Microsoft CEO Steve Ballmer has admitted that Windows Vista is an incomplete product, even though the operating system has been on the market for more than a year.
Speaking at the firm’s annual Most Valuable Professionals event in Seattle yesterday, Big Steve told the gathered crowd that the unloved OS was “a work in progress”. According to reports, he also promised that Microsoft would learn from the mistakes it has made with Vista.
“It’s a very important piece of work. We did a lot of things right and have a lot of things we need to learn from,” said Ballmer. “Certainly, you never want to let five years go between releases.”
He acknowledged that “Vista is bigger than XP”, but he wasn’t referring to the popularity of the product. Instead, he was pinpointing one of the major issues many customers saddled with the product have complained about: performance.
“We have to make sure it doesn’t get bigger still and that the performance and the battery and the compatibility we’re driving on the things that we need to drive hard to improve.”
Yesterday’s admission will be seen by many as poorly timed, coming just weeks after service pack one (SP1) for Vista arrived – well, at least for some customers – in a manual form.
In mid-March Microsoft issued a staggering number of reasons as to why plenty of people would not be able to get their mitts on the service pack. Issues included a number of security products that won’t start up or run on updated desktops thanks to “compatibility problems”.
Earlier this week Microsoft spat out Vista SP1 in the remaining 31 languages. Those versions arrived a full month after the service pack first landed for a select few across the globe.
Meanwhile, the automatic version of the download remains missing in action. Redmond had chalked mid-April as the date when SP1 would start downloading onto computers across the world. But it’s reluctantly stepped away from that deadline because it “wants to ensure customers have the best possible experience”.
Ballmer also accepted yesterday that customers are incredibly reluctant to shake off XP in favour of adopting its unruly little brother, Vista.
“We have a lot of customers that are choosing to stay with Windows XP, and as long as those are both important options, we will be sensitive, and we will listen, and we will hear that.
“I got a piece of mail from a customer the other day that talked about not being able to get XP anymore, and we responded: XP is still available. And I know we’re going to continue to get feedback from people on how long XP should be available. We’ve got some opinions on that.”
Windows XP was given something of a reprieve earlier this month for bargain basement PCs not equipped to run the memory-chugging Vista OS. ®
Microsoft has released to manufacturing Windows XP Service Pack 3. The fresh software disgorgement will be made available for download through the Windows Update and the Microsoft Download Center services on April 29.
SP3 wraps up all previous Windows XP fixes and throws in some new features that bring management in-line with Microsoft’s latest client and server operating systems. Microsoft promised updates won’t “significantly change” customers’ experiences with the operating system.
The service pack includes Management Console 3.0, which ships with Windows Server 2008 and Windows Vista, the new Windows Installer 3.1 and a component used in Windows Server 2008 that checks to make sure upgrades and security features have been applied before the machine is allowed onto the corporate network.
Source PC Pro
High street chains will be the next victims of cyber terrorism, some of the world’s elite hackers have warned.
They claim it is only a “matter of time” before the likes of Tesco and Marks & Spencer are targeted.
Criminals could use the kind of tactics which crippled Estonia’s government and some firms last year, they warned.
The experts were members of the infamous “Hackers Panel” which convened in London this week at the InfoSecurity Europe conference.
The panel includes penetration testers and so-called “white hat” hackers, who help companies tighten up their digital security by searching for flaws in their defences.
Previous panellists include Gary McKinnon, known as Solo, alleged by the US government to have hacked into dozens of US Army, Navy, Air Force, and Department of Defense computers.
The “hackers” usually remain anonymous, “for security reasons”, but this year’s panellists agreed to break cover.
Common cause
First up was Roberto Preatoni, the founder of the cyber crime monitoring site, Zone-H, and WabSabiLabi, a trading site for security researchers.
His appearance came just a few months after he was arrested by Italian authorities on charges of hacking and wiretapping, as part of the ongoing investigation into the Telecom Italia scandal.
Mr Preatoni told the audience that the attacks in Estonia were a harbinger for a new era of cyber warfare.
“I’m afraid we will have to get used to this,” said Mr Preatoni, also known as SyS64738. “We had all been waiting for this kind of attack to happen.
“Estonia was just unfortunate to be the first country to experience it. But very soon, our own [western] companies and countries will be getting attacked for political and religious reasons.
“This kind of attack can happen at any time. And it will happen.”
During the two week “cyber war” against Estonia, hackers shut down the websites of banks, governments and political parties using “denial-of-service” (DoS) attacks, which knock websites offline by swamping servers with page requests.
As many of the attacks originated from Russia, the Estonian government pointed the finger at the Kremlin. But Mr Preatoni said that, having spoken to contacts in the hacking community, he was clear that “Putin was not involved”.
“In my opinion, this was a collection of private individuals who spontaneously gathered under the same flag.
“Even though Estonia is one of the world’s most advanced countries in IT technology, the whole economy was brought to its knees.
“That’s the beauty of asymmetric warfare. You don’t need a lot of money, or an army of people. You can do it from the comfort of your living room, with a beer in your hand.
His warning was echoed by Steve Armstrong, who teaches seminars in hacking techniques, at the SANS Institute for information security training.
“If someone wants to have a pop at the UK, they are unlikely to go for the government web servers. They will go for the lower hanging fruit – companies which are seen as good representatives of the country.
“The likes of Tesco, Marks & Spencer and B&Q can be seen as legitimate targets.
“We have to get the message across to companies [to invest in information security].
“At the moment Chief Executives are only interested in the bottom line. But remember – if tesco.com goes down, that’s a lot of shopping.”
Mr Preatoni said that the Estonian government’s repeated failure to thwart the attacks was proof that we still have “no good solutions” for denial of service attacks.
The panellists then argued over whether Internet Service Providers should do more to tighten security, by helping customers’ protect their computers from being “zombified” by hackers for use in distributed DoS attacks.
“Actually, I don’t think the ISPs should have any role in security,” said Preatoni.
“In my opinion, that’s like asking the Royal Mail to be responsible for the quality of your post.”
But his view was immediately challenged by the third panellist, Jason Creasey, head of research at the independent Information Security Forum.
“I believe ISPs can play a phenomenal role in security, with a little bit of legal pressure,” he claimed.
Net weakness
He was backed by an audience member, Angus Pinkerton, of Lynks Security Consulting. “The only way to defend against a distributed attack is with a distributed defence,” he argued.
“I think it’s unacceptable that ISPs are content to let their customers be part of bot-nets.”
He challenged Steve Armstrong’s view that asking ISPs to perform security duties was “fundamentally, censorship.”
“This is not about free speech,” said Mr Pinkerton. “Free speech does not entitle you to shout fire in a crowded theatre.”
In the meantime, Mr Preatoni warned the audience it is “only going to get easier” to carry out a DoS attack, because he claimed the latest net address system, known as Internet Protocol Version 6 (IPv6), is actually more amenable to DoS.
Later, he told the BBC that the rise in cyber attacks originating in China was a convenient cloak for western countries to disguise their own cyber espionage activities.
“It’s too easy to blame China,” he said. “In fact, legitimate countries are bouncing their attacks through China. It’s very easy to do, so why not?
“My evil opinion is that some western governments are already doing this.”
UK Government websites are among half a million pages infected by hackers in a huge and well organised SQL injection attack.
SQL injection involves inserting malicious code into websites by entering SQL queries into input boxes, such as search or comment fields. Infected websites can then infect any users visiting the site.
“As more and more websites are using database back-ends to make them faster and more dynamic, it also means that it’s crucial to verify what information gets stored in or requested from those databases – especially if you allow users to upload content themselves,” warns a blog post from F-Secure. “Unless that data is sanitised before it gets saved you can’t control what the website will show to the users.”
The company searched Google for a string indicating that a site has been infected, and found that 510,000 sites were affected. Among those were UN sites and the UK Civil Service careers site.
The code inserts a link to all text fields in a database that adds malicious javascript to the source code of the page. Three domains have been found to host the code; nmidahena.com, aspder.com and nihaorr1.com.
F-Secure suggests that site owners search their site for links to the javascript, and remove them before any users are infected. Sanitising any data sent to the database by users will prevent similar attacks in the future.
Source – PC Pro
Brymau Estates Ltd, a local multi tenant workspace provider have chosen Smart Info Tech Ltd as their preferred IT services provider.
Speaking yesterday MD Barry Weaver spoke of his delight to be working with Brymau Estates Ltd.
“Brymau Estates Ltd are one of Chester’s best known businesses and have a huge portfolio of quality office accommodation”.
“Redhill House in Saltney is one of their best known sites and has over 50 offices and workshops. That’s not to mention their other sites based at The Sidings, Riverside House, Penrhos Manor, Great Weston House and Mallard House!”
“We obviously can’t wait to get started and are looking forward to a long and mutually beneficial relationship”.
For more information on Brymau Estates Ltd visit – www.brymauestates.co.uk
For a list of locations click here
For details of conference and training click here
For meeting room information click here
For up to date availability of office space click here
For contact information click here
