Internet Explorer gets lots of knocks for vulnerabilities, but its main rival,
Firefox, isn't perfect, either. The most recent rev, Firefox 3.0,
has
a hole that could let a hacker run code on your computer. Details haven't
been released, as the Mozilla Project hasn't finished its patch yet.
Redmond Report reader David pointed out that while Firefox may have fewer flaws,
he finds them harder to fix. Here's what Dave had to say:
"I don't care how many patches are released for IE, or how few for
Firefox. I patch Microsoft products with WSUS, which automatically approves
critical and security patches so they install on all the client PCs without
admin or user involvement. Even if the PC is sitting at a log-in prompt, IE
will be patched automatically. And I have an e-mail waiting for me each morning
to notify me of errors or problems.
With Firefox, I'm relying on an update mechanism that cannot be monitored,
and requires user intervention to initiate updates. It's the most administrator-unfriendly
program I've allowed on my network.
I don't have any unpatched instances of IE on my business LAN. I hope
that's true of Firefox, as well, but I have no easy way of knowing. It only
takes one unpatched vulnerability, so unless Firefox can assure me that it'll
never require even a single security patch, I'm at much greater risk from
Firefox than I ever will be from IE. As a user, I'd probably prefer Firefox,
but not from the admin standpoint."
Posted by Doug Barney on 06/23/2008 at 1:15 PM0 comments
Doug wrote
yesterday about Microsoft's much-touted Hyper-V. But a few of you aren't
buying into the hype:
Hyper-V is still in beta, has no live migration, has no farm concept
with automatic load balancing and HA, no over-committing of resources, requires
an installation of at least Server 2008 Core Edition, has restricted x86/x64
OSes, is dependent on specific CPUs, is unable to throttle or isolate the
root domain from VMs, and -- to top it off -- it's basically a Xen knock-off.
In fact, it is so similar to Xen (down to the problems), that I wonder how
much open source code crept into this closed-source product.
It amazes me, the giddiness with which people are approaching this pre-1.0
product and clearly inferior technology. The Microsoft Machine with its adherents
are at work here, but it's certainly not amazing technology. Maybe one day,
a few years from now.
-Anonymous
"Hyper-V Poised for Greatness"? Rhetoric. Don't get taken by
the Microsoft advertising juggernaut. It will stop at nothing to make us all
think the Hyper-V will challenge VMware ESX or even Citrix Xen in the short-term.
It will be a challenger in the long-term, but is definitely not enterprise-ready
in its current form.
-David
Got something to add? Let us have it! Leave a comment below or send an e-mail
to [email protected].
Posted by Doug Barney on 06/17/2008 at 1:15 PM0 comments
The second issue of
Virtualization
Review, our newest magazine, is now out. Our first issue walked through
the major platforms,
VMware,
Microsoft
and
Citrix/Xen.
We even had a killer preview
of Hyper-V written by virtualization star Chris Wolf. This puppy is going
to change the virtualization market forever once it ships this summer.
Our second issue was even better. Here we focused on the major hardware players
-- IBM (which invented virtualization in the '60s), HP, Sun and Dell.
Here's the quick-and-dirty: IBM
has the most complex strategy. It has hypervisors -- either home-grown or third-party
-- for everything from mainframes, to the Power6-based System p, to industry-standard
rack and blade servers. On top of all that, it has a wealth of proprietary management
and storage tools.
HP
is similar to IBM in that is has proprietary management and storage tools. But
it doesn't make its own hypervisor.
Sun
has been doing virtualization in one form or another for many, many years. Now
it's pushing its own hypervisor and a new virtualization management platform.
Both of these are open source, as Sun will tell you again and again (and again).
Dell
is the simplest of the four. It sells industry-standard hardware equipped with
third-party software. 'Nuff said!
Posted by Doug Barney on 06/16/2008 at 1:15 PM0 comments
At last week's Tech-Ed, Microsoft VP Bob Muglia crowed about Hyper-V. You can
test him at his word, as the hypervisor is nearly here; beta testers can get
the
latest
release candidate, meaning it's almost all set to go.
Topping the list of new features are better management of Linux VMs, fewer
bugs and snappier performance. You can get the software through Windows Update.
Are you jonesin' for Hyper-V? Share your thoughts by writing [email protected].
Posted by Doug Barney on 06/16/2008 at 1:15 PM0 comments
Google is pretty darn impressive. It has no huge staff of well-paid journalists,
yet it makes millions selling ads that surround today's media. As a journalist,
I think Google is parasitic -- the tape worm of the media world.
Given all the free cash involved, it's no wonder Microsoft wanted in on this
kind of action. But Microsoft last week decided it no
longer wanted to pay $40 billion-plus for Yahoo just so it could copy Google.
Now that Microsoft has given up on Yahoo, Yahoo is moving closer to Google
with an agreement that would put
Google AdWords on Yahoo sites.
Is this innovation or more of the same? Let us know by writing [email protected].
Posted by Doug Barney on 06/16/2008 at 1:15 PM0 comments
Microsoft isn't the only vendor with security issues (but I'll argue that it's
the most upfront about them). VMware, which is as much an OS as it is a virtualization
layer, recently plugged two hypervisor holes.
Unlike Microsoft, these vulnerabilities were reported by an outside company.
The remote code injection flaws are in two VMware Linux tools, and the patches
are fortunately now available.
Get the deets here.
Posted by Doug Barney on 06/09/2008 at 1:15 PM0 comments
Tomorrow is a relatively normal Patch Tuesday with
seven
patches set for release.
As usual, the patches focus on remote code execution. What's not so usual is
that the patches address wireless networking and Bluetooth. Since wireless is
the way many (most?) of us connect, these patches are well worth installing.
Posted by Doug Barney on 06/09/2008 at 1:15 PM0 comments
If you run Sun Java System Active Server Pages, you best get to patching. Security
company iDefense (the same one that found the VMware problems) discovered a
slew of vulnerabilities
in the Sun Web server. Hackers can basically take over the whole deal, logging
on, messing with files and running their own code.
Sun has updated the software, which takes care of the problems.
Posted by Doug Barney on 06/09/2008 at 1:15 PM0 comments
Last week, I was in Orlando for Tech-Ed. So why am I flying back to Florida
today? To go to Tech-Ed! You see, this year Microsoft split Tech-Ed into two
weeks. Last week focused on developers, and because my company also runs
Visual
Studio Magazine,
Redmond
Developer News and
ADTmag.com
-- besides
Redmond magazine -- I had to be there.
Last week was the last
time (we believe) that Bill Gates will give a keynote presentation to developers.
Having followed the man for some years, I somehow suspect that Bill will miss
running Microsoft and will emerge in years to come with a far-less-than-retired
role.
This week, Tech-Ed focuses on IT, and the next four issues of this newsletter
will have a distinct Tech-Ed slant. So if you can't be sweltering in Disney,
you can stay up to speed through Redmond Report.
Posted by Doug Barney on 06/09/2008 at 1:15 PM0 comments
Microsoft has one of the best Web sites for journalists in
PressPass.
In it are links to press releases, Q&As, photos and whatnot. It also links
to articles from outside publications.
I had just finished reading an article in the Wall Street Journal,
and was surprised to see Microsoft linking to the same thing. You see, this
article delved into a multiyear power struggle between Bill Gates and Steve
Ballmer that paralyzed many important Microsoft initiatives. Not an entirely
positive piece.
You have to be registered for the Journal, but here's
the article.
Posted by Doug Barney on 06/09/2008 at 1:15 PM0 comments
When VMware started, it was all about the hypervisor. But hypervisors, while
of fundamental importance, are becoming commodities. The real action is in tools
for management, as well as applications and storage.
VMware knows this better than anyone and has been building and buying tools
to round out the portfolio. The
latest deal is B-hive, an application performance management vendor that
ships in the form of a virtual appliance.
One question I have is whether VMware will adapt B-hive to work with Hyper-V
(the company's main product Conductor already works with Xen). If the action
is really in tools, VMware would be giving up dollars by not porting to the
big V.
Interestingly, B-hive is one of many -- make that many, many -- virtualization
startups with deep connections to Israel. Lot's of cool virtualization stuff
emerging from that one small country.
Posted by Doug Barney on 06/02/2008 at 1:15 PM0 comments
Nucleus Research, which focuses on ROI and analysis, is in the midst of
comparing
Mac to PC ROI. Like Obama vs. Clinton, so far the early results have the
Mac ahead. At one company studied, Macs have fewer problems which are solved
faster.
I'd like to see more companies embracing the Mac -- not to give Steve Jobs
more dough, or to reward what is arguably the most proprietary PC architecture
in existence today, but to create competition for Microsoft.
Posted by Doug Barney on 06/02/2008 at 1:15 PM0 comments