Navigation

You are here: Home Microsoft

Tag Archives | Microsoft

MS-Funded Alexis de Toqueville Institution Attacks Linus, Probably Making Itself a Laughingstock

By on May 17, 2004 in Home Page

Groklaw reports: MS-Funded Alexis de Toqueville Institution Attacks Linus, Probably Making Itself a Laughingstock
“Just when you thought it was safe to go back in the water. . . more FUD attacks.”

“This is so stupid I think we need a parody done by Scott Lazar. But
I’ll do my best to tell you the news with a straight face. The Alexis
de Toqueville Institution, who as you may recall admitted it gets funding from Microsoft,
has put out a press release on a “study” they have done that suggests
that Linus isn’t the father of Linux after all. Another “independent”
study with Microsoft peeking out from behind the curtain.”

“It’s
good when you are opposed by Larry and Moe. How dumb do you need to be
to attack Linus Torvalds? As I’ve said before, it’s like kicking
Dorothy’s little dog, Toto. All you get for your trouble is a lot of
really offended folks who seriously dislike you and all your
supporters.”

Microsoft Security Bulletin MS04-015: Vulnerability in Help and Support Center Could Allow Remote Code Execution

By on May 11, 2004 in Home Page

Just had the little Microsoft Update critter in the tray pop up to tell
me that there was a new update. The text was incredibly generic:

A security issue has been identified that could allow
an attacker to compromise a computer running Windows and gain complete
control over it. You can help protect your computer by installing this
update from Microsoft. After you install this item, you may have to
restart your computer.

Well, we certainly wouldn’t
want that, now would we? With caution from the Sasser worm patch that
rendered machines unbootable, I thought I’d investigate a bit more. A
visit to the Microsoft KnowledgeBase did not show the article mentioned – 840374. A visit to the Microsoft Security site didn’t show anything about this article, either, but the Microsoft Technet Security site
does – a link on the right to “MS04-015: Vulnerability in Help and
Support Center Could Allow Remote Code Execution (840374),” which leads
to the wrong article – MS04-014 instead of -015. Changing the address
in the address bar leads, finally, to the correct article: “MS04-015: Vulnerability in Help and Support Center Could Allow Remote Code Execution (840374)

This vulnerability affects WinXP and 2003 only. While Microsoft only rates this update as “Important” they do indicate
that a malicious web site using the flaw in Microsoft’s HCP protocol
means that “An attacker could take any action on the system, including
installing programs, viewing data, changing data, deleting data, or
creating new accounts that have full privileges.” I wonder what they
save the “Critical” rating for! Mitigating factors are many, and
suggested ways to minimize the dangers include not using Outlook, or
using Outlook in text-only mode, and unregistering the HCP protocol,
which might break local help links as well. Details are in the article
linked above.

It’s the 20th week of 2004, and this is Microsoft’s 15th security bulletin.

Nicholas Carr: IT still doesn’t matter

By on May 11, 2004 in Home Page

Nicholas G. Carr, author of the controversion Harvard Business Review
article “IT Doesn’t Matter” last year, follows up in Wired magazine
with some intriguing examples: Intel’s Centrino, Sun’s OpenOffice.org
and Microsoft’s IE.
Nicholas Carr:
“In public, industry CEOs may continue to exercise their Peter Pan
complexes, pretending that the IT business will never grow up. But
behind the scenes they’re dismantling Neverland piece by piece.” [Scripting News]

Microsoft drops wireless products

By on May 11, 2004 in Home Page

Microsoft drops its Wi-Fi offerings.
Microsoft Corp. has decided to stop producing wireless networking
products and will discontinue its range of gear using the 802.11b
wireless networking standard, also known by the Wi-Fi marketing name,
the company announced Tuesday. [InfoWorld: Top News]

Microsoft Needs Geek Appeal

By on April 27, 2004 in Home Page

Microsoft Needs Geek Appeal. “I thought I had a pretty good handle on the differences between the
open-source community and the traditional proprietary approach to
software development.

But watching a Microsoft spokesperson defend his company
and its whole approach to business in front of a room full of Linux
zealots last week helped crystallize the gulf between the two
camps–not just in business strategy but in fundamental philosophy and
political bent.” Read the full article on ZDNet. Link posted via OSNews

Miguel de Icaza: Cringely incorrect

By on April 26, 2004 in Home Page

Miguel de Icaza, leader of several interesting Open Source projects, says that Cringely makes nice but incorrect statements in claiming that you can’t win playing Microsoft’s game, and proposes his own strategies.

“In Miguel de Icaza’s latest blog entry the Mono project leader discusses the threat Longhorn’s new technologies and frameworks pose to Linux and open source. He also directs uses to this recent USENET post about the goals of Mozilla, which is a very interesting read.” From OSNews.com

Misinformation as news

By on April 25, 2004 in Home Page

Internet Week reports “Yankee Group Disputes Linux’ Claim To Lower Cost: Research report indicates most large firms won’t replace either Windows or Unix machines with Linux” while ITWeb reports “Yankee Linux findings rigged too.”

Studies funded by a vendor, studying the narrowly-framed questions that favor the vendor, are advertising, not impartial studies, and need to be clearly disclaimed that way. The study sets up a foolish scenario of “either-or” a proposterous solution, asking the CEO/CIO/CTO-types whether they favor revolution over evolution:

“In a fully-realized enterprise environment that’s built around Windows, you know where the trouble spots are,” she said. “Why would you then switch to Linux, and take a couple of steps backwards? Enterprises have this huge embedded [Windows] infrastructure. How do you rip out and tear down what you have?”

No one would sign on for such a plan. Instead, if the questions had been posed to focus on the trouble spots – exploited web servers, expensive licensing, poor desktop controls – and asked if the CxOs would consider other alternatives, evolutionarily and not revolutionarily, we might have a much better view of what is really happening in corporations. CxOs not considering such alternatives are not meeting their fiduciary responsibility to their shareholders.

I have no doubt that Windows Server 2003, the first significant OS released since the so-called “Bill security memo” of early last year, finally closes a whole series of holes in the Microsoft security model. But the OS is new. There’s no track record of success, no experienced network technicians to support it. And Linux is no panacea – bugs exist, some software is incomplete, installation is vastly improved, but some areas still need work. Security, too, is not a done deal. “Security is a process, not a product.” Something will always be breaking and need repair.

A survey of Microsoft shops asking whether switching or upgrading, in their opinion, would be more expensive, is pretty silly. These people have managed to justify Microsoft purchases up until now. Should they admit they were wrong? I think so, but then, I’m not risking my job over it.

Are bad business practices the driving force behind DRM?

By on April 20, 2004 in Home Page

In a CNet article titled “Software makers ready desktop lockdown,” journalist David Becker misses the blindingly obvious solution:

An ancient e-mail message embarrasses Microsoft in a key legal case. A leaked memo has Linux antagonist SCO Group scrambling to explain apparently secret Microsoft connections. A leaked message from RealNetworks CEO Rob Glaser reveals his behind-the-scenes maneuvering to get a stake in Apple Computer’s booming iPod business.

All it takes is a quick run through the headlines to see why some software makers might think there’s a market for products that lock down common types of business documents by restricting access to authorized recipients.

How about: if it would be embarrassing to read in the headlines, don’t write it down. Even better: don’t do it. Nah, that’s na•ve.

Older posts Newer posts

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.