The Archives of The Evil Empire2001 October
| ||
|
28 October: MS misleading customers, collecting private user data, says Sun executive
According to the German news site golem.de, Sun Microsystems has accused Microsoft of misleading customers. "When starting up, Windows XP claims that Internet services can only be used after signing up for a Passport account," says Sun executive Dr. Helmut Wilke. "However, doing so opens Microsoft a door into your private sphere." Wilke warns agains entering your personal data on the Passport registration page: "Microsoft wants to be able to identify every single computer user worldwide with an unique 64-bit ID number, creating a 'transparent user', whose every move on the Internet can be tracked." Microsoft also plans to sell those ID numbers to its business partners, making money from users' personal data. "Microsoft is certainly not qualified to be the world's central Internet registration office," says Wilke, "so no XP user should easily hand over their data. Windows XP and Internet access work perfectly without registering for Passport." Note: this article is in German 26 October: MSN lockout fuels antitrust cry
As some third-party browsers remain unable to access Microsoft's popular MSN.com Web site for a second day, the lockout has stirred up further anti-competitive concerns about the giant software maker. Microsoft has said it has reopened the redesigned MSN site to rival browser makers, but as of Friday morning, the most recent browsers from Mozilla.org and Opera Software still could not access MSN. Netscape users also continued to report access problems. Late Thursday, the Washington-based trade group ProComp joined the outcry against the browser lockout by asking state and federal trustbusters to get involved. 26 October: MS XP signed drivers regime draws consumer groups' ire
The US consumer groups demanding changes in Windows XP returned to the fray yesterday, claiming that the OS "is an illegal extension of the company's illegal monopoly, and which will cause significant harm to both the nation's consumers and non-Microsoft-affiliated software firms and Internet service vendors." The Consumer Federation of America and the Consumers Union have four "central objections" to XP. First Passport shouldn't be bundled with it, and users "should have a choice of authentication systems and Microsoft should provide customer support without users having to sign up for a Passport." Second, they want an "open" alternative to the "world of Microsoft-affiliated commercial partners." Third, they say Media Player should provide support for high bitrate MP3, "rather than eschewing that format in favor of Microsoft's proprietary Windows Media Audio format." Their final point concerns drivers: "'pre-certification' of all software drivers, while helpful to maintain platform stability, has enormous potential for anti-competitive abuse," they say. 26 October: Mac, Linux, Even DOS Fans Diss XPs
To hear Microsoft tell it, the official unveiling of Windows XP is the greatest thing since the invention of the wheel. But users of other operating systems -- even earlier versions of Microsoft's -- aren't nearly as excited. "Do I get off on whether or not the logo spins or the flames flicker? No," said Ed Cray, a professor of journalism at the Annenberg School for Communication at the University of Southern California. "It's (Windows and XP) bloatware. It just gets bigger and I use less of it." 25 October: MSN.com shuts out non-Microsoft browsers
People trying to access Microsoft's MSN.com with a non-Microsoft browser are finding themselves locked out. Although the software leviathan's Internet Explorer easily reaches MSN, other browsers--such as Opera, Mozilla and some versions of Netscape--run into trouble. Using the most recent browser from Mozilla.org to reach MSN brings a message from Microsoft saying it has "detected that the browser that you are using will not render MSN.com correctly." A move to favoring Internet Explorer over other browsers would give Microsoft a considerable advantage as it prepares to jump into the world of Web services. Through its .Net software-as-a-service strategy, Microsoft hopes to sell software by subscription, and either directly or with a partner, offer a wide range of ancillary services, ranging from online calendars to financial and travel services. Through Windows XP, MSN is emerging as a major end point for delivering those services. The majority of Microsoft's most popular products link to MSN. 23 October: Windows Messenger 4.5: The Behind the Scenes Truth?
Are you thinking of downloading Windows Messenger 4.5? It just came out a few days ago. I downloaded it the minute it came out. This thing won't let me quit it anymore unless I also quit all other apps. Microsoft wants me to keep MSN Messenger loaded. Why? Hmmmmmm? So it can have Passport keep track of me? What is up here? I've never seen an app force itself to stay loaded in memory so other apps can "work." 22 October: Microsoft's New Money Machine
Setting up and using Money 2002 requires another Faustian bargain: To get the benefit of its dazzling tools, you must share intimate personal details of your financial life. Critics may balk at Microsoft's advice that you upload all your financial data onto Microsoft servers to make it easier to access the information while you're traveling and recover data if your PC is destroyed. Convenient? Maybe. But it raises the question: What happens if a hacker gets into Microsoft's servers? Also, Passport raises big privacy issues. It isn't just a harmless tool for secure log-ons. It forces you to give Microsoft your e-mail address, which not everyone wants to share. On signing up, you are hit with a e-mailed sales pitch to frequent shopping sites that accept Passport. And Microsoft tracks your movements online. How it uses that information is an open question. 22 October: Meet the dark side of Windows XP
I want to introduce you to what I think of as the "dark side" of Microsoft's new OS. Here are the specific areas that concern me: 1. Licensing and cost. 2. Activation. 3. Firewall woes. 4. Wireless troubles. 5. Drivers. 6. Applications compatibility. 7. Home vs. pro. 8. Memory. 9. Passport. 10. MSN. 11. No MP3 support. 12. Firewall. 22 October: MS issues bum security patch, contradicts self
Recently-issued patches for an exploitable RDP (Remote Data Protocol) bug in Win-NT and 2K have given users trouble enough for MS to yank one of them (details below). The timing is unfortunate. Only last week Microsoft Security Manager Scott Culp called on outside security researchers to follow Redmond's no-tell bug reporting example. Talk about insufficient patches. MS concludes that the NT version of their RDP-bug patch can be installed safely, while the 2K patch will make a mess of your system and has been removed from the TechWeb site pending a fix. If you've downloaded the 2K patch and not yet installed it, then you should discard it before some well-meaning OFH ninny goes ahead with the installation for you. 18 October: Microsoft bug reports may get personal data
Companies using Microsoft Office XP and Internet Explorer 5 have been warned that documents containing personal information could be sent to Microsoft along with debugging information in the event of a program crash. The U.S. Department of Energy's Computer Incident Advisory Capability office (CIAC) has released a security bulletin reporting that the debugging information includes an image of the current contents of the PC's memory, which may include all or part of the document being viewed or edited. "If a sensitive document is resident in the memory dump, this could be sent to Microsoft," said Graham Cluley, senior technology consultant at antivirus company Sophos. "This is not a serious problem but an interesting foible." 18 October: MS says stop discussing hack exploits
Microsoft's security chief has accused the security industry of creating "information anarchy" by openly discussing exploits when security vulnerabilities come to light. In an essay, Scott Culp, manager of the Microsoft Security Response Center, said that the full disclosure approach to issues taken by the security community does a disservice to end users, and has called for a rethink. "It's high time the security community stopped providing blueprints for building these weapons", such as Code Red, Nimda or the Ramen worm, Culp writes. "And it's high time computer users insisted that the security community live up to its obligation to protect them." 17 October: Mission: Domination of the Internet
If there is any doubt about Microsoft's determination to expand its Internet strategy through Windows XP, consumers may be reminded of it no fewer than five times as soon as they try the new operating system. In the second through sixth attempts to connect to the Net, Windows XP will implore consumers to sign up for something called Passport--an identification technology that, in many ways, is a key to Microsoft's future. 17 October: Mission: Domination of the Internet
If there is any doubt about Microsoft's determination to expand its Internet strategy through Windows XP, consumers may be reminded of it no fewer than five times as soon as they try the new operating system. In the second through sixth attempts to connect to the Net, Windows XP will implore consumers to sign up for something called Passport--an identification technology that, in many ways, is a key to Microsoft's future. 15 October: The real reason behind the anti-Microsoft-Passport alliance
If Microsoft gains access to the customer lists of its Passport "partners," what's to stop it from leveraging those relationships for its own purposes? For example, if a credit-card company uses Passport and its customers start accessing their bills through the Microsoft authorization service, what's to prevent Microsoft from nurturing its middleman relationship with the customer into something fuller by starting a competing credit card, linked tightly to some future release of Windows or Microsoft Money? You might think confidentiality could be handled with a contract--where Microsoft promises not to use its position in the middle of everyone's customer relationships for its own benefit. The problem is that (a) nobody trusts Microsoft and (b) the prize is so tempting that it's hard to imagine Microsoft being strong enough to resist. Think of Passport as Temptation Island, perhaps." 15 October: Windows XP Home: Don't go there
Windows XP Home is essentially a downgrade from Windows 2000, gussied up with pretty icons and trimmed out with multimedia features that were mostly present in Windows Me. It is not a viable choice for most professional or laptop users. Though Windows XP's networking capabilities are the best yet, Windows XP Home Edition is deliberately crippled. It can't log on to Windows 2000 domains, which means that you probably can't use it at workÑand may not be allowed to, since it can compromise the security of corporate networks. Second, the Home version doesn't give you much that's new. The difference is that it's bundled in from Microsoft instead of another company. So instead of using the familiar Easy CD Creator, you burn your CDs from Windows Explorer. Does it have all the features you need? Probably not. Will it hurt the companies that make more complete products? Definitely. 14 October: Three new security leaks in Internet Explorer: MS issues patch
Microsoft released a security patch eliminates three vulnerabilities affecting Internet Explorer. The first involves how IE handles URLs that include dotless IP addresses. This bug would allow the site to run with fewer security restrictions than appropriate. The second involves how IE handles URLs that specify third-party sites. By encoding an URL in a particular way, it would be possible for an attacker to include HTTP requests that would be sent to the site as soon as a connection had been established. If exploited against a web-based service, it could be possible for the attacker to take action on the userÕs behalf, including sending a request to delete data. The third is a new variant of a vulnerability affecting how Telnet sessions are invoked via IE. An attacker could start a session using the logging option, then stream an executable file onto the userÕs system in a location that would cause it to be executed automatically the next time the user booted the machine. 12 October: Microsoft, Yahoo clash over numbers game
Microsoft released a Web traffic report Thursday that showed its MSN site beating rival Yahoo in the contest for top search engine, a ranking that was immediately disputed by the Web portal. Yahoo refutes the claim, saying the numbers come from a custom report the software giant asked a third-party research firm to create. Yahoo added that a lot of MSN Search queries are "involuntary." Those searches are prompted by people who type a misspelled or nonexistent domain name into the address bar of Internet Explorer and are automatically redirected to Microsoft's search engine, a feature the software giant quietly added to its browser in September. 11 October: Windows XP's outsized expectations
Microsoft will lavish $200 million on the launch of Windows XP. Intel and other partners will drop another $800 million on XP-related marketing campaigns. Why does a monopolist need to advertise its products at all? I'm not being totally facetious. To some extent, it doesn't matter whether anyone wants or needs Windows XP--or even knows it exists. Its success is almost a foregone conclusion, because Windows XP will be bundled on practically every PC shipped starting Oct. 25. And never mind that Microsoft also has a de facto monopoly with Office, another way it has forced users to upgrade to a new operating system (OS). 11 October: MS security glitch allowed access to customer records on web
Microsoft has pulled the plugs on an internal (but er, only sort of) customer services site after it was informed that it could be used to browse the personal data of Microsoft customers. Credit card records weren't available, but it was possible to search for names on the site and obtain personal data such as private phone numbers, addresses and sales records. Adrian Lamo, who discovered the blooper, told The Register that he'd gained access to the site and that it "allowed anyone anywhere to download personal information about anyone who had placed an order with Microsoft which was fulfilled by mail." Microsoft took the site down swiftly after Lamo informed it of the problem via 10 October: EU Says MS Obstructed Probe
The European Commission has told Microsoft the company obstructed the EU executive's investigation of its practices, a source familiar with the case said on Wednesday. The allegations against the Seattle-based software giant, reported in The Wall Street Journal on Wednesday, were contained in the formal statement of objections sent to the company in August. The document accused Microsoft of having sought to obstruct the investigation by misleading those looking into the situation, according to the source. The document said the company presented 34 letters from firms purportedly supporting Microsoft, which were either written by Microsoft itself or solicited without the companies being told what use Microsoft expected to make of them, the source said. 10 October: Cornering the Content Market
Microsoft's New Monopoly Play
While most of the smaller ventures have struggled to carve out a niche for themselves in one area or another of the market, only one company owns a piece of every link in the digital-media supply chain at once, and that's Microsoft. The Windows Media format, for example, has become a serious contender as the preferred audio and video encoding format. Its codecs are widely regarded as producing better-quality files at smaller sizes than MP3 or Real Media. Where delivery is concerned, Microsoft boasts that its streaming-video technology produces better results than the latest versions of Real's technology. Microsoft even has its own eBook digital format for the printed word. The problem, as usual, is Microsoft's unique ability to make its technologies the de facto standard -- whether they're superior to their competitors or not. 8 October: The devil is in Windows' details
Microsoft protects its monopoly through a host of practices that barely register in the media or the public mind. The trial court's voluminous "findings of fact" only scratched the surface of the variety of stratagems the company employs to lock out competitors. Take, for instance, the peculiar matter of "registered file types." That ungainly phrase is hardly a familiar one, and -- unlike "tying," "bundling," "network effect," "browser integration" and other greatest hits from Judge Thomas Penfield Jackson's courtroom -- it did not become a household word during the serpentine course of the Microsoft antitrust battle. But the problem with Windows' "registered file types" is just the sort of subtle but nasty Microsoft practice that many of us hoped a forceful antitrust ruling and tough remedy would finally change. It is one little example of the myriad techniques our most powerful operating-system vendor has at its disposal to screw competitors, take over new markets and -- contrary to its propaganda -- make users' lives more miserable. 8 October: Microsoft pulls stealth release of Java for .NET
Microsoft has pulled a download that added Java language support to .NET. "Microsoft Visual J# .NET is a development tool that developers who are familiar with the java-language syntax can use to build applications and services on the .NET Framework. It integrates the java-language syntax into the Visual Studio .NET shell," according to the release note. Microsoft stresses that J# won't create applications that run on Java Virtual Machines, but only on the .NET common language runtime. By ducking VM support, Microsoft forgoes the requirement to submit to Sun's compatibility test suites, which it needs to pass to call its implementation Java-compatible. 6 October: WinXP activation harmless, cuddly, says MS chief.
Microsoft Windows Product Activation chief Allen Nieman was in London this morning for city number five on his tour of Europe, evangelising his baby. WPA is simple, unobtrusive, doesn't invade your privacy, almost cuddly and much misunderstood, apparently. Nieman's been telling everybody precisely this ever since WPA appeared in the WinXP beta programme, so the point of him coming to London to tell us all again wasn't entirely clear. And The Register disagrees about it being misunderstood - the problem for Microsoft is that people do understand it, but just plain don't like it. So really, it's Microsoft that's doing the misunderstanding. 5 October: Security leak in MS Excel and PowerPoint -- Patch issued
Excel and PowerPoint have a macro security framework that controls the execution of macros and prevents macros from running automatically. Under this framework, any time a user opens a document the document is scanned for the presence of macros. If a document contains macros, the user is notified and asked if he wants to run the macros or the macros are disabled entirely, depending on the security setting. A flaw exists in the way macros are detected that can allow a malicious user to bypass macro checking. A malicious attacker could attempt to exploit this vulnerability by crafting a specially formed Excel or PowerPoint document with macro code that would run automatically when the user opened it. The attacker could carry out this attack by hosting the malicious file on a web site, a file share, or by sending it through email. 5 October: Finnish city plans switch from Windows to Linux
Finnish local government is leaning away from Windows and towards Linux, according to Helsingin Sanomat, the country's largest newspaper. The city of Turku, population around 200,000, has reacted to Microsoft's latest licensing changes by kicking off a study of Linux alternatives, as the city estimates its Windows costs are set to rise by €1 million, or by €2 million if hardware and training costs are included. According to the paper, other Finnish cities are watching developments with interest. 4 October: Survey: MS licensing rankles customers
Conducted by market researcher Giga and Windows NT/2000 integrator Sunbelt Software, a survey of 4,550 technology professionals found that 80 percent of those polled expected to pay more for Microsoft software under the controversial new programs. About 42 percent said their Microsoft software costs would increase anywhere from 20 percent to 50 percent. Of the remainder, 19 percent said their costs would double or triple. The survey also found that 36 percent said they would consider alternative products in light of the changes. 3 October: Microsoft's taxing plans for storage
Microsoft is pulling the plug on Common Internet File System compatibility in Exchange. The reason, Microsoft says, is that storing Exchange data over a network creates a bottleneck, slowing the entire system. The real reason, it seems, is that Microsoft wants to control where companies store data. If Microsoft controls the data, it can tap in and extract a tariff in the form of a license fee on every single server that needs to access a Windows system. 3 October: The trouble with Internet Explorer
Since the Nimda worm recently exploited a common vulnerability in Internet Explorer, one would think that Microsoft might make it easy for you and me to get our browsers up-to-date. Unfortunately, Microsoft has elected to continue its policy of piecemeal patches, even in the wake of this costly worm attack. 3 October: Microsoft slammed for
software costs
When Microsoft announced a new pricing structure for licensing its software in May, it said the scheme would be less complicated and result in lower costs for most of its corporate users. The new prices took effect on 1 October, and some firms are already lining up to complain that they are now paying substantially more, are forced to buy products they do not need or want. 3 October: WinXP doesn't work with Money 2001
There is a very serious issue with Microsoft's Money 2001 product working on Windows XP - it doesn't. And this means system builders may delay selling XP based machines. Money 2001 is a component of Microsoft's WorksSuite 2001, which is a common software option on many system buildersÕ machines. One major UK player told news site The Register: "We won't be shipping something that doesn't work. How can you sell XP when the WorksSuite doesn't work." 2 October: Expiring OSes? Check the Windows 'best before' dates
Microsoft claiming Novell products have an expiration date will have prompted gales of laughter in IT departments throughout the world. Redmond itself is home of the expiration date, habitually unleashes a 'new' operating system on us every year, and deploys a battery of weapons - retirement of MCP (Microsoft Certified Professional) qualifications, price juggling, withholding of handy widgets, menacing new licensing regimes - in order to achieve de facto expiration of the old ones. For example, yesterday Microsoft discontinued the server version of NT because of increased demand for Windows 2000 and the forthcoming release of Windows XP. 2 October: Experts: Easy Installations Kill
The biggest computer security threat isn't a vicious virus or a skilled and malicious hacker. The real danger, according to dozens of experts, is easy-to-install software and software vendors who focus too heavily on adding convenient features instead of solid security solutions into their applications. "Default installations aren't a huge issue for Mac users, or even Windows 95, 98, and Windows ME users," security consultant Nicholas Versan said. "But those who are running Windows 2000 or XP professional should certainly educate themselves about what applications are being installed and activated on their machines." 1 October: Serious security problem with Internet Explorer for Mac OS X
A change in the way the copy of Internet Explorer bundled with Mac OS X 10.1 handles certain downloads is a cause for concern: [Anon] "I am shocked to report a huge security hole in the latest Internet Explorer version 5.1 that comes preinstalled on MacOS X 10.1. Every .hqx encoded classic application is decoded by Explorer itself (that's the default, Stuffit Expander isn't used) and then AUTOMATICALLY STARTED! This is totally unacceptable. You can test this simply by pointing your browser to danger.hqx where [there is a] very small C program that just displays a message (trust me, it *only* does that message, nothing more)." 1 October: Novell sues Microsoft over ad campaign
Software maker Novell on Monday sued Microsoft for alleged false advertising and demanded that its competitor publicly renounce the statements. In the lawsuit filed in U.S. District Court in Salt Lake City, Novell accuses Microsoft of false and misleading statements about Novell's software in a direct-mail advertising campaign targeted at Novell's customers last month. 1 October: Experts demolish MS anti-Apache FUD
In response to Gartner's recommendation that businesses investigate alternatives to Microsoft's Internet Information Server, the Beast sent its sales staff a crib sheet with the theme: "all web servers are vulnerable - but some are more vulnerable others,". Several dozen of you have written to point out that Microsoft's list of vulnerabilities in Apache, PHP and MySQL misses the point. "I am concerned along with many others with the apparently misinformed sales bulletin, sent by Microsoft to its sales force," Richard Brain of ProCheck writes. Some of the 'bugs' simply don't exist. 1 October: WinXP Plus! pack has 'issues' with ATI, Nvidia, 3DFX cards
The "powerful 3D rendering and animation environment" that comes with the Windows XP Plus! pack isn't entirely compatible with several major graphics chipsets, according to the relevant system requirements page. ATI Radeon and Rage 128, Nvidia RIVA TNT2 and GeForce won't run some (unspecified) Plus! features, while 3DFX Voodoo, Savage 4 and Savage 2000 have "major compatibility issues" and aren't supported at all. This won't be a huge surprise for 3DFX users, but it's a bit of a bummer for manufacturers who've shelled out the cash and shipped Microsoft the gear for Windows Logo Program 2.0 certification. But it seems that even if you're certified for XP, Plus! for XP isn't necessarily covered.
|
