Oracle now knows what it feels like to be Microsoft. Security experts are constantly finding flaws in Microsoft software and telling the world all about them.
Well, last week Oracle thought it had fixed a well-publicized problem in Java, one that had some advising end users to just stop using Java altogether. Instead of offering a round of applause, researchers told the world of a flaw found inside the supposedly fixed version.
Fortunately, the researchers had the good sense to hold off publishing actual details of the flaw until Oracle has a "proof of concept" fix.
My question is, why publish them then? Not all machines will be patched with this proof of concept fix. Any idiot can take what the researcher publishes and attack unpatched machines.
Am I missing something? If so, corrections readily accepted at firstname.lastname@example.org.
Posted by Doug Barney on 09/10/2012 at 1:19 PM2 comments
For many IT pros this week's release of Windows Server 2012 is far more important than the pending release of Windows 8. Windows Server 2012 doesn't have a crazy new interface. In fact, through Server Roles, most of the time it is meant to be used with no interface at all. Instead it is a solid upgrade to an already solid server OS.
Hardware makers such as HP, IBM and Dell already have servers for sale with the new OS.
Win 2012 might not be sexy, but it will get the job done. Storage is faster with new transfer options, smaller with deduplication, you can team NICs for failover and faster throughput, and the file system has been beefed.
What is your take on Win 2012? Thoughts and expectations welcome at email@example.com.
Posted by Doug Barney on 09/07/2012 at 1:19 PM1 comments
Windows 7 is finally bigger than XP -- a feat that took a full three years and the looming threat of XP support ending to reach. Not to mention the fact that virtually all new PCs sold are with Win 7. And for Windows, it works pretty well -- not perfect, but pretty well.
My guess is it will take Windows 8 far longer than three years to unseat Windows 7 -- it is that much of a switch.
When I moved from XP to 7 I didn't notice a huge change, and the learning curve was minor. Not so with 8, which forces a dramatically different interface on users and really requires a touch screen for truly comfortable experience, at least that's what you all tell me.
As of last month Win 7 was on nearly 43 percent of PCs, with XP on just over 42 percent -- neck and neck. Vista has a paltry 7 or so percent, about equal to the Mac. Linux brought up the rear with around 1 percent. That thing is growing about as fast as Snooki's bookshelf.
Posted by Doug Barney on 09/07/2012 at 1:19 PM6 comments
An ex-Redmondite believes Apple's massive patent win against Samsung may favor Microsoft more than anyone. Here's the thinking:
"If OEMs have to pay both Microsoft and Apple patent royalties then Android could be more expensive than Windows Phone. Google may remove popular (and expected by consumers) features from Android to avoid it or its OEMs paying Apple royalties, but that will diminish Android's competitiveness. So indeed Windows Phone has the potential to benefit from Apple's win in this case," writes Hal Berenson, head of consulting firm the True Mountain Group.
Berenson thinks wireless carriers and handset makers may give Windows Phones more support over the next year, just the breathing room Microsoft needs.
Hal, a distinguished engineer, used to write into Redmond Report all the time with great ex-Microsoft insight, but stopped a few years back. If you're reading this, Mr. Berenson, we'd love to hear from you again.
Posted by Doug Barney on 09/07/2012 at 1:19 PM0 comments
InfoWorld, now a Web-only entity, is hating on poor Windows 8. Their headline says it all: "Yes, It's that bad."
I can't agree or disagree. Although it is a review, it is, in fact, an opinion. The reviewer found some stuff to like, but found the gap between "Metro" and the old desktop interface to be a fatal flaw, "an awkward mishmash that pulls the user in two directions at once."
One commenter had this to say: "Your review, Yes, it's that bad."
What I've learned is that Win 8 is so different that it's like a piece of art -- everyone has an opinion (and check out this month's Redmond magazine cover story, which features readers' opinions on Microsoft's new OS).
Don't be shy, more Win 8 and RT comments welcome at firstname.lastname@example.org.
Posted by Doug Barney on 09/05/2012 at 1:19 PM6 comments
Stu Sjouwerman, a co-founder and former big-wig and at Sunbelt (and now founder and CEO of KnowBe4, which does training and builds compliance software) gave me a head's up about a new Web-based training course he and Kevin Mitnick are offering together to fight social engineering: "Kevin Mitnick Security Awareness Training."
If you recognize Mitnick's name, you probably should. Mitnick elevated "hacker" to a household word, even inspiring a straight-to-DVD movie starring Skeet Ulrich (I know...who? Here's a case where the subject is a hundred times more famous than the actor who played him).
Mitnick, known for his social engineering prowess, left his hacking ways behind years ago and has been using his skills for good ever since as a security consultant.
According to Sjouwerman, the new course is going well: "From the moment we announced it, this thing has been a hit," he said. "We're having fun out there!"
Posted by Doug Barney on 09/05/2012 at 1:19 PM0 comments
When Windows 8 ships, which is right around the corner (right when the leaves start to fall in my neck of the woods here in New England), there will be a whole new style of PC-based tablets coming along for the ride. These little beauties will blend the convenience of the iPad with the workman-like abilities of a full laptop. I can play and keep the boss happy at the same time. They should sell like hot cakes at a church fair.
But while IDC expects good sales, the research house doesn't expect them to reverse an overall slump in the worldwide PC market. Over the next three years, the market will grow on average just over 7 percent each year. That's not much compared to historical rates, but actually better than rates during our recent recession -- last year sales fell 1.4 percent. Ouch.
In my mind, there just hasn't been that much revolutionary going on in the PC hardware space, we are near saturation (my house has a half dozen machines), virtualization is driving thin clients and the younger generation does more and more with smartphones. Oh, and did I mention the iPad?
And there's nothing wrong with forcing the Dells and HPs of the world to give us a reason to buy a new PC, now is there?
How many PCs do you have and what would compel you to buy a new one? Let us know at email@example.com.
Posted by Doug Barney on 08/29/2012 at 1:19 PM6 comments
Here's another batch of opinions on Microsoft's new logo (and we were able to find a couple positive thoughts):
It just proves no one likes change and everyone has an opinion. At least it shows Microsoft is trying to change perception, which clearly needs to happen, because no matter how good the products are, the perception is an 'old' company and not the shiny new penny.
I think someone at Microsoft has been playing too much Minecraft or letting the developers do graphic design. I liked the Aero Glass look.
On the bright side, it does provide a simple logo. What is hard to differentiate though is this new Microsoft logo from the old Windows logo
It is SO cool. I mean, don't you think it's so cool how Micorosft made the 'ft' at the end touch each other as if they were just one letter? And the way those white lines intersect in the middle of the four colored squares -- just awesome.Aand that perfect pantone shade of 'rainy day grey' that they chose for the name Microsoft -- killer logo guys. I know you agree with me, don't be shy to speak up.
It's a logo, doesn't affect the product. It's not much more than a crappy driver's license photo. Move along, not much to discuss here.
Share your thoughts with the editors of this newsletter! Write to firstname.lastname@example.org. Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).
Posted by Doug Barney on 08/29/2012 at 1:19 PM2 comments
Java runs on a goodly portion of today's PCs. I know I used to get plenty of notices to update the darn thing, almost as many as for Adobe or Firefox, but those updates have slowed in recent months. Maybe they shouldn't have.
There is now a zero-day exploit that experts are so worried about that advise totally shutting off Java.
Since it is a Java exploit it crosses platforms, and most PC and Mac browsers are at risk. Attacks have already taken place in the wild, which is why experts are so concerned.
These attacks are pretty simple, the virus can gain privileges and once in can install malicious software.
There is an unofficial patch, but the safest bet is shutting down Java entirely.
What would you lose if Java went away? Answers welcome at email@example.com.
Posted by Doug Barney on 08/29/2012 at 1:19 PM5 comments
VMworld is happening in Vegas this week, and dang I wish I were there. Not only is it in a great city (I don't even gamble but I hear it offers other vices) but VMware puts on one heckuva show.
I've only been once, the first year Paul Maritz took over as CEO, and there were some 10,000 attendees who were all plenty pumped (for the show, not just to be in Las Vegas).
This year those that lost at the tables won with VMware licensing. You see, VMware had this cockamamie pricing scheme where you paid based on how much memory you used. Sounds complicated and it was. But even worse, it could be way more expensive.
At one of the keynotes, execs showed a slide with vRAM crossed out, much to the delight of the audience.
Were you hit with the vRAM tax? What is the dumbest or most egregious pricing move you've ever seen? War stories welcome at firstname.lastname@example.org.
Posted by Doug Barney on 08/29/2012 at 1:19 PM8 comments
Server virtualization was invented in 1967 or '68 by IBM (and the server was a mainframe). It became the revolution that it is today by virtue of two companies: Citrix (who turned NT servers into thin client hosts) and VMware (who turned Windows Servers into multiple Windows Servers).
Now the same thing is starting to happen to the network. No, not virtual LANs, which are cool but kind of passé. I'm talking about using software to emulate hardware networking devices, such as NICs, adapters, routers and switches.
First, this can save gobs of money. But if all this is virtualized, it can also be dynamic -- a must for a truly virtual data center and an absolute requirement for a true private cloud.
Microsoft is jumping on this bandwagon and is now talking about how Windows Server 2012 plays in this space. So far, it is really just a cog in the overall machine, and the machine for now is the high service provider area.
Just as virtualization started with big iron, Software Defined Networking (SDN) has to start somewhere -- and the high end is as good a place as any. In fact, these guys have the bucks and the savvy to sort it all out and later it can trickle down to us common folk.
My guess is that in five years we'll see some real SDN products that will simplify your network and make a lot of reconfiguration unnecessary.
Are you up on SDN and if so, what do you make of the whole thing? Your analysis welcome at email@example.com.
Posted by Doug Barney on 08/27/2012 at 1:19 PM1 comments
I have some major concerns with how some exploits are created, released and publicized. I'm glad we have security experts to tighten our security. When they write virus definitions, develop security tools and help us understand how to protect ourselves, they do a great service.
Part of what they do is to create exploits to show us where the flaws lie. The problem is these exploits can then be used to attack us. This is apparently what may be happening with two attack tools shown at a recent Defcon event. One tool steals passwords from Wi-Fi networks and then nabs the traffic that flows over these networks. The other tool cracks the passwords it finds. A nice little one-two punch.
So why on earth were these tools, harmful as they are, released?
Microsoft, probably scratching its head like me, released a security advisory but has no security update to stop the attacks. I'd check out my Microsoft advisories for more details and advice.
Posted by Doug Barney on 08/27/2012 at 1:19 PM1 comments