WinInfo Daily News   |   Windows IT Pro
in

SuperSite Blog

January 2009 - Posts

  • Microsoft response to UAC 'issue'

    Microsoft has sent me a statement about the UAC “issue” in Windows 7 that was raised by bloggers Rafael Rivera and Long Zheng. Long story short, it’s not a vulnerability. Here’s the full statement:

    • This is not a vulnerability. The intent of the default configuration of UAC is that users don’t get prompted when making changes to Windows settings.  This includes changing the UAC prompting level.
    • Microsoft has received a great deal of usability feedback on UAC prompting behavior in UAC, and has made changes in accordance with user feedback.
    • UAC is a feature designed to enable users to run software at user (non-admin) rights, something we refer to as Standard User.  Running software as standard user improves security reduces TCO.
    • The only way this could be changed without the user’s knowledge is by malicious code already running on the box.
    • In order for malicious code to have gotten on to the box, something else has already been breached (or the user has explicitly consented).

    There you go.

    Posted Jan 31 2009, 04:21 PM by pthurrott with 40 comment(s)
    Filed under:

  • Is UAC broken in Windows 7?

    Bloggers Long Zheng and Rafael Rivera have found what appears to be a serious failing in the emasculated version of User Account Control (UAC) that Microsoft is including in Windows 7: Apparently, it doesn’t work and is very easy to bypass. So easy, in fact, that Zheng and Rivera were able to write up a quickie Visual Basic Script (VBScript) that can compromise a Windows 7 PC. Microsoft’s response so far: “This feature works as intended.” This has the makings of a fight.

    Sacrificing security for usability: UAC security flaw in Windows 7 beta (with proof of concept code)

    This is dedicated to every ignorant “tech journalist” who cried wolf about UAC in Windows Vista. A change to User Account Control (UAC) in Windows 7 to make it “less annoying” inadvertently clears the path for a simple but ingenius override that renders UAC disabled without user interaction. For the security conscious, a workaround is also provided.

    By default, Windows 7’s UAC setting is set to “Notify me only when programs try to make changes to my computer” and “Don’t notify me when I make changes to Windows settings”. How it distinguishes between a (third party) program and Windows settings is with a security certificate … The Achilles’ heel of this system is that changing UAC is also considered a “change to Windows settings”, coupled with the new default UAC security level, would not prompt you if changed. Even to disable UAC entirely.

    The implications are even worse than originally thought. You could automate a restart after UAC has been changed, add a program to the user’s startup folder and because UAC is now off, run with full administrative privileges ready to wreak havoc.

    Beta users of Windows 7 can also apply a simple fix. Changing the UAC policy to “Always Notify” will force Windows 7 to notify you even if UAC settings change. Annoying, but safe.

    Put another way, “annoying but safe … Like it was in Windows Vista. And is in Mac OS X, by the way.”

    Raf’s take...

    Malware can turn off UAC in Windows 7; “By design” says Microsoft

    Windows 7, however, now ships with UAC configured to hide prompts when users change Windows settings. While this mode still ensures normal applications can’t overwrite your entire registry hive, Microsoft made a boo-boo in allowing users to change any Windows setting without any prompts. Yes, you can even change UAC settings, allow applications free reign in elevated mode (after the required restart).

    An obvious fix for this “issue” would be to force the adjustment of UAC parameters to be confirmed by a human. Until Microsoft addresses this “issue”, you can set UAC to its highest mode to kill any concerns you may have… but you’re not using this in a production environment anyway – right?

    Um. Right.

    Microsoft?

    Posted Jan 30 2009, 11:23 AM by pthurrott with 86 comment(s)
    Filed under: , ,

  • Silly 'Release Windows 7 now' campaign

    I’m not a big fan of bald-faced attention grabs like this silliness, but I am at least amused to discover that I’m “jones'n” for Windows 7 to be released … now. I guess it’s possible I said that. Maybe. But what I’m really “jones'n” for is a chance to actually provide feedback on a product that wasn’t cast in stone before testers got to it. Maybe Windows 8 will be that product. Windows 7, good as it is, is most certainly not.

    Poe said that based on positive reviews of Windows 7 by Leo LaPorte, another Windows enthusiast who has advocated an early release of Windows 7 on his podcasts, and Paul Thurrott, who writes and maintains the popular SuperSite for Windows blog, he's "jones'n" for the software's release.

    "Let's join together and get Microsoft to release Windows 7...enough with this Beta stuff," Poe wrote.

    Or. Let’s not. Let’s campaign for more transparency at Microsoft and less Apple-like secrecy instead.

    Posted Jan 29 2009, 05:56 PM by pthurrott with 43 comment(s)
    Filed under: , ,

  • iTunes Plus upgrades go a la carte

    When Apple announced that they were going fully DRM-free earlier this month, I hailed it as a good sign. In fact, with Windows 7 picking up AAC compatibility across the board, iTunes’ use of 256 Mbps non-protected AAC files suddenly makes more sense, and that service is among those offering the highest quality songs. There was just one niggling problem: If you wanted to upgrade your existing collection of purchased iTunes music (i.e. 128 Kbps Protected AAC junk), you had to upgrade the whole collection. You couldn’t just pick and choose which songs to upgrade. According to Macworld (yes, they’re apparently still around), that’s changed:

    Apple has dispensed with the iTunes Store all-or-nothing upgrade policy.

    Until today, anyone who wished to upgrade his or her music from iTunes’ protected format to iTunes Plus was required to upgrade every track in his or her library. That’s no longer the case. Travel to the iTunes Plus upgrade page (which you can do by clicking on the Upgrade To iTunes Plus link on the Store’s Home page) and you’ll discover that not only can you click on a large Buy All button to upgrade your entire protected collection, but you can now click Buy buttons next to the protected albums or tracks in your library. When you first do so, you’ll be prompted to agree to a new license agreement. Once you do that, you’re free to upgrade songs, albums, or music videos individually.

    Prices haven’t changed. It still costs 30-cents to upgrade a track, approximately one-third of an album’s current purchase price to upgrade the album ($9.99 albums can be upgraded for $3), and it costs 60 cents to upgrade a music video.

    So, kudos to Apple for doing that, finally. But raspberries all around because the company knew in advance that its biggest fans would simply knee-jerk their Mastercards out of their wallets and buy the all-or-nothing upgrade no questions asked, even though they long ago stopped listening to that “Rockwell’s Greatest Hits” album they bought in a fit of drunken stupidity. Those who “Think Different” (you know, the crazy ones) already ponied up to rebuy their entire collection. (Admit it, you did.) Those with clearer heads (and the more discriminating musical taste that comes with age) can now save some money.

    Thanks to James W. for the tip.

    Posted Jan 29 2009, 04:07 PM by pthurrott with 25 comment(s)
    Filed under: , , , , , ,

  • Is Microsoft prepping a Windows 7 SKU specifically for Netbooks? (Update: Yes. Yes, they are)

    I just heard a rumor that Microsoft is going to have a Windows 7 product version (SKU) specifically aimed at netbooks (“dumbed down, runs in less memory”), something that might be called Windows 7 Netbook. I obviously hope that this is not the case, but given yesterday’s discussion about the possibility of fewer Windows 7 SKUs—which would be GOOD—the idea that Microsoft may actually introduce more SKUs is, of course BAD. So. I don’t usually throw stuff like this out there, but … Does anyone know anything about this? Could someone please tell me this isn’t happening?

    UPDATE: CNET confirms the Netbook SKU:

    Microsoft has confirmed to CNET UK that it will be providing a version of Windows 7 specifically developed for netbooks and sub-notebook computers, as well as at least one version for consumers, and one for enterprise users.

    Posted Jan 29 2009, 01:00 PM by pthurrott with 35 comment(s)
    Filed under: ,

  • More Windows 7 themes, and an amazing list of free stuff from Microsoft

    Matt L. just sent over a couple of links I should share with everyone. Some amazing stuff.

    First up is a nice (if IP-irresponsible) collection of Windows 7 Themes, many of which are Mac OS X-based:

    Windows 7 Themes

    These themes for Windows 7 are free for personal use. Don’t bother on trying them with Vista or XP because they just wont work. All the wallpapers used in the themes are credit to their respective authors, but the work done in putting up these themes together is all mine. I’m all open to requests for themes of particular types.

    More impressive, however, is this crazy blog with a list of all the free stuff Microsoft puts out:

    The Road to Know Where

    Just scan down the page and also be sure to check out his Lists section. Nuts.

    Posted Jan 29 2009, 12:46 PM by pthurrott with 3 comment(s)
    Filed under: , ,

  • Amazon preps new Kindle for February 9 launch

    Yay! According to the New York Times Bits blog, Amazon will launch its next-gen Kindle ebook reader on February 9. It looks awesome, and as a Kindle user and fan from Day One, I can’t wait. I still read the Kindle every single day and highly recommend the device, despite it’s still too-high price and tough availability.

    Amazon.com will introduce the next generation of its popular Kindle reader in New York City on Feb. 9.

    Amazon.com confirmed that its founder and chief executive, Jeffrey P. Bezos, would host the event at the Morgan Library & Museum in New York.

    The new device corrects some of the design flaws of the first model, adding round buttons instead of those strange angular ones, and smaller side buttons to avoid accidental page turns.

    But the biggest changes may be inside the device. The new Kindle likely uses the new Broadsheet microchip from Epson and E-Ink, which makes the display technology for the Kindle. E-Ink’s chief executive, Russell J. Wilcox, described the technology to me a few weeks ago, saying that it breaks the screen into 16 pixel sets and can update them in parallel, allowing for faster screen refreshes and a generally more responsive screen. He added that the technology was somewhat analogous to putting a better graphics card in a computer and would help e-readers become better full-featured devices.

    “It’s the same brightness, it looks the same reading a page, but it’s night and day for user activity for anything than other than reading,” Mr. Wilcox said. “If you are reading a book, you are just going to read page by page and it might not make that much of a difference. But if you want to do anything else with your device, zooming in, look up words, whatever, you really appreciate the speed. It’s a major change.”

    More photos of the new Kindle here. Nice!

    Posted Jan 29 2009, 10:51 AM by pthurrott with 8 comment(s)
    Filed under: , , ,

  • Nipping silliness in the bud: Windows 7 SKUs and pricing

    Eric Lai from Computerworld and I just had a chat about recent reports (like this one from Tom’s Hardware) about Windows 7 build 7025 and how it provides “evidence” that Windows 7 will ship in multiple product versions, or SKUs. It occurs to me that I should discuss this briefly.

    This build is evidence of nothing.

    Microsoft has shipped numerous interim builds of Windows 7 over the past 12 months with those exact product version options in Setup. Only the public beta has been restricted to just Ultimate edition. (Tech beta testers also got Home Premium, actually.) The Windows 7 Setup routine is based on that of Vista. So it shows the same SKUs. No news there.

    Second, even the Windows Vista Setup has changed over time in some ways, with newer MSDN and TechNet versions of the Setup disc no longer offering the N-Editions (Home Basic N and Business N). In other words, it’s easy for Microsoft to change which SKUs you see during Setup. Again, no news there.

    Long story short, you can’t expect outsiders like Tom’s Hardware to understand or communicate what Microsoft is doing with the Windows 7 SKUs. Microsoft has yet to reveal what they’re doing SKU-wise. When they do, I’ll be all over it, obviously. They haven’t done so yet, and build 7025 certainly offers nothing along those lines.

    And since we are dealing with pure fantasy here, I’ll throw my two cents out: I believe that there should only be three Windows 7 SKUs: Home, Professional, and Ultimate. That’s it. Not two Home versions. No Enterprise. No Starter. Just the three.

    I also feel that Windows needs to be less expensive, especially at retail, where no one is buying the product anyway. You should be able to get Home or Pro for $99 and Ultimate for $150. Anything higher is ludicrous.

    If Microsoft takes these important steps, they’ll prove that the simplicity initiatives in Windows 7 aren’t just window dressing, and that the company is serious about making Windows simpler for users across the board. Go for it, guys. We’re waiting.

    Posted Jan 28 2009, 04:06 PM by pthurrott with 78 comment(s)
    Filed under: ,

  • Gmail gets offline support

    Google has finally added Google Gears support to its Gmail Webmail service, allowing the service to be used offline. It’s still a Google Labs feature, meaning that it’s basically in perpetual beta, but still. Here it is.

    So what can you do the next time you're bracing yourself for that long flight? Well, we've been cooking up a feature in Gmail Labs, our testing ground for Gmail features, that should help: offline Gmail. If you enable offline access, Gmail will load in your browser even when you don't have an Internet connection. You can read messages, star, label and archive them, compose new mail and more. Messages ready to be sent will wait in your Outbox until you're online again.

    Remember, we're still working out kinks, which means you might see some issues that aren't completely ironed out. But this is a major step along the way. It's built on the Gears platform, which has already been used to offline-enable Google Docs, Google Reader, and a number of other third-party web applications.

    So if you're feeling lucky, here's how to get started with offline Gmail:

    1. Sign in to Gmail and click 'Settings'.
    2. Click the 'Labs' tab and select 'Enable' next to 'Offline Gmail'.
    3. Click 'Save Changes.'
    4. In the upper righthand corner of your account, next to your username, there will be a new 'Offline' link. Click this link to start the offline synchronization process.

    I don’t see this option yet, but I’ll keep looking.

    Posted Jan 28 2009, 10:23 AM by pthurrott with 24 comment(s)
    Filed under: , ,

  • Microsoft's Woes Can't Be Blamed on Vista

    So, I agree with this. But you can’t fight perception. And in the eyes of much of the world, Vista is as tainted as Windows Me or Microsoft Bob. And that’s a shame. Because anyone getting excited over Windows 7 needs to understand that that OS is, in fact, Windows Vista 1.1. Which is fine. But it will always be amazing to me how people can respond to the same basic thing differently when you simply rename it (Mojave) or rejigger it in fairly minor ways (Windows 7). Anyhoo…

    Microsoft's lousy Q2 is due to economic turmoil and flagging PC sales

    Here's why I'm telling you this: Some analysts and even a news story here at Infoworld.com are blaming Vista for Microsoft's crummy second quarter and subsequent layoffs.

    As much as I wish the folks in Redmond had done a better job building that dog of an OS -- and let us keep XP -- Vista is not to blame. As Bill Clinton used to say, it's the economy, stupid.

    Sales aren't off because buyers don't like Vista. Although I usually stay away from generalizing much from my personal experiences in the technology market, in this case, I'd say that my decision not to buy a new PC is probably right in line with that of many other non-buyers. Money is tight these days, and the flavor of the OS has nothing to do with it. Indeed, Mac sales are off as well, and we don't hear lots of complaints about OS X.

    Having said that, I believe that if Vista had been a more successful product, PC sales would have been stronger soon after the OS debuted a few years ago. But had that sales surge come about, it would have flattened out by now.

    The overall math is simple. Sales in the client division, which includes Windows, were off 8.1 percent while sales in the business division, which includes Office, were up just a bit: 1.3 percent. And since Windows and Office are the company cash cows, the quarter stank.

    See the numbers for yourself.

    There’s more, about netbooks mostly, and it’s all pretty obvious, but worth reading. Check it out.

    Posted Jan 28 2009, 10:07 AM by pthurrott with 36 comment(s)
    Filed under: ,

  • Internet Explorer 8 Release Candidate Now Available

    The IE Blog reports on the release of IE 8 RC1:

    We're excited to make the IE8 Release Candidate available today for public download today in 25 languages for Windows Vista, Windows XP, and Windows Server customers. You can find it at http://www.microsoft.com/ie8. Please download it now and try it out. We welcome your feedback!

    What’s New

    The team will post more about all changes between Beta 2 and RC. In brief:

    • Platform Complete. The technical community should expect the final IE8 release to behave as the Release Candidate does. The IE8 product is effectively complete and done. We’ll post separately about the thousands of additional test cases we’re contributing to the W3C. We've listened very carefully to feedback from the betas. With the Release Candidate, we’re listening carefully for critical issues.
    • Reliability, Performance, and Compatibility improvements. We’ve studied the telemetry feedback about the browser's underlying quality and addressed many issues.
    • Security. We’ve worked closely with people in the security community to enable consumer-ready clickjacking protection. Sites can now protect themselves and their users from clickjacking attacks “out of the box,” without impacting compatibility or requiring browser add-ons. We also made some changes to InPrivate based on feedback from customers and partners.

    We also made some changes to the user experience based on feedback. For example, based on data about how people use actually it, we made fitting more items on the Favorites bar easier. (Note that the IE8 Release Candidate is for Windows Vista, XP, and Server only; Windows 7 users will get an updated IE8 with the next update of Windows 7. Also, the Release Candidate of the Internet Explorer Administration Kit is available for download now.)

    I’ve been working with IE 8 RC1 and various pre-RC1 IE 8 builds for some time now and I have to say, the experience has been largely positive. My review of IE 8 RC1 will be up shortly. Stay tuned.

    Posted Jan 26 2009, 04:21 PM by pthurrott with 59 comment(s)
    Filed under: , , ,

  • Windows SideShow for Windows Mobile Developer Preview

    I just wrote a Windows 7 feature focus article for Windows Gadgets. And speaking of Microsoft technologies that have never taken off in any meaningful way, we also have this...

    Windows SideShow for Windows Mobile Developer Preview

    Brief Description

    Windows SideShow for Windows Mobile is an application for Windows Mobile 5 and 6 PocketPCs and Smartphones that allows you to use your Windows Mobile device as a Bluetooth SideShow device. Installation instructions are below. This is a beta release.

    Overview

    Windows SideShow for Windows Mobile is an application for Windows Mobile 5 and Windows Mobile 6 Pocket PCs and Smartphones that allows you to use your Windows Mobile device as a Bluetooth SideShow-compatible device. This enables you to use your phone as an extra window into your PC. You can both access your computer’s information from your Pocket PC or Smartphone, and control the computer through a gadget interface. While the phone is out of range, or when your computer is off, you can continue to view content sent to the phone previously. This makes it easy to send information to the phone that you'll need later on.

    The developer preview is an English-only release.

    Posted Jan 25 2009, 05:12 PM by pthurrott with 4 comment(s)
    Filed under: , ,

  • General availability for the Windows 7 Beta to end

    Which is a curious title for a blog post that seems to report that the Windows 7 public beta period is in fact being lengthened. Brandon from the Windows Blog has the good word:

    We are beginning to plan the end of general availability for Windows 7 Beta.

    Because enthusiasm continues to be so high for the Windows 7 Beta and we don’t want anyone to miss out we will keep the Beta downloads open through February 10th. Customers who have started but not completed the download process  will be able to do so through February 12th.

    The shutdown of general availability for the Windows 7 Beta will occur in 3 phases over the course of the next few weeks:

    • Starting January 27th, the Windows 7 page will be updated with a warning that time is running out on downloading the Windows 7 Beta and that we will be limiting downloads shortly. People will be encouraged to register and start the download of the Windows 7 Beta sooner rather than later.
    • February 10th, new downloads of the Windows 7 Beta will no longer be available. People who have already started their Windows 7 Beta download and have not yet finished will still be able to finish their download and are encouraged to do so.
    • February 12th, people will no longer be able to complete their download of the Windows 7 Beta. Anyone who hasn’t finished downloading the Windows 7 Beta will be unable to do so.

    Product keys for the Windows 7 Beta will continue to be available. So if you have the Windows 7 Beta but didn’t get a product key you will be able to do so even after February 12th.

    Posted Jan 25 2009, 05:09 PM by pthurrott with 54 comment(s)
    Filed under:

  • RadioTime: Radio in Windows Media Center

    Here's a cool add-on for Windows Media Center that lets you access FM radio stations from around the world via their Internet stations or your FM tuner...

    Your Onscreen Guide to Radio

    Browse RadioTime with Windows Media Center!

    Get unlimited FREE access to thousands of DJs and on-air personalities
    from your zip code and around the world! Listen to internet radio or local FM stations.

    It appears to work in Windows 7 by the way.

    Thanks to Adwait K. for the tip.

    Posted Jan 25 2009, 04:39 PM by pthurrott with 16 comment(s)
    Filed under: , , , ,

  • Windows 7: the untold story of how the enterprise gets snubbed

    Julie Bort over at Network World interviewed me for a piece on Windows 7 and Windows Server 2008 R2, specifically how they do or do not interact. My feeling on this is that the Windows 7/R2 “better together” story is a little on the weak side, that Windows 7 is more of a consumer release than a business one, and that Windows Server 2008 R2 is a much stronger value than most people now realize. Cue the headline seen above. :) Anyway…

    There is a lot to like about Windows 7 for the consumer. For the enterprise, not so much. While Microsoft has added some fancy new features aimed at the enterprise (see box, below) it seems to have treated the enterprise's needs as an afterthought, contends Windows guru Paul Thurrott in an interview with Microsoft Subnet. Thurrott is editor of the SuperSite for Windows website and author of Windows Vista Secrets SP1 edition. Considering that the bulk of Microsoft's customers are businesses, its neglect here could be described as not smart.

    Don't get him wrong, there are cool, eye-popping features in Windows 7 for the enterprise –- unfortunately some are randomly tied to Windows Server 2008 R2 -– which is also in beta. If you want to yank out the VPN and let Windows handle a secure connection to the server (a new feature called DirectAccess), you can. But only if all of your clients and servers are using the latest operating systems from Microsoft. That's a shame in this economy when expensive, large-scale upgrades of the entire operating system infrastructure are not going to fly. (To be fair, enterprises that have opted for Microsoft's Software Assurance deal should be covered for the license fees of an upgrade from WS2008 to R2, but that won't cover the cost of man hours).

    On the other hand, the enterprise story for R2 is quite good. It is a compelling new version, despite a name that makes R2 seem as if it’s a minor upgrade when it's not. In this interview, we get Thurrott's under-the-hood view of both of these beta operating systems.

    Posted Jan 23 2009, 01:49 PM by pthurrott with 39 comment(s)
    Filed under: , , ,
More Posts Next page »
SPONSORED LINKS FEATURED LINKS

Calculate your savings nowSee how SAN is 57% cheaper than DAS over three years Free CDs Offer Fundamental Content for IT ProsAre you up to speed on the latest technologies and solutions? Don't miss out on your chance to get up to speed quickly on fundamental, in-depth information on some of the hottest topics in our library of content. Let Your Users Reset Their Own Passwords: Free Download Try a 30 day free trial of Desktop Authority Password Self-Service – it provides an easy-to-use, robust system for allowing users to reset their own forgotten passwords or locked accounts. Exchange Server 2010: Deploying Unified Communications - Virtual conferenceDecember 1, 2009 - Free Registration. Build your Unified Communications future on a strong Exchange Server 2010 foundation. Get Windows IT Pro & Mark Minasi’s Favorite Power Tools GuideOrder Windows IT Pro now and get "More of Mark Minasi's Favorite Power Tools"--a in-depth guide to the most useful Windows commands --FREE with your paid order! Subscribe today, and save 58% off the cover price! Migration, Virtualization, Availability, and Desktop ManagementRealize the importance of a workload optimization strategy...it can affect your bottom line! Deep Dive into VMware vSphere, eLearning SeriesJoin John Savill to explore the major functionality capabilities of the vSphere virtualization platform, including identification of the changes from ESX 3.5.
Windows IT Pro |  Subscribe |  Register |  FAQ for Windows |  Media Kit |  WinInfo News |  Europe Edition |  About Us |  Contact Us/Customer Service |  Affiliates/Licensing
SQL Server Magazine |  Office & SharePoint Pro |  WinDevPro |  asp.netPRO |  IT Library |  Technology Resource Directory |  ITTV |  IT Job Hound

© 2009 Penton Media, Inc.     Terms of Use | Privacy Statement | Reprints and Licensing