Slashdot Mirror

No imagination required, they have existed for ages. Numerous malicious worms / trojans try to kill off the competition, and there have been some "benign" ones in the wild just as you describe, e.g. Code Green and friends created to respond to Code Red / Code Red 2. The problem is that there can't really be a truly benign / beneficial worm because it's still changing systems without permission, e.g. some of the anti-Code-Red ones made it hard to tell which machines had been patched properly. Also any self-replicating code tends to have unexpected side effects. Welchia was created to combat Blaster, but bought subnets to their knees ping scanning for machines to patch, in many cases causing more disruption than Blaster did ...

What good points? It has a resource intensive "shiny" interface. It has levels of DRM heretofore unseen in an operating system. It is claimed that it is secure, yet still has gaping security holes. It is claimed that it is safe, yet has to be made un-safe for users to be able to do anything with it. It is expensive, clunky, space consuming, privacy invading, insecure, unsafe, and is more interested in protecting the interests of major Hollywood distributors than its users.

Care to highlight why I'd want to use Vista?

I don't think you should ever be held accountable for past actions under a new license. [...] Furthermore, much of this whole argument assumes that all this software is definitely moving to GPLv3

Quite right, which is why it's so important that the vouchers they have been conveying have no expiry date. When, in the future, someone goes to Microsoft with a voucher and Microsoft conveys a copy of SLES with Samba (or some of the other projects who're switching) then the GPLv3 will apply:

It's a long shot Jim, but it might just work...

http://www.vnunet.com/vnunet/news/2193610/amd-prom ises-honest-barcelona

Thanks to the work of Ou, AMD will be promptly take these down.

Here's a perk of living in (even rural) Canada: I go down to the garage/general/liquor store, and there on the shelf is Havana Club, "Ron puro Cubano," mmm, great is right. And cuban coffee in the cupboard, it's only pretty good but it's organic.

There may be long-term competitive benefits accruing to Cuba out of the blockade and its hardships.

The whole island has pretty much gone organic, as part of the austerity produced by the embargo, and they're trying to turn that constraint into a strength. When the embargo finally drops in the US, watch for cuban specialty products showing up in the organic food stores.

They need an internationally credible domestic certification system to really flourish, however the embargo has forced them to look hard at their local food security, so they'd be okay if international trade was interrupted. They have international trade in things like organic fruits and coffee, and they've made interesting innovations with domestic distribution in mind, like the Organopónicos.

The embargo has created constraints that make it an interesting testbed for development without the overwhelming influence of large transnationals. It's a race between the international organic sector to help establish Cuba as an entrenched organic ag system and the influx of Life Sciences transnationals that might happen if there's regime change.

Cuba's ripe turf for donated linux-ready systems, so support that goal in some way. There's enough real zeal for independence and common interests to make it a interesting test bed for a society running on open-source software.

If you want to read the actual report, check out the link to the PDF from this page: http://www.vnunet.com/vnunet/news/2192615/microsof t-claims-vista-secure/

This was in an article about Europe. If they don't find a partner in Europe in the desired timeframe, it's not like they're just going to go, "Oh well, I guess we'll never sell in Europe!" The fact of the matter is they could sell the iPhone unlocked, and able to be used on any GSM carrier. Does that mean they will for sure? Of course not. It just means that they could, from a technical perspective, do just that. They don't "need" to have a specific carrier in Europe. Saying that you could use firewood to power a vehicle is nowhere near an equivalent analogy in any way, shape, or form. iPhone could be used, nearly as-is, on ANY GSM carrier.

The editor accepting the submission even saw fit to add "In Europe, unlike in the US, Apple has the option of selling the iPhone through its own dealer network without a simlock," to the article, and the article itself says, "If Apple decided to sell the iPhone directly to consumers, it would have to sell the devices without simlock, allowing the buyer to insert their own Sim card."

So, especially since this was said in the article AND the submission, and it is a factual statement about something Apple could easily do in Europe if it doesn't have a specific European partner, how does that make me a fanboy again? The implication for some people is that if Apple "can't find a partner in Europe" that might mean the iPhone isn't coming to Europe, which is obviously a Bad Thing (for Apple). Except, that's not the case, because there are other alternatives; namely, exactly what is being discussed here. So, what's better: incorrectly thinking that if Apple can't find a partner that it won't be able to sell the iPhone in Europe (which is false), or knowing that it would be technically possible for Apple to sell iPhones unlocked in Europe that would work with any GSM carrier (albeit without visual voicemail)?

http://www.vnunet.com/vnunet/news/2126971/linux-re vs-renault-f1-testing

I posted something about this on the last thread - SMB/CIFS has a couple of obsolete Microsoft patents that Samba implements, but not as documented in the patents themselves (they would not work in a UNIX-like OS). The main part of Samba is based on specs designed by the Storage Industry Network Association, which MS used more as a guideline than how they implemented it. Here's an article about it, and also see Samba's web site.

The only other patent I know of on CIFS is not owned by Microsoft, it's a Cisco patent

MS probably still argues that those two patents are being violated and MS even spread some FUD by issuing a license for using CIFS on other OS's but excludes the GPL (Samba's license).

Things that are obvious, but Microsoft has patents on, that I'm aware of (thank you, bookmark file):
patent on RSS feeds
FAT patent 5579517 (which I believe has now been rejected as obvious after appeal and my ref was link-dead)
Spam filtering
IsNot in BASIC
or how about this one, which is basically sudo
or this one which would be violated as far as I can tell by a Linux OS module updated over an https connection, though I think it would also need to include verification like an md5 checksum to fall under that patent.

and a couple that I don't think would affect Linux:
a patent that is basically the same as XUL, but for Windows only.
a patent on this one on learning, which is broad and vague - see this guy's response I found in a search which explains the stupidity better than I could (my original link is again dead - I need some housecleaning).

Great, but in the interest of reaching the largest possible audience, how about posting at least an alternate copy of the presentation in a less insecure and more interoperable format like ODF or PDF. Both do presentations and since the main beef is about USSR-like control, using PDF or ODF would be putting money where the mouth is -- both are published, open standards.

Blackbird reincarnated? (Microsoft playing the same game at a later date)

Since Linux can proform well with latest standards in media, Microsoft is pushing a new on of their own to mess this up.

They tried to do this once before with BLACKBIRD.

http://www.vnunet.com/itweek/comment/2086343/propr ietary-standards-grow-online

http://www.xent.com/FoRK-archive/spring96/0113.htm l

At the time of Blackbird, it was Microsofts secret weapon against on-line services, such as America Online, and the W3C group. (that was Microsofts big enemies at the time.)

Silverlight is just the same type of combative propietery software to make the same issues for linux (incompatibility issues so people will not want to run it anymore and stick with XP and Vista.)

Becarefull to adopt propriety software such as Silverlight as it puts limits to your use of your computer and your choice! It also seems to push up the cost of something that could be free of charge.

Hope everyone can at least take that in to consideration.

Security claims must always be seen from the eye of the beholder. That's why Linux security is myth. Here's a start:

http://www.vnunet.com/vnunet/news/2126780/linux-fa n-concedes-microsoft-secure

Microsoft's goal is to produce good software whereas OSS makers must sell support. Not only is OSS of lesser quality in the first thanks to less rigourous software development techniques and the lack of QA, but the motive is to produce buggy software in the first place. Of course, some projects might be motived by more noble objectives, but they tend to be small in scope and crappy anyway (with some exceptions like MythTV, for example).

The opening of the source is in itself immaterial to the situation, other than impacting the reason that
OSS inferior: the revenue source.

T_A (daily post limit reached)

Instead of quoting specific companies, how about pointing to that well known study which shows that Samba is more than twice as fast as Windows Server 2003 for SMB serving?

strongly believe that doing it the baby steps way is good because it allows me to smoothly transition from MS to linux instead of sitting in front of the computer with a huge question mark over my head trying to not only figure out how the OS works but not even knowing how to do a simple "hello world" page, let alone a complete web site.

Whilst this doesn't suite the impatience of most /. readers (we expect you to spend five minutes switching away from Microsoft, for you to be productive immediately, and a to write a nice note here telling all the people that replied to your question how wonderful they are) it does seem like a very sensible policy.

There are a couple of things you need to know about Mono and Ubuntu in general:

• The Mono Project is developed by Novell, they have a patent cross-license agreement with The Evil Empire. This has resulted in a lot of FUD and sabre-rattling, which could have a some effect (I am not a lawyer, so don't know what that effect might be) on the Mono project.
• When you want to download mono etc. don't think like a Windows user and get it directly from the Web site. Open up 'Synaptic Package Manager' and install from there. It's in the Sytem menu (I believe, am not a GNOME user :) )
• Mono has a small webserver that comes with it. This will be good to get you started and for testing, but for production applications you should use the 'mod_mono' module for Apache. Again, all this juicy goodness can be found by searching in Synaptic.
• All configuration files for this stuff can be found in the /etc directory--making changes without a GUI might seem strange at first, but believe me it makes much, much more sense than GUI + Registry. For a start think how easy it is to backup settings, or even clone your server configuration.

Hope this helps.

Nope I don't. The IMP (http://www.bbc.co.uk/imp/) is a web-based app for streaming the BBC's own content for up to seven days after it has been broadcast. It currently uses DRM'ed WMV and is very unlikely to change for public launch. They own the content (well technically the license payers do) so they can choose what to do with it. Furthermore controversial plans are at foot to move all streaming content to WMV (http://www.vnunet.com/vnunet/news/2174256/bbc-sla mmed-microsoft-lock. Thanks for your reply.

As do theregister, theregister, attrition.org, attrition.org, grok.org.uk,

Even mi2g's own research FTA:

The firm estimated that, with around 600 million Windows-based computers worldwide, this works out at between $281 to $340 worth of damage per machine.

Wow. That is a lot of money per Windows box, per year. To do as badly in sum, every linux box on the interweb would pretty much have to commit fusion.

"Windows computers in over 200 countries were infected. Judging by events which unfolded between January and April 2004, there could be a choppy cyber-sea ahead, made all the more complex by new and more dangerous malware families yet to emerge."

The top 10 malware programs of all time, according to mi2g, are MyDoom, Netsky, Sobig, Klez, Sasser, Mimial, Yaha, Swen, Love Bug and Bagle.

Of course, none of those programs run on OSX or linux.

"It serves the purpose of the vendors to blame the users or the virus writers and not themselves for designing 'Swiss cheese' software."

Don't you MS bloggers have anything better to do? Could you maybe have a look at that virgin Vista IP stack for us? We're a little worried you guys were trolling slashdot and not FIXING THE DAMNED BUGS.

Please, shut the fuck up Bruce. Some years ago you warned developers against OpenOffice when Sun did a similar deal.
http://www.vnunet.com/vnunet/news/2125926/perens-h its-sun-openoffice

Nothing bad happened. And OpenOffice.org is mostly developed by Sun developers, with some contribution from.. Novell.

The free software doesn't need stupid arrogant debian-ists. Sun, Novell and IBM contribution to free software is so much bigger than the contribution of the debian integrists.

"
Perens told vnunet.com: "I would counsel [developers] to stop assigning the copyrights of their modifications to Sun and keep them under their own names, licensed under the General Public Licence and in the open version only."

Describing the legal arrangement between Sun and Microsoft as "creepy", Perens added: "It essentially says that Sun will not stand together with the open source developers who contributed to their own product."

WE ALREADY HAVE FORGOTTEN ABOUT YOUR CALL AGAINST SUN.
WE WILL FORGET YOUR CALL AGAINST NOVELL.

Because you're pretty USELESS.

And again all the posts that are +5 are those that say the same thing over and over again.

The deal is done. Live with it. At least Novell tries to answer the questions people have. They are damned if they do and damned if they don't. People asked that they wanted the details of the deal, so they gave them. They gave a lot of promises.

The IRC meeting will most likely also just be a lot of copy-cats yelling: Yes, but you signed a deal with M$ and we are so anti-M$ that we don't care about anything else.

So instead of yelling that it is so bad, come up with a realistic alternative what you want and what questions you want answerd. Be at the IRC meeting and/or see that your answers are asked on the site if you can't be there.

It is very much fun to react emotionaly, yet it is only spreading the FUD further, no matter who started that FUD.

The useal links:
http://lists.opensuse.org/archive/opensuse-announc e/2006-11/msg00004.html
http://dev-loki.blogspot.com/2006/11/call-to-dump- suse-linux-wtf.html
http://www.linux-watch.com/news/NS4287912423.html
http://www.vnunet.com/vnunet/news/2168151/novells- opens-microsoft
http://en.opensuse.org/Meetings/Status_Meeting_200 6-11-08/transcript#The_Novell.2F_Microsoft_deal

So why would Microsoft not do such a thing now? Who says I am not a strawman for M$ and am implementing stuff into the kernel as we speak? No need for a deal that I need to pay 318 million USD for. I do it for half of that amount.

So what stops Microsoft of doing such a thing now? Also read http://www.vnunet.com/vnunet/news/2168151/novells- opens-microsoft

Here's the same guy's promise about their last operating system:

Microsoft has said it has stamped out buffer overflows with the upcoming release of Windows XP. Jim Allchin, vice president, claimed the company has done a complete code review of its operating system and removed all buffers which could overflow.

I'll let somebody else post a list of all the critical updates caused by buffer overflows...

"I work in a mostly Linux shop. It is the only solution for our server farms", InsaneProcessor

"We have to hire both linux and windows IT people", InsaneProcessor

Is it possible for someone to have both linux and windows skills in the one brain?

"Linux is next to worthless on our desktops", InsaneProcessor

What version? Why are you running both desktops. As an IT services company what exactly is difficult about the 'Linux' Gui?

"Every time a new version or upgrad comes out (new hardware isn't supported by older versions) too many things become broken", InsaneProcessor

What compels you to upgrade? As a professional IT shop I would imagine you set your own upgrade agenda. Why do you install the 'old' version on new hardware when as you say, there is a newer upgrade available. What kind of a shop are you running there?

"Windows is far cheaper to maintain and support", InsaneProcessor

According to this MS sponcered report from 2002 it takes three people to support a Linux server and two for Windows. Anyone who know anything about Unix knows this to be absolute nonsence. An average ISP need hire at most two Linux sys admins regardless of the number of machines. Once some automated scripts are in place baring a hardware failure, there is minimal maintenence.

X-Fud-Status: Yes, score=7.0 required=2.5 .. morons, worthless, upgrad, broken, troublshooting, licenses, zeolots+pretend typos

InsaneProcessor (869563)
was Morons that miss the point completely (Score:1, FUD)
Morons that miss the point completely

Let us not wait what will happen in, say a year.

Also let us not look at it objectivaly and let us completely ignore what Novell has done for the Open Source community. Just let us drop them and then hope that Novell goes broke and some others fill in the void that will happen.

Also let us ignore the fact that Novell is not SCO or the Novell is also interested in seeing that the deal is coplying with the GPL

Also let us forget all the Novell suported projects

It is great to so that people are not realy pro Linux, but are rather anti-Microsoft.

Yes, we should watch the deal closely and decide when things go wrong. To decide now will not do anybody any good, execpt perhaps RedHat, who are happily joining in the FUD for obvious reasons.

Oh, this was all sarcastic.

Let us not wait what will happen in, say a year.

Also let us not look at it objectivaly and let us completely ignore what Novell has done for the Open Source community. Just let us drop them and then hope that Novell goes broke and some others fill in the void that will happen.

Also let us ignore the fact that Novell is not SCO or the Novell is also interested in seeing that the deal is coplying with the GPL

Also let us forget all the Novell suported projects

It is great to so that people are not realy pro Linux, but are rather anti-Microsoft.

Yes, we should watch the deal closely and decide when things go wrong. To decide now will not do anybody any good, execpt perhaps RedHat, who are happily joining in the FUD for obvious reasons.

Oh, this was all sarcastic.

assuming Red Hat haven't by that time gone out of business from losing their primary source of income to Oracle.

I think that you put too much faith in the power of technology.

Without the proper infrastructure these computers are about as good as a wrist watch.

Are we not only going to give them these computers but also give them the education required to use them effectivly?

Perhaps I'm naive, I'm not up to date on the current state of magical technology so I may be missing a key component here.

I think that there is technology availble that is far more valuable/inexpensive/accessable.

And maybe I'm a ludite, I just cannot be convinced that technology can solve many of the target contries problems.

Many of their citizens would probably be content with remaining farm communities, maybe all they need is fair trade...

perhaps a computer could give them access to information on the best markets for their crops, but the last time I checked the internet wasn't everywhere.

To be fair, this OLPC thing is noble but I don't think it will help anytime soon.

The money could be spent better is all I'm suggesting, like say in teachers and schools, and there is much evidence that proper nutrition is as important to childhood development and their ability to learn as anything else.

VNUnet article
Apple Insider post
Apple's Developer Overview site

"Oracle has long been a trusted partner for small and medium businesses, and we have developed a wealth of knowledge to help facilitate the unique needs of that market," said Oracle President Charles Phillips. "The introduction of Oracle Accelerate expands on our experience in this market, and makes it faster and easier for customers and partners to leverage Oracle's leading enterprise applications."
To help ensure the success of the Oracle Accelerate program, Oracle has developed a global business unit that will manage and monitor the product and partner components of the program. Headed by Senior Vice President Tony Kender, the SMB business unit will maintain a world-class partner/reseller ecosystem, drive the continued development of product and industry bundles and work to ensure SMB customer success.

Hehe ... I wish I remembered enough C64 basic to write a webserver in it. You made me wonder if such a thing exists ... apparently it does (or did a few years ago).

Maxing out CPU on a shared server is actually really easy. With 100's to even 1000's of websites sharing a single server, you learn very quickly what can and can't be run effectively. For instance, if more than a couple people use the web based mail system on our server, we get CPU warnings... this doesn't mean we use up the whole CPU, just our small portion of it.

(If you haven't been following the 360 Insight vs Spamhaus thing then you'll have no idea what's going on here!)

http://www.vnunet.com/vnunet/news/2126479/maliciou s-trojan-infects-windows-media-player

http://news.com.com/2100-7349_3-5211168.html

http://secunia.com/advisories/20626/

The truly scary thing is that prior to May 2005 http://support.microsoft.com/kb/892313 WMP left you vulnerable to the DRM-based viruses even if you'd explicitly told it not to auto-download DRM code!!

No doubt it'll be more than 8MB of cache for a behemoth like this, but do you really think they're going to be able to squeeze, say, 2MB per core without burning down the house?

I wonder how much they paid Willamette Industries Inc. for wii.com.

Sorry it took so long to reply.... Good points. I'll only respond to a few.

"Boy, you don't know that much about cryptography, do you ;)"

Er... no. But hey, this is /. :-)

"That's complete BS. It hasn't been cracked, and it wont be for a long time."

One link to doubts about RSA:

http://www.vnunet.com/vnunet/news/2118141/1024-bit -encryption-compromised

"Are you saying that your friends mother is a genius mathematician who published a few papers about factoring and was somehow forced to leave the field?"

Yes, but this was a long time ago. Early on, the government actively tried to control published research into factoring. There's another post on this thread that mentions this. I believe my friend's mother (and father) was a mathematics professor at Cal Tech.

"Most people doubt that it is in either P or NP-Complete which would most certainly make it NP-hard"

Not according the the gospel of truth (cough) wikipiedia.org: Because of the compelling evidence that factorization is not NP-complete, many believe such an algorithm is likely to exist. (refering to a polynomial time factorization).

"256 bit AES will (very possibly) never be cracked by an ordinary computer."

I tend to agree. It's easy to see that secret key encryption can be made very safe. Munge the data so it looks random, then munge with the secret key. Unless you've got a crappy munging algorithm, decryption will be hard. However, I still don't like the 128 bit block thing. Why not use blocks that are at least as long as the key (AES256 still uses 128 bit blocks)?

"No we're not being manipulated into using weak cryptography!"

You don't secretly work for the NSA or CIA, do you? ;-)

Ok, I submitted a story, but in case it gets rejected, here you go:

Jon Ellch and Dave Maynor have raised quite some noise about ther recent wifi exploits. But some clever sleuthing from a blogger has dug up some some damning evidence. Most notably a high resolution version of the video (2) where you can see Maynor claiming he is using an external card. He further states that he got an ip 192.168.1.50, but according to the ifconfig output, the mac address associated with that ip is 00-17-F2-41-31-6D. According to the IEEE OUI that mac address belongs to apple. The problem here is that Secureworks claims they he did not hack the apple driver but an external card's driver. Thus the video was faked.

*fixed the links:
Here's a mirror: maynor video screenshots (image 6)
If you check the mac address you will see that it's an apple mac address. See the IEEE OUI list.

So, what we have is:
a) Maynor claiming he is using an external card
b) Maynor claiming that the ip they got is 192.168.1.50 (see the video)
c) According to the screenshot the mac address associated with that ip is 00-17-F2-41-31-6D
d) According to the IEEE OUI that mac address belongs to apple
e) Maynor claiming he did not hack the apple driver but an external card's driver

THE VIDEO WAS FAKED. END OF STORY

Oops, the image ran out of bandwith, here's a mirror: maynor video screenshots (image 6)
If you check the mac address you will see that it's an apple mac address. See the IEEE OUI list.

So, what we have is:
a) Maynor claiming he is using an external card
b) Maynor claiming that the ip they got is 192.168.1.50 (see the video)
c) According to the screenshot the mac address associated with that ip is 00-17-F2-41-31-6D
d) According to the IEEE OUI that mac address belongs to apple
e) Maynor claiming he did not hack the apple driver but an external card's driver

THE VIDEO WAS FAKED. END OF STORY

It looks like the next gen race has finally kicked into gear with Nintendo and Sony starting to show their cards for November's big launch battle. Microsoft's 360 is looking like Sega's Dreamcast of five years ago, still around but mostly forgotten.

If Microsoft is having sales troubles bad enough for stories like this:

http://www.vnunet.com/vnunet/news/2162752/xbox-sal es-slow-for-ps3-wii

one has to wonder how willing Microsoft is to continue losing well over a billion a year just to avoid the humiliation of pulling out of the console market. 3 million 360s worldwide after 8 months on the market is a disaster for Microsoft and the 360.

I hope this issue brings more awareness to people about internet anonymity in general and that the government wants all your logs and that companies like Verizon roll over and let them have it.

AOL has went one step further and given their customer's information to the world. I googled the news to see if this story is being reported in the mainstream media, and it is minimally (minimal b/c of TimeWarner?) but I have to laugh as it is characterized as a "goof" and a "gaffe". Laughably understated and nice words for something that at best can be described as sheer bumbling negligence and at worst as a breach of privacy of the worst sort.

Even more ironic, the first news story to pop up on google has nothing to do with this but is:

"AOL offers free security software"
http://www.vnunet.com/vnunet/news/2161980/aol-offe rs-free-security

Both have expiriences with massive recalls.

In related news, there is an article at ITWire about Intel admitting to a security flaw with their wireless technology as well. Check it out at http://www.vnunet.com/vnunet/news/2161539/intel-ad mits-centrino-wi

"Beer bottles that use solar power to keep their precious contents cool in the height of summer could be a welcome fringe benefit of thin-film technology currently under development"

rest on http://www.vnunet.com/2160151

I'm pretty sure this wouldn't work in direct sunlight, as I doubt the heat pumps and solar cells are efficient enough. In diffuse light, which an ideal application of the less efficient thin film cells, it might work quite well. Haven't done the maths though.

Now, there are currently no unpatched remote exploits or program-runs-crap-by-itself bugs I'm aware of. In other words: You have to start it!

Oh, really?

Not to mention that if they have to implement double-digits worth of patches a month you have to suspect that there are, indeed, unknown (by the public) security holes to be found, and which may have already been found by blackhats.

Antimalware tools are akin to snake oil and herbal remedies. No sane system should need that kind of overhead, and I've said it before: once you're infected, the only way of going back to a "known clean" configuration is a wipe and restore from "known good" media, or a complete checksum of binary signatures from a read-only known-good boot medium. The only thing antimalware does is make you feel safe, much like the Windows Security Center logo. Once your system is infected, a good root-kit is unremovable, and even garden variety uncommon malware may not be detected by the popular virus scanners; this is exactly what happened to Valve with the Half-Life 2 code theft. Someone designed a custom worm to penetrate their network and e-mail out important corporate files, and they got away with it.

Ok, you seem to have a clue, so I have a question. Is this really new? These cars must already been using embedded systems for their data measuring on-to-go and data transport. I also remember e.g. the compaq or HP advertizements for their F1 computers, and they were actually mentioning that they were using linux. Would this move actually mean that Microsoft is trying to get the linux systems out for these 'showcase' Formula 1 pcs? And is it likely to work?

"Is it just me or does the report actually fail to mention to mention Linux even once?"

That is correct, the article quotes Graham Cluley as saying that Macs will be safer for 'computer' users.

MS going into the AV business threatening their revenue stream and despite this Sophos depend on Microsoft for business. Linux on the other hand is considered a greater threat than the Mac, both to Sophos and MS. The Mac is seen as a niche player so talking it up is not such a big deal. Previous utterances from Sophos:

a Mac has no more inherent security when it comes to malware than a PC

"Linux has a better history for security than Microsoft, and hackers are more focused on Microsoft.

These are not attacking any kind of vulnerability in the computer They are attacking the vulnerability of people's brains.

http://www.distrowatch.com/

Actually its even more than that. Not sure of the current number but I did find a more recent article that states 4.3 mil subscribers in China, ~2/3 of the current total.

http://www.vnunet.com/vnunet/news/2157091/china-wo rld-warcraft-majority

Yes very true. Of course at the executive level in companies, they are usually given the opportunity to resign with grace rather than get fired, except in extreme cases such as those where criminal accusations are involved. IMHO, I think we're seeing a broad (and probably sorely needed) shakeup as a result of all the recent negative publicity surrounding the Vista delay, often speculated to be caused by culture issues. Corporate culture issues are difficult to fix in any organization, let alone a huge one like Microsoft, and often necessitate changes starting from the top down to even begin to make progress.