30 January: Watchdog: MS Passport lets crooks in
A privacy group on Tuesday asked state law
enforcement authorities to examine software giant
Microsoft's Passport online identity service, saying it
exposes consumers to fraud, junk electronic mail and identity theft.
The Electronic Privacy Information Center sent a letter to all 50 state attorneys
general, asking them to protect consumers against what it called Microsoft's unfair
and deceptive trade practices because the federal government has failed to act.
Launched in 1999, Passport aims to simplify Internet transactions by allowing
consumers to store passwords, credit-card numbers and other personal information in
one location. The service has drawn the
ire of the Electronic
Center and other privacy
groups, who say it allows
Microsoft to track and
profile Internet users,
encourages junk e-mail,
and exposes consumers to
identity theft by
their credit-card numbers.
30 January: Passport glitch hits Microsoft game site
Microsoft's online gaming site suffered another glitch in its switch to the Passport identification
system, logging subscribers on to a bogus Hotmail e-mail account Monday.
A Microsoft representative said Tuesday that the glitch affected those who tried to access their
Hotmail account via links on The Zone, the game portion of Microsoft's MSN online service. Instead
of being taken to their own account, people were sent to a test account for "firstname.lastname@example.org."
30 January: Word documents may contain sensitive data
The German news service heise.de warns users that their Word documents may contain more information than they think. Word tracks and logs all changes to a document - even text that is deleted later on. Also, if more than one user is working on document, information on all users may be contained in the file.
NOTE: This article is in German
26 January: Antitrust legal beagles suing MS and DoJ
Antitrust watchdog group the American Antitrust Institute (AAI) will hold a press conference Thursday to announce details of a lawsuit they intend to file against Microsoft and the US Department of Justice, Reuters reports.
According to the group, both parties have held meetings and exchanged memos which have not been fully disclosed in court documents. They may be onto something here. It does seem improbable that the DoJ could have come up with a settlement so warmly accommodating of Microsoft without considerable coaching from Redmond.
26 January: What's really behind AOL vs. Microsoft
AOL Time Warner's lawsuit seems to be about Microsoft's competitive practices in the Netscape-Internet Explorer browser wars. But the real fight is over far higher stakes: control of Internet users' online presence.
Both the online content provider and the software developer are determined to be the trusted party that Internet users rely on to store all kinds of information--such as addresses, bookmarks, passwords and credit card numbers. This "presence information" will eventually turn most online transactions into a "one-click," Amazon.com-style experience, and whoever controls it will hold a huge competitive advantage.
This is especially important to Microsoft and AOL Time Warner because their products--software and content, respectively--lend themselves naturally to subscription-based sales models. If either company can become the default holder of presence information, it will have access to significant and recurring revenue.
26 January: Too many Updates already, users tell The Beast
Research commissioned internally by Microsoft amongst its corporate users has highlighted an unexpected gripe, sources tell The Register.
The number one Windows bugbear, is that there are too many updates. Private research reveals that the Update mechanism is out of control, with users unable to prevent individual staff downloading the latest Media Player, for example, unless they block access at the corporate firewall.
26 January: If Microsoft security fails, .Net fails
Microsoft has committed to making its products more secure and worthy of customers' trust. The philosophy outlined in a memo from Bill Gates last week lays out most of the imperatives that Gartner believes are necessary for Microsoft to change the software maker's long-established product management and development culture.
If Gates' realignment of Microsoft to the Internet in 1996 had made security a prime concern for new Internet features, enterprises would have avoided many billions of dollars of cleanup costs because of the long list of viruses and worms that have struck Internet-connected servers and PCs.
Gartner believes that Microsoft is serious about making this shift because its .Net strategy will fail if the security initiative fails. Nevertheless, changing the management and development culture of such a large company poses a huge challenge, and it won't happen quickly.
26 January: Software pirates are funding terrorists, Microsoft says
Microsoft anti-piracy manager Diana Piquette said at a recent press conference that piracy profits are being siphoned to terrorist organizations and are also being used to fund the activities of organized crime rings.
Microsoft and other software companies have also been working to push governments to take piracy more seriously. They have seen some success in this effort, according to Microsoft associate general counsel Nancy Anderson.
19 January: .Net breakdown: More to come?
After a five-day outage, Microsoft fixed a technician's error Tuesday, allowing Windows users to
once again access critical operating system updates on the company's Web site.
But the problem--the latest in a series--had .Net analysts questioning whether the software giant can
deliver the reliability necessary for its widely touted 24-7 Web services initiative.
"Uptime becomes much more critical, and Microsoft has not been concentrating on that," said Daryl
Plummer, group vice president for software infrastructure at Gartner, a market research firm. "If they
are going to do that with .Net and with .Net My Services, they have to get better."
19 January: IE privacy flaw still causing leaks
Microsoft has heavily promoted the privacy features of its new browser.
This week, however, computer privacy and security consultant Richard Smith warned that a unique ID created
under default settings for the Windows Media Player provides a simple override for those measures.
The flaw allows a malicious Web site to create what he described as a "supercookie" capable of
tracking people using any version of Internet Explorer and Netscape Navigator, regardless of the
privacy settings they choose.
Web page, a Web site can grab the
unique ID number of the Windows
Media Player belonging to a Web site
visitor," Smith said. "This ID number
can then be used just like a cookie
by Web sites to track a user's travels
around the Web."
19 January: Worm poses as Microsoft
A new worm masquerading as a software update from Microsoft is capable of deleting all files
on the hard drive of an infected computer but has so far spread very slowly, an antivirus
company said Monday.
19 January: Security Flaws May Be Pitfall for Microsoft
Microsoft's decade-long focus on cramming new features into its
products has come at the expense of protecting computers
against viruses and hacking attacks, which are costing customers
billions of dollars a year and becoming a top concern of
companies and government officials.
The latest disclosures follow a record year for
security problems, according to statistics released Friday by the
federally funded CERT Coordination Center at Carnegie Mellon
University. The research clearinghouse said the total number of vulnerability reports it received
more than doubled in 2001 to 2,437, after more than doubling in 2000.
Taken as a whole, the problems do more than fly in the face of Microsoft's declaration that
Windows XP is the safest operating system ever.
They are beginning to threaten the stability of a major piece of the world economy and to raise
questions about Microsoft's future.
19 January: Worm disables anti-virus software
A new worm called W32.Klez.E@mm is a mass-mailing email worm that also attempts to copy itself to network
shares. The worm exploits a vulnerability in Microsoft Outlook and Outlook Express in an attempt to execute itself when you open or
even preview the message in which it is contained. The worm also attempts to disable some common antivirus products.
19 January: Glitch halts Windows XP
Engineers are working to fix a glitch in a Microsoft Web server that has prevented Windows XP
users from downloading software updates, including a patch for a security hole, a company
spokeswoman said Monday.
The problem, discovered last Thursday, was created when engineers attempted to update software
on a server, she said, adding that it is expected to be corrected before Tuesday.
10 January: MS rigs ZD reader poll to promote .NET
Microsoft has stooped
to rigging reader surveys to rescue the crumbling myth of its popularity.
It seems that Microsoft actually sank to ballot-stuffing of
an on-line poll by ZD-Net.uk asking readers whether they prefer Java or
.NET for Web development.
"By 21 December, more than two-thirds of the respondents (69.5 per cent),
said they planned to deliver some applications by Web services by the end
of 2002, with a large majority of those planning to use Java. Only 21.5 per
cent said they planned to use Microsoft .Net -- less than the figure (23.5
percent) planning to use neither," a ZD-Net story reports.
But then Redmond apparently got wind of the survey, and the innocent poll
was swiftly corrupted. As the results swung suddenly and improbably
towards .NET, the ZD Web site's logs reported an incredible swell of
connections from the Microsoft domain, with one fool trying no fewer than
228 times to stuff the electronic ballot box.
"There is also clear evidence of automated voting, with scripts attempting
to post multiple times," the news site reports.
10 January: Virus writers take an early crack at .Net
Virus writers have apparently made the early developer list for Microsoft's .Net initiative.
On Wednesday, antivirus companies received a copy of the first virus capable of infecting files based
on Microsoft's .Net Intermediate Language, or MSIL.
Known as W32.Donut, the virus does little but infect other .Net files, but it shows that the
programmers who create such code are looking ahead, said Motoaki Yamamura, a virus researcher
with security software company Symantec.
10 January: Microsoft moves to close depositions
Microsoft filed a motion that, if successful, would bar the public from access to any future
depositions in its antitrust case, but The New York Times and other media organizations will
likely oppose it.
The Redmond, Wash.-based software behemoth filed a motion Wednesday with the U.S. District
Court for the District of Columbia to vacate a standing order in an ongoing antitrust case maintained
by 10 states and the District of Columbia. The case grew out of a case originally brought by the
Department of Justice.
10 January: Ralph Nader wants Microsoft to
Consumer advocate Ralph Nader has called for Microsoft to start paying dividends to
investors, saying the software giant's $36 billion cash pile amounts to an illegal tax shelter for
wealthy shareholders such as Chairman Bill Gates.
Nader, through his Consumer Project on Technology (CPT) office, wrote Gates a letter last Friday
saying Microsoft should change its practice of not giving dividends--cash payments usually paid
each quarter to shareholders.
2 January: Active Scripting bug in Internet Explorer allows hackers to read files and launch applications
Veteran bug hunter Georgi Guninski has found a bug in Internet Explorer 5.5 and 6 that allows malicious web sites to read files on a computer using the GetObject() command. This may launch arbitrary programs. Guninski advises users to "Disable Active Scripting and never turn it on.
Better, do not use IE in hostile environments such as the internet."
Previous | Next