I'm not sure how extensive this is, as this would cause alot of file system bloat.
But it definitely happens in some places, and for the target audience of automatic updates, which is a home-user/consumer, this is appropriate, at least IMO.
It creates the least risky situation for people who dont have the knowledge or experience to make an informed choice. For those who want to make an informed choice, use WindowsUpdate/MicrosoftUpdate, WSUS, or some other patching management tool.
The part that was not true is this:
Companies that didn't want automatic updates from MS had an automatic update installed. Only a small subset of companies would have received this silent update. This is the subset that is running just Automatic Updates active, and either notifying or installing, or both.
And no companies who wanted and took control over their patching would have been impacted by this.
The ones that had AutomaticUpdates turned off did not receive it. The ones running WSUS did not receive it. The ones running SMS or other 3rd party tools did not receive it.
I have no argument with you that MS shouldnt have done that, and that their response to the complaints has been less than stellar.
But most businesses wouldnt have been impacted at all, as any business who wanted control over their patching is running WSUS or something else, and did not receive this patch.
It sounds like I'm being really nitpicky here, but that is not my intent. What I'm refuting is that this went out to everyone in the world, especially businesses. There's a meme floating around that this is a big violation of auditability and control for businesses, as unexpected patches were applied without their permission. This is not true, as any business who cared about having control was not using AutomaticUpdates, and so did not experience this problem.
So you say that not implementing some huge complex bureaucratic system to manage your windows installs is a choice that everyone makes when they buy a computer? Nope, thats not what I said at all.
I said that there are choices, all of them with different cost/benefit dynamics.
1. Automatic Updates. Fully hands off, but would have received the silent updates. No effort. No control over what patches are installed or when, other than the config options in group policy/local policy.
2. WindowsUpdate/MicrosoftUpdate w/ AutomaticUpdates disabled. Would not have received the silent updates. More work. More control over what patches are applied, and timing of such.
3. WSUS. Would not have received the silent updates. Complete central control over windows & microsoft patching from a central console.
The last one is only really appropriate for a business, or other situations where you want to manage updates centrally for a number of machines.
This was in response to Animat's complaint that businesses were not in control patching and what was applied to their machines. I provided argument and evidence that they were actually in control, and had a choice of how to exercise that control (wsus, etc).
Animat's argument was that business were not in control of patching. I showed that this is untrue, and that they are, or at least they can be for the choosing and a very small amount of effort.
I also see from your comment that you've never done a WSUS install. It takes about an hour to get setup, thats including reading the docs. All it requires is a machine running IIS, and can run on XP or Vista w/ IIS for small shops. After that its a fairly nice and simple admin console to control your environment.
The Windows installer is As I think I showed clearly, its not. You have a wide variety of choices, only one of them puts MS in control of the patching and updates.
basically you seem to be saying, if your computer isn't running at 3am, it will "insist on interrupting whatever you are in the middle of" and then "will not leave you alone until you restart the computer". Only if:
1. You have it configured that way, or are at default config.
2. The patches require a reboot.
I'm not 100% sure of the behavior next time you turn it on.... I dont remember what the default settings are. They're either to install right away and put that terrible popup on your systray, or to wait for the next scheduled install time. Not in a position to check right now.
even stranger, you seem to find this to be acceptable. moreover, you go out of your way to defend it. I'm not making any sort of value judgement against it. I'm simply correcting inaccurate information being posted.
i don't want an auto-update function to interrupt me and bother me and refuse to go away. Then change the behavior. It's all there in simple to understand settings in group policy or local policy.
Here's a handy link with everything you need to know about doing this. Took about 60 seconds on google to find.
The reason I get involved in a discussion like this is that there's often a great deal of factually incorrect information spouted off about how the system works, and people who dont understand the target audience.
The default settings for Automatic Updates are for home users who know nothing about computers or security. The defaults are setup with that target audience, who really really should reboot and let the patches finish applying as soon as possible.
But they also give nearly infinite configurability for more advanced home users, or for corporate shops. So you can make the system behave however you want, for the cost of maybe 20 minutes of research and configuring.
So the bottom line is, if you dont like the default behavior, CHANGE IT.
This was the case from Word 95 to Words 97 (I can hold a grudge). Grudges I can understand, but you have to be reasonable. You're talking about software released over a decade ago. Software was a different universe then.
Also, correct me again if I am wrong, the compatibility pack for Word 2003 for Word 2007 Documents were not released right away (months?) I honestly dont know. I wouldnt be surprised if the compat packs lagged the release by a few months, though, thats not terribly unusual. But I cant say personally.
I work at a High School and many of the computers still use Word 97. Though it is being phased out, there were a lot of problems this year when people came back from summer break with new computers at home. This is one of the costs of not keeping up with software new releases. It's a known problem. You may want to consider looking at the campus agreement program with MS. Many schools I know find that its a good value, all things considered.
But making the choice to remain with 10 year old office software is a choice. It has known risks and costs, and known benefits. So if you all decided that the benefits are worth the costs & risks, then I dont see why you would complain about the situation. If you're not a decision maker, then consider ways to make sure that the decision makers understand the non-cash costs of these kinds of choices, so they can make fully informed decisions.
A revision history, perhaps? A relationship model? Or at least some explanation what files are going to be replaced? If the patch supersedes another patch, that is indicated in the KB article. I assume that's what you mean about 'revision history'. They also indicate in the KB if it was re-released due to patch issues, etc.
Most (if not all) of the security patches have the exact files replaced, including new version numbers, size, time and date, and have this list for each platform and version (ie, vista x86 and vista x64, etc).
About the only thing missing that I'd like to see is hashes of the files. I know some updates include this information, and some dont. I dont know what pattern is used to indicate it.
You can see an example of this here.
And why not in the summary, why do I have to access some webpage? Don't tell me the amount of data is too much for a few lines of text. I dont know how to help you with this one. If reading a webpage about the problem, just like every other OS or software in the universe, is too much hassle for you, especially given the link is right there all you have to do is click it, then I think you're just decided that you hate it, facts be damned.
You'll also see that there's a lot of information on the webpage, and it can change if the patch is re-released, or new information is found.
The only people who got silent updates were those with autoupdates running, and configured to download and notify, or just to notify.
If you had automatic updates disabled, or set to do nothing, you got no auto patch. If you were using WSUS/SUS or any other 3rd party patching tool, then you got no silent updates.
Generally, this means companies wont be affected by this whole thing at all, since they're using WSUS, SMS, or some other solution.
You want components patched that arent fully installed, because there are portions of it there, and it may be activated at some point unexpectedly in the future. When/if that happens, you want it patched.
This is similar to patches for IIS in the olden days. It used to be that IIS wouldnt be patched on a server if you didnt have it installed. But that resulted in big badness when someone decided they wanted it, and they installed it, and were owned in a matter of minutes. With the patches already applied, you have zero exposure if/when the software ever gets fully installed and/or turned on.
The Malicious Software Removal Tool doesnt hurt you, and one chance in a million it might find/fix something that you didnt know was there. So no downside, some minor potential upside.
These are smart risk mitigation things that MS didnt use to do, but they smarted up and do things like this now.
Have you never done any reading or research about this?
This stuff only applies to consumers using AutomaticUpdates or WindowsUpdates/MicrosoftUpdates.
Businesses use (or should be) WSUS or other systems so that they have complete control over the patching.
If businesses dont do this, then they are making a choice to not have control over updates to their system.
No one is forcing anyone to go this route.
Now, mind you, MS should never have been doing silent updates without full disclosure. But its not like they made you use this system to do updates. There are other free options.
When looking at what is being downloaded (either automatically or manually) you have little idea of what you're actually downloading. All you get is a strange ID number for the update and an extremely generalized discription of what is being fixed (or unfixed). Incorrect. You get a short summary description with a link to the full KB article. The bulk of the time, the KB article includes the exact files that get updated.
When there is an update it insists on interrupting whatever you are in the middle of. Incorrect. By default, windows comes configured to automatically download patches, and then install them at 3am. If you're experiencing this, then you've either changed the system to have this behavior, or you've always got the machine off when it tries to update.
When it downloads it sucks up CPU time. Incorrect. Downloading of patches uses BITS, which is a trickle download, can take hours, and wont gobble up cpu and bandwidth. The only possible thing happening if you're really seeing this is that the next scheduled scan is running, to determine what you have and what you need updating. There have been some known issues with this scanning (not downloading) being intrusive on the machine.
And when it's finished it will not leave you alone until you restart the computer. Incorrect. By default, the machine will automatically install the patches at 3am after downloading, and reboot if needed. The only way you'd see the behavior you're describing is if you configured it that way, or if you had the machine shut down the night before when it tried to patch.
SUS/WSUS gives you complete control over which drivers and patches go out.
The only way you could end up in this situation is if you did several bad things in a row. You had to:
1. Sneaker to each PC individually and run WindowsUpdate/MicrosoftUpdate by hand.
2. Choose the Automatic update, rather than custom, where you get to select what gets updated.
Doing #1 in a business environment is insane. And #2 is unforgiveable for a tech, you should have known better.
Not trying to be too hard on you here, but this is the rough equivalent of randomly deleting files from system32 and wondering why it broke your computer. You really should have known better.
Old versions of word are not made forward compatible. Compare this to any open source office suite. Word isn't even compatible with itself! Worst, if even one of your friends emails you a newer word document, you are SOL and have to buy the new version just to read it. Incorrect. You just go to MS and download the free compatibility pack that makes word forward compatible. 2003 is even smart enough to tell you that you need to do that when you open up a 2007 version,.docx, etc.
Not to mention the constant presence of free viewers.
Even better, in the past (not past enough), if you got a trial of the new version, it converts all your documents to the new version. So if you don't buy the new version after it expires suddenly all the documents on your computer become useless. Also incorrect. What trial versions do is to default to the new format, and in some versions, wouldnt allow you to save as the old format (which is lame). But there was absolutely no batch conversion system that would walk your system and convert all files.
1. Obviously, hacked versions that couldn't get updates. Automatic Updates works just fine on machines that are hacked or fail WGA. Only WindowsUpdate/MicrosoftUpdate is disabled.
Microsoft uploads a list of 'everything' on the user's PC to Microsoft and Microsoft determines what updates are applicable and then stores that uploaded list, associated with your registration information, for an undisclosed period of time. That is incorrect. And wouldnt be practical in any case.
Your windows machine downloads a catalog xml file with all the patches, file vers, hashes, etc. Your local machine does the comparison and requests the updates.
When/if they ever make the plugin work with Thunderbird 2.x I can give it a try.
It is sad though that the plugin description mentions that the only reason its written is because Thunderbird doesnt behave as its supposed to in the first place.
What's more a problem is that you usually get very limited information about the "patches" that are about to hit you. If anything, you get a cryptic citation of some KB article that may or may not be relevant for you. More often than not, you don't get any information about the changes that are about to happen in your machine. Also not necessarily a move that builds trust. Do I get all the information necessary to decide whether I need an update? I'm not sure where you get this from. Every update comes with a short summary and then a link to the full KB article. The KB articles, especially for security patches, go into great detail about the situation, mitigation details, etc. They also include the exact files and versions that are getting updated.
Since security patches are almost always fixing buffer overflows and such that dont really change end-user behavior, there's not much in the descriptions about that. For those that do change end-user behavior, it lists it.
Please, I've seen at least 7 advisories this year on exploitable, unpatched buffer overflows in current versions of Outlook. I don't recall any that have been wormed, but if a worm is made to exploit an e-mail program and it spreads widely, you can bet it will only be affecting Outlook users. Interesting, because it looks to me like Secuniasaysdifferently.
Those links show zero unpatched advisories in Outlook 2002/XP and Outlook 2007. It shows one unpatched advisory in Outlook 2003 that is 3 months old. It's mildly bad, but has some extenuating circumstances around it (must forward to trigger, etc).
Also, since one of the service packs in Outlook 2000, its been trivial to force Outlook to render everything in plain text, which brings your vulnerability to pretty much zero.
Combine that with a typical security policy where people aren't running as local admins, and its not too much of an issue.
Real world experience shows this sort of thing to pretty much be a non-issue these days, and hasnt been for many years.
It may be an old problem, but it is still a current one. Change tracking is not the only way data is mined from doc files. Regular.doc recovery programs as well as programs designed specifically for the purpose can often recover deleted parts of files and in some cases unrelated deleted data from the user's hard disk. I think you're stretching what we're talking about here. Undelete programs that recover freed sectors on the disk has nothing to do with Microsoft, or MS Office, or Windows. Thats a very typical file system problem, that is well understood, and has nothing to do with office programs.
The well publicized information leakage problem present in older versions of Word, that came to light in several very public situations, is largely a non-issue nowadays, due to configuration and behavior changes in the software.
Finally, Word suffers from the same monoculture problem as Outlook as seen with the targeted industrial espionage utilizing buffer overflows in Word and Excel, from earlier this year. In fact, those attacks were discovered by users whose company had standardized on StarOffice and thus questioned why their colleagues within the company were sending them.doc files. Although I hesitate to even respond to the silly 'monoculture' meme, your particular incantation of it isnt very relevant.
All office programs have vulnerabilities, buffer overflows, remote compromises. It's par for the course for this type of software. The fact that most desktops in the world run 'some version' of MS Office doesnt magically grant extra vulnerability.
Even with complete remote, own-the-box with no user interaction vulnerabilities, this magical monoculture thing doesnt kick in. I've seen things like Blaster and other more targeted attacks sweep through large organizations. And you know what? The response and effectiveness of the attacks within the windows 'monoculture' is highly non-uniform. The only predictable factor is that the well managed groups tend to have no problems, and the poorly managed groups tend to have problems.
I believe that the multi-language support you're referring to is through UNO, right?
Office has the same situation with COM. You can automate any of the office products via COM from any language that can bind to COM. And thats pretty much everything.
The only thing you're limited to VBA for is the built-in embedded scripting language.
The online/offline support is pretty fatal. I should be able to pull the ethernet (or turn off wifi) at any point and Thunderbird should continue to work just fine, and give me full access to my email, calendar, tasks, and address book.
At the moment, it doesnt work at all. I have to manually synchronize the system before disconnecting, and even then its flaky.
Can you talk about any of these in detail? I'd like to see them.
I regularly use the two biggies, Outlook against Exchange and Thunderbird against IMAP, and you cant put them in the same ball park as far as usability. Thunderbird has several more years of baking to get some of that fit and finish worked out.
What would you like to see in Outlook? I've only got one real complaint at this point, and it revolves around an occasional network burp that hangs up the app for a bit.
How has it been? Do you all use the web interfaces primarily, or Outlook? How heavily do you use calendaring, and shared resources calendaring? How about task requests & reporting?
In some tests I had done, the Outlook Connector was buggy and not ready for prime-time, and the Zimbra Desktop was alpha level readiness.
Seemed to me though that if you could live with the web interface as primary, it could work for you. However, neither myself nor any of our clients can work from a web-only interface, so its been a no-go.
The Lotus Notes product is really overkill to only be used for email. And like another said, is generally only used by companies who hate their users.
Other than that..... from my research the only thing that even comes close is Zimbra, and so much of Zimbra is still alpha.
There are a number of good collaborative server environments IF you're willing to be limited to a web interface for most of your functionality. But for many, a rich client support with online/offline capabilities is critical.
For your information Thunderbird is a modular and well designed piece of code that uses abstraction and other techniques to enable it support NNTP, SMTP, IMAP & POP3. Each protocol lies behind abstracted XPCOM interfaces and the core is mostly agnostic to whatever is being used. Okay, not trying to be a jerk or make this personal or anything, but... you keep saying this like it means anything. What you're describing is programming 101 stuff for any multi-protocol handler. Its just not exciting, is fully expected, and is par for the course.
There's alot more to a collaborative PIM product than just a good protocol handling abstraction layer.
I guess what I'm saying is that the reasons you're using for why Thunderbird+Sunbird are good Outlook replacements are not very good reasons, at least IMO.
Slashdot Mirror
I'm not sure how extensive this is, as this would cause alot of file system bloat.
But it definitely happens in some places, and for the target audience of automatic updates, which is a home-user/consumer, this is appropriate, at least IMO.
It creates the least risky situation for people who dont have the knowledge or experience to make an informed choice. For those who want to make an informed choice, use WindowsUpdate/MicrosoftUpdate, WSUS, or some other patching management tool.
And no companies who wanted and took control over their patching would have been impacted by this.
The ones that had AutomaticUpdates turned off did not receive it. The ones running WSUS did not receive it. The ones running SMS or other 3rd party tools did not receive it.
I have no argument with you that MS shouldnt have done that, and that their response to the complaints has been less than stellar.
But most businesses wouldnt have been impacted at all, as any business who wanted control over their patching is running WSUS or something else, and did not receive this patch.
It sounds like I'm being really nitpicky here, but that is not my intent. What I'm refuting is that this went out to everyone in the world, especially businesses. There's a meme floating around that this is a big violation of auditability and control for businesses, as unexpected patches were applied without their permission. This is not true, as any business who cared about having control was not using AutomaticUpdates, and so did not experience this problem.
I said that there are choices, all of them with different cost/benefit dynamics.
1. Automatic Updates. Fully hands off, but would have received the silent updates. No effort. No control over what patches are installed or when, other than the config options in group policy/local policy.
2. WindowsUpdate/MicrosoftUpdate w/ AutomaticUpdates disabled. Would not have received the silent updates. More work. More control over what patches are applied, and timing of such.
3. WSUS. Would not have received the silent updates. Complete central control over windows & microsoft patching from a central console.
The last one is only really appropriate for a business, or other situations where you want to manage updates centrally for a number of machines.
This was in response to Animat's complaint that businesses were not in control patching and what was applied to their machines. I provided argument and evidence that they were actually in control, and had a choice of how to exercise that control (wsus, etc).
Animat's argument was that business were not in control of patching. I showed that this is untrue, and that they are, or at least they can be for the choosing and a very small amount of effort.
I also see from your comment that you've never done a WSUS install. It takes about an hour to get setup, thats including reading the docs. All it requires is a machine running IIS, and can run on XP or Vista w/ IIS for small shops. After that its a fairly nice and simple admin console to control your environment. The Windows installer is As I think I showed clearly, its not. You have a wide variety of choices, only one of them puts MS in control of the patching and updates.
1. You have it configured that way, or are at default config.
2. The patches require a reboot.
I'm not 100% sure of the behavior next time you turn it on
Here's a handy link with everything you need to know about doing this. Took about 60 seconds on google to find.
The reason I get involved in a discussion like this is that there's often a great deal of factually incorrect information spouted off about how the system works, and people who dont understand the target audience.
The default settings for Automatic Updates are for home users who know nothing about computers or security. The defaults are setup with that target audience, who really really should reboot and let the patches finish applying as soon as possible.
But they also give nearly infinite configurability for more advanced home users, or for corporate shops. So you can make the system behave however you want, for the cost of maybe 20 minutes of research and configuring.
So the bottom line is, if you dont like the default behavior, CHANGE IT.
But making the choice to remain with 10 year old office software is a choice. It has known risks and costs, and known benefits. So if you all decided that the benefits are worth the costs & risks, then I dont see why you would complain about the situation. If you're not a decision maker, then consider ways to make sure that the decision makers understand the non-cash costs of these kinds of choices, so they can make fully informed decisions.
Most (if not all) of the security patches have the exact files replaced, including new version numbers, size, time and date, and have this list for each platform and version (ie, vista x86 and vista x64, etc).
About the only thing missing that I'd like to see is hashes of the files. I know some updates include this information, and some dont. I dont know what pattern is used to indicate it.
You can see an example of this here. And why not in the summary, why do I have to access some webpage? Don't tell me the amount of data is too much for a few lines of text. I dont know how to help you with this one. If reading a webpage about the problem, just like every other OS or software in the universe, is too much hassle for you, especially given the link is right there all you have to do is click it, then I think you're just decided that you hate it, facts be damned.
You'll also see that there's a lot of information on the webpage, and it can change if the patch is re-released, or new information is found.
The article you quote does not support your statement.
All they say is that the hardware id strings are sent up to MS, which returns a driver list.
They also imply in the following paragraph that its not how it happens for software, though they dont explicitly say so either way.
Not true.
The only people who got silent updates were those with autoupdates running, and configured to download and notify, or just to notify.
If you had automatic updates disabled, or set to do nothing, you got no auto patch. If you were using WSUS/SUS or any other 3rd party patching tool, then you got no silent updates.
Generally, this means companies wont be affected by this whole thing at all, since they're using WSUS, SMS, or some other solution.
You want both of these things installed, though.
You want components patched that arent fully installed, because there are portions of it there, and it may be activated at some point unexpectedly in the future. When/if that happens, you want it patched.
This is similar to patches for IIS in the olden days. It used to be that IIS wouldnt be patched on a server if you didnt have it installed. But that resulted in big badness when someone decided they wanted it, and they installed it, and were owned in a matter of minutes. With the patches already applied, you have zero exposure if/when the software ever gets fully installed and/or turned on.
The Malicious Software Removal Tool doesnt hurt you, and one chance in a million it might find/fix something that you didnt know was there. So no downside, some minor potential upside.
These are smart risk mitigation things that MS didnt use to do, but they smarted up and do things like this now.
Have you never done any reading or research about this?
This stuff only applies to consumers using AutomaticUpdates or WindowsUpdates/MicrosoftUpdates.
Businesses use (or should be) WSUS or other systems so that they have complete control over the patching.
If businesses dont do this, then they are making a choice to not have control over updates to their system.
No one is forcing anyone to go this route.
Now, mind you, MS should never have been doing silent updates without full disclosure. But its not like they made you use this system to do updates. There are other free options.
I'm confused about this.
Automatic Updates wont install hardware drivers.
SUS/WSUS gives you complete control over which drivers and patches go out.
The only way you could end up in this situation is if you did several bad things in a row. You had to:
1. Sneaker to each PC individually and run WindowsUpdate/MicrosoftUpdate by hand.
2. Choose the Automatic update, rather than custom, where you get to select what gets updated.
Doing #1 in a business environment is insane. And #2 is unforgiveable for a tech, you should have known better.
Not trying to be too hard on you here, but this is the rough equivalent of randomly deleting files from system32 and wondering why it broke your computer. You really should have known better.
Not to mention the constant presence of free viewers. Even better, in the past (not past enough), if you got a trial of the new version, it converts all your documents to the new version. So if you don't buy the new version after it expires suddenly all the documents on your computer become useless. Also incorrect. What trial versions do is to default to the new format, and in some versions, wouldnt allow you to save as the old format (which is lame). But there was absolutely no batch conversion system that would walk your system and convert all files.
Your windows machine downloads a catalog xml file with all the patches, file vers, hashes, etc. Your local machine does the comparison and requests the updates.
Thanks for the link!
When/if they ever make the plugin work with Thunderbird 2.x I can give it a try.
It is sad though that the plugin description mentions that the only reason its written is because Thunderbird doesnt behave as its supposed to in the first place.
If they are telling you this, then you probably need to hire people that are competent, rather than those you're hiring now.
Since security patches are almost always fixing buffer overflows and such that dont really change end-user behavior, there's not much in the descriptions about that. For those that do change end-user behavior, it lists it.
What more do you need?
Those links show zero unpatched advisories in Outlook 2002/XP and Outlook 2007. It shows one unpatched advisory in Outlook 2003 that is 3 months old. It's mildly bad, but has some extenuating circumstances around it (must forward to trigger, etc).
Also, since one of the service packs in Outlook 2000, its been trivial to force Outlook to render everything in plain text, which brings your vulnerability to pretty much zero.
Combine that with a typical security policy where people aren't running as local admins, and its not too much of an issue.
Real world experience shows this sort of thing to pretty much be a non-issue these days, and hasnt been for many years. It may be an old problem, but it is still a current one. Change tracking is not the only way data is mined from doc files. Regular
The well publicized information leakage problem present in older versions of Word, that came to light in several very public situations, is largely a non-issue nowadays, due to configuration and behavior changes in the software. Finally, Word suffers from the same monoculture problem as Outlook as seen with the targeted industrial espionage utilizing buffer overflows in Word and Excel, from earlier this year. In fact, those attacks were discovered by users whose company had standardized on StarOffice and thus questioned why their colleagues within the company were sending them
All office programs have vulnerabilities, buffer overflows, remote compromises. It's par for the course for this type of software. The fact that most desktops in the world run 'some version' of MS Office doesnt magically grant extra vulnerability.
Even with complete remote, own-the-box with no user interaction vulnerabilities, this magical monoculture thing doesnt kick in. I've seen things like Blaster and other more targeted attacks sweep through large organizations. And you know what? The response and effectiveness of the attacks within the windows 'monoculture' is highly non-uniform. The only predictable factor is that the well managed groups tend to have no problems, and the poorly managed groups tend to have problems.
I believe that the multi-language support you're referring to is through UNO, right?
Office has the same situation with COM. You can automate any of the office products via COM from any language that can bind to COM. And thats pretty much everything.
The only thing you're limited to VBA for is the built-in embedded scripting language.
The online/offline support is pretty fatal. I should be able to pull the ethernet (or turn off wifi) at any point and Thunderbird should continue to work just fine, and give me full access to my email, calendar, tasks, and address book.
At the moment, it doesnt work at all. I have to manually synchronize the system before disconnecting, and even then its flaky.
Can you talk about any of these in detail? I'd like to see them.
I regularly use the two biggies, Outlook against Exchange and Thunderbird against IMAP, and you cant put them in the same ball park as far as usability. Thunderbird has several more years of baking to get some of that fit and finish worked out.
What would you like to see in Outlook? I've only got one real complaint at this point, and it revolves around an occasional network burp that hangs up the app for a bit.
How has it been? Do you all use the web interfaces primarily, or Outlook? How heavily do you use calendaring, and shared resources calendaring? How about task requests & reporting?
In some tests I had done, the Outlook Connector was buggy and not ready for prime-time, and the Zimbra Desktop was alpha level readiness.
Seemed to me though that if you could live with the web interface as primary, it could work for you. However, neither myself nor any of our clients can work from a web-only interface, so its been a no-go.
Actually there arent, at least not yet.
..... from my research the only thing that even comes close is Zimbra, and so much of Zimbra is still alpha.
The Lotus Notes product is really overkill to only be used for email. And like another said, is generally only used by companies who hate their users.
Other than that
There are a number of good collaborative server environments IF you're willing to be limited to a web interface for most of your functionality. But for many, a rich client support with online/offline capabilities is critical.
There's alot more to a collaborative PIM product than just a good protocol handling abstraction layer.
I guess what I'm saying is that the reasons you're using for why Thunderbird+Sunbird are good Outlook replacements are not very good reasons, at least IMO.