had a problem since then.
-Anonymous
And one reader pokes some holes in Utest's recent contention that the IE 8 beta is currently the safest browser:
Um, the report says 356 uTesters evaluated Internet Explorer 8 and identified 168 bugs, including 9 percent that were classified as showstoppers. Also, 514 uTesters evaluated Firefox 3.1 beta and identified 207 bugs, including 24 percent that were classified as showstoppers. That's from the Utest Bug Battle page. So Firefox testers averaged 0.4 bugs each with access to source code, and IE testers averaged 0.47 bugs each despite using a proprietary browser.
Also: "During this first Bug Battle, the uTest community discovered one bug every 15 minutes in the three leading browsers; the good news, however, is the fact that no showstopper security flaws were found." The bugs that were found were mostly not security bugs, and no major security flaws were found in the course of this testing.
As far as I can tell, the bug lists aren't posted, so there's no indication what was actually found. Concluding that IE is "the safest, most bug-free browser" is not just a bit of a stretch, it's like stretching one piece of taffy from Florida to California. If you want numbers that actually relate to security, try Secunia: 30 percent (10 of 33 Secunia advisories) of the IE security flaws it's aware of are unpatched, and "The most severe unpatched Secunia advisory affecting Microsoft Internet Explorer 7.x, with all vendor patches applied, is rated Extremely critical." As for Firefox, 14 percent (1 of 7 Secunia advisories) are unpatched, and "The most severe unpatched Secunia advisory affecting Mozilla Firefox 3.x, with all vendor patches applied, is rated not critical."
-Anonymous
Meanwhile, Stephen has some more general grievances with the IE 8 beta:
Much as I like the auto-fill of the URL, the number of sites that already do not function with this version has become so numerous that I'm using Firefox far more these days. The RAD editor we use all the time in IE 7 simply doesn't work in IE 8. If you have a number of IE 8 windows (not tabs) open and click on an e-mail link from some support sites, the page opens in EVERY window! I've resorted to "Always run in compatibility mode" but Fidelity.com gets a permanent "NO! Site under maintenance" page for any log-in attempt. "Back" used to simply be a matter of going "back" -- but no, the geniuses at MS now make it an expired-page-retry 90 percent of the time. Logging in to a Web-commerce site used to be autonomous per IE 7 window, but not now! Testing our site is now a multi-machine affair, thanks to IE 8 -- and that's WITH "compatibility" on. Finally, it's ridiculously simple to drop down the URL history and hit the red X when you actually want to use the URL, not delete it! What -- no "Confirm delete from URL history" option?
Perhaps IE 8 has very few security bugs, but for usability I'd give it no more than 6, and the "fear factor" of uninstalling the beta (which was Microsoft's solution for a reporting services rendering issue) is more massive than I can say. Do I really want a hosed machine? Prior IE and MS uninstalls have left me with chills!
-Stephen
And finally, Rob closes out the year with a few good words about a Microsoft product that's taken plenty of shots in 2008:
I have installed over a hundred copies of Vista on newer PCs (no older than one year). Honestly, I have not had an easier time with an OS install before, ever. I waited over three months after RTM for Microsoft to patch the immediate bugs and get their ducks squared away (like XP and 2000, history shows every new OS has glitches to hurdle over before it's stable).
My first reaction was that it's a fast OS. It has a few quirks here and there with device drivers and legacy apps, but overall, it's slick. Then came SP1...WOW. I remember the first install on an HP Pavilion. Twenty-seven minutes to install, found the Wi-Fi, all peripherals and external HDDs, and just worked. No third-party driver installs. Simple. Easy. Fast. Slick. Love it. And I still do. I love Vista. I believe in it. I sell it daily and although I get the daily grinding calls about XP and its sad demise...well, some people don't like the new Honda Civic, either!
-Rob
Redmond Report is adjourning until next year, but keep sending us your letters! Leave a comment below or send an e-mail to [email protected] -- we'll resume posting them in January.
Posted by Doug Barney on 12/18/2008 at 1:16 PM0 comments
SQL Server is in the news this week nearly as much as Gov. Blagojevich. No, SQL Server didn't try to sell a Senate seat, refuse to leave office and go for a jog. Instead, SQL Server gained a new beta of what will probably be SQL Server 2010 and got a bunch of new security tools for the current version and a new service pack.
Starting with what's shipping today (or near-abouts), we have beta versions of two SQL Server security tools. Both the Anti-Cross Site Scripting Library and the Code Analysis Tool are built to deflect SQL Injection attacks.
Closer still is SQL Server 2005 SP3, which came out Monday. This service pack is largely a roll-up of bug fixes (if you want new features, Microsoft would be happy to point you to SQL Server 2008), but also includes database engine and replication tweaks.
Furthest out is Kilimanjaro, which isn't due for a couple of years. For those that just have to have what will become SQL Server 2010 now, a preview is scheduled next month.
Posted by Doug Barney on 12/18/2008 at 1:16 PM0 comments
Cisco -- or, for the purpose of this story, Captain Obvious -- released a study showing that hacker attacks are
getting more sophisticated. Doesn't this happen each and every year?
Diving into the details, Cisco says spam makes up about 90 percent of all e-mail traffic. (Since my e-mail is published everywhere, including in this newsletter, spam is about 99 percent of all my mail.) There's also a new form of personalized spam; this way, phishers trick you into thinking the mail is truly legit. Botnets are also getting trickier, the network giant says.
Posted by Doug Barney on 12/18/2008 at 1:16 PM0 comments
Let's say there's a big independent convention that does nothing except gather your customers and promote your products. Oh, and they offer you the keynote so you can shock the world with amazing new products. "Where do I sign up?" you might ask.
But if you're Steve Jobs, you'd ask, "How can I bail?"
That's what Apple and Jobs are doing with Macworld. Job cancelled his keynote and next month's Macworld will be the last Apple will support. Instead, Apple will push its own events. Can you say proprietary?
My beef is that Apple isn't reaching out to new markets. It's not reaching out to the enterprise (we've offered Apple opportunities to talk to you Redmond readers, but it had little interest). It's not reaching out to middle- and low-income consumers (or the Third World) with aggressively priced products. And now it's not even reaching out to its own customers!
What would you do to expand the Mac market? Suggestions welcome at [email protected].
Posted by Doug Barney on 12/18/2008 at 1:16 PM0 comments
Microsoft bought Seadragon Mobile a year or two back for its mobile GUI. As I recall, Seadragon lets users drill into content on small screens so you can actually read words and see images -- pretty handy for someone like me who has 48-year-old eyes and refuses to get glasses. But is Seadragon good to go on Microsoft-powered phones? Not yet.
So what exactly does it run on? How about an iPhone? That's right: Microsoft is shipping a preview version for Apple fans, while the Windows Mobile faithful has to wait. And it's all because the iPhone has a strong enough graphical processing unit (GPU) to run the new interface.
This is all good news. Along with growing support for open source, moves like this signal a kinder, gentler, more accommodating Microsoft.
Posted by Doug Barney on 12/17/2008 at 1:16 PM0 comments
Any time you have dozens of hackers
attacking thousands of systems, you know a fix is on the way. And that's just what IE is getting. A day after Microsoft
released a workaround but no promise of a fix, the company reversed course and is slaving away on an
out-of-cycle patch due today.
The attacks originally focused on IE 7 but spread down to IE 5 and 6, all the way up to the IE 8 beta. This is one patch well worth installing.
Posted by Doug Barney on 12/17/2008 at 1:16 PM0 comments
Doug wrote his
column on Monday from the front lines of a bad New England ice storm -- and he wasn't alone:
Similar to yourself, I live in Southern New Hampshire, just outside of Portsmouth. We were without power for two days, but I was able to hook up a portable generator to do the following: 1) get the refrigerator working, 2) get the heat working (it's gas -- just needed to get it started) and 3) get the wireless Verizon modem working. For some reason, even though my Comcast cable was down, the Verizon FIOS fiber was not broken.
This is one of those occasions where my wife was glad I'm a geek! We were able to stream videos and catch up on the news even though we were confined to a couple of rooms.
-Anthony
You must be near us in Nashua. We're still on generator but we're OK. Add one to the geek factor: I rigged up my neighbor with a 2,000-watt inverter I bought so he's got mini-power -- enough to heat a portion of the house and get them hot water (by hooking it to the car battery and using the car's alternator).
Our dead-end street is an island of eight "powerless" homes surrounded by houses with power that are taunting us with Christmas lights!
-Kevin
I just read your blurb about your powerless marooning in a sea of ice. As a Marlborough, Mass. native, we were spared the worst, but our hearts go out to those inconvenienced (and worse). We got ice here but only half as much as you did, meaning our power was only out for about 12 hours. There is something to be said for underground utilities and living near intersections on the grid!
-Richard
Just wanted to let you know to be ready as the weather we have is headed your way. Out here on the Central Plains (Central Iowa) the high for today is 3. On Sunday, the temperature dropped over 40 degrees in a matter of a few hours and the winds were 30 mph or greater. We were at 50 in the morning and -3 this morning. Hope you get heat at home soon.
-Anonymous
About 15 years ago in Lanesboro, Mass., we had 30-below-zero for more than a solid week. The last night of the 30-below weather, the power line on Route 7 snapped at 2 in the morning. The loss of power caused all the hot water heater lines to freeze in our house in the middle of the night. That was not pretty. The whole community was affected.
Ice storms are not pretty. Even here in Virginia Beach, we had that same problem about seven years ago. We lost so many trees around the house. It was like a maze trying to get through it with a chainsaw. Which, thank God, I had at the time.
-Kurt
Glad to hear you're weathering the winter. That's the reason I left Minnesota for the California Bay Area.
-Scott
And Google recently unveiled its "Native Client" to speed up Web browsers and improve security. Kevin wonders if there's something else about the name that he's missing:
I noticed that Google is abbreviating the Native Client as NaCl. That happens to be the chemical shorthand for sodium chloride (aka, table salt). Is that just a coincidence? If it was intentional, I'm missing the clever reference.
-Kevin
More reader letters coming your way tomorrow, in 2008's last Redmond Report! Meanwhile, send us your thoughts by writing your comment below or e-mailing Doug at [email protected].
Posted by Doug Barney on 12/17/2008 at 1:16 PM0 comments
Usually, when Microsoft tells customers to get ready for a new product, I yawn. But in the case of IE 8, it has a point -- at least for IE shops.
Earlier this week, we reported that IE 8 had the fewest bugs of any mainstream browser -- and it's still in beta. If those security testing results are correct, IE 8 will be far safer than earlier Microsoft revs.
Microsoft expects a final product in the first quarter or 2009, and suggests that IT get ready for a fast, smooth rollout. This time around, Microsoft's advice makes a lot of sense.
Posted by Doug Barney on 12/17/2008 at 1:16 PM0 comments
Last week, Doug reported on Microsoft's entry into the fashion world with its
new line of "Softwear" T-shirts. Cool or not? James offers his opinion:
Would I wear a shirt with Uncle Bill's mug or the word "DOS" on it? Nope. Wait, let me rephrase that: HELL NO! That ain't cool -- not even "sorta kool." If that's what Microsoft thinks is cool, it's no wonder that its lame-@ss commercials fell flat on their face. With all its money, you would think those guys out in Redmond (on the other side of the lake) could at least buy a clue.
-James
Scott gives his take on the open source business model and just how lucrative it is (or isn't):
I've heard more than enough about business models, open source earning potential and what CEOs say! The unrealistic citation of some U.K. company that tried to force users into a Linux PC scenario hardly typifies the open source mantra. The firm tried too hard to save a buck for an organization of its size.
Open source is not a lucrative proposition, and to that I would like to add a little information. I see three different open source business models at play in industry today: those that want to be acquired (e.g., Zimbra, MySQL and Zen), those that want to generate income via support contracts as a way to keep the company and still generate revenue (e.g., RedHat), and those that are willing to beat their own path to success -- look at Digium.
Digium started by buying the rights to a silly V.90 modem modification that allowed it to work as VoIP. ZapTel, if memory serves. It then developed hardware as a product. Asterisk was born from Digium in the early days with the promise that if you bought Digium hardware, Asterisk would be supported. Asterisk is now the de facto in open source VoIP. Great model right? Nope! After Asterisk had been in the wild for a period of time, various products emerged based on that piece of software. SwitchVox emerged as the most robust product; Digium acquired and now sells/supports this product. Hugely successful on the scope and range of Digium. I actually dislike the the SwitchVox product...but I love the model. Open source released into the wild and recaptured as a viable product. Hmm.
-Scott
And finally, John wants to make sure we've got our sources straight:
I just wanted to point out that WhiteHat Security did not issue the report you reference in your Redmond Report item, "U.S. Balance of Trade Great -- for Malware!" The WhiteHat report was in relation to Web site security flaws. The report you referenced is the one by Sophos regarding malware.
-John
Tell us what you think! Leave a comment below or send an e-mail to [email protected].
Posted by Doug Barney on 12/16/2008 at 1:16 PM0 comments
I used to hate
Wired magazine for its design (lesson here is to never give your art director meth and an unlimited library of fonts). Eventually, the design settled down and it seemed to lose its "We're smarter than you" attitude. The mag is now pretty darn good.
But all is not perfect in Wired-land -- and perhaps it can take some of the money it saved on all those fonts to hire some better headline writers. My beef is with a recent cover story about Ray Ozzie: "Can This Man Save Microsoft?" Given that I follow Redmond's finances -- which seem to set a new record each and every quarter -- I was confused by the premise.
So I settled in to read just why Microsoft was in such dire straits. A couple thousand words into the story, I knew all about Ozzie's college education, white hair and shyness...but I had no clue if or why Microsoft was in trouble.
Microsoft has challenges, but it owns messaging, owns the desktop, owns more than half of the development market, and has a big chunk of the Web. It has also announced exactly how all of this can move to Web -- and has production and beta software to prove it. I wish I owned a company that was in as rough a shape as Microsoft!
Posted by Doug Barney on 12/16/2008 at 1:16 PM0 comments
Almost every shop I've ever talked to or toured is multi-vendor, heterogenous and a beast to maintain. One can go single-vendor and heterogenous, but the software isn't as good -- and it's
still a beast to maintain.
That's why it's no surprise that the majority of enterprises have some form of open source. Actuate, which has a complement of open source tools, says that over half of U.S. companies use open source, with substantially more in Europe.
The 50 percent number seems low if you define open source use as any use. In fact, Gartner agrees and puts the number at more like 85 percent.
According to the Actuate survey, over 75 percent of companies develop software with open tools, while little more than half use open operating systems such as Linux. Hmm...I'll go with the trends, but the OS numbers sound a mite low.
Posted by Doug Barney on 12/16/2008 at 1:16 PM0 comments