Link

Anti-Virus and Windows Vista

From Ben Farthi:

In my role as the head of Microsoft security, I personally spent many years explaining to antivirus vendors why we would no longer allow them to “patch” kernel instructions and data structures in memory, why this was a security risk, and why they needed to use approved APIs going forward, that we would no longer support their legacy apps with deep hooks in the Windows kernel — the same ones that hackers were using to attack consumer systems. Our “friends”, the antivirus vendors, turned around and sued us, claiming we were blocking their livelihood and abusing our monopoly power! With friends like that, who needs enemies? They just wanted their old solutions to keep working even if that meant reducing the security of our mutual customer — the very thing they were supposed to be improving.

Anti-virus programs remain a problem in terms of the attack surface they can open up. This surface, combined with the failure of many products to effectively identify and act on malware signatures, means that consumers tend to put far too much trust in products that often function poorly at best.

Link

Secure Boot snafu: Microsoft leaks backdoor key, firmware flung wide open

Secure Boot snafu: Microsoft leaks backdoor key, firmware flung wide open:

Microsoft has inadvertently demonstrated the intrinsic security problem of including a universal backdoor in its software after it accidentally leaked its so-called “golden key”—which allows users to unlock any device that’s supposedly protected by Secure Boot, such as phones and tablets.

The key basically allows anyone to bypass the provisions Microsoft has put in place ostensibly to prevent malicious versions of Windows from being installed, on any device running Windows 8.1 and upwards with Secure Boot enabled.

And while this means that enterprising users will be able to install any operating system—Linux, for instance—on their Windows tablet, it also allows bad actors with physical access to a machine to install bootkits and rootkits at deep levels. Worse, according to the security researchers who found the keys, this is a decision Microsoft may be unable to reverse.

There’s a lot that can be said about this absolute debacle. I’ll restrain myself to two things:

  1. This is the exact kind of problem that crops up when you include backdoors in software: eventually the information required to exploit the backdoors emerge.
  2. Microsoft’s own leakage of the key is one of the most amazing ‘own goals’ in recent security history. It’s going to be one for the history books.

Also: remember when Apple said they didn’t, and would vigorously fight, any effort to backdoor their operating systems? Microsoft’s absolutely failure to secure the cryptographic material is just one rationale behind Apple’s security posture.

BBM as a Microsoft Product?

Dan Froomer has an interesting 20/20 piece in which he asks what would have happened if Microsoft bought Blackberry in 2009. While he points to the potential of combining Z10 hardware with Windows Phone software, plus the 2009-value of Blackberry’s enterprise market, those claims aren’t his most ambitious. No, the pie-in-the-sky claim, emphasized below, is:

a Microsoft-BlackBerry tie-up in 2009 could have been good! Just as Microsoft was starting to put together a really solid software platform in Windows Phone 7, BlackBerry needed a grownup OS. Plus the obvious overlap in enterprise, RIM’s worldwide distribution, and even a budding mobile social network in BBM. There’s a possibility that it could have been a good combination.

Now, while BBM may have had up to 25 million subscribers in 2009 I simply cannot imagine Microsoft deciding to toss Windows Live Messenger with its 500 million+ users for BBM. My perspective is that things like BBM go to die in companies like Microsoft. Regardless of whether there were actual synergies between Blackberry and Microsoft in 2007 – and whether they could have been realized by Microsoft – BBM almost certainly wasn’t one of them.

Link

Compare Office For Business Plans – Office.com

parislemon:

soxiam:

  • hosted email for small business
  • office 365 small business
  • office 365 small business premium
  • office 365 enterprise e1
  • office 365 midsize business
  • office 365 enterprise e3
  • office 365 proplus
  • office 365 enterprise (plan e4)
  • education plan a2
  • education plan a3
  • education plan a4
  • exchange online (plan 1)
  • exchange online (plan 2)
  • office 365 suite (plan e1)
  • office 365 suite (plan e3)
  • kiosk plan 1
  • office 365 home premium
  • office home & student 2013
  • office home & business 2013
  • office professional 2013

Focus.

I thought that this was a joke. Someone exaggerating Microsoft’s actual product offerings.

I was wrong.

Should Microsoft Be Targeted for a Truth in Adverting Campaign?

So, the Microsoft 64GB Surface Pro will only have 23GB of usable storage at launch. This is, to be blunt, absurd. Consumers are entirely used to variations between the storage that manufacturers say will be available versus what actually is available for use, but in this case we’re talking about less than 50% of the advertised storage actually being available. Microsoft is saying that removing the recovery partition will alleviate some of this storage use, but that’s immaterial: few consumers will do this, or feel comfortable doing so. As a result, they’re going to generally have devices that have less than half of the market storage.

While Apple – and, to an extent, Google – comes under fire for announcing hardware specs and then not meeting them because of OS storage consumption, neither company has ever had such deceptive claims as Microsoft’s regarding the Surface Pro. I can entirely appreciate that the newest Microsoft OS plus applications consumes a huge amount of space. I’m OK with that. But, given this consumption, the 64GB surface shouldn’t ever be marketed (or even suggested as being) as a 64GB device; the device should be presented as being closer to the actual storage available. Don’t get me wrong, all OSes take room. But, as far as I know, no OS plus application suite has ever consumed this amount of space in competing product offerings.

Link

What Windows Phone Needs

Tumblr user nugnug provides an excellent list of the core “what’s missing” in Windows Phone right now and that will continue being absent after the 7.8 update:

  • rotation lock – I surf the net when I’m lying down. Everyone does. This is such an important feature and yet, where the hell is it?
  • screen capture – I can’t take screenshots on my phone! What is this!? How can I blackmail people and post the stupid things they say on Facebook?
  • customized sounds for messaging, etc. – We can customize our ringtones, so why not the rest?
  • notification center – This ain’t happening. I already know this cause they didn’t have time to make it. Lame.
  • separate volume controls for phone sounds and media – I want to listen to music at a really low volume but that means I won’t be able to hear my phone ring. A dilemma that can be easily rectified.
  • the forward button and “find on page” function in IE – there’s a java fix someone else kindly made, but there shouldn’t be a need. It’s a basic function that should be included in all internet browsers.
  • Wifi turns off when in sleep mode – the biggest reason why my whatsapp messages arrive hours later is because my phone, which relies on only Wifi when I’m at home, turns off Wifi when it goes to sleep. Ugh.
  • Blutooth file transfers – I WANNA GIVE MY FRIENDS STUFF WITHOUT USING MY NET DATA BUT I CAN’T.
  • multi selection – let me delete multiple photos on my phone at a time. PLZZ.
  • editing the dictionary – there are some words I made up, I would like to delete please.
  • improvements in the calendar – by far the most used section of my phone, it holds all my schedules and Facebook events and works seamlessly. So why not build on it? Include a weekly view, allow me to change colours on some of my personal entries.
  • automatic sleep mode – not too fussy, but this would be really cool. If I set a time e.g. from 11pm to 8am, my phone will sleep between those hours and I won’t get any notifications between those times.
  • closing apps from the multitasking view – not too important

I have to admit that some of the items aren’t top of mind for me: I don’t really care about the sleep mode, don’t see the point of closing apps from the multitasking view, and am not interested in bluetooth sharing. That said, every other suggestion is much, much needed.

I would also add to the list that scrolling in the 7.8 update needs to change; in the older version 1 Windows Phones scrolling would accelerate the more your scrolled up or down, whereas the current generation of 7.5 phones feature a static scrolling rate. This speed simply feels slower than earlier – and less capable – hardware and software iterations of Windows Phone.

Link

parislemon: What If… (Office For iPad Edition)

parislemon:

Watching the back-and-forth yesterday about the whole Microsoft Office for iPad thing was nothing if not amusing. The basic rundown:

It’s coming, here it is.” “That’s not it.” “Yes it is.” “No it’s not, but we didn’t say it’s not coming.” “A Microsoft employee showed it to us.” “No…

MG has an interesting analysis on what Office for iPad might mean. I have to admit, if MS partners with Apple to bring real office software to the iPad then another sword will be levied at Google’s throat. I still – as a professional writer – despise using Google Docs for anything but the most minimal tasks: it just doesn’t meet my requirements for ‘real’ word processing.

The takeaway? Office would add to the ‘professional’ status of the iPad without taking away from the iPad’s ‘consumer friendly’ branding. This would further exacerbate the issues that Google’s tablets face while simultaneously challenging RIM’s own advertising that the PlayBook is ‘the’ tablet for professionals. It would definitely be a coup for both companies against their competitors, and so well worth watching for.

Link

Should Microsoft Mandate a Windows Phone Hardware Mute Switch?

testingdavid:

 The audio controls stick to the lock-screen when the phone is locked, in the same screen location but always present to allow even quicker control and obviate the need to tap the volume rocker in order to play, pause or skip on the lock-screen. Interestingly, the “vibrate” or “ring + vibrate” button, which I call the mute switch, does not remain on the lock-screen, and requires that the user press the volume rocker to display it when the phone is locked. This means that to mute a Windows Phone, the user must take the phone out of their pocket, tap the power button, tap the volume rocker, and finally tap the mute switch. With the current iPhone design, the user need only reach into their pocket and flip the hardware switch to prevent all unexpected noises.

The answer to David’s question is clear and unequivocal: YES! While having an excess of rarely needed/used hardware buttons and toggles can diminish the quality of a device, a deficiency of such buttons/toggles can do the same thing. It sounds small, but the ability to rapidly and easily mute a device is a key professional feature of a device.