Domain: microsoft.com
Stories and comments across the archive that link to microsoft.com.
Comments · 34,132
-
Re:Partners...
Ummm
... http://research.microsoft.com/. -
Re:Defaults vs. Presetswell, i guess it depends on what you mean by 'preloaded'. yes, the drop down initially only contains MSN, but if you click on the 'get search providers' it'll take you to this list of alternatives which does include Google, AOL, Yahoo! and other MSN competitors.
sure, you have to use two more clicks to make Google the default, but how many other defaults can you change in 1 click or less?
-
Re:Macs have never been "immune" to viruses
Since Windows NT 3.51, desktop objects have been the security barrier for USER and GDI objects like the window objects required for a shatter attack. Each desktop has a security desciptor which makes them fully securable. Microsoft documentation clearly specifies that privileged processes shouldn't create windows on the default interactive desktop. According to the design, it is a security error to put two windows on the same desktop which belong to processes of different privilege levels, the exact situation that a shatter attack requires to work. The fact that many pieces of software choose to disregard this is not a problem with the design of Windows's security system.
Since Windows 2000, the JOB_OBJECT_UILIMIT_HANDLES job restriction can be used to put unprivileged processes into a UI sandbox on a desktop where privileged processes have windows open. Shatter attacks won't work when the malicious process can't get a handle to the target window. -
Re:Macs have never been "immune" to viruses
Since Windows NT 3.51, desktop objects have been the security barrier for USER and GDI objects like the window objects required for a shatter attack. Each desktop has a security desciptor which makes them fully securable. Microsoft documentation clearly specifies that privileged processes shouldn't create windows on the default interactive desktop. According to the design, it is a security error to put two windows on the same desktop which belong to processes of different privilege levels, the exact situation that a shatter attack requires to work. The fact that many pieces of software choose to disregard this is not a problem with the design of Windows's security system.
Since Windows 2000, the JOB_OBJECT_UILIMIT_HANDLES job restriction can be used to put unprivileged processes into a UI sandbox on a desktop where privileged processes have windows open. Shatter attacks won't work when the malicious process can't get a handle to the target window. -
Re:Macs have never been "immune" to viruses
Since Windows NT 3.51, desktop objects have been the security barrier for USER and GDI objects like the window objects required for a shatter attack. Each desktop has a security desciptor which makes them fully securable. Microsoft documentation clearly specifies that privileged processes shouldn't create windows on the default interactive desktop. According to the design, it is a security error to put two windows on the same desktop which belong to processes of different privilege levels, the exact situation that a shatter attack requires to work. The fact that many pieces of software choose to disregard this is not a problem with the design of Windows's security system.
Since Windows 2000, the JOB_OBJECT_UILIMIT_HANDLES job restriction can be used to put unprivileged processes into a UI sandbox on a desktop where privileged processes have windows open. Shatter attacks won't work when the malicious process can't get a handle to the target window. -
Re:Macs have never been "immune" to viruses
Since Windows NT 3.51, desktop objects have been the security barrier for USER and GDI objects like the window objects required for a shatter attack. Each desktop has a security desciptor which makes them fully securable. Microsoft documentation clearly specifies that privileged processes shouldn't create windows on the default interactive desktop. According to the design, it is a security error to put two windows on the same desktop which belong to processes of different privilege levels, the exact situation that a shatter attack requires to work. The fact that many pieces of software choose to disregard this is not a problem with the design of Windows's security system.
Since Windows 2000, the JOB_OBJECT_UILIMIT_HANDLES job restriction can be used to put unprivileged processes into a UI sandbox on a desktop where privileged processes have windows open. Shatter attacks won't work when the malicious process can't get a handle to the target window. -
Re:Defaults vs. Presets
Clicking on the drop-down and going to "Find More Providers..." takes you to this page, loaded with six new search providers and sixteen topic-specific search providers (e.g. Wikipedia).
When you first install Firefox, Google comes up as the search-engine choice. How is this significantly different? Google is suggesting that Microsoft should unduly burden the user with making a one-time choice on first use in lieu of choosing a reasonable default. If Google were the default choice, no such complaint of unfairness would come from them. What likely bothers them more than anything is their alphabetic arrangement with AOL, Ask.com, Lycos, MSN, and Yahoo. Google ends up in the middle of peers, rather than being treated as an exalted ruler among search engines.
There is no unfair barrier to entry here, and to make a reference to antitrust litigation is childish, at best. -
Google != Mozilla FoundationI agree with the parent post, but I'll attempt to target the real problems with the analogy a little more concretely.
The most important difference here is that Google is not a subsidiary or owned by the Mozilla Foundation whereas MSN is owned by Microsoft.
Firefox and Google are two companies that are (to my knowledge) completely independent. Firefox can choose whatever search engine they want to set to default. On top of that, you don't pay for Firefox where you kind of paid for IE7.
The author's analogy of:I notice that in my version of Firefox the search box defaults to Google, and that the pulldown menu of pre-entered options doesn't even include MSN Search, but Google seems to have been oddly quiet on that front for the many years prior to IE7 that Firefox has made this feature available."
Is, in my opinion, a poor one. A Mozilla based browser is free for almost any operating system while IE7 is free ... so long as you've purchased Windows.
To recap, Microsoft putting Microsoft as the default search engine is bad because they are using their operating system and browser market dominance to corner the search engine market. They have no right to do that. Where would we make them stop? It's kind of a slippery slope. It's fine that they've put unlimited funds toward web search and the console market--it's not fine if their forcing or even defaulting their users to themselves in other markets. -
Re:HFS+ vs. UFS vs. ZFS
flamebait??? huh? someone try to install windows media player and get the UFS warning. If you cant click on the link, there is the text from MS:
UNIX File System is not supported
Windows Media Player for Mac OS X does not support the UNIX File System (UFS). Install the Player on a Mac OS Extended (HFS+) volume only. HFS+ is the default file system format for Mac OS X.
jeez. -
Re:Unbelievable.
Well, the first question is (as I said), are you using the right box model? If not, width/padding/border will not work according to CSS rules.
http://msdn.microsoft.com/library/en-us/dnie60/htm l/cssenhancements.asp
http://css.maxdesign.com.au/listamatic/about-boxmo del.htm
If so, congrats! You've taken step 1 in dealing with IE and now width/padding/border/margin works for most cases. But it's still filled with all sorts of annoying bugs. Here's a really comprehensive list:
http://www.positioniseverything.net/explorer.html
And the W3C validator only checks for syntactical correctness and does not prove your page is rendering correctly or incorrectly. -
Plugfest?
I had no idea what Plugfest was, so I googled... MS has their own version of the event, which is free. ITSC seems to put on the one referenced in TFA, but their server is slower than most rocks. They mention that it's the "ITSC PlugFest 2006 on Linux", so I wouldn't expect MS to show in the first place.
-
Re:Gosh, it does sounds like MS.
However, what sounds most MS-like was this:
...
She disagreed that the vulnerabilities make it possible for a criminal to run code on a targeted machine.
Have you ever read the short description of a MS security patch? They quite frequently contain language similar to "A security issue has been identified that could allow an attacker to remotely compromise a computer running Microsoft® Windows® and gain complete control over it." -
Re:Cut from Firefox2, but "removed from the roadma
Maybe so, but it's pretty clear to many of us that Jim Allchin needs to be removed from the FF dev team, perhaps forced to retire early.
-
Re:That's retarded
"The 'Embrace and Extend' strategy on which Microsoft has relied since about 1998 is designed to be divisive and ultimately to support Microsoft's one interest: by hook or by crook, to land everyone on the Microsoft platform."
Don't like Microsoft's extensions? Don't use them. I've been developing software on Microsoft platforms for years and as far as I know, all Microsoft extensions are clearly labeled as such in the documentation.
For some examples, see:
- "* Denotes an extension to the W3C DOM."
- The originally sited conditional comments page lacks the "Standards Information" section that every related page contains.
- "The __try/__except and __try/__finally statements are a Microsoft extension to the C language that..."
"So feel free to act as apologist for the soulless corporate machine if you must"
Real people work at Microsoft. I'm proud to say that I am one of them. These are smart people that are doing their damnedest to produce world class software. The truth of the matter is that Microsoft routinely produces extensions that ADD VALUE to Microsoft products. I often use a variety of the MSXML extensions to the DOM because I am developing for Microsoft platforms and they SAVE ME TIME as a developer. I use the __finally construct in my C++ code because it saves me from creating dozens of trivial wrapper objects for simple memory allocations.
"That last point is the key. Why on earth would MS build an entirely new way to get one's email when secure IMAP or POP3 already exist?"Lots of reasons:
- It's web based (Why would Yahoo build its web mail? Why would Google build GMail?)
- Outlook web access also provides access to all features of exchange which include...
- calendar
- address book
- tasks
- notes
- public folders (such as email distribution list archives)
If you should be mad at anyone, be mad at those who create applications with no reguard for alternative platforms. You might argue that Microsoft is in that category, but you would be wrong. Outlook Web Access has had a "Basic" version since 1.0 that has always been compatible with alternative browsers. If you are going to build a cross-platform product, don't use Microsoft extensions. The sad truth is that since Microsoft owns the desktop market, the "soulless" 3rd-party corporate machines that produce software and web pages that only run on Microsoft's browsers and technologies do so because the small market share of other platforms does not justify testing against other platforms and more importantly, Microsoft extensions SAVE THEM MONEY in development time.
-
Re:That's retarded
"The 'Embrace and Extend' strategy on which Microsoft has relied since about 1998 is designed to be divisive and ultimately to support Microsoft's one interest: by hook or by crook, to land everyone on the Microsoft platform."
Don't like Microsoft's extensions? Don't use them. I've been developing software on Microsoft platforms for years and as far as I know, all Microsoft extensions are clearly labeled as such in the documentation.
For some examples, see:
- "* Denotes an extension to the W3C DOM."
- The originally sited conditional comments page lacks the "Standards Information" section that every related page contains.
- "The __try/__except and __try/__finally statements are a Microsoft extension to the C language that..."
"So feel free to act as apologist for the soulless corporate machine if you must"
Real people work at Microsoft. I'm proud to say that I am one of them. These are smart people that are doing their damnedest to produce world class software. The truth of the matter is that Microsoft routinely produces extensions that ADD VALUE to Microsoft products. I often use a variety of the MSXML extensions to the DOM because I am developing for Microsoft platforms and they SAVE ME TIME as a developer. I use the __finally construct in my C++ code because it saves me from creating dozens of trivial wrapper objects for simple memory allocations.
"That last point is the key. Why on earth would MS build an entirely new way to get one's email when secure IMAP or POP3 already exist?"Lots of reasons:
- It's web based (Why would Yahoo build its web mail? Why would Google build GMail?)
- Outlook web access also provides access to all features of exchange which include...
- calendar
- address book
- tasks
- notes
- public folders (such as email distribution list archives)
If you should be mad at anyone, be mad at those who create applications with no reguard for alternative platforms. You might argue that Microsoft is in that category, but you would be wrong. Outlook Web Access has had a "Basic" version since 1.0 that has always been compatible with alternative browsers. If you are going to build a cross-platform product, don't use Microsoft extensions. The sad truth is that since Microsoft owns the desktop market, the "soulless" 3rd-party corporate machines that produce software and web pages that only run on Microsoft's browsers and technologies do so because the small market share of other platforms does not justify testing against other platforms and more importantly, Microsoft extensions SAVE THEM MONEY in development time.
-
Re:That's retarded
"The 'Embrace and Extend' strategy on which Microsoft has relied since about 1998 is designed to be divisive and ultimately to support Microsoft's one interest: by hook or by crook, to land everyone on the Microsoft platform."
Don't like Microsoft's extensions? Don't use them. I've been developing software on Microsoft platforms for years and as far as I know, all Microsoft extensions are clearly labeled as such in the documentation.
For some examples, see:
- "* Denotes an extension to the W3C DOM."
- The originally sited conditional comments page lacks the "Standards Information" section that every related page contains.
- "The __try/__except and __try/__finally statements are a Microsoft extension to the C language that..."
"So feel free to act as apologist for the soulless corporate machine if you must"
Real people work at Microsoft. I'm proud to say that I am one of them. These are smart people that are doing their damnedest to produce world class software. The truth of the matter is that Microsoft routinely produces extensions that ADD VALUE to Microsoft products. I often use a variety of the MSXML extensions to the DOM because I am developing for Microsoft platforms and they SAVE ME TIME as a developer. I use the __finally construct in my C++ code because it saves me from creating dozens of trivial wrapper objects for simple memory allocations.
"That last point is the key. Why on earth would MS build an entirely new way to get one's email when secure IMAP or POP3 already exist?"Lots of reasons:
- It's web based (Why would Yahoo build its web mail? Why would Google build GMail?)
- Outlook web access also provides access to all features of exchange which include...
- calendar
- address book
- tasks
- notes
- public folders (such as email distribution list archives)
If you should be mad at anyone, be mad at those who create applications with no reguard for alternative platforms. You might argue that Microsoft is in that category, but you would be wrong. Outlook Web Access has had a "Basic" version since 1.0 that has always been compatible with alternative browsers. If you are going to build a cross-platform product, don't use Microsoft extensions. The sad truth is that since Microsoft owns the desktop market, the "soulless" 3rd-party corporate machines that produce software and web pages that only run on Microsoft's browsers and technologies do so because the small market share of other platforms does not justify testing against other platforms and more importantly, Microsoft extensions SAVE THEM MONEY in development time.
-
Re:That's retarded
"The 'Embrace and Extend' strategy on which Microsoft has relied since about 1998 is designed to be divisive and ultimately to support Microsoft's one interest: by hook or by crook, to land everyone on the Microsoft platform."
Don't like Microsoft's extensions? Don't use them. I've been developing software on Microsoft platforms for years and as far as I know, all Microsoft extensions are clearly labeled as such in the documentation.
For some examples, see:
- "* Denotes an extension to the W3C DOM."
- The originally sited conditional comments page lacks the "Standards Information" section that every related page contains.
- "The __try/__except and __try/__finally statements are a Microsoft extension to the C language that..."
"So feel free to act as apologist for the soulless corporate machine if you must"
Real people work at Microsoft. I'm proud to say that I am one of them. These are smart people that are doing their damnedest to produce world class software. The truth of the matter is that Microsoft routinely produces extensions that ADD VALUE to Microsoft products. I often use a variety of the MSXML extensions to the DOM because I am developing for Microsoft platforms and they SAVE ME TIME as a developer. I use the __finally construct in my C++ code because it saves me from creating dozens of trivial wrapper objects for simple memory allocations.
"That last point is the key. Why on earth would MS build an entirely new way to get one's email when secure IMAP or POP3 already exist?"Lots of reasons:
- It's web based (Why would Yahoo build its web mail? Why would Google build GMail?)
- Outlook web access also provides access to all features of exchange which include...
- calendar
- address book
- tasks
- notes
- public folders (such as email distribution list archives)
If you should be mad at anyone, be mad at those who create applications with no reguard for alternative platforms. You might argue that Microsoft is in that category, but you would be wrong. Outlook Web Access has had a "Basic" version since 1.0 that has always been compatible with alternative browsers. If you are going to build a cross-platform product, don't use Microsoft extensions. The sad truth is that since Microsoft owns the desktop market, the "soulless" 3rd-party corporate machines that produce software and web pages that only run on Microsoft's browsers and technologies do so because the small market share of other platforms does not justify testing against other platforms and more importantly, Microsoft extensions SAVE THEM MONEY in development time.
-
Re:Cluttering the internet?
but gooooogle.com does not. Google is at least partially responsible for this, how could they not forsee that this would happen if they indirectly encouraged it? Having to regsiter tons of domain names for all the possible combinations of mis/psuedo spellings will have you sitting there forever.
In a way, DNS should be done away with because of this. People should be able to type in "Microsoft Corporation" in the go bar, and without a third party service such as google I'm Feeling Lucky, go straight to the microsoft homepage. No ifs, ands or any other such bullshit. It's easy to claim that your micr0s0ft.com is totally different from microsoft.com, but try telling a court that Micr0s0ft corporation is not an almost complete violation of Microsoft Corporation's trademarks.
UNICODE web addresses with full text and spaces and everything. Eliminate the ".com." I don't need to have a sign saying "chipotle.com" to know that the chipotle down the street is a restraunt. Similarly, the web should have names that are chimp friendly as well.
Another idea: In addition to path, keyword paths. Instead of typing the following:
http://www.microsoft.com/office/update
The following can bring one to the same page:
Microsoft Corporation: Office Update
And comes to the mind of the non-geek much more quickly. An auto-complete function could list subcategories in real time under the typed keywords to assist users further.
That's just some rambling, but really a way to kill two or more birds with one e-stone. -
Don't determine legitimacy, just the lack thereofIf there was a FireFox extension or DNS filter service with user-tweakable lists of domain types to avoid - or parked domains, or domains possessing whatever other qualitative attribute happens to cheese someone off - that'd satisfy me. I think the AdBlock Filterset Updater extension (https://addons.mozilla.org/firefox/1136/) has the platform most suited to grow somethig like that on.
Unfortunately, the only offering I've seen on this front so far is the Typo-Patrol utility from MS... http://research.microsoft.com/Typo-Patrol/. What I really want, though, is a *server side* option to remove domains from my search results if they meet certain criteria of my choosing. Google personalized has taken a step in this direction, but it falls far short of what's needed IMHO.
-
Re:Unbelievable.I know about IE 7, but how many years will it take before it's out?
IE 7 Beta 2 went public last week: Internet Explorer 7 : Home
-
That's retarded
Why bother with scripts and such? All you need is IE's own conditional html comments.
-
Try this:
Microsoft(r) Windows(r) XP Home Edition
END-USER LICENSE AGREEMENT
IMPORTANT-READ CAREFULLY: This End-User
License Agreement ("EULA") is a legal agreement between you
(either an individual or a single legal entity) and the
manufacturer ("Manufacturer") of the computer system or computer
system component ("HARDWARE") with which you acquired the
Microsoft software product(s) identified above ("SOFTWARE"). The
SOFTWARE includes Microsoft computer software, and may include
associated media, printed materials, "online," or electronic
documentation and Internet based services. Note, however, that
any software, documentation, or web services that are included in
the SOFTWARE, or accessible via the SOFTWARE, and are
accompanied by their own license agreements or terms of use
are governed by such agreements rather than this EULA. The
terms of a printed, paper EULA, which may accompany the
SOFTWARE, supersede the terms of any on-screen EULA. This
EULA is valid and grants the end -user rights ONLY if the
SOFTWARE is genuine and a genuine Certificate of
Authenticity for the SOFTWARE is included. For more
information on identifying whether your software is genuine,
please see http://www.microsoft.com/piracy/howtotell.
By installing, copying, downloading, accessing or otherwise using
the SOFTWARE, you agree to be bound by the terms of this EULA.
If you do not agree to the terms of this EULA, you may not use or
copy the SOFTWARE, and you should promptly contact Manufacturer
for instructions on return of the unused product(s) in accordance
with Manufacturer's return policies.
SOFTWARE PRODUCT LICENSE
The term "COMPUTER" as used herein shall mean the HARDWARE, if
the HARDWARE is a single computer system, or shall mean the
computer system with which the HARDWARE operates, if the
HARDWARE is a computer system component.
1. GRANT OF LICENSE. Manufacturer grants you the following
rights, provided you comply with all of the terms and
conditions of this EULA:
* Installation and Use. Except as otherwise expressly
provided in this EULA, you may install, use, access,
display and run only one (1) copy of the SOFTWARE on
the COMPUTER. The SOFTWARE may not
be used by more than one (1) processor at any one time
on the COMPUTER, unless a higher number is indicated
on the Certificate of Authenticity. You may permit a
maximum of five (5) ("Connection Maximum") computers
or other electronic devices (each a "Device") to connect
to the COMPUTER to utilize the services of the SOFTWARE
solely for File and Print services, Internet Information
services, and remote access (including connection sharing
and telephony services). The five (5) Connection Maximum
includes any indirect connections made through
"multiplexing" or other software or hardware which pools
or aggregates connections. Except as otherwise permitted
below, you may not use the Device to use, access, display
or run the SOFTWARE, the SOFTWARE's
User Interface or other executable software residing
on the COMPUTER.
* Software as a Component of the Computer - Transfer. THIS
LICENSE MAY NOT BE SHARED,
TRANSFERRED TO OR USED CONCURRENTLY
ON DIFFERENT COMPUTERS. The SOFTWARE
is licensed with the HARDWARE as a single integrated
product and may only be used with the HARDWARE. If the
SOFTWARE is not accompanied by new HARDWARE, you may
not use the SOFTWARE. You may permanently transfer all
of your rights under this EULA only as part of a
permanent sale or transfer of the HARDWARE, provided
you retain no copies, if you transfer all of the SOFTWARE
(including -
Re:It's Too Hard!!!
the complexity associated with modern development tools is way too steep a curve for your average 14 year old to wrap their heads around
That's why interactive development tools are the way to go, and Microsoft has already realized that. When I learned programming, 15 years ago, my first programs were 1-liners, and the interpreter gave me immediate feedback. Nowadays, even "Hello World" programs are at least 20 lines long, you have to instantiate classes, and specify which resources and libraries to link. When you run the program, a console window pops up for a second and that was it. Even for simple tasks like reading input from the console you have to know a lot about your class library.
Languages like F# and OCaml are much easier to learn, since they have an interpreter (even though native compilation is possible) and are interactive, and they still allow you to dig into object oriented programming. -
Re:Why not use Exchange IMF?
Yep, another vote for IMF from my side. We have a SpamAssassin that does scanning before it comes into the Exchange system, with IMF running at the Exchange gateway - and guess what, IMF actually catches Spam that SpamAssasin misses!
Have a look at http://www.microsoft.com/technet/prodtechnol/excha nge/downloads/2003/imf/default.mspx -
Re:Some people still do it!
-
VBScript
the standard OS nowadays (Windows) does not come with a readily accessible programming language.
You mean other than JScript and VBScript, both of which run inside IE? I guess VBScript could almost be considered the descendant of the GW-BASIC that you mention.
(I would recommend Visual Basic Express, a free download for the owner of a legit copy of Microsoft Windows, but it appears that you need to be a Passport member to acquire an activation key, and Passport members need to be 18+.)
-
Re:Internationalization
In fact, Java --- and Windows --- got it so catastrophically wrong (using 16-bit values for characters, instead of 32-bit value) that it was found easier to change the Unicode specification to prohibit most characters that wouldn't fit in a 16-bit value!
Please. Both Java and Windows simply implemented Unicode. The decision to try to do every character set on the planet in 16 bits was Unicode comittee's decision, not Sun's or Microsoft's. And it's a mistake they've been able to work around.Your best bet is simply to do everything in UTF-8. It degrades nicely into ASCII, which means that all your old friends like strcpy() and strtok() will Just Work in the vast majority of cases that you'd be interested in.
So UTF-16 is uncool because it doesn't degrade gracefully for 32-bit characters, while UTF-8 is great even though it doesn't degrade gracefully for 8-bit characters? That's absurd. If all you care about is the 7-bit characters that UTF-8 supports, why not just use ASCII? And if all you care about is supporting a large body of Western users, why not just use Windows 1252? After all, it will work correctly on 90% of the computers on the planet!Every few days I get an email from libraryelf.com, reminding me of what books I have checked out from the public library. All their emails and web pages use UTF-8, which makes sense for the kind of material they're handling. However, they forgot to specify the character set in the email headers. So right now, I book I have out by Arturo Pérez-Reverte is listed as by Arturo Pérez-Reverte. So much for degrading gracefully!
When I said that the early class libraries for Java were screwed up, I wasn't talking about their choice of Unicode. I was talking about the authors of the libraries who made exactly the kind of bytes-are-characters mistakes that you're making. Whether you use UTF-8 or UTF-16, you need to get away from that.
-
Advice to smart people
-
It's Too Hard!!!
Seriously, the complexity associated with modern development tools is way too steep a curve for your average 14 year old to wrap their heads around. We're trying to address this to a certain extent with the Visual Studio 2005 Express Editions, but it's a tough problem. It's no longer as simple as getting a bare-bones BASIC interpreter built into your computer's ROM. I think there have been some cool advances in this space, though, in the recent past. Take the Kids' Programming Language, for example. It's is expressly aimed at the younger crowd. I've seen a demo of it (the guys from Morrison Schwartz who created it came by to give a talk on it last year), and I must say that I am suitably impressed their work. Check it out if you have a younger child who you want to introduce to development.
-
I don't know about spam FILTERS
But I know where you can find an Exchange-compatible spam generator
-
IMF is the answer. Free, from MS, and effective
It's free, it's part of Exchange but shipped after the product.
See: here.
I used to fool a dedicated linux box and SpamAssassin. I tested out the IMF when it came out and for the spam my users see, it beat out how our SpamAssassin was configured.
It also integrates with exchange very closely and uses the new Spam Confidence Level header stuff. -
Microsoft Exchange Hosted Filtering aka Spamshark
This is easy to use. It's outsourced to MS so they do all the maintenance work. It's called "Microsoft Exchange Hosted Filtering" aka Spamshark.
http://www.microsoft.com/exchange/services/buy.msp x
You get a 30 day free trial too:
http://www.microsoft.com/exchange/services/trial.m spx
It sends a daily e-mail (if you have any spam) to the client. And the client identifies if any are false positives. Very easy to use. $1.75/month/address if you can't broker a deal on volume pricing. So about $21/person/year + extra addresses.
What's your best option? Depends on how many users you have. But a hosted service might be the right option for you no matter who you go with.
One minior anoyance is that it did flag an address I had previously approved from a mailing list. YMMV. I don't get much spam at my corporate address from the get go, so I don't know how other people with high spam content like this system. But I do know that you don't want a false positive on that million dollar client. -
Microsoft Exchange Hosted Filtering aka Spamshark
This is easy to use. It's outsourced to MS so they do all the maintenance work. It's called "Microsoft Exchange Hosted Filtering" aka Spamshark.
http://www.microsoft.com/exchange/services/buy.msp x
You get a 30 day free trial too:
http://www.microsoft.com/exchange/services/trial.m spx
It sends a daily e-mail (if you have any spam) to the client. And the client identifies if any are false positives. Very easy to use. $1.75/month/address if you can't broker a deal on volume pricing. So about $21/person/year + extra addresses.
What's your best option? Depends on how many users you have. But a hosted service might be the right option for you no matter who you go with.
One minior anoyance is that it did flag an address I had previously approved from a mailing list. YMMV. I don't get much spam at my corporate address from the get go, so I don't know how other people with high spam content like this system. But I do know that you don't want a false positive on that million dollar client. -
Re:Vista
Actually your both correct Vista is expected to be available to business partners in November 2006 and to the majority of consumers in January 07. Although it is not stated in the specifically linked article I recall reading that the Professional version is what will be shipping in 06 where the home and media center editions will be pushed back a couple more months. (I personally feel that's so they can implement the drm 'features', that will screw up an otherwise OK windows release) Press Release
-
Re:They are already losing this war
But what could they use this time?...Standard search in IE7?
You nailed it right there. If you look at IE 7 you see they have the search box like Firefox. Instead of Firefox's default search engine being Google, IE7 defaults to MSN Search. With 85% or more of the market satisfied to stick their default browser, what percentage will take the time to change their default search engine in IE7? I don't know the answer, but I'd bet it is less than half. I don't know about you, but I always use the search box (well, actually the similar Google Toolbar) to start a search.
And I think that Google knows it, too. Right at this moment, the Google homepage shows an advertisement for Firefox right on their home page! (only visible for non-Firefox users) And Google Pack includes Firefox. Yes, Google knows that Microsoft wants to leverage their monopoly by using IE 7 to drive searches to MSN Search, and Google must do everything they can to prevent it from happening. -
Maybe they gave up the battleMicrosoft has surprised analysts by forecasting significantly higher expenses in the next fiscal year...
Or maybe they are just planning on migrating services to Linux? Where their announced expenses 5-20% higher than expected?
-
Feel free to use this.As a certified security professional (or just a decent human being), I feel a responsibility to tell the general public about things like this. It's great that the
/. crowd knows about it, but many of us are skeptical enough of emails to not fall for this, anyway (although on a bad/busy/tired day, I might have).I sent this email out to my co-workers and a large list of friends and family. I've sent similar warnings in the past, and people are generally appreciative, becuase they have NO CLUE things like this are going on (hence, the insanely profitable phishing business).
Feel free to use my email, contents below, and send to anyone/everyone you know who could use a heads-up.
[Disclaimer for the
/. folks]
1. I know there is more that people can do to keep their computers secure, but I don't have time to write a whole book, and people won't read it, anyway.
2. I know not everyone runs Windows and MS office. Facts are, most people do, and most of them don't keep them updated. The 'nix crowd is probably more informed on this stuff anyway; this email isn't for them.
3. I know some people out there aren't capable of doing anything preceded by the word "Configure" on a computer. The best we can do is let them know that something *should* be done, and hope they call someone who can help them out.
4. If someone asks you about the logic of clicking a link in an email that advises them not to click links in emails, give them a gold star and a pat on the back, because they are paying attention and are more savvy than a large portion of the population.
[/disclaimer]The people who are out to get your personal and financial information are getting more clever. They have come up with a new attack where they send you an email that instructs you to call "your bank" and enter your account number and PIN number. The catch is that the number they give you is fake, and they just collect your information through the phone. This attack was well thought out, and people are especially likely to fall for this, because they are used to entering this information when they call their banks or credit card companies.
From the article: "The spammed message warns of a problem with a bank account and instructs the recipient to dial a phone number to resolve it. The caller is connected to a voice response system that is made to sound exactly like the bank's own system. The phone system identifies itself to the target as the financial institution and prompts them to enter account number and PIN."
Since they're getting your information over the phone, there isn't much that computer or e-mail security can do to prevent this attack.
Some rules to remember:
1. Be VERY suspicious of any email that has communication regarding financial information or your bank.
2. NEVER click any links or open attachments in emails unless you are sure it came from a trusted source.
3. If you are going to call a number and give out sensitive information (such as account numbers, PIN, date of birth, etc.), verify that the number you are calling is correct, by checking an old bank statement or phone book, or even your bank/credit card company's website.Also, you can help protect yourself from other types of phishing attacks by doing the following:
1. Make sure Windows is up to date by visiting http://windowsupdate.microsoft.com/ or configuring "Automatic Updates" in your Windows Contol Panel
2. Make sure you have Antivirus software installed and make sure you keep it current (most antivirus software can be configured for automatic updates pretty easily).
3. If you have Microsoft Office, make sure it is up to date by visiting http://office.microsoft.com/officeupdateYou can read more about this attack at the following link:
-
Feel free to use this.As a certified security professional (or just a decent human being), I feel a responsibility to tell the general public about things like this. It's great that the
/. crowd knows about it, but many of us are skeptical enough of emails to not fall for this, anyway (although on a bad/busy/tired day, I might have).I sent this email out to my co-workers and a large list of friends and family. I've sent similar warnings in the past, and people are generally appreciative, becuase they have NO CLUE things like this are going on (hence, the insanely profitable phishing business).
Feel free to use my email, contents below, and send to anyone/everyone you know who could use a heads-up.
[Disclaimer for the
/. folks]
1. I know there is more that people can do to keep their computers secure, but I don't have time to write a whole book, and people won't read it, anyway.
2. I know not everyone runs Windows and MS office. Facts are, most people do, and most of them don't keep them updated. The 'nix crowd is probably more informed on this stuff anyway; this email isn't for them.
3. I know some people out there aren't capable of doing anything preceded by the word "Configure" on a computer. The best we can do is let them know that something *should* be done, and hope they call someone who can help them out.
4. If someone asks you about the logic of clicking a link in an email that advises them not to click links in emails, give them a gold star and a pat on the back, because they are paying attention and are more savvy than a large portion of the population.
[/disclaimer]The people who are out to get your personal and financial information are getting more clever. They have come up with a new attack where they send you an email that instructs you to call "your bank" and enter your account number and PIN number. The catch is that the number they give you is fake, and they just collect your information through the phone. This attack was well thought out, and people are especially likely to fall for this, because they are used to entering this information when they call their banks or credit card companies.
From the article: "The spammed message warns of a problem with a bank account and instructs the recipient to dial a phone number to resolve it. The caller is connected to a voice response system that is made to sound exactly like the bank's own system. The phone system identifies itself to the target as the financial institution and prompts them to enter account number and PIN."
Since they're getting your information over the phone, there isn't much that computer or e-mail security can do to prevent this attack.
Some rules to remember:
1. Be VERY suspicious of any email that has communication regarding financial information or your bank.
2. NEVER click any links or open attachments in emails unless you are sure it came from a trusted source.
3. If you are going to call a number and give out sensitive information (such as account numbers, PIN, date of birth, etc.), verify that the number you are calling is correct, by checking an old bank statement or phone book, or even your bank/credit card company's website.Also, you can help protect yourself from other types of phishing attacks by doing the following:
1. Make sure Windows is up to date by visiting http://windowsupdate.microsoft.com/ or configuring "Automatic Updates" in your Windows Contol Panel
2. Make sure you have Antivirus software installed and make sure you keep it current (most antivirus software can be configured for automatic updates pretty easily).
3. If you have Microsoft Office, make sure it is up to date by visiting http://office.microsoft.com/officeupdateYou can read more about this attack at the following link:
-
The Cringe of Embracing Windows
Steve wants Windows applications to run like crazy on his hybrid platform but to look like crap.
I have seen it and, well at least it does run like crazy... -
Re:Still I askWhen you get a computer with windows on it, that version is tied to that computer. Technically you are supposed to destroy your copy(s) of that Windows along with the key. Or transfer it if you are giving it to someone.
Sorry but not quite. When you purchase a copy of windows, whether with a new computer or separately, the activation process ties that copy to the hardware it is installed on. This does not stop that copy of windows from being moved to another machine.
If you significantly change your hardware or move your copy of windows to another machine you will be required to reactivate. This may involve calling Microsoft and explaining to them what changed. In the case of moving the installation to another computer (imaging, or fresh installation) the old installation will be deactivated.
All this means is that you may definitely install your legal copy of windows on each new computer that you buy and remove it from the old computer. I believe you may also transfer ownership of your copy to someone else but I do not have the EULA in front of me to verify this.
With regard to newly purchased machines: some OEMs use a Volume Licenses Keyed (VLK) version of windows. Also the EULAs on some verisions provided by OEMs state that the install is a "single-use" license. These types of installs may not be able to be transferred to another computer. Check out the FAQ for more information.
Merlin.
-
Re:Still I askWhen you get a computer with windows on it, that version is tied to that computer. Technically you are supposed to destroy your copy(s) of that Windows along with the key. Or transfer it if you are giving it to someone.
Sorry but not quite. When you purchase a copy of windows, whether with a new computer or separately, the activation process ties that copy to the hardware it is installed on. This does not stop that copy of windows from being moved to another machine.
If you significantly change your hardware or move your copy of windows to another machine you will be required to reactivate. This may involve calling Microsoft and explaining to them what changed. In the case of moving the installation to another computer (imaging, or fresh installation) the old installation will be deactivated.
All this means is that you may definitely install your legal copy of windows on each new computer that you buy and remove it from the old computer. I believe you may also transfer ownership of your copy to someone else but I do not have the EULA in front of me to verify this.
With regard to newly purchased machines: some OEMs use a Volume Licenses Keyed (VLK) version of windows. Also the EULAs on some verisions provided by OEMs state that the install is a "single-use" license. These types of installs may not be able to be transferred to another computer. Check out the FAQ for more information.
Merlin.
-
Re:Duh
Try reading about it first before spouting all this FUD.
Section 2. Overview
paragraph 7:"BitLocker also has a disaster recovery console integrated into the early boot components to provide for 'in the field' data retrieval."
and paragraph 10:"Further, in the unlikely event that system lockout occurs--perhaps through a hardware failure or as a result of a direct attack--BitLocker offers a simple, efficient recovery process. These scenarios include events such as moving the hard drive containing the operating system volume to another computer, replacing the motherboard containing the TPM, or data corruption of early boot files."
-
Re:Not only dual bootingTo be clear: a user's private keys are only lost when the user's password is forcibly changed by an admin. The normal procedure of having the user change their own password simply transfers the keys.
Ideally you'd be able to export the Encryption key for your data onto a USB stick of floppy disk.
Your wish is granted. Open certmgr.msc or add the Certificates snap-in to a mmc window. Your personal keys are located in the Personal\Certificates folder, including the one for EFS (note that there won't be an EFS cert until you actually encrypt something). In the right-click->All Tasks menu there is an Export option. Make sure that you select the option to export the private key and you will get a .pfx file that will contain the unencrypted (unless you specify a seperate passphrase for the pfx file) public and private keys that can be saved for later or transferred to other users or computers. To import a cert, right click in the empty space under the existing certs and select import.
Another way to avoid encrypted file loss is to designate a recovery agent.
See also How to back up the recovery agent Encrypting File System (EFS) private key in Windows Server 2003, in Windows 2000, and in Windows XP
To add a recovery agent for the local computer -
Re:Not only dual bootingTo be clear: a user's private keys are only lost when the user's password is forcibly changed by an admin. The normal procedure of having the user change their own password simply transfers the keys.
Ideally you'd be able to export the Encryption key for your data onto a USB stick of floppy disk.
Your wish is granted. Open certmgr.msc or add the Certificates snap-in to a mmc window. Your personal keys are located in the Personal\Certificates folder, including the one for EFS (note that there won't be an EFS cert until you actually encrypt something). In the right-click->All Tasks menu there is an Export option. Make sure that you select the option to export the private key and you will get a .pfx file that will contain the unencrypted (unless you specify a seperate passphrase for the pfx file) public and private keys that can be saved for later or transferred to other users or computers. To import a cert, right click in the empty space under the existing certs and select import.
Another way to avoid encrypted file loss is to designate a recovery agent.
See also How to back up the recovery agent Encrypting File System (EFS) private key in Windows Server 2003, in Windows 2000, and in Windows XP
To add a recovery agent for the local computer -
Re:Whatever...try thinking right
Okay, first off, the article headline is HORRIBLY misleading. BitLocker will NOT ENCRYPT THE ENTIRE DRIVE. It is required that you have a ~100MB partition in order to boot off of, which will then in turn load the needed software into RAM and *then and only then* decrypt the encrypted partition.
Read: This has nothing at all to do with dual booting. Your ability to dual boot will remain completly unchanged, period. This, however, is about your ability to share data between OSs, not your ability to boot two. Learn to write a article headline, please.
FAT32 is dead. Period, get over it, dead. No, I take that back, it still has one use: flash drives, and other forms of removable media. Other than that, IT IS DEAD. Why? Simple: security. From Windows 2000 and on, Microsoft actually put some degree of effort into security. "Some degree?" you ask? End result, due to NTFS, you can actually secure your system. Compared to FAT32 anyways, where a *guest* user can drop a virus as c:\explorer.exe, and then the next time Johnny Admin logs in, it's over. NTFS added actual security measures. ACLs. Execute bit. And, well, quite a bit more. Due to this, I can say the following without doubt that I'm right:
1) BitLocker will ONLY work with NTFS.
2) Vista will do everything they can short of threatening to eat your children to get you to install on NTFS. (Side note: http://www.theinquirer.net/?article=30128 vs. http://www.microsoft.com/technet/windowsvista/libr ary/plan/5025760b-0433-4ba1-a2f4-9338915fdb4b.mspx - Beta1 won't install on FAT32, but according to offical MS docs, it will (eventually, most likely))
3) If you're still using FAT32 as your primary OS partition, you're an idiot.
4) Due to #4, if your defense is, "my [windows] OS can't run on NTFS!", my response is still the same. Go upgrade, you're not helping anyone.
FAT32 is nice for removable media. That's about it.
(</troll>) -
Story Title FUD...
Not only will dual booting and sharing files between OSs be harder, but recovery of lost data could also be harder. If they used something standard, or at least disclosed how they were storing the data, we might have a way to recover lost data. However, if we don't know how to decrypt the data, then how are we supposed to recover the data. Will the data be lost if you have to reinstall the OS? I know windows XP deletes sensitive information if your Admin has to reset your password.
1. This "problem" only occurs with the Enterprise and Ultimate editions.
2. There is not a problem here. Bitkeeper (EFS with a name created by the marketing department) will not be enabled by default unless your company enables the policy. If your company does enable the policy, you should also create a Data Recovery Agent. This can also be done on a standalone workstation.
3. If you can't access your ENCRYPTED data from another OS or boot CD, the encryption worked. Encrypting data involves risks just as leaving your important data unencrypted involves risks. Pick your poison and move on.
4. If you do decide to encrypt your data via EFS, think first. Trust me, I made a huge mistake because I didn't understand the technology at the time.
I had a 20 GB hard drive for the OS and an 80 GB hard drive for "important data." This was four years ago, I was a college student, and legal digial music was in its infancy. I spent my savings on the 80 GB drive and acquired the music from various online sources. I had the 80 GB drive about 65% full when the RIAA started targeting universities. I thought encryption was an appropriate response since the data was "important." About a month after encrypting some contents on the drive, my 20 GB system drive died. It was still under warranty so I sent it in and got a replacement a couple weeks later. I reinstalled Windows XP Pro on the replacement drive and was looking forward to listening to the music again. To my surprise, many files were unreadable. Luckily I didn't encrypt the entire drive but just a few directories. -
Re:Dual-booting with Vista IS more difficult...
This should be really simple with bcdedit actually. Do you already have an entry (in bcdedit lingo a "data store") in bcdedit that corresponds to your XP partition? What exactly is the problem you are running into? bcdedit is actually a really powerful bootloader, IMHO.
Check out some of these google results:
http://msdn.microsoft.com/library/default.asp?url= /library/en-us/BCD/bcd/portal.asp
http://www.pro-networks.org/forum/post-580795.html &sid=9f93849fb3dad5edd85df3d19778e44f
And no your multibooting woes have nothing to do with bitlocker, that's for sure. -
Not in Vista 64
there is an Ext2/3 filesystem driver for Windows which works in XP, and may or may not be ported to Vista as well
If the author can't afford $500 per year to get a driver signed, then it won't work in Vista 64.
-
Re:Whatever...try fat32 partition
I should correct what I said a bit: BitLocker does work without the supporting hardware -- the disk manager asks for a key on startup, and uses it for software encryption of whole volumes. Again it's abstracted from the filesystem.
Here's some pertinent info.
How secure is your data? -
Mircrosofts expert reports point the same wayIn an earlier post (http://slashdot.org/comments.pl?sid=178439&cid=1
4 794487) I noted that Microsoft had produced reports (annex 3 and 4 at http://www.microsoft.com/presspass/legal/02-23-06R esponsetoECSO.mspx) from very reputable scientific institutions to the effect that the EU can't reasonably expect "standalone" documentation that would allow e.g. a Linux machine interoperable with MS server.There were 2 main replies to my post:
- one stating that in all probability the protocol wasn't so much designed as "grown"
- on stating that this is the normal industry practice for evolving software: "Rather, normal industry practice is that specifications for such a system are developed and enhanced on an ongoing basis in an iterative process through interaction with engineers skilled in the relevant art and who actually use the specifications" (source: the "Broy" report, written by Prof Broy of the Technische Universität München)
This seems to point in the same direction as the parent post, namely that Microsoft honestly doesn't have a protocol specification for its client-server communication.
The next question is of course: does this get them off the hook? Is it sufficient for them to offer licenses for source-code that allows interoperability? The answer to this question can be "yes" or "no".
(1) Assume the answer is "no", it doesn't get them off the hook. Then the implication is that a software firm with a monopoly must always expect to be required to go the extra mile and produce interface specifications for its software
... even if its rivals aren't required to do so. Do I sense an iniquity?(2) Assume the answer is "yes" it does get them off the hook. Then the implication is that any software monopolist can deny others interoperability with its systems with impunity
... all it has to do is to not document the API, so that the source code is the only avalable documentation. In other words ... kiss goodbye to any "fair competition laws" in the software field since they can be easily circumvented.Neither option seems attractive, but on balance I think that in this case option (1) is the lesser of the two evils. We need a functioning market (as protected by fair competition laws) more than we need the absence of iniquity for all players.