What's the Deal with Vista?

But nooo. Instead of poking fun, old Jerr is getting $10 million to convince us all that Vista is cool as part of a $300 million advertising campaign.

How about spending this dough on some device driver development? And who's the ad whiz that came up with this idea anyway?

Posted by Doug Barney on August 21, 20080 comments

Mailbag: On the Hunt for XP

Here's a vote for staying with XP. We are finding it easier to buy XP now than a year ago. Dell and HP have seen the light, for example, and make is easy, but ONLY if you go through their business portals. We have found, and many IT people agree, that if we are forced to, we will save and reuse licenses we have already purchased when systems go out of service. OEM agreements be damned. Call it a piece-by-piece upgrade if you want to split hairs about OEM license restrictions.

The effort to wipe a Vista system and install XP is nothing compared to the headache of supporting it. It isn't about being new, misunderstood or not giving it a chance. It is fundamentally flawed. What we see on the consumer side is that people will buy Vista for personal systems and then fight with it for months and then give up, seeking out people like us to fix it by installing XP. Bad press had nothing to do with it. Sooner or later Microsoft will realize that by not selling XP, Vista is not competing with XP -- it is competing with the XP license I already have.
-Derek

Sticking with Windows XP certainly has some challenges. Often our effort to "downgrade" PCs, laptops and tablets to XP results in missing out on key features of the original load or compatibility issues. We've learned to provide proven XP laptop/desktop loads, but there are still some issues. We also stick with Lenovo for most of our needs, because they do provide XP as an option. I'm betting other vendors are also seeing improved sales by offering to pre-load Windows XP. For example, on some of their laptops even consumers can choose: "Genuine Windows Vista Business with Windows XP Professional Downgrade." Fully supported by their help desk and repair centers.
-Joe

Well, this month I had to buy a new laptop. I really tried to avoid Dell, because you have to pay an extra £60 for a downgrade. So I went to Lenovo, and they still have some Thinkpads with XP; they're not as cutting-edge as the "19-hour battery life" from Dell, but for school/work it's more than welcome!
-Anonymous

Vista is a no-go zone. Microsoft cannot assume the role of bully in this debate. First, it dumps an OS onto us that we did not have much say in developing. The good features of XP were removed and the bad features of Vista were marketed as if it was some sort of rock god. Vista is slow, no matter how Microsoft spins it. It has nothing over XP except more cost -- significant additional cost, at that. I don't care about eye candy or Aero; that's just fluff and nonsense and I am not paying for it.

I provide advice to Victorian government agencies and my advice has been: Do not, under any circumstances, get into Vista. So far they all agree with my view so I think Microsoft has more than just a major perception problem on its hand. We will not be held ransom by Microsoft executives thinking they can market or bully us into submission.
-Ken

But a couple of you think that the complaints about Vista are much ado about nothing:

Amazing. I read the stories and see the commercials every day bashing Vista. Jacksonville IT Services is the largest IT services company in Jacksonville, Fla. and we see no problems with Vista across hundreds of companies and thousands of users. In fact, most users would not dream of going back to XP. Is the Vista perception being controlled like the stock market?
-Howard

I am using Vista without problems. I think all the bad rap about Vista is nonsense.
-John

I'm keeping the existing client PCs on XP Pro, but new machines are being deployed with Vista Business or Ultimate. I don't like supporting two client OSes, but I'm not crazy about putting money into obsolete technology, either. The new Vista machines are going to our most tech savvy and enthusiastic users. As the early adopters, these users will not object to minor deployment issues, and will eventually help train their co-workers on Vista as we replace more PCs.

At the same time, I'm moving away from vendors whose software or drivers don't work well on Vista. This late after release, there's no excuse for poor Vista support, and I don't want to invest with vendors who choose not to embrace new technology. Love Vista or hate it, but if you don't fully support the currently shipping Microsoft OS over a year after release, I will not limit my options by becoming or remaining your customer.
-Dave

After Microsoft announced that it was offering 24x7 support, Doug asked readers whether they trust Microsoft to solve their IT issues:

Yes, absolutely! I have consistently found MS technical support to be extraordinary. Do not feel the same way about TechNet's ability to assist me, nor do I feel MS leverages the outstanding opportunity it has with Event Viewer to solve technical issues.
-Anonymous

Jeremy responds to a letter we ran yesterday regarding Microsoft's backward compatibility:

I'm sure I'm not the only one to respond to Fred's letter. A lot of us in the IT community are begging for Microsoft to cut the umbilical cord already and reduce backward compatibility. I for one look forward to "Midori."

Fred, install VMware. If you haven't heard of it, it is great for those that want to maintain compatibility while still being forward-thinking in our overall architecture. Install Windows 3.x in a VM, convert your docs and be done with the 16-bit days.
-Jeremy

Finally, a reader experiences a problem with missing audio on Internet videos. Got any tips for him?

I was hoping you might know an expert (if you don't know the answer yourself) who could help me with a problem that I can't seem to get an answer to. I have Windows XP home edition with Service Pack 2 and it's running on a Dell XPS 410. Everything has been going great with it until the last week or so. A couple of days ago, I acquired a Trojan virus and was almost immediately able to get rid of it, thanks to the anti virus I have running. I also found some remnants of it in the registry and cleared that out. I also found three or four files left in a Windows folder and deleted them.

After this event, I noticed that when I go on the Internet and view a video (from YouTube or anywhere else), there is no sound. I can hear all sounds on the PC, including music CDs in Windows Media Player and RealPlayer, and any of the other sounds that Windows makes on Windows events. The only thing I can't hear is the audio from the Internet. I really think the virus thing has NOTHING to do with it, but I wanted to throw that in just in case. I have searched the Internet for answers and found a few that have NOT solved my problem. I have made sure "Play sounds in Web pages" and "Play videos in Web pages" are checked under Internet options. I have made sure the proper sound card is selected and the volumes turned up (not muted). I'm frustrated and don't know what else to try, so I'm looking for some real experts that might have some answers. Can you help me, or know who can?
-Paul

Got any advice for Paul? Want to share your thoughts any of the topics we covered? Leave a comment below or send an e-mail to [email protected].

Posted by Doug Barney on August 21, 20080 comments

Microsoft and VMware: Less Hate

Recently, we saw an example of what could be a long-lasting détente: VMware joined Microsoft's virtualization validation program, meaning that Microsoft will qualify its applications to run well under ESX and thus gain the advantages of Microsoft's new licensing terms which allow you to move VMs from server to server with no extra licensing costs.

This is a small step, really, but the symbolism is huge. Check out Virtualization Review Editor Keith Ward's thoughts on the subject here.

By the way, I first found this story on our new Web site, aptly named Redmond Report. Here we gather Microsoft news from as many sources as we can find, and post 'em in one easy-to-navigate location. Check it out and let me know what you think at [email protected].

Posted by Doug Barney on August 21, 20080 comments

Apple Moving to Redmond?

How's that? No, it's not the monopoly it enjoys (as one Redmond Report reader recently pointed out, nearly 100 percent of Macintosh computers run an Apple operating system). Instead, Victor Godinez points to flaky, new operating systems such as the one driving the latest iPhone, and bundling software such as tying Safari to iTunes.

Neither Microsoft nor Apple are perfect, but they're two of the most interesting companies in the world to watch.

Posted by Doug Barney on August 21, 20080 comments

Mailbag: Interop Future

Redmond's history with standards development and interoperability has ranged from a high of poor, to a low of deliberate sabotage. While I find it amusing that everyone sees this as a move to a more open, competitive, software environment, it is still inconsistent with Microsoft's business model. In the history of man, there has never been an altruistic monopoly. No reason to expect one now.
-Anonymous

I have old 16-bit Windows Write files that NO later MS editor displays right. Not WordPad, not WinPad, not Word for Win 95 or Word 97 or Word 2000, nor the Win 95 Write stub -- only old Win 31's original Write.exe seems able to display or print those critters the way they were originally designed to look and print. It'd be really refreshing if Windows 7 could offer some means of displaying and printing these correctly again -- and maybe even editing them.

On another tack, it would be nice if whatever IE MS includes in Windows 7 would let itself be closed even when (indeed, especially when) not all tabs have finished loading. Currently, the only way I can close IE 6 (in XP) or IE 7 (in [ugh!] Vista) before everything has finished loading is to kill its process with Process Explorer. I'm not holding my breath, though, on either count.
-Fred

And readers share their thoughts on George Ledin, a professor who teaches his students hacking techniques -- and apparently gets a lot of grief for it.

I also read this Newsweek article and I think he is right on the money. If I were hiring someone to help with our security, I would place high value on someone that had a clear understanding of hacker methodologies.

I sat in on a Microsoft Tech-Ed session on security once. It was conducted by a Microsoft security professional who obviously knew how hackers operate. I think this knowledge would be essential to a competent security professional.
-Anonymous

Keep your friends close and your enemies closer. Yes, teach hacking.
-Milton

Is it wrong to teach hacking techniques? If it is, then every police officer is a criminal. Every computer science student needs to learn how to attack a system. Otherwise they will not know how to defend against it or recognize such attacks.

And for a very bad reference, look at Bruce Wayne in "Batman Begins." He could not understand the criminal mind until he became one.
-Brian

How about looking at this question from a slightly different point of view? How many good security analysts out there do not understand how the attacks are committed? Zero. There aren't any. It is their business to know how the attacks happen, and thus how to protect from those attacks.

Anybody can follow a list of best practices, but it takes people who understand the attacks to be able to write and change those best practices, and to understand how and under what circumstances you can deviate from those practices.
-Dan

Like you, I believe the only way to fight hacking is to know hacking. I believe learning hacking techniques is vital to anyone wishing to have a career in computer security. Look at it this way: Wouldn't everyone like to have some inside knowledge of their competition? Sports teams spend huge amounts of time studying their competition. Companies are in a constant struggle to not only find out what the competition is up to but to figure out how to be one step ahead of them, as well. Why shouldn't we as computer security professionals use the same techniques against our competition?

Learning hacking techniques has drastically changed my role as a network administrator. When I prepare to publish a new application on my Web site, it is no longer enough to simply make sure it looks good and functions properly. The first thing that comes to mind is whether the application is vulnerable to cross-site scripting attacks or buffer overflow attempts, and whether all user input is properly validated and sanitized. Thanks to my knowledge of hacking, I now look at everything I do from the perspective of my competition. If you think that is a bad thing, then be prepared. Because your competition is going to walk all over you -- and your network.
-Steven

I think you are absolutely on track. The outrage being expressed against Ledin seems to fall into two camps. There's the Atomic Bomb Theory, which says that making this information available to the student base greatly increases the dissemination of knowledge that could otherwise be contained. Sort of a Malware Non-Proliferation Treaty. However, the vast amount of malware out there from disparate sources refutes this supposition. The people out there that we need to worry about already have ample access to this information.

Then, there's the Secret Algorithm Theory. This is hinted at in the article, where the state of malware protection is compared to that of cryptography some decades ago. It was discovered that "secret" algorithms seldom stay secret for long, and the real strength is known algorithms that are tested on many fronts and still survive. In short, true security consists of finding the risks and applying a disciplined approach to destroy them without mercy (my true feeling on malware leaking through a bit). I would hazard a guess that the major security players have internal training very similar to what Dr. Ledin is offering at Sonoma State University. If there is any justice, he will years from now be remembered as a leader in the emergence of computer security engineering.
-David

Share your thoughts! Leave a comment below or send an e-mail to [email protected].

Posted by Doug Barney on August 20, 20080 comments

Living with XP

How are you dealing with XP? Buying new machines and downgrading? Just not using Vista licenses that come with your existing agreements? Tell us your story by writing to [email protected].

Posted by Doug Barney on August 20, 20080 comments

HP and Cisco Unify on Communications

Cisco wasn't going to take this laying down. Its most recent response is to partner with HP to jointly sell and market unified tools to IT.

The HP deal might also be designed to shore up some weaknesses in Cisco's unified lineup, particularly VoIP, the cornerstone of any unified solution. Service providers, the most demanding of VoIP customers, know and respect the Cisco brand, but Cisco is clearly not their No. 1 vendor.

Posted by Doug Barney on August 20, 20080 comments

Virtual Licensing Shifts

Microsoft is loosening up a bit. Before, an app had to be in place for three months before it could be moved for free. Now, 41 different apps can moved around from server to server for free. This isn't exactly a revolution, but will certainly support IT agility.

Posted by Doug Barney on August 20, 20080 comments

Mailbag: A Winning Windows 7

If Microsoft really wanted to do it right, all it has to do is make Windows 7 look and feel just like XP. Just make it better behind the interface. Have it use the same third-party drivers, only use them better. If nothing else, Microsoft should do as it did when it changed the Control Panel -- that is, give us a one-click option to revert back to an interface which we are familiar and comfortable with. Rather than obsolescing hardware, it should be able to create more efficient coding to do more with less. After all, we've not really added any major capabilities that we couldn't do with Windows NT and that first Pentium CPU. We can just do everything faster.

When a brand-new PC with a brand-new OS is slower than my seven-year-old one, then there is a major problem somewhere. I for one am not likely to trust my livelihood to a company that doesn't understand that very simple point.
-T.W.

I hate to say it, because I know it won't happen, but above all else Microsoft needs to KEEP IT SIMPLE!
-John

I believe that in order to make Windows 7 shine, Microsoft must do the following: One, optimize the OS to make it as stable and fast as possible. Two, make sure that the UI isn't a performance killer. Three, replace the command prompt with Powershell. Four, drop User Account Control and replace it with a confirmation prompt for elevated permissions for installation. Five, remove the need for Internet Explorer to be installed on the machine at all. Six, provide recovery options that don't require floppy disks be used for disaster recovery. Seven, provide real multi-user capability, like what's found in Windows Server 2003, where multiple users can make use of a single machine at the same time. And eight, provide two versions only: Home Edition and Business Edition.
-Jerald

Build it on BSD like Apple did with OSX.
-Bill

Windows 7 looks like window (excuse the pun) dressing on Vista. Are we actually going to get a new file system?
-T.

A nice thing that I am very surprised has not been done in any of the Windows OSes yet would be the ability to move the position of your open windows on the Task Bar, instead of just grouping similar ones beside each other.
-Anonymous

It may be too late, but I'd like to see Windows 7 be secure from the outset, small enough to fit on a single CD, and faster.
-Ray

Check out tomorrow's edition for more reader letters. And to share your own thoughts, e-mail [email protected], or fill out the form below.

Posted by Doug Barney on August 19, 20080 comments

24-Hour Support

This high-end enterprise support offering has tech folks standing by all day and all night to solve your most vexing Microsoft problems. More interesting is the proactive part, where Microsoft looks for problems before they actually bite you in the hiney. This may cost a pretty penny, but could save a lot of headaches and downtime.

Do you trust Microsoft to solve your support issues? Yes and no answers more than welcome at [email protected].

Posted by Doug Barney on August 19, 20080 comments

Teach Your Hackers Well

Of course, many people are appalled, likening Ledin's teachings to a subversive training camp. (Digression: I hate the term "terrorist" because it gives these punks too much power; by calling them terrorists we imply that they've already succeeded in creating fear.)

I believe the only way to fight hacking is to know hacking. Is it wrong to teach hacking techniques? Send your thoughts to [email protected].

Posted by Doug Barney on August 19, 20080 comments

Virtual Firewalls for Virtual Servers

There's a good chance you already have virtual servers. There's just as good a chance you already have a Check Point firewall or two laying around your shop. With the new firewall, you can protect virtual machines as if they were physically discrete servers.

Right now, Virtual Edition only secures VMware systems. But if I were a betting man, I'd lay down some serious change on it embracing Hyper-V in the near future.

How do you secure virtual servers? Tactics welcome at [email protected].

Posted by Doug Barney on August 19, 20080 comments