Project 'Squash Symantec' in High Gear

Microsoft's plan to take over the anti-virus/security software from those who created it has moved into overdrive with the release of Forefront Client Security.

I've been critical of this move on the grounds that partners -- including Symantec, McAfee and Sunbelt -- together saved Windows from the unrelenting peril that is viruses. Once they showed the way, it was easy for Microsoft to do the exact same thing, competing with the very vendors that helped keep Windows running in the first place! We tackled this and other issues in our January cover story "Unfair Fight."

Symantec isn't taking this lying down. It released a statement arguing that Forefront Client technology is based on OneCare, which Symantec argues is substandard.

What do you think of OneCare and Forefront? And would you rather buy anti-virus software from Microsoft or a third party? Let us know at [email protected].

Vista Code Not All New, Not All Secure
Versions of Windows have always suffered and benefited from the use of old code. The benefit is backward compatibility. The suffering comes from a failure to move fully forward, slow performance and security holes.

After Trustworthy Computing, many of us thought that Vista would be different. And in most cases it is. But not every hunk of code is new and that leaves pieces of Vista vulnerable.

I learned all this from contributor Steve Swoyer, who explains that old code from Windows 2000 led to the recently reported mouse cursor vulnerability.

Software may never be perfect, but I still applaud the lengths Redmond went to lock down Vista. Then again, only time will tell just how hacker-proof the new OS will be.

Microsoft Research Struts Stuff
Microsoft Research has gotten many a bum rap from the business press. Journos who are fixated on stock prices and product launches just don't understand why Redmond would invest billions researching "a best-first alignment algorithm for automatic extraction of transfer mappings from bilingual corpora" or do a "comparative study of discriminative methods for re-ranking LVCSR N-best hypotheses in domain adaptation and generalization." (When you put it that way, I'm not so sure either!)

The real knock is that the billions spent on research don't magically turn into stock price-raising products.

And that's the point: Microsoft doesn't restrict its research to things that make money. It's interested in advancing the state-of-the-art in computer science.

But there are projects that could become products, and every so often Microsoft shows them off. At the recent Computer/Human Interaction 2007 Conference, Microsoft showed off a few cool projects, including Shift, a tool that lets you use your finger as a stylus for a mobile device. It also talked about two projects that bring users and customers into the product design phase.

Most intriguing to me is: "Do Life-Logging Technologies Support Memory for the Past? An Experimental Study Using SenseCam." The idea here is for people to wear a camera throughout their lives. The question is whether going back to actual images from the past changes how one remembers them.

This question is mildly intriguing, but the very idea of constantly wearing a camera and archiving all the footage is what really gets my wheels turning.

If only O.J. had been wearing one of these on June 12, 1994!

Doug's Mailbag: Ubuntu vs. Vista, Figure Out WGA, More
Yesterday, I wrote about Dell's decision to preload its non-Windows computers with Ubuntu. Will it be a match for Vista? Here's what some of you wrote:

Let me start by saying that I'm not a big fan of any particular OS; I just view them as a necessary evil. (I really hope that statement doesn't void any of my Microsoft certifications.)

I have a fleet of four desktop PCs and two laptops at home. I look after 250-plus PCs for work. On one desktop PC, I have tried both Ubuntu (version 6), then Vista, then Ubuntu (version 7). The clear-cut verdict is Ubuntu out-performs Vista in a number of areas. So I thought, what about the shiny new Acer laptop (I ghosted the drive -- thumbs down to Acer for not providing re-install media)? I threw Ubuntu at it and apart from having to do a little tweak to get the on-board Webcam to work, the verdict was the same: Ubuntu was the winner -- faster load, lower CPU usage when playing media files, faster shutdown, Internet downloads around 10kbs faster (on the same connection, with and without IPv6 enabled, for those who think I may have riggered the result).

Mind you, I am not advocating that any Linux flavour is quite ready for the mainstream "anybody can install it" catagory. I'd give Ubuntu another two versions...and then LOOK OUT, world!


Does it have to be Dell? I installed Ubuntu alongside Vista on my son's new HP laptop. After the Vista auto-load, I could not connect wirelessly. The driver was there, and it searched for networks, but it couldn't find any. I connected wired and that worked fine. I fired up HP's PC Health client and checked for updates. There were two, a new wireless NIC driver and a new display driver. I installed them and voila! -- the wireless network was found. I re-sized the hard drive from Vista Drive Management (very nice), and installed Ubuntu. It had exactly the same problem. Everything worked after the initial install that I could find, except for the wireless NIC. Only I could not find any updates for the wireless card under Ubuntu. I'm sure it will be along shortly.

Before Vista was launched, it sounded great. Now we have Vista, but I personally do not know anyone who has purchased it; everyone is staying with XP. Why? Because XP works right now, and I don’t want to have to buy new hardware (including possibly new printers, scanners, etc.) and learn a new OS when what I have does what I need. Why spend more money for something that is not really needed? Microsoft's reaction seems to be to force new software down our throats. Why? So it can keep its revenue stream going. If it would only listen to what people want and build software that did that, then people would say, "Yes, I have to spend money for an upgrade, but it will really help me with my business or hobbies or whatever."

On the flip side, Ubuntu Desktop 7.04 looks quite nice, does the basic things quite well, and is FREE. Free, as in no cost. Free, as in open source. Now, I'm not saying to dump Windows and move to Linux; what I AM saying is Linux is steadily marching forward, giving people what they want and allowing them to remove what they don’t. It's free and it's getting easier to use. Once it reaches critical out, Microsoft.

To summarize: Microsoft is big, bloated, costly and seems to have lost touch with the consumer, while others are learning how to work with the consumer.

I asked readers on Tuesday what they think of WGA's need to constantly check my software after the initial confirmation. Is there any reason for it? Here's what some of you had to say:

Finally! Someone who sees what I see, and isn't afraid to say it.

WGA should be a one-time event; either your software is legit, or it's not. Period.

Here's my guess as to why Microsoft wants to interrogate your machine after registration:

1. It can see what other applications are installed on your machine.

2. It can see the machine's hardware configuration.

3. Information from #1 and #2 gives it insight into your habits and also allows it to determine if you have a copy of the OS on one or more machines.

I have an educated guess about the constant updating of WGA. It's far from a technical reason you can't fathom. And if your brain is underdeveloped, I'd hate to classify mine.

As a user, you must prove in the first month you have paid. Instead, you find the latest hack and bypass WGA. Microsoft has just lost money. So its answer is to come up with a new WGA that looks for known hacks or compromised keys, and/or just revalidates your license. This battle seesaws back and forth between MS and the hackers with those of us with legitimate licenses caught in the middle.

The impact on legitimate users is additional downloads we don't really need. The current size is 1.3MB. For organization that don't have a WSUS server, that adds up to a lot of unnecessary data traffic. And I do recall reading about one version of WGA that incorrectly identified some legitimate copies of XP as pirated and the users had to call MS to reactivate their systems.

Try on this scenario for a reason why Microsoft wants you to revalidate continuously:

We buy 50 identical desktops sans OS from a vendor claiming we'll be using Ubuntu to get out from under the MS thumb and pay-as-you-go (SA) model. We then buy one fully loaded system with OS, Office Premium and all the bells and whistles. After setting up and configuring the one system, activating everything, and validating all the pieces and parts with MS (the Mother Ship), we then proceed to clone the hard drive and deploy all 50 systems with "fully licensed and activated" software. If the initial validation was all that was done, all those machines would continue to work and get updates for the rest of their useful lifecycle. Since the Mother Ship can decode the details of the box the software is installed on with the WGA/Validation process, it will be able to determine just by MAC address that the initial install has been cloned. It may even be getting the processor serial number out of the system with the validation process, but I haven't been able to verify that as of yet. There is something that looks encrypted going across the wire during the validation process that we haven't been able to decode yet, but we're working on using two CPUs to test this particular quirk in the data stream. Acronis True Image is great as rolling back to a prior setup point. System Restore doesn't seem to work as advertised. We think it leaves several changes (i.e., validation) not undone when it finishes restoring to a prior point.

Drink the Kool-Aid. All will be understood if you just drink the Kool-Aid.

A group of Amiga die-hards are trying to bring back the magic with the AmigaOS. Exercise in futility? Not necessarily, some of you wrote:

Why so negative regarding the AmigaOS? It isn't over 'til it's over. If people want to make an AmigaOS, and they do, and some finite number of people buy it, then it is a valid OS. Why is only Windows or Linux or Mac an alternative? Instead, I would be cheering them on. Maybe they'll fail, maybe they'll succeed, but more choice is a win in my book any day.

It isn't just me then. I still have an Amiga 2000, 600 and 500. Best PC/game console I've ever bought, still to this very day.

Amiga? What about Atari? My friends had Commodore computers, but I had an Atari. Not the game system -- the home PC. Which, as far as I could find out, went bankrupt because of poor advertising and other companies stealing its secrets.

Do you know if there is anything remaining in some hacker community or other?

Finally, Gregg chimes in with his advice on how to deal with that pesky two-lettters-per-button BlackBerry 7130 keyboard:

Don't look at the screen and delete junk from the custom dictionary, which is part of the equation in how it anticipates what you are writing. You can also enter common terms or company names that you use all of the time. I did luck out and moved up to the 8703e which has individual letters and makes typing much easier.

Got something to add? Leave a comment below or send an e-mail to [email protected].


comments powered by Disqus

Subscribe on YouTube