Helaas. Elf jaar te laat maar liever laat dan nooit zullen we maar denken. Een website als deze had nooit nodig hoeven zijn maar nu die er toch is… Ik doe dit niet vaak maar ik zou graag willen oproepen om dit prachtige initiatief van Microsoft^® van harte te steunen. Microsoft^® wil graag het marktaandeel van IE6 naar minder dan 1% terug brengen. Op de website IE6 countdown geven ze onomwonden toe hoe slecht IE6 eigenlijk is… Webdevelopers wisten dat al 10 jaar geleden. Een stukje zelfreflectie-gebeuren naar de webdeveloper toe… 10 jaar te laat.

Maar goed: steun dit initiatief! Sterker nog: laten we de lat nog net iets hoger leggen.  Streef naar een Microsoft^®-vrij internet! Op technologisch inferieure producten zit niemand te wachten. Dus als je toch van IE6 wilt afstappen: overweeg eens een echte browser! Mozilla Firefox, Google Chrome, Opera of één van de andere gratis webbrowsers… Ook een raadzaam advies om op te volgen als je een nieuwere versie van IE gebruikt. Dumpen die handel!

Bedankt Microsoft^®! En voortaan met je smerige poten van open standaarden afblijven. Schorem!

Microsoft is once again back at its core business: stealing from others. Here’s a remarkable writeup on a analysis of search results from Google and Bing (Microsoft search engine). Google was suspecting that Bing was somehow copying its searchresults… So they set a trap and guess what they caught (red handed)? Read it here.

At the Chaos Computer Club Congress Microsofts Bruce Dang shared the knowledge gained by analyzing the Stuxnet worm. Stuxnet appears to be written to specifically attack Irans nuclear centrifuges. It spreads through windows based systems and is pretty nifty… well the most shocking of all is to see the enormous amount of stupid privilege raises that happen because windows doesn’t have a very secure foundation on which it is built (“a print-spooler flaw that allowed remote guest accounts to write executable files directly to disk”… tsk tsk tsk). This is a nice read-up about the stuxnet worm.

Not everything at Microsoft is bad….

Oops, if this is true this may be a killing blow to all of you MicroSoft fanboys out there. According to Computer World a tech-worker on the oilrig crashing windows systems may be part of the problem that eventually let to the spilling of oil. And we’re not talking a little Dr.Watson, an occasional “general exception”… we’re talking about a full-blown BSOD (blue screen of death). Well maybe we learn a little lesson here. Never use a computer system for critical mission computing that can’t even keep itself alive for longer than half an hour… If this doesn’t teach us then maybe this will… one day…

Whahahaha… it had to happen one day. A problem with an anti-virus update marks a false positive and puts the file in quarantine. The OS can’t load the file anymore and… oops… reboots… and…. reboots…. and… reboots… This is actually a great feature. Rebooting windows is like 80% of normal usage and it is now fully automated.

Fixing it can be a bit hard… since the computer is rebooting all the time. McAfee could create a bootable windows CD that restores the missing file from the system but.. hey wait.. no they can’t do that. You can’t distribute a proprietary OS like windows for free… Maybe they can create a Linux boot CD to restore the windows file… Something to contemplate: using Linux to revive a windows machine.

Yup once again the adoption of open standards by the EU has come under attack according to this article on Slashdot. They accuse Kroes of trying to get the open standards and open source off the agenda. Kind of weird isn’t it? She has been European Commissioner for Competition… go figure.

Well as many developers already know: security is a concept, not a product! You can’t just throw “some security” at a piece of software. Security considerations must be part of the original design and development of software. The Pwn2Own hacking contest shows –once again– that there is too little security awareness in current software design. Look at these embarrassing results: all major browsers took a fall: Internet Explorer,  Firefox and Safari. Most browser are compromised by popular plugins like acrobat reader

These OS’s took a fall: Windows 7, Windows XP, Mac OS X snow leopard. The only OS that is still standing is Linux. Because Linux is indefinitely more secure? Well maybe but there’s also something else: Linux is an open source OS where highly skilled developers are coding. Changes are reviewed by others before they are merged into the main kernel tree. In other words: security is part of Linux. Another thing is that people who run linux are people who are aware of abuse. These are –in general– not the people who would click on the ‘cute-kitten-movie.exe‘ attachment. So Linux is just not that interesting to Black Hat Hackers. True: Mac OS X is build on an open source OS as well: FreeBSD but the presentation layer and Safari is proprietary code from Apple (except for the WebKit on which it is build).

Microsoft currently runs the Security Development Lifecycle (SDL) model. This should make security an integral part of the development lifecycle. Well to be honest when budgets are getting tight and deadlines are running out: documentation and code quality are the first areas that take the fall. So really I don’t expect much from SDL. Especially since MS is trying to develop a ‘catch all’ (silver bullet) security measure inside the kernel… I’m not saying these measures aren’t worthwhile, they are (Linux has them for ages now), it’s just not enough.

The phrase ‘security is a concept, not a product‘ proves its point when you look at the measures current OS’s are implementing to prevent ‘arbitrary code execution’. Windows XP, Windows Vista (still in use?) and Windows 7 has DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization). Both ‘techniques’ should prevent (or make it harder) to execute arbitrary code… but they don’t. Dutch security researcher Peter Vreugdenhil showed an impressive circumvention of DEP and ASLR in windows 7. See: security is not a product…

The good thing is that the hackers are not just updating the vendors on the leaks they found. Instead they tell the vendors how to find the leaks themselves in an attempt to raise awareness.

Some call me a hater, others call me a fanboy… well the truth is somewhere in the middle… I hope… Anyway, I love this new Mac ad.

I’ve blogged about World of Goo before on this site. It’s a great game that will entertain you for many hours. I got a tip yesterday from Sander (thanks mate!) about the World of Goo birthday sale. In short: you can determine your own price for the game. Watch it… this will only last until october 19!

You will get all downloadable versions… so one for Windows (why would I want that?) & one for Mac OS X & even the versions for Linux. I’ve donated $1.00 for the game and it makes me feel like a cheap ass but I think that’s the whole meaning of the birthday sale. I think you can donate as less as $0.01 to get the game but I didn’t try it out myself.

So if you want it rush over here before october 19.

Here you’ll see proof that I got it for only $1.00

I like this comic. Thanks for bringing this one to my attention, Sander.

Mayday mayday… we’re going down.. we’re going down. Finally when Microsoft had an OS that actually could run more than one application at once they now use that to extort some money out of you. The Windows 7 Starter Edition will not allow you to run more than three applications at the same time (virus scanners etc. not included). Whahahahaha what is wrong with those people from Redmond?

Surely this will also raise the price of netbooks once they are preinstalled with Windows 7. I thought that Vista sucks but this is really crap. How many more arguments do you need to start using Unix? Now please be aware that Microsoft claims the average user uses only two applications at the same time. Yeah right. I don’t know about you but during the day I’ll have around 10 to 15 applications open. Tssss… I wonder what’s next. Pay extra for using multiple USB storage sticks? Pay up when you connect a new mouse? This is pathetic.

Here are some more funny Songsmith renditions of classic songs. Sander already linked to a couple of classics in his comment on the first Songsmith post that mainly bashed the horrible ad for Songsmith. Sander was right when he stated that I didn’t see the full comic potential of this program.

So here is some more great Songsmith stuff. Some of these are actually really good. Enjoy. If I missed really great ones on YouTube please put them in the comments.

(more…)

Shoot me now. Run me over with a truck. Put my head on the rail. Kick me to death. Now. Not only the music is very very very bad… the commercial itself is probably the only thing worse than the music.

“Microsoft, huh?… So it’s pretty easy to use?”
“Well my band has said my songs are a little stale lately”. Yeah, loser, this will help.

Poor Beethoven & Mozart… think of the effort they had to put into their music and now they are overtaken by Microsoft Songsmith.

Har har har… you might think the IT industry at large may have learned a small lesson from the millennium bug (Y2K bug). Well most professionals probably did but Microsoft still manages to screw up bigtime. In this case the Zune 30GB version has a leap-year bug. It will not start up properly due to the bug. Fortunately there is a fix at hand… Just let it run out of battery capacity. Recharge the battery and start it after noon GMT and your Zune will be fine. You got to love those Microsoft products.

With the Zune you get the full Microsoft experience. Think of continues thrill and exitement the Zune is offering you… is it going to work or will it blow up in my face? It’s like rebooting after a blue screen of death… you’ll never know whether your system will successfully restart or not. Microsoft gives just that little more excitement…

Do you still feel comfortable with Microsoft products being used in nuclear submarines?… Happy New Year, enjoy it as long as it lasts.