Slashdot Mirror

aabelro writes "Don Syme has announced the release of the F# compiler source code as a code drop under Apache 2.0. He wrote, 'The F# PowerPack now includes libraries, tools and the compiler/library source code drops. I'd like to take a moment to explain the F# team's approach to this. Firstly, the source for the F# compiler in our MSI/CTP releases has been available for some time, in the releases themselves, so in that sense there's not much new in this release. Secondly, we've always made sure we have a free download binary release of F# available, and will continue to do that, and that should still be the main way you "get" a release of F#. However, we've long discussed making compiler+library source available in a different way. After some discussion, we've decided to do this via a "code drop" model, where we make available versions of the compiler+library code logically matching each release of the F# language itself.'"

An anonymous reader writes "Over on the IE blog Microsoft's Ted Johnson writes, 'With IE9, developers have a fully-hardware accelerated display pipeline that runs from their markup to the screen. Based on their blog posts, the hardware-accelerated implementations of other browsers generally accelerate one phase or the other, but not yet both. Delivering full hardware acceleration, on by default, is an architectural undertaking. When there is a desire to run across multiple platforms, developers introduce abstraction layers and inevitably make tradeoffs which ultimately impact performance and reduce the ability of a browser to achieve 'native' performance. Getting the full value of the GPU is extremely challenging and writing to intermediate layers and libraries instead of an operating system's native support makes it even harder. Windows' DirectX long legacy of powering of the most intensive 3D games has made DirectX the highest performance GPU-based rendering system available.' Some Mozillians hit back in the comments to the IE Blog post and others have written blog posts of their own. PC Mag's Michael Muchmore seems to conclude that IE9 and Firefox 4 are more or less the same (despite the title of his article) while Chrome currently lags behind."

An anonymous reader writes "Over on the IE blog they have a rundown of IE9's hardware accelerated support for the canvas element. They write, 'With the recent release of the latest IE9 platform preview, we talked about how we're rebuilding the browser to use the power of your whole PC to browse the web, and to unlock a new class of HTML5 applications. One area that developers are especially excited about is the potential of HTML5 canvas. Like all of the graphics in IE9, canvas is hardware accelerated through Windows and the GPU. In this blog post we discuss some of the details behind canvas and the kinds of things developers can build.'"

An anonymous reader writes "Microsoft's Internet Explorer 9 development team has announced the availability of the third IE9 platform preview release on the IE blog. Dean Hachamovitch writes, 'The third Platform Preview of Internet Explorer 9, available now, continues the deep work around hardware acceleration to enable the same standards-based markup to run faster. This is the latest installment of the rhythm we started in March, delivering platform preview releases approximately every eight weeks and listening to developers. You'll see more performance, same markup, and hardware-accelerated HTML5.' The announcement focuses on cross-browser compatibility, noting that when 'developers spend less time rewriting their sites to work across browsers they have more time to create amazing experiences on the Web.' Curiously, however, the video embedded in the page works only in some browsers. Dear Microsoft, IE9 supports many royalty-free, web-compatible formats out of the box (HTML, CSS, WOFF, PNG, and the like) so why not at least one more?"

figleaf writes "Three years ago, with much fanfare, Microsoft announced it would make some of the .Net libraries open source using the Microsoft Reference License. Since then Microsoft has reneged on its promise. The reference code site is dead, the blog hasn't been updated in a year and a half, and no one from Microsoft responds to questions on the forum."

jlp2097 writes "There is a new article up on Microsoft's IEBlog explaining why IE9 will support only the H.264 codec: 'First and most important, we think it is the best available video codec today for HTML5 for our customers. Relative to alternatives, H.264 maintains strong hardware support in PCs and mobile devices as well as a breadth of implementation in consumer electronics devices around the world, excellent video quality, scale of existing usage, availability of tools and content authoring systems, and overall industry momentum – each an important factor that contributes to our point of view. H.264 also provides the best certainty and clarity with respect to legal rights from the many companies that have patents in this area.'"

aabelro writes "Dean Hachamovitch, General Manager for Internet Explorer at Microsoft, has announced that IE9 will use only the H.264 standard to play HTML 5 video. Microsoft seems to have become very committed to HTML 5, while Flash loses even more ground. The announcement came the same day Steve Jobs detailed why Apple does not accept Flash on iPhone and iPad."

Raul654 writes "OOXML is the Word document format that Microsoft rammed through the ISO last year. Last week, we discussed a blog post by Alex Brown, who was instrumental in getting OOXML approved by the ISO. Brown criticized Microsoft for reneging on its promise to support OOXML in the upcoming release of Office 2010, and for its lackadaisical approach to fixing the many bugs which still remain in the specification. Now, Doug Mahugh has responded to Brown's post, promising that Microsoft will support OOXML 'no later than the initial release of Office 15.'"

badpazzword writes "Microsoft employee Garrett Serack announces he has received the green light to work full time on CoApp, an .msi-based package management system aiming to bring a wholly native toolchain for OSS development and deployment. This will hopefully bring more open source software on Windows, which will bring OSS to more users, testers and developers. Serack is following the comments at Ars Technica, so he might also follow them here. The launchpad project is already up."

An anonymous reader writes "Over on Microsoft's IE blog they have an interesting comparison of browsers with regard to hardware accelerated page rendering. They write, 'One of our objectives with Internet Explorer 9 is taking full advantage of modern PC hardware to make the browser faster. We're excited about hardware acceleration because it fundamentally improves the performance of websites. The websites that you use every day become faster and more responsive, and developers can create new classes of web applications through standards based markup that were previously not possible. In this post, we take a closer look at how hardware acceleration improves the performance of the Flying Images sample on the IE9 test drive site. When you run Flying Images across different browsers you'll see that Internet Explorer 9 can handle hundreds of images at full speed while other browsers, including Internet Explorer 8, quickly come to a crawl.' Absent from the comparison is a nightly build of Firefox with Mozilla's forthcoming Direct2D acceleration enabled."

suraj.sun tips a report up at CNet which begins: "Browser makers, grappling with outmoded technology and a vision to rebuild the Web as a foundation for applications, have begun converging on a seemingly basic but very important element of cloud computing. That ability is called local storage, and the new mechanism is called Indexed DB. Indexed DB, proposed by Oracle and initially called WebSimpleDB, is largely just a prototype at this stage, not something Web programmers can use yet. But already it's won endorsements from Microsoft, Mozilla, and Google, and together, Internet Explorer, Firefox, and Chrome account for more than 90 percent of the usage on the Net today. 'Indexed DB is interesting to both Firefox and Microsoft, so if we get to the point where we prototype it and want to ship it, it will have very wide availability,' said Chris Blizzard, director of evangelism for Mozilla. ... Microsoft publicly endorsed Indexed DB on its IE blog: 'Together with Mozilla, we're excited about a new design for local storage called Indexed DB. We think this is a great solution for the Web,' said program manager Adrian Bateman."

root777 writes to point out a provocative blog piece by a Microsoft program manager, questioning one of the almost unquestioned tenets of open source development: that given enough eyeballs, all bugs are shallow. Are they? Shawn Hernan looks at DARPA's Sardonix experiment and the Coverity static-analysis bug discovery program in open source projects to conclude that perhaps not enough eyeballs are in evidence. Is he wrong? Why? "Most members of the periphery [those outside the core developer group] do not have the necessary debugging skills ... the vast numbers of 'eyeballs' apparently do not exist. ... [C]ode review is hardly all that makes software more secure. Getting software right is very, very difficult. ... Code review alone is not sufficient. Testing is not sufficient. Tools are not sufficient. Features are not sufficient. None of the things we do in isolation are sufficient. To get software truly correct, especially to get it secure, you have to address all phases of the software development lifecycle, and integrate security into the day-to-day activities."

VindictivePantz sends word that the Windows 7 team has posted a new blog entry discussing their conclusions about the reported Windows 7 battery failures. "To the very best of the collective ecosystem knowledge, Windows 7 is correctly warning batteries that are in fact failing and Windows 7 is neither incorrectly reporting on battery status nor in any way whatsoever causing batteries to reach this state. In every case we have been able to identify the battery being reported on was in fact in need of recommended replacement. ...every single indication we have regarding the reports we've seen are simply Windows 7 reporting the state of the battery using this new feature and we're simply seeing batteries that are not performing above the designated threshold. ... We are as certain as we can be that we have addressed the root cause and concerns of this report, but we will continue to monitor the situation."

viralMeme writes "Microsoft plans to begin phasing out Unix and Linux platform support for its FAST enterprise search products, as of its next release. According to a Thursday blog post from Microsoft Distinguished Engineer Bjørn Olstad, 'We’ve continued to sell, support, and update the Linux and UNIX versions of FAST ESP, and we’ve designed the next wave of FAST products (scheduled for release in the first half of calendar year 2010) to include a cross-platform search core that has been extended to take advantage of web services and support mixed-platform deployment models. With our 2010 products scheduled for release in a few months, we’ve just started to plan for our next wave of products. As a part of that planning process, we have decided that in order to deliver more innovation per release in the future, the 2010 products will be the last to include a search core that runs on Linux and UNIX. Many of our customers run FAST ESP on Linux and UNIX today, and we recognize that our future focus on Windows means change. To ease the transition, we’re investing in interoperability between Windows and other operating systems, reaffirming our commitment to 10 years of support for our non-Windows products, and taking concrete steps to help customers plan for the future.'"

rossendryv writes "After many years of fighting against the standard, Microsoft announced they are joining the WC3's SVG working group to help with the development of SVG. 'We recognize that vector graphics are an important component of the next-generation Web platform,' said Patrick Dengler, senior program manager on Microsoft's Internet Explorer team in a blog post."

Barence writes "Microsoft has unveiled the first details of Internet Explorer 9, promising that it will close the performance gap on rival browsers. The major newcomer is a revamped rendering engine that will tap the power of the PC's graphics card to accelerate text and graphics performance. 'We're changing IE to use the DirectX family of Windows APIs to enable many advances for web developers,' explains Internet Explorer's general manager, Dean Hachamovitch. As well as improving performance, Microsoft claims the hardware acceleration will enhance the appearance and readability of fonts on the web, with sub-pixel positioning that eradicates the jagged edges on large typefaces."

spongman writes "Microsoft's Senior Vice President, Developer Division, S. Somasegar has announced that Microsoft has acquired Teamprise from Sourcegear, LLC, and will be shipping it as part of the upcoming Visual Studio 2010 release. Teamprise is an Eclipse plugin (and related tools) for connecting to Team Foundation Server, Microsoft's source-control/project-management system. What's most interesting about this is not only that Microsoft has realized that heterogeneous development platforms are important to their developer customers, but the fact that Microsoft themselves will now be developing and shipping products based on those heterogeneous platforms, including 5 versions of Unix."

spongman writes "Microsoft's Senior Vice President, Developer Division, S. Somasegar has announced that Microsoft has acquired Teamprise from Sourcegear, LLC, and will be shipping it as part of the upcoming Visual Studio 2010 release. Teamprise is an Eclipse plugin (and related tools) for connecting to Team Foundation Server, Microsoft's source-control/project-management system. What's most interesting about this is not only that Microsoft has realized that heterogeneous development platforms are important to their developer customers, but the fact that Microsoft themselves will now be developing and shipping products based on those heterogeneous platforms, including 5 versions of Unix."

protosage writes to tell us that Microsoft Interoperability is working towards opening up Outlook's .pst format under their Open Specification Promise. This should "allow anyone to implement the .pst file format on any platform and in any tool, without concerns about patents, and without the need to contact Microsoft in any way." "In order to facilitate interoperability and enable customers and vendors to access the data in .pst files on a variety of platforms, we will be releasing documentation for the .pst file format. This will allow developers to read, create, and interoperate with the data in .pst files in server and client scenarios using the programming language and platform of their choice. The technical documentation will detail how the data is stored, along with guidance for accessing that data from other software applications. It also will highlight the structure of the .pst file, provide details like how to navigate the folder hierarchy, and explain how to access the individual data objects and properties."

Frequent contributor Bennett Haselton writes with an idea that he thinks could help keep browsing on Microsoft's browser more secure for users — and benefit Microsoft as a result. "Tests show that IE's malware filter performs well against other browsers that use the Safe Browsing blacklist from Google. But wouldn't IE's filter be even more effective if it used both filter lists at the same time? And are the political obstacles to that really so insurmountable?" Read on for the rest of a plan that seems a lot more than half-baked. Most major browsers now come with a built-in blacklist of malware-infected or phishing websites, that display a warning if the user tries to access them in the browser. Internet Explorer 8 uses Microsoft's SmartScreen filter, while Firefox, Safari and Chrome all use Google's Safe Browsing API. Recent tests from NSS Labs reported that IE's filter blocked 81% of "socially engineered malware sites" from the lab's sample, while Firefox, in second place, blocked only 27%, and other browsers trailed even further behind. When NSS Labs ran a test of the different browsers' efficiency at blocking phishing sites, IE and Firefox scored about the same, both blocking about 80% of the sites in the sample. These results left a lot of unanswered questions, such as: Why Firefox, Safari and Chrome got such different scores in both tests (since they supposedly all use the Safe Browsing blacklist), and why such a huge gap between IE's and Firefox's performance in the malware test, but such close scores for the two browsers in the phishing test (the Google Safe Browsing API page says that the database is an attempt to list both malware and phishing sites, after all).

But I had a different question: Since Google allows anybody to use the Safe Browsing API, why doesn't Internet Explorer use it as well, in conjunction with their own blacklist, so that a site will be blocked by IE if it's present on either list? This would almost certainly increase the block rate for IE (unless the set of sites blocked by Safe Browsing was entirely a subset of the sites blocked by SmartScreen, which is extremely unlikely). Google's Terms of Use for the Safe Browsing API do require parties to obtain written permission for any usage that will result in more than 10,000 users sending "regular requests" to the API, which would obviously include Internet Explorer. But Google already serves requests for all Firefox users who have the SafeBrowsing API turned on, so for them to process requests for all Internet Explorer users might require four or five times as much computing power, not orders of magnitude more. It's impossible to guess what kind of deal Microsoft and Google would make for the right to have IE do lookups on the Safe Browsing API, but if Microsoft placed a dollar value on increasing the protection for their users, and that dollar value exceeded the cost to Google of running the servers to process the additional queries, then in theory they should be able to agree on a price between those two amounts. Google might well offer to service the queries for free, just for the prestige of being able to say that the Safe Browsing database provided protection for almost all major browsers on the market.

(Microsoft's SmartScreen team declined to comment on the record about their reasons for not using the Safe Browsing list in addition to their own database. I couldn't get an official response from Google about what position they would have on Internet Explorer using the Safe Browsing list, although unofficially an employee said the team would probably be "delighted" if IE were to use it.)

It's worth underlining what a strong statement Microsoft is making by not using the Safe Browsing list. They're not just saying that their own list is better. They're saying that the Safe Browsing list is of such low quality that adding it to their own product would actually make the product worse.

This is different from, for example, what McAfee and Symantec might say about each other's anti-virus lists. Consider the set of all viruses that McAfee blocks and the set of all viruses that Symantec blocks. Let List X be the overlap — the huge swath of viruses that are blocked by both McAfee and Symantec. Then let List Y be the set of all viruses that are blocked by McAfee but not blocked by Symantec, and let list Z be the set of all viruses that are blocked by Symantec but not by McAfee. (So McAfee blocks viruses in the set X+Y, and Symantec blocks viruses in the set X+Z.) Now, representatives from McAfee and Symantec will each say that their list is the better one, which they may or may not believe. But even McAfee is not claiming that List Z — that portion of the list that is blocked by Symantec but not by McAfee — is so worthless that McAfee wouldn't incorporate it into their own product if they could get it for free. If Symantec allowed any anti-virus maker to download Symantec's anti-virus signature database, then presumably McAfee would scratch their heads a bit about why Symantec would do this, but if they cared about giving their users maximum protection, they would incorporate it into their product as well (so that McAfee would then be blocking all viruses in the set X+Y+Z, instead of just the set X+Y as they were before). But Symantec doesn't make it available for free, so McAfee doesn't have the option of using it and the issue doesn't come up. Other than each company claiming their product is the better one (which is par for the course for competitors), the two companies' positions are not contradicting each other.

But consider the analogous situation for anti-malware lists, where X is the set of all sites blocked by both IE's SmartScreen and by the Google Safe Browsing API, Y is the set of all sites blocked by SmartScreen but not by the Safe Browsing API, and Z is the set of all sites blocked by the Safe Browsing API but not by SmartScreen. When Microsoft says that they don't want to use the Safe Browsing list in addition to their own — that they would rather block just X+Y than block X+Y+Z — they're saying that they're estimating that the list Z is of such poor quality (too much risk of containing too many false positives) that it would be better not to block it at all.

In this case, Microsoft's position really is contradicting that of Google, Firefox, Safari, and others who use the Google Safe Browsing API. To achieve the best tradeoff between user safety and convenience, should the sites on List Z — the set of sites on the Safe Browsing API blacklist but not on the SmartScreen blacklist — be blocked, or not? If the answer is Yes, then IE should use the Safe Browsing API in addition to their own SmartScreen list. If the answer is No, then Google should take the URLs in the Safe Browsing API list, run them through IE using some automated script, and then remove all the URLs that weren't blocked by IE — in other words, remove all the URLs on List Z from the Safe Browsing blacklist. But I can think of no consistent set of assumptions that would lead one to recommend that both companies continue doing what they're doing now — that IE should continue not to use the Safe Browsing API, and that Google should continue publishing the Safe Browsing API without trimming URLs that aren't also blocked by IE. Microsoft is saying that the URLs on List Z should not be blocked; Google is saying that they should be.

(Note that this argument is independent of the relative weights that you assign to the benefit of blocking a genuinely malicious site, versus the cost of accidentally blocking a site which is not malicious. Different users might assign different values to these costs and benefits, and depending on what values they assign, those users would want different thresholds to be used in deciding whether to block a site or not. And Microsoft and Google have picked default thresholds that they estimate will meet the needs of the average user. But no matter what values you assign to the benefit of blocking a malicious site and the penalty for blocking a false positive, it's still the case that blocking the sites on List Z either does increases the total cost/benefit score — in which case IE should block sites on the Safe Browsing list in addition to its own — or it doesn't — in which case Google should remove sites from the Safe Browsing list that aren't blocked by SmartScreen.)

I suspect, of course, that the answer is the former — that the set of sites on List Z, those which are blocked by the Safe Browsing API but not blocked by SmartScreen, are probably approximately as likely to be malware as the rest of the sites on the list, and that it would make Internet Explorer safer if Microsoft augmented SmartScreen to use the Safe Browsing API as well. So why don't they?

The answer is probably what people have been shouting out from the back of the classroom since the first paragraph: That for political reasons, Microsoft doesn't want to be seen incorporating anything from Google into their own flagship application. It's not news that a company would prefer to promote its products over its rivals'. But this goes beyond, for example, Microsoft bundling Internet Explorer with Windows instead of Google's Chrome browser. Chrome and Internet Explorer do virtually the same thing, so it would look positively odd for Microsoft to promote IE over Chrome. But IE's SmartScreen list and Google's Safe Browsing list can be used simultaneously, providing more protection than either one by itself.

Still, Microsoft has already calculated that it would be an unwise move politically to use Google's Safe Browsing list. So I'm not trying to second-guess the calculation that they made, based on data that was available to them at the time. Rather, I think that if some publicity can increase the political benefit that they could get from using Google's Safe Browsing list in conjunction with SmartScreen (and increase the political cost of not using it), that might lead them to recalculate and make a different decision. To that end, let me raise up a banner that people can gather under if they want to:

Microsoft, we will not think any less of you if you use the Google Safe Browsing API in Internet Explorer in conjunction with the SmartScreen filter! We'll give you credit for setting aside petty rivalries and using the technology of a competitor in order to make users safer.

The IE team's blog post about the initial success of the SmartScreen filter, from March 2009, cited statistics showing 10 million malware blocks in the previous six months, and asked readers to think about those numbers in terms of their impact on real humans and the grief it saved them: "These are BIG numbers — each malicious download blocked helps prevent compromise of that user's computer." Since then, Microsoft has released new statistics showing that SmartScreen has delivered about 70 million blocks since IE8 was officially released. Of course, not every one of those blocks made the difference between infecting a machine with spyware and keeping it clean (many users wouldn't have downloaded or installed the software that the website was trying to send them), but the IE team is right to be proud anyway. However that also means that if adding Safe Browsing support to IE resulted in only a small percent increase in the filter's effectiveness, it would mean several million additional malware blocks over the same period, and cumulatively tens of millions of more in the years ahead. Isn't that worth Microsoft forming an alliance with Google, especially if doing that would make them look good?

Frequent contributor Bennett Haselton writes with an idea that he thinks could help keep browsing on Microsoft's browser more secure for users — and benefit Microsoft as a result. "Tests show that IE's malware filter performs well against other browsers that use the Safe Browsing blacklist from Google. But wouldn't IE's filter be even more effective if it used both filter lists at the same time? And are the political obstacles to that really so insurmountable?" Read on for the rest of a plan that seems a lot more than half-baked. Most major browsers now come with a built-in blacklist of malware-infected or phishing websites, that display a warning if the user tries to access them in the browser. Internet Explorer 8 uses Microsoft's SmartScreen filter, while Firefox, Safari and Chrome all use Google's Safe Browsing API. Recent tests from NSS Labs reported that IE's filter blocked 81% of "socially engineered malware sites" from the lab's sample, while Firefox, in second place, blocked only 27%, and other browsers trailed even further behind. When NSS Labs ran a test of the different browsers' efficiency at blocking phishing sites, IE and Firefox scored about the same, both blocking about 80% of the sites in the sample. These results left a lot of unanswered questions, such as: Why Firefox, Safari and Chrome got such different scores in both tests (since they supposedly all use the Safe Browsing blacklist), and why such a huge gap between IE's and Firefox's performance in the malware test, but such close scores for the two browsers in the phishing test (the Google Safe Browsing API page says that the database is an attempt to list both malware and phishing sites, after all).

But I had a different question: Since Google allows anybody to use the Safe Browsing API, why doesn't Internet Explorer use it as well, in conjunction with their own blacklist, so that a site will be blocked by IE if it's present on either list? This would almost certainly increase the block rate for IE (unless the set of sites blocked by Safe Browsing was entirely a subset of the sites blocked by SmartScreen, which is extremely unlikely). Google's Terms of Use for the Safe Browsing API do require parties to obtain written permission for any usage that will result in more than 10,000 users sending "regular requests" to the API, which would obviously include Internet Explorer. But Google already serves requests for all Firefox users who have the SafeBrowsing API turned on, so for them to process requests for all Internet Explorer users might require four or five times as much computing power, not orders of magnitude more. It's impossible to guess what kind of deal Microsoft and Google would make for the right to have IE do lookups on the Safe Browsing API, but if Microsoft placed a dollar value on increasing the protection for their users, and that dollar value exceeded the cost to Google of running the servers to process the additional queries, then in theory they should be able to agree on a price between those two amounts. Google might well offer to service the queries for free, just for the prestige of being able to say that the Safe Browsing database provided protection for almost all major browsers on the market.

(Microsoft's SmartScreen team declined to comment on the record about their reasons for not using the Safe Browsing list in addition to their own database. I couldn't get an official response from Google about what position they would have on Internet Explorer using the Safe Browsing list, although unofficially an employee said the team would probably be "delighted" if IE were to use it.)

It's worth underlining what a strong statement Microsoft is making by not using the Safe Browsing list. They're not just saying that their own list is better. They're saying that the Safe Browsing list is of such low quality that adding it to their own product would actually make the product worse.

This is different from, for example, what McAfee and Symantec might say about each other's anti-virus lists. Consider the set of all viruses that McAfee blocks and the set of all viruses that Symantec blocks. Let List X be the overlap — the huge swath of viruses that are blocked by both McAfee and Symantec. Then let List Y be the set of all viruses that are blocked by McAfee but not blocked by Symantec, and let list Z be the set of all viruses that are blocked by Symantec but not by McAfee. (So McAfee blocks viruses in the set X+Y, and Symantec blocks viruses in the set X+Z.) Now, representatives from McAfee and Symantec will each say that their list is the better one, which they may or may not believe. But even McAfee is not claiming that List Z — that portion of the list that is blocked by Symantec but not by McAfee — is so worthless that McAfee wouldn't incorporate it into their own product if they could get it for free. If Symantec allowed any anti-virus maker to download Symantec's anti-virus signature database, then presumably McAfee would scratch their heads a bit about why Symantec would do this, but if they cared about giving their users maximum protection, they would incorporate it into their product as well (so that McAfee would then be blocking all viruses in the set X+Y+Z, instead of just the set X+Y as they were before). But Symantec doesn't make it available for free, so McAfee doesn't have the option of using it and the issue doesn't come up. Other than each company claiming their product is the better one (which is par for the course for competitors), the two companies' positions are not contradicting each other.

But consider the analogous situation for anti-malware lists, where X is the set of all sites blocked by both IE's SmartScreen and by the Google Safe Browsing API, Y is the set of all sites blocked by SmartScreen but not by the Safe Browsing API, and Z is the set of all sites blocked by the Safe Browsing API but not by SmartScreen. When Microsoft says that they don't want to use the Safe Browsing list in addition to their own — that they would rather block just X+Y than block X+Y+Z — they're saying that they're estimating that the list Z is of such poor quality (too much risk of containing too many false positives) that it would be better not to block it at all.

In this case, Microsoft's position really is contradicting that of Google, Firefox, Safari, and others who use the Google Safe Browsing API. To achieve the best tradeoff between user safety and convenience, should the sites on List Z — the set of sites on the Safe Browsing API blacklist but not on the SmartScreen blacklist — be blocked, or not? If the answer is Yes, then IE should use the Safe Browsing API in addition to their own SmartScreen list. If the answer is No, then Google should take the URLs in the Safe Browsing API list, run them through IE using some automated script, and then remove all the URLs that weren't blocked by IE — in other words, remove all the URLs on List Z from the Safe Browsing blacklist. But I can think of no consistent set of assumptions that would lead one to recommend that both companies continue doing what they're doing now — that IE should continue not to use the Safe Browsing API, and that Google should continue publishing the Safe Browsing API without trimming URLs that aren't also blocked by IE. Microsoft is saying that the URLs on List Z should not be blocked; Google is saying that they should be.

(Note that this argument is independent of the relative weights that you assign to the benefit of blocking a genuinely malicious site, versus the cost of accidentally blocking a site which is not malicious. Different users might assign different values to these costs and benefits, and depending on what values they assign, those users would want different thresholds to be used in deciding whether to block a site or not. And Microsoft and Google have picked default thresholds that they estimate will meet the needs of the average user. But no matter what values you assign to the benefit of blocking a malicious site and the penalty for blocking a false positive, it's still the case that blocking the sites on List Z either does increases the total cost/benefit score — in which case IE should block sites on the Safe Browsing list in addition to its own — or it doesn't — in which case Google should remove sites from the Safe Browsing list that aren't blocked by SmartScreen.)

I suspect, of course, that the answer is the former — that the set of sites on List Z, those which are blocked by the Safe Browsing API but not blocked by SmartScreen, are probably approximately as likely to be malware as the rest of the sites on the list, and that it would make Internet Explorer safer if Microsoft augmented SmartScreen to use the Safe Browsing API as well. So why don't they?

The answer is probably what people have been shouting out from the back of the classroom since the first paragraph: That for political reasons, Microsoft doesn't want to be seen incorporating anything from Google into their own flagship application. It's not news that a company would prefer to promote its products over its rivals'. But this goes beyond, for example, Microsoft bundling Internet Explorer with Windows instead of Google's Chrome browser. Chrome and Internet Explorer do virtually the same thing, so it would look positively odd for Microsoft to promote IE over Chrome. But IE's SmartScreen list and Google's Safe Browsing list can be used simultaneously, providing more protection than either one by itself.

Still, Microsoft has already calculated that it would be an unwise move politically to use Google's Safe Browsing list. So I'm not trying to second-guess the calculation that they made, based on data that was available to them at the time. Rather, I think that if some publicity can increase the political benefit that they could get from using Google's Safe Browsing list in conjunction with SmartScreen (and increase the political cost of not using it), that might lead them to recalculate and make a different decision. To that end, let me raise up a banner that people can gather under if they want to:

Microsoft, we will not think any less of you if you use the Google Safe Browsing API in Internet Explorer in conjunction with the SmartScreen filter! We'll give you credit for setting aside petty rivalries and using the technology of a competitor in order to make users safer.

The IE team's blog post about the initial success of the SmartScreen filter, from March 2009, cited statistics showing 10 million malware blocks in the previous six months, and asked readers to think about those numbers in terms of their impact on real humans and the grief it saved them: "These are BIG numbers — each malicious download blocked helps prevent compromise of that user's computer." Since then, Microsoft has released new statistics showing that SmartScreen has delivered about 70 million blocks since IE8 was officially released. Of course, not every one of those blocks made the difference between infecting a machine with spyware and keeping it clean (many users wouldn't have downloaded or installed the software that the website was trying to send them), but the IE team is right to be proud anyway. However that also means that if adding Safe Browsing support to IE resulted in only a small percent increase in the filter's effectiveness, it would mean several million additional malware blocks over the same period, and cumulatively tens of millions of more in the years ahead. Isn't that worth Microsoft forming an alliance with Google, especially if doing that would make them look good?

Glyn Moody writes "Microsoft is at it again: trying to redefine what 'open' means. This time it wants open standards to be 'balanced' — for them to include patent-encumbered technologies under RAND (reasonable and non-discriminatory) terms. Which just happens to be incompatible with free software licensed under the GNU GPL."

JacobSteelsmith writes "Microsoft is attempting to re-brand its Live Search, also known as Kumo. Bing, as it's known, is another attempt by Microsoft to lure consumers away from Internet search leaders such as Google. Microsoft has posted a quarterly loss in its online advertising business, compared to Google's sales, $4.7 billion in the first quarter. According to the Live Search blog, Bing goes 'beyond the traditional search engines to help you make faster, more informed decisions' by combining a 'great search engine' with organized results. It also adds unique tools to help the user make important decisions. It is being touted as a 'decision engine.'"

Binestar was one of several readers writing in to note that Microsoft is listing IE8 as a critical update to Windows XP. CNet reported a couple of weeks back that Microsoft would be rolling our IE8 to users in a gradual fashion, and requiring an opt-in before installing it. Opinion has been split as to whether IE8 is worth installing or not. Binestar notes delicately, "For those not interested in upgrading to IE8 at this time, the MSDN released information back in January on how to keep IE8 off your machine."

Barence writes "Microsoft is imploring millions of Windows 7 beta testers to perform a clean install of the forthcoming Release Candidate, rather than upgrade from the beta. 'The reality is that upgrading from one pre-release build to another is not a scenario we want to focus on because it is not something real-world customers will experience,' the company claims on the Engineering Windows 7 blog. Those who attempt to install the Release Candidate over the beta will find their path blocked." I've read complaints that reviews of new Linux distros often focus too much on the installation process; Microsoft seems to understand that complications at installation time (dual booting? preserving an existing data partition?) can sour one's experience pretty thoroughly.

bonch writes "Windows 95 almost shipped with a technique for detecting whether a floppy disk was inserted without spinning up the drive. Microsoft's floppy driver developer discovered a sequence of commands that detected a disk without spinup — unfortunately, unspecified behavior in the floppy hardware specification meant that half the drives worked one way and half the other, each giving opposite results for the detection routine. Microsoft considered a dialog prompting the user to insert a disk to 'train' the routine, but the idea was scrapped."

Z80xxc! writes "Microsoft recently announced a new product called Expression Web SuperPreview, which lets developers view their web pages in any browser installed on their system, as well as in different versions of IE, all from the same interface. The product has one genuine innovation — a built-in tool for overlaying the rendering from one browser over another to compare (referred to as 'onion skins'). There are also HTML debugging aids and other helpful tools for web developers. A beta version is available for download. However, the current build only has support for IE — it will compare rendering in IE6 with either IE7 or IE8, whichever is installed. An internal build shows Firefox and Safari on Windows as well. The final product will appear as part of MS Expression Web Studio 3 when it is released later this year. (It will not be available in the Expression Mac suite.)"

nandemoari writes "Microsoft has revealed more about Windows 7 and its support for touch screen technology. The system sounds impressive, however, reports suggest it appears to have a high error rate. In an early version of the system, Microsoft found some problems. For example, both the zoom and rotate functions worked less than 75% of the time, often because the computer confused the two. To rectify this, engineers redesigned the system so that it only looks out for gestures specifically relevant to the program being used. This made a significant improvement: the zoom gesture was now recognized 90% of the time. The problem is that even a 90% success rate may be too low. If you can imagine how frustrating it would be if one in ten keystrokes or mouse movements didn't do what you intended, you can see why touch screen technology will need to be even more reliable if it's to truly improve the user experience. PC Authority has a related story about statements from HP, who don't expect such technology to replace keyboards and mice any time soon."

thefickler writes "Microsoft is opposing an industry plan, the Open Cloud Manifesto, to promote cloud computing interoperability. Officially, Microsoft says the plan is unnecessarily secretive and that cloud computing is still in an early stage of development, but there are allegations that Microsoft feels threatened by the plan because it could boost Linux-based systems. The goal of the group behind the manifesto, the Cloud Computing Interoperability Forum (CCIF), is to minimize the barriers between different technologies used in cloud computing. And this is where the problem seems to lie, with the group stating that 'whenever possible the CCIF will emphasize the use of open, patent-free and/or vendor-neutral technical solutions.' Some speculate that Microsoft is actually worried that this will allow open source systems, such as Linux, to flourish, at the expense of Microsoft technology." Amazon is also declining to support the plan, saying, "the best way to illustrate openness and customer flexibility is by what you actually provide and deliver for them." Reader smack.addict contributes a link to an O'Reilly piece asking what openness really means for cloud computing.

An anonymous reader writes "Microsoft, inspired perhaps by the ease of selecting and installing iPhone apps, has taken a similar approach to gather back market share of its IIS web server in a predominantly Apache/PHP market. 10 open source CMS, gallery, wiki, and blog tools were chosen to populate the eco-system, dubbed Web App Gallery. Developers must agree to principles and can now submit their PHP or .NET application for inclusion. Once an application is in the gallery, Windows users use Microsoft Web Platform Installer, released in a keynote at MIX this week, which inspects the the local system, and installs and configures dependencies like the IIS webserver, PHP, URL re-writers, and file permissions. Screenshots show this to be quite easy for the typical computer user. This could provide some real competition for WAMP and Linux shell install processes."

Kelson writes "As the release of Internet Explorer 8 approaches, Microsoft's IE Team has published a list of differences between IE7 and IE8, and how to fix code so that it will work on both. Most of the page focuses on IE8 Standards mode, but it also turns out that IE7 compatibility mode isn't quite the same as IE7 itself."

CWmike writes "Microsoft has confirmed that users will be able to remove its IE8 browser, as well as several other integrated applications, from Windows 7. Jack Mayo, a group program manager on the Windows team, listed in a blog post the applications that can be switched off. They include Internet Explorer 8, Fax and Scan, handwriting recognition, Windows DVD Maker, Windows Gadget Platform, Windows Media Player, Windows Media Center, Windows Search, and XPS Viewer and Services. He explained that the files associated with those applications and features are not actually deleted from the hard drive. The public beta of Windows 7 does not include the ability to 'kill' said apps. But a pirated copy of Windows 7 Build 7048 includes the new removal options, and has been leaked on the Internet." (We mentioned the reported ability to turn off IE8 yesterday as well.)

Barence writes "Microsoft has unveiled a slew of new features that will appear in the Release Candidate of Windows 7 that didn't make an appearance in the beta. 'We've been quite busy for the past two months or so working through all the feedback we've received on Windows 7,' explains Steven Sinofsky, lead engineer for Windows 7 in his blog. A majority of these features are user interface tweaks, but they should add up to a much smoother Windows 7 experience." In separate news, Technologizer reports on Microsoft's contingency plan, should things not go well in EU antitrust, to slip Win7 to January.

nandemoari writes "Windows 7 beta testers are disputing whether or not Microsoft is taking notice of their feedback. The dispute follows a blog post by Steven Sinofsky, the man in charge of engineering Windows 7. He notes that in one week in January Microsoft received data through Windows 7's automatic feedback system every 15 seconds. According to Sinofsky, it's impossible to keep everyone happy. That's partly because there are only so many changes Microsoft can make to the system and still finish it, and partly because in many cases testers often have opposing views about a feature."

CWmike writes "Reacting to intense criticism of an important security feature in Windows 7 (which we discussed a few days back), Microsoft today said it will change the behavior of User Account Control in Windows 7's release candidate. In a blog post, two Microsoft executives responsible for Windows development, John DeVaan and Steven Sinofsky, said 'We are going to deliver two changes to the Release Candidate that we'll all see. First, the UAC control panel will run in a high integrity process, which requires elevation. Second, changing the level of the UAC will also prompt for confirmation.' They said the changes were prompted by feedback from users, including comments on an earlier post Thursday by DeVaan in which he defended the modifications Microsoft made to UAC in Windows 7."

b8fait writes "The head of Microsoft Corp.'s Windows development confirmed that Windows 7 will take the unusual path of moving straight from a single beta, which was launched earlier this month, to a release candidate. Sinofsky fleshed out the plan today and hinted that just as there would be no Beta 2, the company would also not provide a RC2 build. In other words, there may be only one released build of Windows 7 before it ships, possibly much sooner than even some of the most aggressive rumors about Windows 7. How much different can Windows 7 really be with such a shortened beta cycle?"

meist3r writes "On his Government blog, Microsoft's Ian McKenzie announced today that the Royal Navy was ahead of schedule for switching their nuclear submarines to a customized Microsoft Windows solution dubbed 'Submarine Command System Next Generation (SMCS NG)' which apparently consists of Windows 2000 network servers and XP workstations. In the article, it is claimed that this decision will save UK taxpayers £22m over the next ten years. The installation of the new system apparently took just 18 days on the HMS Vigilant. According to the BAE Systems press release from 2005, the overall cost of the rollout was £24.5m for all eleven nuclear submarines of the Vanguard, Trafalgar and Swiftsure classes. Talk about staying with the sinking ship."

Ponca City, We love you writes "Two mobile applications, NMobile and Trapster, are providing drivers with up-to-date maps of speed-enforcement zones with live police traps, speed cameras or red-light cameras. Each application pulls up a map pinpointing the locations of speed traps within driving distance and an audio alert will sound as vehicles approach an area tagged as harboring a speed trap. Both applications rely on the wisdom of the crowds for their data with users reporting camera-rigged stop lights and areas heavily populated with radar-toting police officers via the iPhone or their web-based application, creating the ultimate speed trap repository available to you when you need it most — while you're driving. To thwart false alarms and eliminate inaccuracies, Trapster enlists its community of nearly 200,000 members to rank speed traps on their accuracy. NMobile founder Shannon Atkinson declined to provide detailed data, though he did estimate that 'well over 1,000' users had downloaded the application since it became available last week. The company insists they've received only positive feedback from law enforcement officials and police officers regarding their products. 'If the application gets people to slow down, I think it's generally considered to be a good thing,' said Atkinson."

Barence writes "Microsoft has confirmed that Internet Explorer 8 will not be officially released until 2009. According to a blog posting on the Internet Explorer 8 development site, a release candidate of the browser will be released in the first quarter of next year, to be followed by a final release at an unspecified date. This news comes on the same day that Google is considering bundling its Chrome browser with new PCs. Will the IE delay and Google's tactics help to steer users in Chrome's direction?"

BigPoppaT writes "Eric Brechner writes a best practices blog called Hard Code for Microsoft under the name I.M. Wright. His most recent post sounds like an endorsement of open source development (and does end with a call for Microsoft developers to participate in the shared source community). But even better is his advice regarding patents: 'When using existing libraries, services, tools, and methods from outside Microsoft, we must be respectful of licenses, copyrights, and patents. Generally, you want to carefully research licenses and copyrights (your contact in Legal and Corporate Affairs can help), and never search, view, or speculate about patents. I was confused by this guidance till I wrote and reviewed one of my own patents. The legal claims section--the only section that counts--was indecipherable by anyone but a patent attorney. Ignorance is bliss and strongly recommended when it comes to patents.' Interesting advice from inside Microsoft. I wonder if Ballmer would agree that ignorance should be 'strongly recommended when it comes to patents'?"

BigPoppaT writes "Eric Brechner writes a best practices blog called Hard Code for Microsoft under the name I.M. Wright. His most recent post sounds like an endorsement of open source development (and does end with a call for Microsoft developers to participate in the shared source community). But even better is his advice regarding patents: 'When using existing libraries, services, tools, and methods from outside Microsoft, we must be respectful of licenses, copyrights, and patents. Generally, you want to carefully research licenses and copyrights (your contact in Legal and Corporate Affairs can help), and never search, view, or speculate about patents. I was confused by this guidance till I wrote and reviewed one of my own patents. The legal claims section--the only section that counts--was indecipherable by anyone but a patent attorney. Ignorance is bliss and strongly recommended when it comes to patents.' Interesting advice from inside Microsoft. I wonder if Ballmer would agree that ignorance should be 'strongly recommended when it comes to patents'?"

BigPoppaT writes "Eric Brechner writes a best practices blog called Hard Code for Microsoft under the name I.M. Wright. His most recent post sounds like an endorsement of open source development (and does end with a call for Microsoft developers to participate in the shared source community). But even better is his advice regarding patents: 'When using existing libraries, services, tools, and methods from outside Microsoft, we must be respectful of licenses, copyrights, and patents. Generally, you want to carefully research licenses and copyrights (your contact in Legal and Corporate Affairs can help), and never search, view, or speculate about patents. I was confused by this guidance till I wrote and reviewed one of my own patents. The legal claims section--the only section that counts--was indecipherable by anyone but a patent attorney. Ignorance is bliss and strongly recommended when it comes to patents.' Interesting advice from inside Microsoft. I wonder if Ballmer would agree that ignorance should be 'strongly recommended when it comes to patents'?"

unassimilatible writes "As new features of Windows 7 continue to trickle out, ZDNet is now reporting that it will scale to 256 processors. While one has to wonder, like with Vista, how many of the teased features will actually make it into the final OS, I think we can all agree, 256 cores is enough for anybody." This Mark Russinovich interview has some technical details (Silverlight required).

JagsLive sends in a Washington Post blog post reflecting on one privacy-enhancing feature of the upcoming Internet Explorer 8, the so-called "InPrivate Blocking" that has privacy advocates quietly cheering, and advertisers seriously worrying. Here is Microsoft's description of the feature. From the Post: "The advertising industry is bracing for trouble from the next version of Microsoft's Internet Explorer, details of which were announced today, because it will offer a feature that blocks some ads and other content from third-parties that shows up on Web pages. A Microsoft spokesman said that the feature, to be known as 'InPrivate Blocking,' was never designed to be an ad blocker, though 'there may be ads that get blocked.' Instead, it was designed to stop tracking 'pixels' or pieces of code that could allow third-party sites to track users as they move around the Web."

Spy Hunter writes "Photosynth has graduated from a 'tech preview' to a complete service. Now you can upload your own photos and have them automatically transformed into a 'synth': a 3D fly-through reconstruction of your home, your vacation, or anything else you can take pictures of. Learn more about Photosynth at the official blog, see what Walt Mossberg has to say about it, or just go try it out right now." According to Mossberg, Photosynth works on PCs using IE or Firefox, but not yet on Macs. We've been discussing Photosynth since its introduction.

Chris_Keene writes "The Live Search blog announces that the Live.com Book and Academic Search are to close. Book search in particular has had quite a bit of coverage, and often seemed like a race with Google. The Live blog says 'we are winding down our digitization initiatives, including our library scanning and our in-copyright book programs. We recognize that this decision comes as disappointing news to our partners, the publishing and academic communities, and Live Search users [...] this past Wednesday we announced our strategy to focus on verticals with high commercial intent, such as travel, and offer users cash back on their purchases from our advertisers.'"

Tumbleweed writes "The Cross Platform and Interop team at Microsoft today announced some new beta products for managing Unix/Linux systems from MS Operations Manager 2007, as well as connectors for HP OpenView and IBM Tivoli Enterprise Console. Both betas are available at Microsoft Connect (search for systemcenter), according the blog."

thevirtualcat found some inconsistencies in IE8's Acid2 results that made him wonder what's going on. Can anyone replicate these results or, better yet, explain them?
Update: 03/22 23:54 GMT by KD : Several readers pointed out this has to do with cross-site scripting prevention, as described here.

A number of readers wrote in to make sure we know about Microsoft's change of heart regarding IE8. The new version of the dominant browser will render in full standards mode by default. Developers wishing to use quirks mode for IE6- and IE7-compatible rendering will have to opt in explicitly. We've previously discussed IE8's render mode a few times. Perhaps Opera's complaint to the EU or the EU's record antitrust fine had something to do with Redmond's about-face.

Frequent Slashdot contributor Bennett Haselton adds his experience to the litany of woes with Microsoft Vista. Unlike most commentators who have a beef with the operating system, Bennett does a bit of surveying to bolster his points. Read his account by clicking on the magic link.

My brand-new-out-of-the-box Windows Vista machine could not access www.facebook.com. A nearby XP machine could, but the Vista machine couldn't. I went back to Circuit City to try out the other Vista demo machines, and they could access other sites but not Facebook, either. And that honeymoon feeling that you get when you buy a new computer and expect it to solve all your problems, was over for me. Having built my latest career on helping people access Facebook where they were blocked from it, by some cosmic joke was Vista now blocking me from getting to Facebook on my own machine?

I know, another article bashing Vista, what could be more banal. (Kids! That word, meaning "trite" or "unoriginal", is pronounced "ba-NAHL". If you say it the wrong way like I did in an interview, it sounds naughty and you sound stupid.) But in my own random survey of 30 Vista users on Amazon's Mechanical Turk service (a handy way to check these things), three quarters (23) said the only reason they were using Vista was that the PC store they went to didn't sell XP machines any more, and about half of all respondents (14) said that they would go back to Windows XP if they could. So I don't want to get a bunch of e-mails with Ron Paul links in the signature saying "Nobody has to use Vista if they don't want to!" (I'm aware that a survey of 30 people is too small to be scientific, but it's enough to get a ballpark figure for about $5 on Mechanical Turk.) Besides, the more people write testimonials to what they found frustrating about Vista, the more likely it is that some future version will keep what is good about the new OS, while providing a less frustrating interface (suggested name: "Vista 98").

It turns out the Facebook issue was not really Microsoft's fault -- www.facebook.com had a broken IPv6 record, and Vista defaults to using IPv6 where XP used IPv4, so that's why the host wasn't working. (In case you run into this with any other Web sites on Vista, I fixed the problem by disabling IPv6 in network settings and rebooting.) But it was one more example of something that used to work pre-Vista and then stopped working, and every case like that adds up to the overall frustration of switching to a new system, regardless of whose fault it is.

I hasten to add that I am not some partisan Microsoft basher. I like XP just fine, never more than when I went back to it after a few days on Vista, and I still think for that matter that Vista would be easier to switch to than Linux. Having been involved for years with free speech activism, I run into a lot of people in the same circles who are strong Linux advocates, apparently because the concept of "freedom of speech" is closely aligned with "making every file search as simple and stress-free as a Hamas hostage negotiation". So every year or two I'll try out the latest version of some Linux distro to see how long it would take to get used to it. In 2005, full of optimism, I cheerfully booted up the latest version of Shrike, then tried to find a directory and discovered I could not right-click on the hard drive root dir and specify the name of a directory I wanted to search for (that only worked for files, not directories). I posted a query to a Linux newsgroup, and a respondent told me that the solution was to open a command prompt and type "man find", which I am aware is a polite way of saying "screw you, newbie", but which I dutifully followed anyway and got an output screen of which the first paragraph was:

find searches the directory tree rooted at each given file name by evaluating the given expression from left to right, according to the rules of precedence (see section OPERATORS), until the outcome is known (the left hand side is false for and operations, true for or), at which point find moves on to the next file name.

and that was all my Linux for that year. Maybe I'm overdue to try it again. (Microsoft gives away their Virtual PC program that makes it easy to try other operating systems; I think it's a ploy to make us appreciate Windows more.) Now, I love the concept of a freely-distributable, freely-modifiable operating system, and I've recommended Linux to people when you need it to do something cool that Windows can't do, like bypassing Windows security by booting a PC from a CD. And it's done a lot of good for organizations like the One Laptop Per Child program, which can keep their costs down by using a free operating system. But to this day I've never heard an answer to one question: Since even Linux advocates admit that it's harder to use, what can you do with Linux that you can't do with Windows, to make it worth switching over to? If I was nervous about Vista because some of the interface had changed and some of my old programs no longer worked, it wasn't helpful to tell me to switch to a system where all of the interface would change and none of my old programs would work.

So, I wanted to like Vista. I knew that eventually everyone would have to upgrade anyway, so, not wanting to be left behind, I wanted to switch to Vista because of the same factor that spammers use to get your attention: "Other guys are improving themselves, why aren't you?" But there were some things I ran into almost immediately:

• Windows Explorer and Internet Explorer no longer have the "File / Edit / View" menu bars across the top of the window. Was this a big problem under XP? When the menus gave quick, two-click access to most actions that you could take within the application, was there a grassroots movement to have them removed? I did eventually find that you can hit the "Alt" key to bring the menus back, but why put people through that frustration? The most annoying feeling while using a computer is being yanked out of thinking about what you're doing with the computer to having to concentrate on how to use it.

  Perhaps the idea was to steer users towards using the buttons on the toolbar, but there aren't enough buttons to cover all the options located under the menus. If the UI designers wanted to steer users gently towards using the buttons, my suggestion would have been: Whenever the user picks something under a menu that corresponds to something accessible from the toolbar, display a dialog box which says for example, "In the future, you can print faster by clicking the printer button on the toolbar", along with a picture (and a "Do not show this message again" checkbox -- important!).

• Windows Explorer also did away with the "Up" button that lets you browse from the current directory to the higher-level directory. Again, probably not in response to a groundswell of users demanding for that button to be removed, when it took up about one square centimeter of screen space. Supposedly Windows Explorer makes up for this by displaying the entire path to the current directory in the address bar, so that if the path is "C:\Financial Records\Chris Pirillo\ Pectoral Real Estate\", you can click on "Chris Pirillo" to go one directory higher. The trouble is that I frequently give my directories extremely long and descriptive names like (this is a real example) "Flash-Player-8.5.0.246-beta2.downloaded-2006-03-20-from-labs.macromedia.com" so that I can keep track of where and when I got each piece of downloaded software, in case I ever need to go back to a previous version that the software maker no longer makes available because they're trying to steer me away from it (ironically, "Vista syndrome"). With a directory that has a long name like that, the higher-level directories aren't visible in the address bar, so I had to locate it manually in the left-hand tree view panel. OK, knock off the violins, the point is that I didn't have to do that in XP.
• I have an older monitor, so I wanted to turn ClearType off. The IE7 help file describes how to do this in IE, but that didn't work for me no matter how many times I tried, and my eyes were aching by the time I found out that in Vista it's a default system-wide setting that overrides IE's setting until you change the system-wide one. I would have suggested putting one line in the IE7 help file: "Note: if your operating system such as Windows Vista is set to use ClearType system-wide, you must disable this as well to disable ClearType in IE."
• Virtual PC, which worked on all versions of Windows XP, is not supported on Vista Home Premium. I need Virtual PC (for reasons other than Linux-bashing), so this was a deal-breaker.
• Telnet no longer installed by default. Even though I use a different telnet program for regular use, telnet.exe was handy to test whether a remote machine was reachable on a given port. (For example, in a command prompt, type "telnet www.yahoo.com 80" and when the command prompt screen goes blank, that means the machine www.yahoo.com is accepting responses on port 80, the standard port for Web traffic. Try connecting to port 81 instead, and you get no response on that port. This can be useful when diagnosing problems with Web servers and other programs.) Even though it's not hard to get telnet back, why would they go to the trouble of removing it?
• The aforementioned Facebook problem. This seemed so startling at the time that I almost stopped everything to write an article just about that, musing on Microsoft having so much power that all PC stores were now exclusively stocking computers running an OS that, at the time anyway, couldn't access Facebook. But then I asked another bunch of users on Mechanical Turk, and all respondents using Vista said they could access Facebook after all. Of course, this wasn't a random sample, since users who bought Vista and couldn't access Facebook, probably would have returned their machines a long time ago, but I'm still not sure what caused it to work on some machines and not others -- all I know is that Facebook was inaccessible until I disabled IPv6.
  
  I know Facebook is reading these articles, since in November I wrote about how you could circumvent Facebook's system of verifying that users were real high school students, by doing the following: "(1) create a profile of a non-overweight girl and sign up as a member of a high school network, pending confirmation; (2) search for several boys in that network and send them friend requests; and (3) wait for at least one of them to confirm you back". Shortly afterwards, Facebook changed the verification system, so that now, if you're confirming someone who is a pending member of a high school network but no one else has confirmed them yet, Facebook warns you, "Only check this box if you're absolutely sure that you know this person." So, whichever of Mark Zuckerberg's friends is reading my articles: Clever idea, and, keep the IPv6 records working.

That was as far as I got before I stopped trying to get used to Vista and started taking notes for this article (working title: "Vist Vucked"). From the Mechanical Turk users who responded to my survey, the other most common reported problems were: software compatibility, hardware compatibility, difficulty with the UI, and running too slowly. Presumably the first two problems will improve over time, but the UI will always be hard to switch to as long as users can't find functions that were easy locatable in the old interface, and if it runs slower than XP, that will always be a factor no matter how fast your computer is. (However fast it runs Vista, you'd always be able to make it run even faster with XP instead!)

The best things I've heard about Vista have been that (a) it is the most secure Windows ever (which Dave Barry says is like calling asparagus the "most articulate vegetable ever"), and (b) it features better multimedia integration. To which my responses were: (a) the number of incomprehensible warnings that Vista flashes at a user whenever they look at the computer funny, does not make it more secure, because users will condition themselves to just ignore those warnings, and (b) I hate watching TV on my computer anyway.

Since TV/PC integration is a major selling point for Vista, I thought this last issue was worth looking harder at: Do people really want to use their computers to watch TV? My computer monitor is in an office where I sit up close when I'm working; but TV feels more comfortable to watch from several feet away, and in my office I can't even scoot my chair back that far. (And if I lived with family, I doubt they'd want to crowd into my office to watch a movie.) In fact, I like the psychological separation of the TV set in the living room from the distractions of the computer in the office: I go in there when I'm done with everything in here. The only way I'd regularly download and watch movies would be if I had a way to send them wirelessly to my TV, but a wireless PC-to-TV converter and the corresponding receiver together cost about $200.

Seeking more validation of my opinions from strangers, I did another survey of 30 Mechanical Turk users, asking if they would rather drive to a movie rental store or download a movie online for the same price. Almost half (14) said they'd rather drive to the movie store, citing the comfort of watching the movie on their TV as opposed to on the computer. Another fourth of the respondents (8) said they'd download the movie but only if they could send the content to their TV to watch, and only the last fourth (8) said they'd actually watch it on their computer monitor. So the future of convergence between PC and TV will probably be not in all-in-one systems but in devices that link the PC in your study with the TV in your living room, and since there's no household name yet for PC-to-TV linkage, the field is wide open for some lucky company to make a product that becomes synonymous with the concept, the way "TiVo" is easier to say than "Digital Video Recorder". Maybe that will be a boost for systems like Vista. If that happens at about the same time that a Vista successor is released that makes the interface easier to switch to from XP, I'll bet that will be the tipping point that gets people switching voluntarily. (Of course many people will switch by then just because they need a new computer and they couldn't find one with anything but Vista on it.)

Anyway, I was only trying a new Vista machine because the hard drive on my old computer died, but after all the data had been recovered, I just installed a new drive in the old machine and went back to XP, while my Vista machine was returned to its perch, gargoyle-like, on the shelves at Circuit City, waiting to pounce on the next unsuspecting wretch with dreams of self-improvement through newer computer purchases. The only remnant of Vista that I have left is IE7, which was installed by my Windows XP restore disk and can't be removed, and which is incompatible with some sites and programs that I need, so I've been using Firefox more and getting to like it. That's lucky, since I've already offended the loyal software-logo-wearing constituencies of Vista and Linux, and wouldn't want to deal with the Firefox crowd too. As my friend Anne Mitchell says, "Admitting you hate Firefox is almost as bad as admitting to being Republican." (Except that when Firefox screws with a page, the chat logs don't end up on national television. Ba-dump-bump!)