Amazon Gets Into the Gadget Business
- By Peter Varhol
I flipped over to Amazon.com at the end of last week and saw a lengthy letter
from founder and CEO Jeff Bezos at the top of the homepage. This letter, which
many of you likely also saw, extolled the virtues of Kindle, a new
developed by Amazon and offered exclusively in its pages.
Checking again today, I see that "due to heavy customer demand, Kindle
is temporarily sold out." That may be marketing spin, or it may be
that there's a segment of the population that just has to have every new gadget
on the market.
The Kindle is large (almost the footprint of a hardcover book) and expensive
($399), making you wonder just what they had in mind.
Take a look at the Kindle and give me your read at [email protected].
Microsoft Acknowledges PRNG Bug in Windows XP
Microsoft has finally acknowledged that the vulnerabilities found by Israeli
researchers in Windows 2000 also
extend to Windows XP. The vulnerabilities involve Windows' pseudo-random
number generator (PRNG), a piece of code that generates seemingly random numbers
for various uses in the system. I say "seemingly" because you have
to trick a deterministic computer to produce numbers that behave like they're
random (a trick I studied while an MS student in math many years ago).
In an academic paper published recently (read the PDF here),
the researchers described how they recreated the algorithm used by Windows 2000's
PRNG, and used that to investigate how it's used in the system. Windows and
its applications use the PRNG to create random encryption keys, which are in
turn used to encrypt files and e-mail messages, and by the Secure Socket Layer
The researchers also noted vulnerabilities in the Windows CryptGenRandom function,
which calls on the algorithm. This may cause any application using the Windows
cryptologic functions to exhibit the vulnerability.
Do you need to use random numbers in your application? And with the Windows
PRNG? Let me know if you trust it at [email protected].
Microsoft Loses $140 Million Patent Appeal
It may be pocket change for Microsoft, but the company and CAD software maker
been ordered to pay privately held z4 Technologies over $140 million for
technology they used to activate newly installed software and deter piracy.
The appeals court agreed that the method used by Microsoft and Autodesk infringed
on patents created and owned by David Colvin, the owner of z4.
According to the ruling, Microsoft's Windows XP and Office 2003 suite of productivity
software used z4's patented method of asking buyers of the software to supply
two passwords, or authorization codes, before they could use the software. Microsoft
had claimed that the patents were invalid.
In case you're wondering where your license fees go to, Microsoft must have
huge legal bills. Wish some of that could go into improving products or support?
Let me know at [email protected].
Cyber Monday Scores a Touchdown
Rather like our hometown New England Patriots, holiday consumers dropped back
and lofted a digital pass into the end zone for a big score. Early
reports indicate that Cyber Monday was on track to set a record for online
Cyber Monday is so named because of its reputation as the biggest online shopping
day of the year. In the days before widespread broadband access, workers would
come back from the Thanksgiving holiday and use their employers' fast Internet
access to begin online shopping for the holidays.
Did you make any purchases online yesterday? How was the experience? Send your
take to [email protected].
Mailbag: Your Thoughts on Copy Protection, More
Doug asked readers yesterday where they stand in terms of copy
protection: Do you use dongles, or are you OK with Microsoft's WGA program?
Here are some of your responses:
Personally, I much prefer Genuine Advantage. Even though it could mess
up or be used in nefarious ways, it beats a dongle hands down. My experiences
with dongles have lead to many frustrations. Dongles take up a slot on the
computer, can (and often do) fail, must be configured properly and look enough
like a flash drive that they become prime targets by thieves (although, I
kind of like the justice of a thief getting a completely useless piece of
When I was supporting a small research group, I never had any issues
with Microsoft licensing but a dongle issue used to come up several times
a year. I'm not sure it really saves you from the possibility of shady licensing
practices, either. There's really no way of controlling what is on that dongle.
I'm fine with the protection scheme used by Microsoft. It has worked fine
on our home computer, allowing continued updates of the patches and fixes.
I'm sure the experience was not as smooth for everyone, but it was flawless
from my viewpoint.
As for dongles, adding one for my spouse's networked sewing machine software
was a pain that included the shipping of a new dongle and fixes so it would
recognize the key. Also, I was forced to always keep one USB bay tied up with
the security key dongle. I can only imagine the fun of having more than one
Microsoft's WGA process is fine by me. However, if dongles were easy to
distribute and could not be counterfeited, then I suppose that would be even
I agree with you regarding the dongle. I'm personally sick and tired of
"others" accessing my computer for ANY reason. It's mine, I paid
for it, stay the h*ll out! No cookies, auto updates or copy protection!
I really have no objection to a periodic ping of a license server by an
expensive desktop application. Something along the lines of once every three
months would seem right to me. But the lengths to which Microsoft goes to
validate the "genuine-ness" of installed copies of Windows just
exasperate me. It seems like every time I go to Microsoft Updates, I have
to verify that I'm using a genuine copy of Windows XP. Why can't the verification
of that fact be done once, and then left alone? I may change some piece of
hardware -- for instance, the video card -- but is it really necessary to
get re-verified once every month or so?
In short, I have nothing against copy protection, so long as it is something
reasonable. I understand protecting intellectual property, but treating your
customers like criminals sets a bad precedent. And things aren't getting any
better in the short-term; if anything, they're getting worse. I guess we're
ALL guilty of something.
I have a legitimate version of Windows, but I still don't like the idea
of Microsoft pinging my computer to see if it's legitimate. Whose interpretation
of legitimate are we using? I have XP at home and refuse to go to Vista at
this time. Will Microsoft disable some of my features until I buy Vista?
What is a hacker? Is it someone that goes into someone else's personal
computer and changes something? Is this not against the law? How many people
have had their computer checked out by a technician because something was
changed without their knowledge or consent? If Microsoft created software
that allows someone to go in and change features in your software, how do
we know if we were hacked by Microsoft or someone else? Ethically, something
is very wrong here. No wonder Microsoft gets so much bad press and our computers
can get hacked. Microsoft allows it.
Here's my 2 cents: Genuine Advantage/Software Activation is a pain in
the butt...at least for business networks. A dongle for every networked PC
would be impossible to make work. Seems to me if you're a business purchasing
from one of the OEMs, you ought to be able to buy a Windows license that doesn't
require activation. Does Microsoft (and now Adobe) really believe their corporate
customers are a significant source of pirated software? I find it hard to
believe and think it's more about greed. If I could, I would switch all our
PCs to Linux and open source software -- or even Mac OS. Problem solved.
And finally, Stephen chimes in on the myriad
versions of Windows Server 2008:
Microsoft is, to a degree, hamstrung by having to appease the EU and
other "bundle watchers," but its overly complex OS versioning strategy
is really starting to grate. I never thought I'd say it, but compared to Linux
or Unix, Windows is becoming too complex at the highest level to understand
what it is you should be buying. No wonder a lot of people are investigating
open source alternatives more seriously today than in the past; it's making
increasing sense to look at it and see where it could add some value. While
Microsoft probably isn't losing sleep over this at the moment, it needs to
watch out that it doesn't wake up in a few years wondering what it missed.
Got something to add? Share it with us! Send an e-mail to [email protected]
or leave a comment below.
Peter Varhol is the executive editor,
reviews of Redmond magazine and has more than 20 years of experience as a software
developer, software product manager and technology writer. He has graduate degrees
in computer science and mathematics, and has taught both subjects at the university