If you have multiple machines accessing your "few windows boxes" to run Office, then you must pay for a license of Office for each machine.
Office is not licensed per user, it is licensed per machine. A single workstation that has 20 people walking up to it and using Office needs only one license.
A desktop machine that has 20 people accessing it via VNC or any other means needs 20 licenses.
There is no Concurrent Licensing of Office.
You are in violation of your End User License Agreement.
Despite how reasonable, practicle, and "fair" you idea seems, it is illegal. Not for any technical or moral reasons, but because of a silly EULA.
All that said, I like your idea of a drop-box directory to convert.doc. I don't know if t his would violate the license agreement or not. Regardless, could you post your code for others to see and use?
In either example, subtract the media cost (CD, paper) and you have the content cost, plus maybe a transaction fee. Then, you receive the product in digital form for your MP3 player, or your ebook reader.
The main point, beyond the disribution medium, is how the Internet will bring together groups of people to collaborate to produce a product. Like eBay finds people on the other side of the country who actually want to buy your crap. It is the full 7 degrees of Kevin Bacon, not the single degree you know personally. That means you will be able to collaborate with anyone who has the time and resources you need.
These mini-collaborations will be created and destroyed just like the pathways of a switched telephone network.
I'm going to take a moment to explain how publishing will work in the future.
There will be no publishing houses such as O'Reilly, Addison Wesley, Houghton Mifflin, etc.
All around the country, in malls, airports, bookstores, kinkos, schools, libraries, etc there will be print on demand machines. Next to the print on demand machines will be kiosks (running Linux of course) that allow you to browse books, submit payment, and print them.
There will be two costs. The cost of the content, and the cost to have it printed. Thus, a kinkos, with it's power to buy lots of paper, might charge 4.00 to have a book printed. The content charge might by 2.00. Therefore the book costs 6.00.
An airport, not being a large paper purchaser, might have to charge more for the print costs so its fees might be 4.50. They might also charge a premium because of the captive audience. Likewise, the authors might charge 2.50 because they know that people in airports are desperate and willing to pay more. Total cost is 7.00.
Of course, some of these places could offer extra services, such as special covers, cover art, different paper options, delivery to a home address, etc.
The reason why there will be no publishers is because authors will work with freelance editors and copy-writers. Job boards on the Internet will allow these groups to hook up in ad-hoc ways to find work and get books written. Then they subscribe these books to a distribution system.
This same thing will happen with music, in whatever format you want, but I'll stick to CDs.
Music artists will work with freelance sound engineers and production people who have studio space and equipment, or who can rent such space. They will sell the content on the web, and in kiosks. There cash outlay will be minimal, and they will be able to reach any size audience. These kiosks will burn CDs for the consumer, or the web based consumers will recieve files (and freesoftware) to burn the CD's themselves, or keep them in digital form.
This change in music, and book publishing will occur for many reasons. Two of which are:
1) Reduce costs, increase profits. With no brick and mortars, or large company overhead, sales people, marketing (you could freelance this too), costs are lower.
2) Reach even the smallest audience. I might be a musician of really uncommon music. My world-wde audience might be 20,000. A record company/label woudln't sign me because my economies of scale don't scale. But, in the freelance system I might sell my content for 5.00 each. That is 100,000 per year if I produce each year. Take out the fees for the sound engineers time and whomever else helped me, I might make between 40-70k. Hardly starving artist.
It is merely designed to spend money, make a lot of media hype, and try to get other people to invest even more money in a larger project of similar nature. The projects themselves are irrelevant as to wether or not they accomplish anything, such as the betterment or eduction or the children.
First meet the practical needs of these people before you try to sell them advanced solutions to digital age problems that they don't even have.
Exactly, in this case it is using its lock-in to a popular site and popular game to drive people to register with Passport.
Someone at Microsoft creamed their pants when they woke up one day and realized how many things they could tie Passport into. And by tieing into it, they realized that they would have 80% of the world on Passport before Joe Consumer realized how dangerous Passport could be.
If you have recently installed a retail version of Microsoft Office XP you would know that it requires the creation of a MS Passport account. That is what Office Suites have to do with Passport.
I'm well aware of Passport's past.
As for the movie theatre reference, learn to recognize humor.
I thought you weren't allowed to use a monopoly in one area to create a monopoly in another area?
How is it that Microsoft is able to take it's monopoly in Office Suites and require you to create a Passport account in order to register them? Isn't that just creating a monopoly in online Registration?
Once everyone has been forced to register their Office and Windows with Passport, why whould they bother to register with another service? It is just like bundling the browser, only this time they are bundling the online registration.
It's crap of the highest order. It is even worse than the monopoly movie theatres have on food and drink. They state that you cannot bring in outside food or drink and make you pay extortionist prices for the crap that they do offer. It is not a free choice, in the sense that I went there for the movie, not food, but if I want food with my movie I have to pay out the whazoo. This would only be fair if I had the choice of brining in outside food and drink.
some bint with a bow challenging the Riders at a ford - I assume you're talking about Arwen. Come on, it's not like Glorfindel is some major character. If Arwen had replaced Legolas, I'd be pissed, but this is really a minor plot point, and it's a good way for them to boost Arwen's role without changing the story much. Now whether Arwen's role should be boosted is certainly up for debate, but it doesn't make the movie a piece of crap either way they go.
So, you think it is unimportant that Frodo, wounded for days, nearly turned into a wraith, is able to must the courage and will to offer a last bit of defiance to the Nazgul? Having anyone between Frodo and the Nazgul at that moment, whether it is Glorfindel, Arwen, or Gandalf, makes Frodo less of a character. This was not a minor change.
As for Glorfindel not being in the movie, I'm not upset, but disappointed. I do not see why Arwen had to fill that role. They could have expanded her in other ways with Aragorn. They are seen together in a few scenes in Rivendell. Glorfindel could have been just about any other elf. But, having a strong elf-lord protect them from the Nazgul up until this point, shows how powerful some of the elves can be. It makes an important note in the Council of Elrond when they are deciding who will go on the Fellowship, and whether they elves should hide and guard the ring.
Doesnt' Brick Level Backup destroy single instance storage? Meaning, I might have a 100GB.mbd file, but when I Brick Back it up, that might grow to 1000GB because all those single instance messages will get individually saved into each mailbox.
Backing up 1000GB could take a long time. Brick Level Backup is considered a Bad Thing by the gurus of the microsoft.public.exchange.admin list.
You are, however, 100% correct about Deleted Item Retention.
Sorry, I wrote this rant and just wanted to put it somewhere. Your mention of Unsafe at any Speed made me think of it.It is a response to Culp's comments last month.
Code Red. Lion. Sadmind. Ramen. Nimda. In the past year, computer worms with these names have attacked computer networks around the world, causing billions of dollars of damage. They paralyzed computer networks, destroyed data, and in some cases left infected computers vulnerable to future attacks. The people who wrote them have been rightly condemned as criminals. But they needed help to devastate our networks. And we in the security community gave it to them.
By listing worms that attacked a variety of operating systems Culp makes it appear that the security threat is equal to all the players in the OS space. What he doesn't do is supply a severity to the listed worms that lets us see that the worst and most widespread of these attacks were against Microsoft systems. Microsoft's dominance in the OS space only increases their responsibility for security breaches, it does not justify their targetibility.
It's high time the security community stopped providing blueprints for building these weapons. And it's high time computer users insisted that the security community live up to its obligation to protect them. We can and should discuss security vulnerabilities, but we should be smart, prudent, and responsible in the way we do it.
What it is high time for is Microsoft to take security seriously. Their operating systems have always been about ease of use, not security. Just like passenger and baggage check in US airports are about hasslefree service. We have seen one consequence of the airports security measures, and that terrible act is the only reason airport security is increasing. Numerous reports in the past few years have pointed to the insecurity of passenger air travel, yet the airlines took no notice. Code Red may well be the clarion call to reconsider the importance of security in your operating system. If your current vendor isn't supplying it, perhaps you should look elsewhere.
Arming the Enemy
First, let's state the obvious. All of these worms made use of security flaws in the systems they attacked, and if there hadn't been security vulnerabilities in Windows®, Linux, and Solaris®, none of them could have been written. This is a true statement, but it doesn't bring us any closer to a solution. While the industry can and should deliver more secure products, it's unrealistic to expect that we will ever achieve perfection. All non-trivial software contains bugs, and modern software systems are anything but trivial. Indeed, they are among the most complex things humanity has ever developed. Security vulnerabilities are here to stay.
According to Ralph Nader automobiles in the 60's were unsafe at any speed. He blew the whistle, and the groundswell response led to drastic changes in the manufacturing of automobiles and the responsibility of those manufacturers for the safety of the cars after the sale had occurred. Fastforward 30 years and juxtapose Microsoft for General Motors and you can hear the whistle blowing. Despite Microsofts attempts to hide behind groups such as the DMCA consumers and lawmakers will not continue to put up with the security risks using Microsoft products make them vulnerable to.
If we can't eliminate all security vulnerabilities, then it becomes all the more critical that we handle them carefully and responsibly when they're found. Yet much of the security community handles them in a way that fairly guarantees their use, by following a practice that's best described as information anarchy. This is the practice of deliberately publishing explicit, step-by-step instructions for exploiting security vulnerabilities, without regard for how the information may be used.
Do not fear he who hath power to kill your webserver, fear he who hath the power to crack your server, steal your financial data and destroy your very business. Prior to a security fix or announcement of a vulnerability you aren't even aware that your system is at risk. The sooner information is released to the consumer, the sooner they can make a business decision as to which is the greater cost: the possibility of having their system cracked and data stolen, bearing the cost in dollars and man hours to move to a more secure system, or the business impact of shutting an insecure service down until the security bug is fixed.
The relationship between information anarchy and the recent spate of worms is undeniable. Every one of these worms exploited vulnerabilities for which step-by-step exploit instructions had been widely published. But the evidence is more far conclusive than that. Not only do the worms exploit the same vulnerabilities, they do so using the same techniques as were published - in some cases even going so far as to use the same file names and identical exploit code. This is not a coincidence. Clearly, the publication of exploit details about the vulnerabilities contributed to their use as weapons.
Again, who is it that we fear? The script kiddies who are all bark, but no bite, or the blackhats who have established user accounts on your servers and has your corporate network as their playground?
Good Intentions Gone Awry
Supporters of information anarchy claim that publishing full details on exploiting vulnerabilities actually helps security, by giving system administrators information on how to protect their systems, demonstrating the need for them to take action, and bringing pressure on software vendors to address the vulnerabilities. These may be their intentions, but in practice information anarchy is antithetical to all three goals.
These methods are only antithetical when you have a dominant market position that is dependent upon people perceiving your products as being easy to use, secure, and hassle free to maintain.
Providing a recipe for exploiting a vulnerability doesn't aid administrators in protecting their networks. In the vast majority of cases, the only way to protect against a security vulnerability is to apply a fix that changes the system behavior and eliminates the vulnerability; in other cases, systems can be protected through administrative procedures. But regardless of whether the remediation takes the form of a patch or a workaround, an administrator doesn't need to know how a vulnerability works in order to understand how to protect against it, any more than a person needs to know how to cause a headache in order to take an aspirin.
Wrong. Providing the exact details of an exploit allows competent administrators or programmers to go to the source of a program or operating system and provide their own fix if none is available from the community at large or the creator of that program. Furthermore, a community made aware of an exploit is able to marshall its resources to provide a fix as soon as possible. Culp's position is only true in a closed source environment where the system administrator is nothing more than a mouse monkey whose idea of system administration and security are the point and click wizards provided by the vendor; or where the risk to customers of using vulnerable systems is weighed against marketing and PR concerns or the availability of programming resources and the cost of providing them.
Likewise, if information anarchy is intended to spur users into defending their systems, the worms themselves conclusively show that it fails to do this. Long before the worms were built, vendors had delivered security patches that eliminated the vulnerabilities. In some cases, the fixes were available in multiple forms - singleton patches, cumulative patches, service packs, and so forth - as much as a year in advance. Yet when these worms tore through the user community, it was clear that few people had applied these fixes.
Many people have faulted the patching process itself for the low uptake rate. Fair enough - we do need to make it easier for users to keep their systems secure, and Microsoft acknowledged this very point in a recent major security announcement. But if the current methods for protecting systems are ineffective, it makes it doubly important that we handle potentially destructive information with care.
One of my cars had a factory recall, some sort of problem with the CV boots. The auto manufacturer contacted me, on more than one occasion, to let me know that my car had a potential problem, where I could go to get it fixed, and they said they would bear the cost to fix my car. I'm not certain which one of the myriad of forms I signed when I purchased the car that signed me up for this protection plan, but it sure did work. In my 7 years of administrating Microsoft networks, the hundreds of products I have registered with them and the thousands of times I have visited their website, never once has Microsoft contacted me to let me know about a security vulnerability in the product they sold me. Making the fix available is not the same as notifying people that there is a problem and a fix.
Furthermore, like the boy who cried wolf, Microsoft products have so many vulnerabilities and the methods for keeping your systems patched are so time consuming that it can become a full time job just to keep on top of it. After awhile you just cry, "Enough!," I've got other things to do than babysit the Microsoft website to find out what the latest vulnerability is. I've subscribed to Microsoft Security alerts, and typically I have found them to be late in notifying me of problems and so filled with PR that it was hard for me to asses to true risk to my systems.
Finally, information anarchy threatens to undo much of the progress made in recent years with regard to encouraging vendors to openly address security vulnerabilities. At the end of the day, a vendor's paramount responsibility is to its customers, not to a self-described security community. If openly addressing vulnerabilities inevitably leads to those vulnerabilities being exploited, vendors will have no choice but to find other ways to protect their customers.
A very good point Culp, vendors must find other ways to protect their customers. What Microsoft has been doing is not sufficient. The whistle has been blown, the users hear it, and they know that Microsoft has not had their best interest in mind. If Microsoft had, they would have found ways to contact users of vulnerabilities and given users incentives to patch their systems.
Responsible Handling is Key
This is not a call to stop discussing vulnerabilities. Instead, it is a call for security professionals to draw a line beyond which we recognize that we are simply putting other people at risk. By analogy, this isn't a call for people for give up freedom of speech; only that they stop yelling "fire" in a crowded movie house.
"Fire" is not being called in a crowded movie house, a fire alarm is being pulled and people are making an orderly egress. The egress is to Apache, Linux, Solaris, and FreeBSD. I'm grateful for that fire alarm, without it I would have found myself surrounded in flames created by blackhats while a Microsoft infomercial drones on the screen telling me, "There is no fire." I've got news for you Mr. Gates, this isn't the Matrix, and we are not all plugged into your grand scheme. Some of us see where you are taking us not just today, but tomorrow, and we're going to stop you.
Most of the security community already follows common-sense rules that ensure that security vulnerabilities are handled appropriately. When they find a security vulnerability, they inform the vendor and work with it while the patch is being developed. When the patch is complete, they publish information discussing what products are affected by the vulnerability, what the effect of the vulnerability is - that is, the type and extent of damage that an attacker could cause through it - and what users can do to protect their systems. This type of information protects users by giving them the information they need to decide whether to apply the fix, but it doesn't put them at risk.
Baaahhhh! Sheep, that is what Microsoft wants for customers. Users who blindly follow them to the slaughter house. But, shepard Microsoft can't even protect us that long. The wolves circle and pick off the sheep one by one. Meanwhile, the lead sheep watch what is going on in the slaughterhouse and they are told by the shepard not to tell the other sheep. Such information would cause a panic in the fold and desertions so great that Microsfts stock price would fall into a irretreivable spiral.
Some security professionals go the extra mile and develop tools that assist users in diagnosing their systems and determining whether they are affected by a particular vulnerability. This too can be done responsibly. In many cases, it's possible to build a tool that performs non-destructive testing and can only be used by a legitimate system administrator. In other cases, the specifics of the vulnerability make it impossible to limit how the tool could be used - but in cases like these, a decent regard for the well-being of the user community suggests that it would better to not build the tool than to release it and see it misused.
I repeat, those who use open source can always go the extra mile, and at the least, patch their own systems.
What You Can Do
Ending information anarchy will not end the threat of worms. Ethics and intelligence aren't a package deal, and some of the malicious people who write worms are quite smart. Even in the best of conditions, it will still be possible to write worms. But the state of affairs today allows even relative novices to build highly destructive malware. It's simply indefensible for the security community to continue arming cybercriminals. We can at least raise the bar.
What is indefensible is Microsoft's lax security throughout an entire series of Windows operating systems, office suites, and back office products. I once heard a joke that Microsoft was in a uproar because they found a virus that Outlook was not susceptable to; the company vowed to quickly rememdy that situation. The best jokes are baised upon some truth, and this joke was very, very funny. Security warnings do not arm cybercriminals, security holes do. Once again, do you really think the most malicious of crackers out there don't know and take advantage of security holes before they are announced? Of course those crackers know, and the sooner the user knows the sooner they can do something about it.
This issue is larger than just the security community. All computer users have a stake in this issue, and all of us can help ensure that vulnerabilities are handled responsibly. Companies can adopt corporate policies regarding how their IT departments will handle any security vulnerabilities they find. Customers who are considering hiring security consultants can ask them what their policies are regarding information anarchy, and make an informed buying decision based on the answer. And security professionals only need to exercise some self-restraint.
My company can adopt a corporate policy that only open source software will be used for all mission critical systems because only open source has a proven track record of quick security fixes. Instead of worrying about a security consultants policy on security disclosures, a customer would be better served by keeping security in mind when evaluating software solutions. First avoid the obvious danger.
For its part, Microsoft will be working with other industry leaders over the course of the coming months, to build an industry-wide consensus on this issue. We'll provide additional information as this effort moves forward, and will ask for our customers' support in encouraging its adoption. It's time for the security community to get on the right side of this issue.
The security community has always been on the right side of the issue, it is Microsoft who has not. Even now they are trying to sway others to their position instead of adopting that held by the long standing security community.
The point is: Sting, my favorite musician, is backing Microsoft. He is doing a free concert in a New York park to help promote this software launch.
Sting, Sting, Sting, where did you go wrong? From Amnesty International to the Rainforest Foundation, you were a backer of the downtrodden, the underdogs. How could you turn on us and promote that Monopolistic company called Microsoft?
Sadly, I'm having to believe that you were suckered in by a million dollar endorsement. Same as Madonna. My fiancee is crushed by Madonna joining with MS, I am devasted by Sting.
Thanks for the reply. If you read what I wrote you will realize getting security patches went from easy, to difficult, to being easy again. The url you provide has not always existed, nor has it always had useful information. Microsfot security patches for their programs from the OS to Exchange to SQL have usually been in different places. In fact, many of them required the user to dig through the ftp site (which was badly organized last time I looked at it).
The easy url, this new campaign, are steps in the right direction. However, they have had an insecure product for 20 years and they are only just now getting serious about security.
Kinda funny how they have allowed pirated software for 20 years and they are only just now getting serious about that.
I have about 50 Microsoft NT servers from 3.50 thru Windows 2000 REGISTERED with Microsoft. They have my name, my address, my e-mail address, my telephone number.
Never once did they contact me or send me a CD with security patches on it. Never did they send me an email to go to a website to download a fix.
I was told, when I registered my product, that they would keep me informed. They have failed to do so.
The recent exploits of IIS were from known problems that had previous patches. Many users did not patch their system. They did not know that they had to patch their system. Despite Microsoft knowing who the users of NT IIS were, they did not attempt to contact those users and let them know that patches were available.
Not only that, until recently Microsoft made it very difficult to find security patches. Their website is large and complex, and items change location all the time. In the past five years finding patches for security fixes of NT systems has gone from extremely easy, to nearly impossible, to finally getting organized and easier again.
Why is it, that after the outbreak of Code Red, it took days before information was available from a link on Microsoft's main page? Because it is bad marketing. Instead I have to go deeper to find that information. There isn't even a generic link for security from the main page.
When you do get to their security page, you are told that Microsoft is doing the radical step of giving Security Tool Kits away for FREE!!! Amazing, you bloody well better give it to me for free. It's your buggy code that had the problem in the first place. I'm a registered user, I haven't received a kit yet.
Microsoft is finally starting to take some initiative with this security thing. But, they shouldn't run around pointing fingers at anyone other than themselves
It means that you will only be able to retrieve HOTMAIL email with POP3 if you use MSN Explorer. Outlook, or Outlook Express. This is because those are the only clients that support it right now.
I haven't seen anyone comment on the fact that it was going to take them 4 days to travel from Earth to Kronos at Warp 4.5. That means at Warp 9.8 or so the Klingon homeworld, not even to mention Klingon outposts will be something like 2 hours away.
So, if the part of the universe the Federation and the Klingons are fighting over is that small, then Earth would always be heavily defended and fortified because the Klingons could stop by for lunch and bring a 100 Birds of Prey with them.
This means that all those episodes in which the Enterprise is the only ship close enough to help is patently ridiculous.
I say at Warp 4 the Klingons should have been about 2 months away, and at Warp 9.8 something like 10 days.
Anyway, they have the time/distance stuff screwed up.
Actually, what it says is that there is an 80% chance that a rewrite will not occur before the end of 2002. That means that there is no chances given that there ever will be a rewrite.
Not to object to your whole post, but you are wrong about your terms for Upgrade Advantage.
You do not have to "get current" in order to enroll your Office installations into Upgrade Advantage.
You can enroll any existing licenses in Upgrade Advantage up until February 28, 2002. If you have Office 97 Standard, you can get a UA to go to Office XP Standard (note Standard, not Pro).
You are confusing Upgrade Advantage with Software Assurance. Software Assurance does require that you "get current" before you enroll. The cheapest way to get into Software Assurance is to first buy UA then enroll in SA 2 years later.
My suggestion is for your company to stand still on Office and deploy an open source alternative like OpenOffice 6.0 when it is available in a few months. Make a corporate mandate that new documents, spreadsheets, and presentations are to be created in StarOffice. Evangelize this suite to your customers and vendors, get them to install it, at least concurrently, at their locations so they can see your documents. They will, if they want to do business with you. It is hard to dictate terms to customers, but, you'll be surprised at how a grassroot campaign with just the ends users will work. And their IS department could very well help them since most of us delight when a user asks for StarOffice.
Anyway, fire the person who did your licensing orignally. If you have 5,000 desktops you should have already had an Enterprise Agreement, or Select.
I'm sorry, but you are wrong. The latest date in which anyone can purchase product under current licensing plans in February 28, 2002.
For your so called Fortune 2xx company, that already has an installed base of Windows boxes and a Licensing Contract, either Open License (not likely for a Fortune 500 Co.), Select, or Enterprise Agreement, the cheapest method to upgrade to Windows XP is via Upgrade Advantage (UA). The cost per desktop will be about $149 before discounts. They can purchase UA until Feb 28. At the time of purchase they get free upgrades to any subsequent versions of the OS that come out in the following 2 years.
After those 2 years are up, then they have the choice of either paying nothing, and all future upgrades will be at full OS cost, or they can enroll their desktops in Software Assurance, which means their desktop stuff would cost 29% per year of the full sale price.
The advantage to doing Software Assurance is that software now becomes an operating expense which means the accountants can do interesting stuff with it.
However, I'll be damned if Microsoft releases any significant upgrades to Windows XP before February 28, 2004, when the UA's contracts expire. However, they will release before Oct 1, 2004 when all the Software Assurance people who are just getting in this upcoming week will have paid for 3 years of subscriptions and received no updates.
All this licensing stuff is pure crap. I can't tell you how many headaches my small shop have had just trying to understand all the implications, cutoff dates, prices, etc. Particularly when we coupled our inquiries with questions concerning a BSA audit. Do you have any idea how hard it is to get a clear definition of "proof of license" from anyone?
Anyway, the October 1 date you mention used to be correct. Microsoft backed down from it though a few weeks after they announced it because corporations complained that they didn't have time to budget the expense of "getting current" and wouldn't be able to afford to do that and switch to Software Assurance. This article, erroneously, still mentions the October 1 date.
If your company has an Exchange server and the clients are using.pst files (which you describe as being the one big honking file) then you have a bunch of misconfigured clients.
Exchange allows for all mail to be stored in a central database file(s) {starting with Exchange 2000 you can have multiple files} on the server. This allows for single instance storage. Which means if user A sends a 10MB file to 100 users on the Exchange server it takes up, gasp, 10MB. Try that with sendmail and you will quickly have 1GB of diskspace taken up on the server.
Exchange has a lot of useful, powerful features. It runs well. There are thousands of very large corporations using it. It also has it's share of problems, just like Sendmail does of it's own.
Configuring menus in KDE is every bit as easy as configuring the Start menu in Windows
I don't think so. My Windows Start menu is drag and drop. My KDE panel is not. In fact, adding a new application to it is tiresome and takes about 1 minute.
Address book support, etc.
While I agree the filtering is nice, the address book has problems. Namely, no LDAP. Not having a central address book can be huge for a company moving from MS Exchange.
I just migrated an 8-site corporation to Star Office from MS-Office - no complaints; its working great.
You probably didn't get any complaints because all of your mail was forwarded to/dev/null and you forgot the password to check your voicemail. You simply can not have NO COMPLAINTS. Users are lazy and do not like change. You've had complaints, you've just considered them unimportant enough. What about fonts under Star Office? What about macros?
Complaints aside, I agree, KDE is at least equal in useability with Windows 9.x, and in many places superior.
Slashdot Mirror
If you have multiple machines accessing your "few windows boxes" to run Office, then you must pay for a license of Office for each machine.
.doc. I don't know if t his would violate the license agreement or not. Regardless, could you post your code for others to see and use?
Office is not licensed per user, it is licensed per machine. A single workstation that has 20 people walking up to it and using Office needs only one license.
A desktop machine that has 20 people accessing it via VNC or any other means needs 20 licenses.
There is no Concurrent Licensing of Office.
You are in violation of your End User License Agreement.
Despite how reasonable, practicle, and "fair" you idea seems, it is illegal. Not for any technical or moral reasons, but because of a silly EULA.
All that said, I like your idea of a drop-box directory to convert
Thank you.
Your right, and I forgot to add that point.
In either example, subtract the media cost (CD, paper) and you have the content cost, plus maybe a transaction fee. Then, you receive the product in digital form for your MP3 player, or your ebook reader.
The main point, beyond the disribution medium, is how the Internet will bring together groups of people to collaborate to produce a product. Like eBay finds people on the other side of the country who actually want to buy your crap. It is the full 7 degrees of Kevin Bacon, not the single degree you know personally. That means you will be able to collaborate with anyone who has the time and resources you need.
These mini-collaborations will be created and destroyed just like the pathways of a switched telephone network.
I'm going to take a moment to explain how publishing will work in the future.
There will be no publishing houses such as O'Reilly, Addison Wesley, Houghton Mifflin, etc.
All around the country, in malls, airports, bookstores, kinkos, schools, libraries, etc there will be print on demand machines. Next to the print on demand machines will be kiosks (running Linux of course) that allow you to browse books, submit payment, and print them.
There will be two costs. The cost of the content, and the cost to have it printed. Thus, a kinkos, with it's power to buy lots of paper, might charge 4.00 to have a book printed. The content charge might by 2.00. Therefore the book costs 6.00.
An airport, not being a large paper purchaser, might have to charge more for the print costs so its fees might be 4.50. They might also charge a premium because of the captive audience. Likewise, the authors might charge 2.50 because they know that people in airports are desperate and willing to pay more. Total cost is 7.00.
Of course, some of these places could offer extra services, such as special covers, cover art, different paper options, delivery to a home address, etc.
The reason why there will be no publishers is because authors will work with freelance editors and copy-writers. Job boards on the Internet will allow these groups to hook up in ad-hoc ways to find work and get books written. Then they subscribe these books to a distribution system.
This same thing will happen with music, in whatever format you want, but I'll stick to CDs.
Music artists will work with freelance sound engineers and production people who have studio space and equipment, or who can rent such space. They will sell the content on the web, and in kiosks. There cash outlay will be minimal, and they will be able to reach any size audience. These kiosks will burn CDs for the consumer, or the web based consumers will recieve files (and freesoftware) to burn the CD's themselves, or keep them in digital form.
This change in music, and book publishing will occur for many reasons. Two of which are:
1) Reduce costs, increase profits. With no brick and mortars, or large company overhead, sales people, marketing (you could freelance this too), costs are lower.
2) Reach even the smallest audience. I might be a musician of really uncommon music. My world-wde audience might be 20,000. A record company/label woudln't sign me because my economies of scale don't scale. But, in the freelance system I might sell my content for 5.00 each. That is 100,000 per year if I produce each year. Take out the fees for the sound engineers time and whomever else helped me, I might make between 40-70k. Hardly starving artist.
It is merely designed to spend money, make a lot of media hype, and try to get other people to invest even more money in a larger project of similar nature. The projects themselves are irrelevant as to wether or not they accomplish anything, such as the betterment or eduction or the children.
First meet the practical needs of these people before you try to sell them advanced solutions to digital age problems that they don't even have.
The problem is, O'Reilly doesn't do this anymore. It was too expensive and in the down economy they had to stop using RepCover.
What you want, and your ISP, is TMDA. tmda.sourceforge.net
It is called TMDA and it is available at tmda.sourceforge.net
Exactly, in this case it is using its lock-in to a popular site and popular game to drive people to register with Passport.
Someone at Microsoft creamed their pants when they woke up one day and realized how many things they could tie Passport into. And by tieing into it, they realized that they would have 80% of the world on Passport before Joe Consumer realized how dangerous Passport could be.
It's insidious.
If you have recently installed a retail version of Microsoft Office XP you would know that it requires the creation of a MS Passport account. That is what Office Suites have to do with Passport.
I'm well aware of Passport's past.
As for the movie theatre reference, learn to recognize humor.
I thought you weren't allowed to use a monopoly in one area to create a monopoly in another area?
How is it that Microsoft is able to take it's monopoly in Office Suites and require you to create a Passport account in order to register them? Isn't that just creating a monopoly in online Registration?
Once everyone has been forced to register their Office and Windows with Passport, why whould they bother to register with another service? It is just like bundling the browser, only this time they are bundling the online registration.
It's crap of the highest order. It is even worse than the monopoly movie theatres have on food and drink. They state that you cannot bring in outside food or drink and make you pay extortionist prices for the crap that they do offer. It is not a free choice, in the sense that I went there for the movie, not food, but if I want food with my movie I have to pay out the whazoo. This would only be fair if I had the choice of brining in outside food and drink.
Same thing for amusement park food pricing.
some bint with a bow challenging the Riders at a ford - I assume you're talking about Arwen. Come on, it's not like Glorfindel is some major character. If Arwen had replaced Legolas, I'd be pissed, but this is really a minor plot point, and it's a good way for them to boost Arwen's role without changing the story much. Now whether Arwen's role should be boosted is certainly up for debate, but it doesn't make the movie a piece of crap either way they go.
So, you think it is unimportant that Frodo, wounded for days, nearly turned into a wraith, is able to must the courage and will to offer a last bit of defiance to the Nazgul? Having anyone between Frodo and the Nazgul at that moment, whether it is Glorfindel, Arwen, or Gandalf, makes Frodo less of a character. This was not a minor change.
As for Glorfindel not being in the movie, I'm not upset, but disappointed. I do not see why Arwen had to fill that role. They could have expanded her in other ways with Aragorn. They are seen together in a few scenes in Rivendell. Glorfindel could have been just about any other elf. But, having a strong elf-lord protect them from the Nazgul up until this point, shows how powerful some of the elves can be. It makes an important note in the Council of Elrond when they are deciding who will go on the Fellowship, and whether they elves should hide and guard the ring.
Doesnt' Brick Level Backup destroy single instance storage? Meaning, I might have a 100GB .mbd file, but when I Brick Back it up, that might grow to 1000GB because all those single instance messages will get individually saved into each mailbox.
Backing up 1000GB could take a long time. Brick Level Backup is considered a Bad Thing by the gurus of the microsoft.public.exchange.admin list.
You are, however, 100% correct about Deleted Item Retention.
Sorry, I wrote this rant and just wanted to put it somewhere. Your mention of Unsafe at any Speed made me think of it.It is a response to Culp's comments last month.
Code Red. Lion. Sadmind. Ramen. Nimda. In the past year, computer worms with these names have attacked computer networks around the world, causing billions of dollars of damage. They paralyzed computer networks, destroyed data, and in some cases left infected computers vulnerable to future attacks. The people who wrote them have been rightly condemned as criminals. But they needed help to devastate our networks. And we in the security community gave it to them.
By listing worms that attacked a variety of operating systems Culp makes it appear that the security threat is equal to all the players in the OS space. What he doesn't do is supply a severity to the listed worms that lets us see that the worst and most widespread of these attacks were against Microsoft systems. Microsoft's dominance in the OS space only increases their responsibility for security breaches, it does not justify their targetibility.
It's high time the security community stopped providing blueprints for building these weapons. And it's high time computer users insisted that the security community live up to its obligation to protect them. We can and should discuss security vulnerabilities, but we should be smart, prudent, and responsible in the way we do it.
What it is high time for is Microsoft to take security seriously. Their operating systems have always been about ease of use, not security. Just like passenger and baggage check in US airports are about hasslefree service. We have seen one consequence of the airports security measures, and that terrible act is the only reason airport security is increasing. Numerous reports in the past few years have pointed to the insecurity of passenger air travel, yet the airlines took no notice. Code Red may well be the clarion call to reconsider the importance of security in your operating system. If your current vendor isn't supplying it, perhaps you should look elsewhere.
Arming the EnemyFirst, let's state the obvious. All of these worms made use of security flaws in the systems they attacked, and if there hadn't been security vulnerabilities in Windows®, Linux, and Solaris®, none of them could have been written. This is a true statement, but it doesn't bring us any closer to a solution. While the industry can and should deliver more secure products, it's unrealistic to expect that we will ever achieve perfection. All non-trivial software contains bugs, and modern software systems are anything but trivial. Indeed, they are among the most complex things humanity has ever developed. Security vulnerabilities are here to stay.
According to Ralph Nader automobiles in the 60's were unsafe at any speed. He blew the whistle, and the groundswell response led to drastic changes in the manufacturing of automobiles and the responsibility of those manufacturers for the safety of the cars after the sale had occurred. Fastforward 30 years and juxtapose Microsoft for General Motors and you can hear the whistle blowing. Despite Microsofts attempts to hide behind groups such as the DMCA consumers and lawmakers will not continue to put up with the security risks using Microsoft products make them vulnerable to.
If we can't eliminate all security vulnerabilities, then it becomes all the more critical that we handle them carefully and responsibly when they're found. Yet much of the security community handles them in a way that fairly guarantees their use, by following a practice that's best described as information anarchy. This is the practice of deliberately publishing explicit, step-by-step instructions for exploiting security vulnerabilities, without regard for how the information may be used.
Do not fear he who hath power to kill your webserver, fear he who hath the power to crack your server, steal your financial data and destroy your very business. Prior to a security fix or announcement of a vulnerability you aren't even aware that your system is at risk. The sooner information is released to the consumer, the sooner they can make a business decision as to which is the greater cost: the possibility of having their system cracked and data stolen, bearing the cost in dollars and man hours to move to a more secure system, or the business impact of shutting an insecure service down until the security bug is fixed.
The relationship between information anarchy and the recent spate of worms is undeniable. Every one of these worms exploited vulnerabilities for which step-by-step exploit instructions had been widely published. But the evidence is more far conclusive than that. Not only do the worms exploit the same vulnerabilities, they do so using the same techniques as were published - in some cases even going so far as to use the same file names and identical exploit code. This is not a coincidence. Clearly, the publication of exploit details about the vulnerabilities contributed to their use as weapons.
Again, who is it that we fear? The script kiddies who are all bark, but no bite, or the blackhats who have established user accounts on your servers and has your corporate network as their playground?
Good Intentions Gone AwrySupporters of information anarchy claim that publishing full details on exploiting vulnerabilities actually helps security, by giving system administrators information on how to protect their systems, demonstrating the need for them to take action, and bringing pressure on software vendors to address the vulnerabilities. These may be their intentions, but in practice information anarchy is antithetical to all three goals.
These methods are only antithetical when you have a dominant market position that is dependent upon people perceiving your products as being easy to use, secure, and hassle free to maintain.
Providing a recipe for exploiting a vulnerability doesn't aid administrators in protecting their networks. In the vast majority of cases, the only way to protect against a security vulnerability is to apply a fix that changes the system behavior and eliminates the vulnerability; in other cases, systems can be protected through administrative procedures. But regardless of whether the remediation takes the form of a patch or a workaround, an administrator doesn't need to know how a vulnerability works in order to understand how to protect against it, any more than a person needs to know how to cause a headache in order to take an aspirin.
Wrong. Providing the exact details of an exploit allows competent administrators or programmers to go to the source of a program or operating system and provide their own fix if none is available from the community at large or the creator of that program. Furthermore, a community made aware of an exploit is able to marshall its resources to provide a fix as soon as possible. Culp's position is only true in a closed source environment where the system administrator is nothing more than a mouse monkey whose idea of system administration and security are the point and click wizards provided by the vendor; or where the risk to customers of using vulnerable systems is weighed against marketing and PR concerns or the availability of programming resources and the cost of providing them.
Likewise, if information anarchy is intended to spur users into defending their systems, the worms themselves conclusively show that it fails to do this. Long before the worms were built, vendors had delivered security patches that eliminated the vulnerabilities. In some cases, the fixes were available in multiple forms - singleton patches, cumulative patches, service packs, and so forth - as much as a year in advance. Yet when these worms tore through the user community, it was clear that few people had applied these fixes.
Many people have faulted the patching process itself for the low uptake rate. Fair enough - we do need to make it easier for users to keep their systems secure, and Microsoft acknowledged this very point in a recent major security announcement. But if the current methods for protecting systems are ineffective, it makes it doubly important that we handle potentially destructive information with care.
One of my cars had a factory recall, some sort of problem with the CV boots. The auto manufacturer contacted me, on more than one occasion, to let me know that my car had a potential problem, where I could go to get it fixed, and they said they would bear the cost to fix my car. I'm not certain which one of the myriad of forms I signed when I purchased the car that signed me up for this protection plan, but it sure did work. In my 7 years of administrating Microsoft networks, the hundreds of products I have registered with them and the thousands of times I have visited their website, never once has Microsoft contacted me to let me know about a security vulnerability in the product they sold me. Making the fix available is not the same as notifying people that there is a problem and a fix.
Furthermore, like the boy who cried wolf, Microsoft products have so many vulnerabilities and the methods for keeping your systems patched are so time consuming that it can become a full time job just to keep on top of it. After awhile you just cry, "Enough!," I've got other things to do than babysit the Microsoft website to find out what the latest vulnerability is. I've subscribed to Microsoft Security alerts, and typically I have found them to be late in notifying me of problems and so filled with PR that it was hard for me to asses to true risk to my systems.
Finally, information anarchy threatens to undo much of the progress made in recent years with regard to encouraging vendors to openly address security vulnerabilities. At the end of the day, a vendor's paramount responsibility is to its customers, not to a self-described security community. If openly addressing vulnerabilities inevitably leads to those vulnerabilities being exploited, vendors will have no choice but to find other ways to protect their customers.
A very good point Culp, vendors must find other ways to protect their customers. What Microsoft has been doing is not sufficient. The whistle has been blown, the users hear it, and they know that Microsoft has not had their best interest in mind. If Microsoft had, they would have found ways to contact users of vulnerabilities and given users incentives to patch their systems.
Responsible Handling is KeyThis is not a call to stop discussing vulnerabilities. Instead, it is a call for security professionals to draw a line beyond which we recognize that we are simply putting other people at risk. By analogy, this isn't a call for people for give up freedom of speech; only that they stop yelling "fire" in a crowded movie house.
"Fire" is not being called in a crowded movie house, a fire alarm is being pulled and people are making an orderly egress. The egress is to Apache, Linux, Solaris, and FreeBSD. I'm grateful for that fire alarm, without it I would have found myself surrounded in flames created by blackhats while a Microsoft infomercial drones on the screen telling me, "There is no fire." I've got news for you Mr. Gates, this isn't the Matrix, and we are not all plugged into your grand scheme. Some of us see where you are taking us not just today, but tomorrow, and we're going to stop you.
Most of the security community already follows common-sense rules that ensure that security vulnerabilities are handled appropriately. When they find a security vulnerability, they inform the vendor and work with it while the patch is being developed. When the patch is complete, they publish information discussing what products are affected by the vulnerability, what the effect of the vulnerability is - that is, the type and extent of damage that an attacker could cause through it - and what users can do to protect their systems. This type of information protects users by giving them the information they need to decide whether to apply the fix, but it doesn't put them at risk.
Baaahhhh! Sheep, that is what Microsoft wants for customers. Users who blindly follow them to the slaughter house. But, shepard Microsoft can't even protect us that long. The wolves circle and pick off the sheep one by one. Meanwhile, the lead sheep watch what is going on in the slaughterhouse and they are told by the shepard not to tell the other sheep. Such information would cause a panic in the fold and desertions so great that Microsfts stock price would fall into a irretreivable spiral.
Some security professionals go the extra mile and develop tools that assist users in diagnosing their systems and determining whether they are affected by a particular vulnerability. This too can be done responsibly. In many cases, it's possible to build a tool that performs non-destructive testing and can only be used by a legitimate system administrator. In other cases, the specifics of the vulnerability make it impossible to limit how the tool could be used - but in cases like these, a decent regard for the well-being of the user community suggests that it would better to not build the tool than to release it and see it misused.
I repeat, those who use open source can always go the extra mile, and at the least, patch their own systems.
What You Can DoEnding information anarchy will not end the threat of worms. Ethics and intelligence aren't a package deal, and some of the malicious people who write worms are quite smart. Even in the best of conditions, it will still be possible to write worms. But the state of affairs today allows even relative novices to build highly destructive malware. It's simply indefensible for the security community to continue arming cybercriminals. We can at least raise the bar.
What is indefensible is Microsoft's lax security throughout an entire series of Windows operating systems, office suites, and back office products. I once heard a joke that Microsoft was in a uproar because they found a virus that Outlook was not susceptable to; the company vowed to quickly rememdy that situation. The best jokes are baised upon some truth, and this joke was very, very funny. Security warnings do not arm cybercriminals, security holes do. Once again, do you really think the most malicious of crackers out there don't know and take advantage of security holes before they are announced? Of course those crackers know, and the sooner the user knows the sooner they can do something about it.
This issue is larger than just the security community. All computer users have a stake in this issue, and all of us can help ensure that vulnerabilities are handled responsibly. Companies can adopt corporate policies regarding how their IT departments will handle any security vulnerabilities they find. Customers who are considering hiring security consultants can ask them what their policies are regarding information anarchy, and make an informed buying decision based on the answer. And security professionals only need to exercise some self-restraint.
My company can adopt a corporate policy that only open source software will be used for all mission critical systems because only open source has a proven track record of quick security fixes. Instead of worrying about a security consultants policy on security disclosures, a customer would be better served by keeping security in mind when evaluating software solutions. First avoid the obvious danger.
For its part, Microsoft will be working with other industry leaders over the course of the coming months, to build an industry-wide consensus on this issue. We'll provide additional information as this effort moves forward, and will ask for our customers' support in encouraging its adoption. It's time for the security community to get on the right side of this issue.
The security community has always been on the right side of the issue, it is Microsoft who has not. Even now they are trying to sway others to their position instead of adopting that held by the long standing security community.
Uh-huh, one time, at band camp, a vampire stuck a flute up Willow's...
The point is: Sting, my favorite musician, is backing Microsoft. He is doing a free concert in a New York park to help promote this software launch.
Sting, Sting, Sting, where did you go wrong? From Amnesty International to the Rainforest Foundation, you were a backer of the downtrodden, the underdogs. How could you turn on us and promote that Monopolistic company called Microsoft?
Sadly, I'm having to believe that you were suckered in by a million dollar endorsement. Same as Madonna. My fiancee is crushed by Madonna joining with MS, I am devasted by Sting.
Oh the humanity!
Thanks for the reply. If you read what I wrote you will realize getting security patches went from easy, to difficult, to being easy again. The url you provide has not always existed, nor has it always had useful information. Microsfot security patches for their programs from the OS to Exchange to SQL have usually been in different places. In fact, many of them required the user to dig through the ftp site (which was badly organized last time I looked at it).
The easy url, this new campaign, are steps in the right direction. However, they have had an insecure product for 20 years and they are only just now getting serious about security.
Kinda funny how they have allowed pirated software for 20 years and they are only just now getting serious about that.
I have about 50 Microsoft NT servers from 3.50 thru Windows 2000 REGISTERED with Microsoft. They have my name, my address, my e-mail address, my telephone number.
Never once did they contact me or send me a CD with security patches on it. Never did they send me an email to go to a website to download a fix.
I was told, when I registered my product, that they would keep me informed. They have failed to do so.
The recent exploits of IIS were from known problems that had previous patches. Many users did not patch their system. They did not know that they had to patch their system. Despite Microsoft knowing who the users of NT IIS were, they did not attempt to contact those users and let them know that patches were available.
Not only that, until recently Microsoft made it very difficult to find security patches. Their website is large and complex, and items change location all the time. In the past five years finding patches for security fixes of NT systems has gone from extremely easy, to nearly impossible, to finally getting organized and easier again.
Why is it, that after the outbreak of Code Red, it took days before information was available from a link on Microsoft's main page? Because it is bad marketing. Instead I have to go deeper to find that information. There isn't even a generic link for security from the main page.
When you do get to their security page, you are told that Microsoft is doing the radical step of giving Security Tool Kits away for FREE!!! Amazing, you bloody well better give it to me for free. It's your buggy code that had the problem in the first place. I'm a registered user, I haven't received a kit yet.
Microsoft is finally starting to take some initiative with this security thing. But, they shouldn't run around pointing fingers at anyone other than themselves
It means that you will only be able to retrieve HOTMAIL email with POP3 if you use MSN Explorer. Outlook, or Outlook Express. This is because those are the only clients that support it right now.
I haven't seen anyone comment on the fact that it was going to take them 4 days to travel from Earth to Kronos at Warp 4.5. That means at Warp 9.8 or so the Klingon homeworld, not even to mention Klingon outposts will be something like 2 hours away.
So, if the part of the universe the Federation and the Klingons are fighting over is that small, then Earth would always be heavily defended and fortified because the Klingons could stop by for lunch and bring a 100 Birds of Prey with them.
This means that all those episodes in which the Enterprise is the only ship close enough to help is patently ridiculous.
I say at Warp 4 the Klingons should have been about 2 months away, and at Warp 9.8 something like 10 days.
Anyway, they have the time/distance stuff screwed up.
Actually, what it says is that there is an 80% chance that a rewrite will not occur before the end of 2002. That means that there is no chances given that there ever will be a rewrite.
Not to object to your whole post, but you are wrong about your terms for Upgrade Advantage.
You do not have to "get current" in order to enroll your Office installations into Upgrade Advantage.
You can enroll any existing licenses in Upgrade Advantage up until February 28, 2002. If you have Office 97 Standard, you can get a UA to go to Office XP Standard (note Standard, not Pro).
You are confusing Upgrade Advantage with Software Assurance. Software Assurance does require that you "get current" before you enroll. The cheapest way to get into Software Assurance is to first buy UA then enroll in SA 2 years later.
My suggestion is for your company to stand still on Office and deploy an open source alternative like OpenOffice 6.0 when it is available in a few months. Make a corporate mandate that new documents, spreadsheets, and presentations are to be created in StarOffice. Evangelize this suite to your customers and vendors, get them to install it, at least concurrently, at their locations so they can see your documents. They will, if they want to do business with you. It is hard to dictate terms to customers, but, you'll be surprised at how a grassroot campaign with just the ends users will work. And their IS department could very well help them since most of us delight when a user asks for StarOffice.
Anyway, fire the person who did your licensing orignally. If you have 5,000 desktops you should have already had an Enterprise Agreement, or Select.
I'm sorry, but you are wrong. The latest date in which anyone can purchase product under current licensing plans in February 28, 2002.
For your so called Fortune 2xx company, that already has an installed base of Windows boxes and a Licensing Contract, either Open License (not likely for a Fortune 500 Co.), Select, or Enterprise Agreement, the cheapest method to upgrade to Windows XP is via Upgrade Advantage (UA). The cost per desktop will be about $149 before discounts. They can purchase UA until Feb 28. At the time of purchase they get free upgrades to any subsequent versions of the OS that come out in the following 2 years.
After those 2 years are up, then they have the choice of either paying nothing, and all future upgrades will be at full OS cost, or they can enroll their desktops in Software Assurance, which means their desktop stuff would cost 29% per year of the full sale price.
The advantage to doing Software Assurance is that software now becomes an operating expense which means the accountants can do interesting stuff with it.
However, I'll be damned if Microsoft releases any significant upgrades to Windows XP before February 28, 2004, when the UA's contracts expire. However, they will release before Oct 1, 2004 when all the Software Assurance people who are just getting in this upcoming week will have paid for 3 years of subscriptions and received no updates.
All this licensing stuff is pure crap. I can't tell you how many headaches my small shop have had just trying to understand all the implications, cutoff dates, prices, etc. Particularly when we coupled our inquiries with questions concerning a BSA audit. Do you have any idea how hard it is to get a clear definition of "proof of license" from anyone?
Anyway, the October 1 date you mention used to be correct. Microsoft backed down from it though a few weeks after they announced it because corporations complained that they didn't have time to budget the expense of "getting current" and wouldn't be able to afford to do that and switch to Software Assurance. This article, erroneously, still mentions the October 1 date.
I believe the quote is that there are three types of lies.
Lies, damned lies, and statistics.
If your company has an Exchange server and the clients are using .pst files (which you describe as being the one big honking file) then you have a bunch of misconfigured clients.
Exchange allows for all mail to be stored in a central database file(s) {starting with Exchange 2000 you can have multiple files} on the server. This allows for single instance storage. Which means if user A sends a 10MB file to 100 users on the Exchange server it takes up, gasp, 10MB. Try that with sendmail and you will quickly have 1GB of diskspace taken up on the server.
Exchange has a lot of useful, powerful features. It runs well. There are thousands of very large corporations using it. It also has it's share of problems, just like Sendmail does of it's own.
Configuring menus in KDE is every bit as easy as configuring the Start menu in Windows
I don't think so. My Windows Start menu is drag and drop. My KDE panel is not. In fact, adding a new application to it is tiresome and takes about 1 minute.
Address book support, etc.
While I agree the filtering is nice, the address book has problems. Namely, no LDAP. Not having a central address book can be huge for a company moving from MS Exchange.
I just migrated an 8-site corporation to Star Office from MS-Office - no complaints; its working great.
You probably didn't get any complaints because all of your mail was forwarded to /dev/null and you forgot the password to check your voicemail. You simply can not have NO COMPLAINTS. Users are lazy and do not like change. You've had complaints, you've just considered them unimportant enough. What about fonts under Star Office? What about macros?
Complaints aside, I agree, KDE is at least equal in useability with Windows 9.x, and in many places superior.