Surely you are zuning with me!

During the past year several media outlets have breathlessly heralded the triumphant efforts of Microsoft development team to squash bugs and eradicate vulnerabilities. Here are some samples.

NYTimes, October 9, 2006:

On a whiteboard in a windowless Microsoft conference room here, an elegant curve drawn by a software-testing engineer captures both five years of frustration and more recent progress.

The principle behind the curve — that 80 percent of the consequences come from 20 percent of the causes — is rooted in a 19th-century observation about the distribution of wealth. But it also illustrates the challenge for the builders of the next generation of Windows and Office, the world’s largest-selling software packages.

Wow, what an introduction. Goosebump worthy.

”It looked bleak; it was a slog, but in the end this was a technical problem, and there was a turning point,” said Bharat Shyam, 37, a computer scientist who is director of Windows program management. ”We’ve confounded the analysts and the press.”

As October arrived, a vote of confidence came from Wall Street when a Goldman Sachs analyst, Richard G. Sherlund, wrote that he expected the product to be introduced on time. ”The Vista development organization has made rapid progress delivering improvements to Vista’s performance, reliability, and compatibility,” he said.
…
Indeed, it was the vast scale of the Windows testing program that saved the software development projects. Over the summer, the company began an extraordinary bug-tracking effort, abetted by volunteers and corporate partners who ran free copies of both Windows and Office designed to send data detailing each crash back to Microsoft computers.

Good job, Bharat. Seriously. I do not want to make fun of this serious endeavor. However, I don’t think its only the analysts and press you have to convince. There’re these people called “users”.

Anyhoo, imagine my surprise when I came across this from Paul Thurrott (via Slashdot)

I’ve found out that the source of Allchin’s concerns was an unexpectedly buggy pre-RTM build of Vista. The previous Friday, Microsoft pushed Vista build 5824 into escrow, hoping that the build could qualify as the final shipping version. But a catastrophic problem with the build destroyed any systems that upgraded from Windows XP, requiring complete reinstallations. After several frantic days of trying to find the bug, Microsoft finally fixed the problem last Friday and reset escrow. On Friday, Microsoft internally released build 5840, which didn’t include the bug. Testing over the weekend produced positive feedback.

Allow me to channel my inner John McEnroe: “YOU CAN NOT BE SERIOUS!” A “catastrophic” bug that requires a re-install? At this late stage in the release cycle!

But, but, what about all this:

Seattle PI, November 5, 2005:

Microsoft Corp. says it is speeding up the internal development schedule for the next version of Windows – hoping to improve the quality of its biggest product by giving testers more time to use a full-featured version before the final release.

In other news IE 7.0 was released this week. Secunia reported a vulnerability in IE 7.0 less than a day later. WTF! Make that two.

That, of course, refutes all this:

Seattle PI, February 15, 2006

“If you took the investment we’ve made in this next version of Windows, security would jump out as the thing we’ve spent the most time on,” Gates said.

BusinessWeek March 20, 2006:

Since the days of Windows 95, security experts have been beating up on Microsoft for the way it integrated the Internet Explorer browser with its operating system. A decade and countless security vulnerabilities later, Microsoft is finally conceding that the critics were right. This means big changes are coming in the version of Internet Explorer that’s due this fall.

I have been using an early, and still buggy, test version of Internet Explorer 7, which will be released both as part of Vista (the next release of Windows) and in a separate version for Windows XP. It goes a long way toward separating the browser from the operating system. That makes browsing safer but less convenient since a number of things that used to happen automatically will now require your intervention.

IN EFFECT, MICROSOFT IS TAKING AWAY the browser’s special, trusting relationship with Windows. And with Vista the divorce comes with a restraining order. Even when you let IE run a program, it won’t be able to create or change files or system settings unless you give it additional permission. This makes it far harder for a malicious Web site to hijack your home page or install a program that monitors your keystrokes.

Microsoft has always had the greatest PR efforts. One would hope sooner or later someone in the media would notice the litany of broken promises.

WSJ, March 22, 2006:

”We won’t compromise on product quality, and we needed just a few more weeks,” James Allchin, co-president of Microsoft’s Windows division, said in a conference call with analysts and journalists.

In an interview after the conference call, Mr. Allchin said that he made the decision to take a few more weeks yesterday mornning after a meeting with the leaders of the Windows development team. No single feature or problem prompted his move, he said.

”But I wanted to push up the quality even higher,” Mr. Allchin said. ”And the balance between usability and security is a tricky one.”

The security testing process, for example, has included dozens of outside computer security consulting companies — known as blue-hat hackers — who are given access to the Windows Vista code and its documentation and asked to try to find any ways to break in. Mr. Allchin characterized that program alone as the ”largest penetration-testing effort ever conducted on a commercial software product.”

NY Times, May 24, 2006:

Jim Allchin, co-president of Microsoft’s platforms and services division, said in an interview yesterday that he was confident that the software would be ready for consumers by January and for corporate customers this November.

”This is a call to action to make sure everybody is prepared,” Mr. Allchin said, referring to the thousands of hardware and software developers whose livelihoods depend on Vista’s success.

But Michael Silver, an analyst with Gartner Inc., a technology market research company, said that the shipping schedule was overly ambitious and that Vista was not likely to reach consumers before next March. ”We think they are underestimating how long it’s going to take to respond to the problems that two million people find,” he said, referring to those who are likely to test Vista.

This is might be the first time in a while that Gartner is right about something.

Seattle PI, July 31, 2006:

Windows Vista is the first version of the PC operating system to be developed entirely under the “Trustworthy Computing” initiative that Bill Gates launched in early 2002, after a series of high- profile vulnerabilities in Microsoft programs.

The company says it has overhauled its process of developing software to emphasize security.

In addition, Windows Vista will come with a series of new technical approaches and designs to protect against malicious programs such as viruses and spyware, which can otherwise install and run on a computer undetected.

“We want it to be the most secure version of Windows ever, and the security researchers are going to help us do that,” Microsoft’s Toulouse said.

Seattle PI, August 2, 2006:

After years of security trouble, Microsoft says it believes Windows Vista will be the most secure version of the PC operating system it’s ever produced.

That won’t mean an end to all problems. And security experts say the real test won’t come until after Windows Vista’s retail release next year. But these are some of the new approaches the company is taking in Vista:

Security Development Lifecycle: new practices and safeguards in Microsoft’s software development process meant to improve the security of code.

User Account Control: a technique that gives standard users the ability to shift temporarily to higher privileges for installing programs and changing settings. It’s a substitute for running the computer in full administrator mode – which lowers the PC’s protections against spyware and other unwanted programs.

BitLocker: a feature of business-oriented and advanced Windows Vista versions that encrypts data on a hard drive to protect it in case of theft or loss.

Upgraded firewall: oversees inbound and outbound traffic, not just inbound traffic, as in the Windows XP firewall.

Windows Defender: built-in anti-spyware protection. It’s one of the areas that the European Commission has considered in weighing whether Windows Vista might violate antitrust regulations, by incorporating new programs available on a stand-alone basis from others.

Internet Explorer 7 Protected Mode: limits browser’s capabilities in Windows Vista to stop attackers from using it as a pathway to install programs on the machine or change settings.

Address Space Layout Randomization: loads the system code into unpredictable places in memory, to make it tougher to exploit a buffer overrun – a common security risk that occurs when a program tries to write more data than it should to a temporary holding space in memory. Examples of previous attacks that exploited buffer overruns in Microsoft programs include the notorious SQL Slammer and Code Red worms.

BusinessWeek, August 21, 2006:

Microsoft went to full battle stations over PC security four and a half years ago, when Chairman William H. Gates III acknowledged in a memo to his staff that the plague of viruses and worms afflicting Windows and other products had gotten out of hand and something drastic had to be done. Henceforth, Gates decreed, security would be the top priority. All programming was temporarily halted as Microsoft embarked on an effort to make its products safe.

Soon we’ll know if the delay was worth it. The business version of Windows Vista will arrive late this year, with a consumer version due in early 2007. Vista is Microsoft’s first new PC operating system in five years and the first version of its flagship product to get a full security makeover. Hackers are expected to probe Vista relentlessly for vulnerabilities after final versions come out. But already there are signs that Microsoft may fall short of Gates’s goal — at a time when it’s facing pressure from a resurgent Apple Computer Inc., which suffers few security problems.

Can I just suggest this: Microsoft has zero credibility left.

But then you have people like Ed Bought Bott who think that the OS X has the same level of risks as XP/Vista. Because taking advantage of OpenSSH vulnerabilities takes about the same skill level as some 17 year old high school-er or some 23 year old from the Phillipines or a 16 year old from Mississauga or an 18 year old from Germany or some 19 year old from Belgium.

Note that I am not arguing that OpenSSH cannot be compromised by a teenager. My contention is that Microsoft has made Windows extremely easy to be compromised and thus the level of sophistication required to take advantage of OS X is not the same as teenagers who take a breather from Kazaa or WoW for about an hour to create a virus.

In the end I suppose this comment from David Pogue is relevant:

NY Times, March 27, 2006:

If the delay means a better, more pleasant Windows for the next five years, what’s another few months?

Top 10 reasons/places not to use an iPod

There has been recent rash of iPod events/incident that the press has been very kind to warn us about. Here are my recommendations of places and situations where people should avoid using their iPods (or look for alternatives).

1. Airline toilets. Maybe a Zune would be a better alternative since its bigger than the nano and the brown color will hide any, err, hmm, stains.

2. Mowing the lawn during a thunderstorm. I recommend a boom box at the edge of the lawn cranking out Toby Keith.

3. If you want to climb Mount Everest while listening to Van Halen. You should carry a Zune so you can share three songs for three days after you make summit, dude.

4. If you are in high school and your bff doesn’t have an iPod.

5. If you have over 90,000 songs. Just carry your RAID on your back with its own power pack and headphone setup. Sweet.

6. If you are concerned about autism. Only the soothing sounds of Celine Dion can help us.

7. If you are concerned about DRM (even though you have never have purchased a tune from iTunes Store).

8. Because it doesn’t have built-in wifi, bluetooth, voip, fm receiver, or even a voice recorder. Sheesh. Really – what use is this device?

9. If you are travelling to the UK and you have a tan or you have had a little too much medicinal marijuana and start driving around or you are afraid of getting mugged. Umm, I think its safe to say that when travelling to the UK, a Rio player would be best. No one would recognize it or want it.

10. If you are Steve Ballmer. I pity his kids. Hopefully that trust fund can kick in soon so they can hook up their disguised iPods to their disguised Macbooks.

This reminds me of that

Exactly why wouldn’t this

Jingle Networks, a Menlo Park start-up which provides free phone directory assistance, has raised a whopping $30 million more in venture capital — upping the ante in what is now a crowded field.

This area has become popular because people find this an easy way to avoid the $1 to $3 they get charged using regular DA service.

Jingle, which markets itself as 1-800-Free-411, supports the free service by injecting advertising snippets in it responses. If you call them at 1-800-Free-411 looking for a particular local pizza company, for example, you may be offered a voice ad from a competing pizza company.

be subject to the same lawsuits as this? NYTimes:

In one of the most important such cases to date, last year a federal judge in Alexandria, Va., dismissed a claim by Geico, the auto insurance company. Geico said that a Google policy of permitting Geico’s competitors to buy advertisements tied to searches for the keywords “Geico” and “Geico Direct” confused Web surfers looking for the company’s site. The two companies settled the case before the judge reached a full decision on the other issues involved.

“This is Google’s cash cow,” Professor Goldman said. “If they can’t sell keywords freely, they’re not worth their market valuation.”

Note: I am not arguing that these lawsuits are valid, I am just wondering out aloud if Jingle is ready for lawsuits that the will inevitably be filed, despite this verdict.

MyZune or Zunester?

Mike Elgan of Computer World extols the benefits of Microsoft Zune and declares that “Apple should be afraid to its core”. Elgan identifies the wireless music sharing as the greatest thing since Apple pie:

The Zune is social and viral.

Since the iPod first came out, times have changed. The rise of social networks like MySpace.com and viral Web 2.0 sites like that of YouTube Inc. have transformed the expectations of young people about sharing and using media. In the context of these trends, Apple is old school. But the Zune, with its peer-to-peer wireless file sharing, is both social and viral.

Tweens, teens and twentysomethings have acquired the habit of feverishly sharing videos and songs. Today, they mostly have to wait until they get home and use their PCs to do so. With the Zune, students will be free to share music, videos and photos right there in class. They’ll be able to pass notes to one another. The Zune isn’t just a solitary music player. Think of it as a portable, wireless, hardware version of MySpace.

Roughly Drafted successfully repudiates all of Elgan’s arguments.

I just want to pick on the wireless sharing feature: this comment from a New York Times article (via GMSV) about Friendster is apt:

“Tell me why you aren’t going to be the next Friendster.”
– Venture capitalist David L. Sze’s “Jonathan Abrams” litmus test for entrepreneurs who say they have the next MySpace

Elgan is counting on the teen market to drive Zune sales. Good luck! According to the a Piper Jaffray & Co. survey:

A survey of 600 high school students by Piper Jaffray & Co. analyst Gene Munster found Apple Computer Inc.’s digital player No. 4 on their wish list. And the iPod wasn’t even among the items Munster suggested — the kids wrote it in.

So Mike, tell us again, why won’t the Zune viral feature be the next Friendster?

I am with these guys on this one:

Michael Robertson says it will fail miserably.

Steve Jobs says by the time Zune tries to get social, the girl has gotten up and left.

Blackfriars thinks its not going anywhere with a comment regarding Microsoft’s segmentation strategy:

So let’s recap. Microsoft’s target market is a group of people who have high disposable income, like to think differently, enjoy sharing experiences, and like going against the crowd. This is actually a wonderful target market. We know a lot about them. In fact, they’ve created some of the highest profit margins in the entire computer and consumer electronics industry for a single company.

The only problem: they’ve been buying Apples for years. Oops.

Enderle or How to Make Money Stating the Obvious

I have no idea why journalists keep turning to this moron for comments, but Rob Enderle seems have a thriving business spouting crap about Apple that the publications keep lapping up. This article from Red Herring covers the oft-mentioned Apple over-the-air music purchase patents with several quotes from Enderle:

Apple’s filing specifies that a “portable media device” could record a sample, transmit that sample to a server network to identify that sample, and provide the user of the device with numerous media types such as music and video, available for purchase.

“Whenever you a see a patent like this with Apple it means that they’re working on something,” said Enderle Group analyst Rob Enderle.

Wow! No effing kidding, Rob. Maybe you can enlighten us about patent applications that Apple has filed that they don’t plan working on.

Later on Rob tackles Apple’s international market for iPhone:

The patent filing, which refers to a wireless carrier, may relate to Apple’s iPhone as well. The patent filing contains a document reference: “AT&T Wireless: mMode phones and how to access your music and ring tones.”

“The AT&T reference could well mean they are going down the road with AT&T,” Mr. Enderle said. “That’s just a hint. If it were me and I wanted an international carrier, I’d pick an AT&T. Apple sells internationally, so they’d want something that goes through the stores internationally.”

How insightful. I suppose if the patent filing mentioned T-Mobile then Enderle can stipulate how that makes sense because T-Mobile is after all part of Deutsche Telekom and available internationally or if the patent filing mentioned Verizon then the genius can state how that makes sense since Verizon is available internationally through its Vodaphone partnership.

All this talk about an Apple MVNO seems rooted in fantasy. Recent evidence suggests that it is not so easy to make money from MVNOs. From Gigaom:

Pyramid found that most MVNOs are loss-making to slightly above break-even and believes that there is enough fodder to question the MVNO model, at least in its first iterations. Pyramid concludes that not all MVNOs will achieve profitability and the next 24 months will either make or break MVNOs, particularly the prepaid-focused ones.

Unless Apple thinks that MVNOs are iTMS-like loss leaders for iPhones? Here’s what I think. If at all the mMode reference is useful, maybe its because Cingular is divesting its leftover AT&T assets (whatever Alltel didn’t purchase). Apple has $10 billion in cash. If Apple feels compelled to be a service provider, the cash can be better used to buy the excess asset from Cingular (leftover from AT&T and BellSouth purchases) and use it to debut a wireless service instead of being a MVNO. This would let Apple to control the service quality, applications, and etwork instead of piggy-backing on other carrier’s systems. It’s a better model for Apple and more profitable than being a MVNO. Of course, the other profitable model is just selling unlocked iPhones for any carrier!

Of course, all this is depends on beast called iPhone really being under development, beautiful mockups notwithstanding:

Finally, one thought on the prediction about a WiFi iPhone and iChat Mobile: yeah right.

War: What is it good for?

Apple announces that some iPods contained a virus that affected only Windows machine. I have to wonder if that was meant to reinforce how Windows is easily compromised.

Graham Cluley, senior technology consultant at security firm Sophos, said: “It is most likely that some of the video iPods were plugged into a Windows PC for testing purposes at Apple’s Chinese contractor’s manufacturing plant, which is why only some of them are infected.

Meanwhile, Microsoft announces that Vista Homewon’t run in virtualizated mode. You have to wonder if Microsoft made this move to:
(1) push its own virtualization product over its competitors
(2) to stop Mac purchase by those interested in running both OSes
(3) get users to pay a premium just because they can demand it

(1) would probably invite DoJ and EU scrutiny. (2) would probably affect those who want to make the switch but are interested in Vista running as backup OS just in case. (3) is most likely the case because they think home users/students should pony up more since they are the most likely to switch. (1) will most likely be busted wide open by hackers in a week after release so (2) and (3) will be inconsequential!

Microsoft iSight

Do they see a need to copy everything?

Larry Bodine: Attorney at Flaw

Last month Law.com had a commentary from a lawyer who chronicled his experience with Apple for his office. The crux of his argument:

Because Apple controls both the hardware and the software, all applications use the same conventions. For instance, access to the Print dialog window is always in the File menu of every application, which is always the second menu from the left edge of the menu bar at the top of the screen. The same keystrokes bring up the Print dialog in all applications. So when you learn one application, you already know the basic functions in every other program.

Like Microsoft’s XP, another benefit is that everything works easily and together. Plug in a new printer, your Mac can usually find the driver automatically. Same for networking.

Of course, there’s the issue of viruses. One of the best advantages of using Apple is that you can just about forget about viruses, because there aren’t many that can penetrate Macs. And OS X, Apple’s UNIX-based operating system, does a good job locking them out.

Also like Microsoft’s XP, Apple automatically notifies me about any security update to the system software. At my election, the Mac will download and install them automatically.

Notice how he balances both sides of the argument.

This month we have a sort of rebuttal from another lawyer. I wouldn’t comment on it except for some egregious errors. Evidence #1:

Doing a simple screen capture was an immense chore. On a PC you just press Alt and tap PrtScr. With the Mac I had to download and launch special programs to accomplish this simple task.

Uh? Screen Capture (command+Shift+F3 for full screen capture or Command+Shift+F4 for select capture) comes built with every Mac and that feature has been offered with the same key strokes since Mac OS 8! Or even MacOS 7.2?

Evidence #2:

I didn’t even bother with the Mac’s iCal or Mail, which required me to buy an @mac.com address. Instead, I went straight to Outlook for Mac. A lot of the software for Mac — such as AOL for Mac OS X — was dumbed down and missing may features of the current PC versions.

Not true about the Apple Mail. No one needs a .Mac address to use Mail. I use it with Gmail – I refuse to pay for that stupid .Mac service. I have never used AOL for MacOS X so I cannot comment on that. I agree that Microsoft had not bent over backward to have same capability on the Mac as they do on the PC with Outlook. Or at least that was the way it was with Office X – the same is not true with Office 2004. Entourage works well with Exchange and other mail servers.

Evidence #3:

What drove me nuts was that I would open Word for Mac and couldn’t delete files while I was in Word. There is no File | Delete option. So the documents took up space on my hard drive, until someone told me I had to find the document in Finder and then move it into the trash from there. This seemed stupid to me; I just wanted to highlight a file and tap “delete.”

Yes, Command+Delete is more secure and prevents accidental deleting but it takes extra effort.

Evidence #4:
Word files transferred from the Mac were missing pictures. PowerPoint files transferred from the Mac would lose their formatting. PCs and Macs are not compatible, regardless of what they say.

True. Office is made by …?

Evidence #5:

Safari simply cannot read Flash. It is, quite simply, a second-rate browser.

Whaa? This is news to me and my daughter who plays Flash games online all day. Also, there are other browser options: Firefox?

Evidence #6:

I scraped along with Internet Explorer 5.0 for Mac, and then discovered in 2006 that Microsoft would no longer support the Mac version. You can’t do WSYWIG on Typepad (where many folks create their blogs), which you can on a PC.

Well, actually IE support was dropped earlier than 2006, but yes, some sites require IE 5.0. Also, don’t forget those sites which use WMP 10 DRM’ed media which cannot be played using Flip4Mac. On the other hand, most of those sites also work with that other browser: Firefox. You can do WSYIWIG all you want on Typepad using Firefox.

In closing:

I think this is the main reason Apple targets technophiles, geeks, young professionals, and students almost exclusively. it’s a given that younger people can adapt to new technology faster and do not have any built-in preferences or resistance to change. Folks who are changing platforms after decades of Windows (ab)use, switching without having the time to invest in (un)learning some simple habits things can get frustrated. But its not impossible – for pete’s sake, geriatrics in my family have switched successfully. In Larry’s case, the evidence suggests that he just wanted a Windows experience from Apple. Well counselor, that is not how it works and no “Dummies” book can help you overcome that. Case dismissed.

Brand dis-association

WSJ reports that Sony is introducing a new line of walkmans.

The new products have features that the iPod doesn’t have, such as an ability to upload music directly to the device from a CD player and a noise canceller, which erases surrounding noise, so users can better hear their music. Sony said the new Walkmans targeted consumers who found it complicating to use computers to manage their music as well as music lovers, who sought better sound quality.

Sony, which pioneered the music-player market with its Walkman portable cassette players 27 years ago, has been struggling to regain share in this area ever since it missed the transition to digital music and allowed Apple to step in with its iPod player.

Quick, what’s the first thing that comes to your mind when I say “Walkman”?
Is it this:

or this:

As I see it Sony is in a brand bind. For the most part the Walkman reminds people of cassette players not MP3 players (and Sony still brands everything from portable MP3, DVD, and cassette players as a Walkman). If they want to target younger audiences they have to spend substantial amount in re-branding. But even kids here probably associate the walkman with that portable yellow cassette player Mom and Dad sold with their old sweats and treadmill in the garage sale two weeks back.

The CD to MP3 player functionality is nice but you have to wonder how studios will react when they find users can go around and upload songs from other people’s CDs.

Big Red Target

CNN reports that WSJ reports that Target is a little peeved about the deal that Apple wants from the studios.

A Target spokeswoman told the paper that the company is trying to ensure that its business “is not put at a disadvantage.”

These reactions from Target and Wal-Mart come a few weeks after Apple Computer announced a deal with Disney to sell electronic copies of Disney movies online via Apple’s iTunes store for as little as $12.99 apiece for new titles.

Retailers like Target and Wal-Mart typically pay $17 and $18 wholesale for new-release DVDs and the retail price varies from $16 to $19.

So they sell new releases as loss-leaders? For what? Older flicks?

And then there’s a report from Ars Technica regarding Comcast’s plans for downloadable movies. And get this – Comcast will temporarily increase bandwidth to improve downloads. Strikes me as something that goes to the heart of the net neutrality problem, no?

According to one source that spoke with Gizmodo, Comcast will ensure that users get the movies as quickly as possible by uncapping the bandwidth limits in place on an account for the duration of the download. If that is indeed the case, those pesky 6Mbps bandwidth caps may disappear until customers have finished grabbing their favorite flick from Comcast’s media servers.

Ars Technica does give a valid argument for Comcast to removes caps, but its still an issue since Apple and Amazon won’t get the same deal:

Net Neutrality proponents regularly express concerns about movie downloads and other bandwidth-intensive applications getting placed into a virtual express lane on the Internet superhighway, saying that it could ultimately lead to anti-competitive abuses. If Comcast does turn to uncapped delivery, plenty of eyes will be watching, but we suspect that Comcast will tread lightly. The company already offers its own lineup of services, such as VoIP, and there’s scant evidence that they’ve prioritized their own traffic and degraded others. Besides, there’s another factor or two at work.

Most cable Internet users have experienced slowdowns at different times of the day when their neighbors are all going online. That’s the nature of the beast with cable. From a customer service point of view, Comcast can’t afford to crimp everyone else’s pipe down to 1Mbps while someone down the street downloads Jackass 2. If they do offer some sort of temporary download speed increase, Comcast will want to keep that within whatever the local maximum is for the customer so as not to adversely affect other subscribers.

I wonder how the movie studios (CinemaNow) own efforts and Comcast partners such as Starz’ Vongo will respond to this.