James O'Neill's Blog

September 28, 2006

On blogging

Filed under: General musings — jamesone111 @ 4:16 pm

I’m was in more philosophical mood than normal this morning.

I’ve heard Tom Reynolds on Radio 4 twice in the the last week; first on “Midweek“, then on “Meet the blogers” Tom works for the London ambulance service, and his blog “Random Acts of Reality” has lead to a “blook”, wonderfully titled “Blood sweat and tea“. His post “These boots” which he read on midweek is poetic and moving.  And if you want to persuade someone to stop smoking, if they don’t after hearing “Why I Hate smoking Parents” they never will. 

We expect a service to be there, but it’s faceless: vehicles and uniforms. Blogs like Tom’s show the human beings in those uniforms. Like Microsoft, LAS takes a positive view of blogging.  Our guidance for bloggers is two words. Blog Smart – which covers a lot ! e.g. (1) Don’t say in public things others need or want to keep secret.  (2) Don’t embarass, annoy or shock your manager with what you post. My manager reads what I post (Hi Eileen), and there’s a level of trust involved – which is one of the good things about working in this bit of Microsoft. If I go off my technical patch too often she’ll say “Get an MSN space for heaven’s sake” but I can (and have) blogged about aspects of working for Microsoft, and this isn’t the first time I’ve blogged about the effects of blogging. Tom’s blog “How to blog and not lose your job”  expands a bunch of aspects of blog smart. 

I found a police officer’s blog, “Inspector Gadget“,  last night, via Tom’s blog.  It gives a human face to another often faceless organization.  And his post “May the force be with you” is the funniest thing I’ve read this week. My dealings with the police usually releate to speeding: I want them to do something about motorists speeding out of my village, but I resent speed cameras everywhere else. I see this as double standards on the part of the police, not myself, like most other members of the public, and I’ve given the (faceless) Inspector at my local police station some grief about it.  A perspective from “Inspector Gadget”  helps: the following is from a post called “White noise” 

One in ten of the complaints I deal with deserve further investigation. The other nine are usually the direct result of unrealistic expectations…. As an Inspector, I have to listen…  Iā€™m getting all this for the third time. Having heard something entirely unacceptable (i.e. the truth) from a PC, they then complain to the Sergeant. The Skipper looks afresh and decides the PC was spot on. Public respect for Police Sergeants having entirely gone out of the window along with everything else, the fool now calls for an Inspector. This is clearly going nowhere, but a rainforest will have to die to record it. Meanwhile, some poor citizen with a legitimate enquiry is on permanent hold. This generates a new complaint.

It seems that his force have the knives out for the inspector – for developing this understanding of what it is really like to serve the rest of us.  Idiots!  Not only is the man doing them good, but acting against someone for saying things the public thinks are reasonable will do you harm. (c.f.the Gina Ford saga  on which a great new article by one of the protagonists has appeared in prospect magazine.)

This morning the police had put out some new “Your speed is” signs in the Village; doing the school walk I could see the effect on the traffic was amazing. Looks like speeding in my village was worth investigating, but odd that it should come the morning after reading that.

This post originally appeared on my technet blog.

September 27, 2006

Patch for IE 6 VML vulnerability

Filed under: Internet Explorer,Windows XP — jamesone111 @ 11:38 am

We have been getting some bad press over a bug which affects the Vector Markup Language in IE 5 and IE6 (but not IE7). Over on the Security Response Center Blog there are several posts about it. There were attacks based on the vulnerability (though very few), so we published a workaround and then released the patch ahead of schedule. The blog has details of release; it is already live on Windows update, or you can go here to download it directly.

Interesting footnote. The BBC have covered this story top of list of links they have is the MSRC blog… shows how blogs are becoming seen as authoritative

Tagged as Microsoft Windows XP (Windows XP) Vulerability

This post originally appeared on my technet blog.

September 26, 2006

Compatibility includes how you work …

Filed under: Windows Vista — jamesone111 @ 3:59 pm

One of the blogs that I’ve found a lot of people seem to be linking to is the “Shell blog“. One of the interesting articles up there at the moment is “The fit and finish balancing act“, by Vinny Pasceri. The question is does adding polish break things for users and does the benefit outweigh the cost. It’s worth a read to see that we don’t make change for change’s sake.


Vinny quotes an article by Frank Hayes in ComputerWorld called Innovate big. Frank’s key message is if there’s no real benefit to a small change, don’t do it. In fact, work hard to keep those small-scale, user-level details the same. Now there is an obvious contradiction because if the details aren’t the same, do you make small changes to bring in consistency ? Those are the hard cases, because for everyone you please with consistency, there is someone who is annoyed because your change broke their way of doing things (I still think [ctrl]+C should centre a paragraph in word, and it hasn’t worked that way for at least 10 years!) 


One of the big changes in Vista is the introduction of the TaskDialog. I watched my developer colleague Daniel Moth demoing Taskdialogs to journalists a few days ago and I hadn’t really thought about it in detail before that. Below is the new “file exists” task dialog compared with Windows XP’s message box – click the images for larger versions







Vista has kept a “System Properties” tabbed dialog in the style of XP, Vinny shows how small changes to this wouldn’t make things any better. Vista has a new style Control panel page which invokes the right page of the old style dialog, and the more polished thing would have been to use a TaskDialog, but that would have broken peoples ways of working. What did amaze me was when someone pointed out that File/New font dialog hasn’t been updated since Windows NT 3.1, which copied Windows 3.1 … it’s probably the oldest unchanged piece of UI in all of Windows (unless, of course, you know different).


Tagged as Microsoft Windows Vista (Windows Vista)

This post originally appeared on my technet blog.

September 25, 2006

On Compatibility

Filed under: General musings,Photography,Windows Vista — jamesone111 @ 11:41 am

Pentax have just released a fantastic new DSLR. Before anyone jumps to the usual conclusions about us Microsoft folks being paid in huge sacks of gold, after my recent holiday, its going to take time and careful management of the pennies before I can buy one. I mention cameras because of a conversation I had recently with a well known UK journalist about compatibility as a double edged sword in Vista, and Cameras are one of the places outside of computing where compatibility is really important.


Pentax have taken a major step for compatibility by supporting Adobe’s Digital Negative format (DNG … which I have to stop pronouncing as “Dung”).  Digital SLRs can save both JPEG images and unprocessed (RAW) data, but each new camera introduces some new minor variation of RAW format, and users have to wait while software catches up. A few people were suspicious of Adobe’s motives for DNG, but their license “grants all individuals and organizations  [the right] to make, have made, use, sell, import and distribute Compliant Implementations”.  Adding DNG support to software is no worse than adding support for one more camera but once you support DNG from any camera, you support DNG from every one. The trouble was until now none of DSLR makers supported DNG. I’ve said some trenchant things about Adobe and their behavior over PDF and the competing XML Paper Specification (see the Wall Street Journal for an update). But there is a stark contrast between encouraging everyone use share a standard (DNG) and positioning a format as a standard (PDF) but trying to maintain a monopoly in tools for it.


Camera owners want their existing lenses to work with new camera bodies – which precludes radical changes to the lens mount. Pentax have kept refining their “K mount” since they introduced it the 1970s and they still provide an adapter for it to take lenses made in the 1950s and 60s. The shake reduction in the newest bodies works with these ancient lenses. It’s a great compatibility story, but sadly it doesn’t extend to electronics. Pentax’s first digital cameras used Compact Flash memory, and all the current ones use SD cards, so my current memory will need to be replaced (a situation which is doubly annoying as my current phone switched from SD to mini-SD and it’s successor will use Micro-SD).  The electronics in the new camera needs a higher voltage than the old one – so Pentax have switched from Standard AA batteries to a proprietary one. This is a bigger annoyance – other things I take on my travels need an AA charger but now I’ll need to take the camera’s charger and a spare battery. But the electronics to deliver the things I want in the camera needs the higher voltage: making the change was the Right Thing to do.


Windows Vista shares this dilemma of of maintaining total compatibility against breaking it in order to do the Right Thing.  Normally the complaint I hear is that a new version doesn’t work with something: we all have hardware and software which we want to keep using. In 64 bit Vista we require drivers to be signed and we don’t allow the Kernel to be patched: not by root-kits, not by Symantec, not even by our own products.  You can read in the Wall Street Journal about Symantec’s campaign to force us to allow root kits. The journalist I was talking to thought it lame not to do the same on 32 bit. “If drivers aren’t certified they shouldn’t be allowed to run.”  I found it pretty poor when my home printer’s documentation said Windows XP would protest that the driver wasn’t certified; and in my experience the driver has been flakey and prone to hangs. The printer is from one of the leading brands, I expect better. But would I want a message which said “Sorry, there’s no certified driver for this hardware. You can use Vista or use the printer but not both” ? 


Is the Right Thing to force people into a choice between an older OS with bad drivers  or a new OS with only good drivers but without some hardware ? Or is the Right Thing to let people have a (new) OS which is more reliable, more secure  and then make it less so with old drivers ? Does doing this just let driver writers off the hook – when the other route would force the issue ? The thought of not selling new printers might spur the printer makers into getting certified drivers for the current models, but what about mine which is nearly 4 years old ? If I couldn’t use the printer would I upgrade my home PC to Vista ? The point wasn’t lost on the journalist: he leveled the accusation that we’ve chosen this path because we can sell more software that way.


I remember a customer 15 years ago telling me that “You can have progress, compatibility, and freedom of choice, you sometimes get two, but hardly ever all three” – to give people compatibility and freedom of choice, we do have to limit some areas of progress.


Tagged as Microsoft Windows Vista (Windows Vista) Pentax


Update – Bonus link: Pentax’s product manager has put a Video up on You tube about the camera

This post originally appeared on my technet blog.

September 23, 2006

Vista update. RC1 is so passé

Filed under: Beta Products,Windows Vista — jamesone111 @ 2:35 pm

There’s a post “Interim Windows Vista Build 5728 Released Today” over on the Vista team blog. I’ve already explained that “true” builds of vista move in increments of 16, so this is 8 builds on from 5600 which is RC-1 (which I’ve only been using for 7 working days) .


I was expecting to see a release candiate 2 about a month after RC-1 – still a week or two away – with the release to manufacturing a month after that.  I don’t know if this is a substiute for RC2 or if the intervals are going to be a little longer, putting RTM in mid November rather than early November. If I get any more information I’ll share it when I have it.


Bonus link: Also on the Vista team blog, they’ve mapped where our beta testers are. Awesome use of MapPoint.


Tagged as Microsoft Windows Vista (Windows Vista)

This post originally appeared on my technet blog.

From the "Thank heavens for that" file. WE DO LISTEN about things you don’t want to hear.

Filed under: Beta Products,Windows Vista — jamesone111 @ 1:20 pm

Before I went on holiday I wrote something for Technet newsletter saying that we planning to make the boot-up sound in Windows Vista a fixed thing. Now this was only at cold boot, not logon, not wake-from hibernate or sleep modes, so it shouldn’t be THAT big a deal. 

 As luck would have it, the newsletter went out the day I returned from holiday and my mailbox was soom full of mail to reinforce my belief that it would cause a disportionate amount of customer annoyance. It ranged from “It’s just wrong to have a sound I can’t turn off “ to “I run a recording studio where the PC is connected to 200 Watts of amplification”. There was plenty to pass on to Redmond.

The Vista team have just postedYour collective voice truly made a difference in this matter, as we’ve incorporated a way for users to turn off the start-up sound”.

I want to say a quick “thanks” to those folks who fed back on this. We parrot off “we always value your feedback” so often that it stops sounding sincere. But we do.  We are human, things we do can be improved and help identifying which things is welcome. 

 

Tagged as Microsoft Windows Vista (Windows Vista)

This post originally appeared on my technet blog.

September 21, 2006

Get Safe On-Line, Richard Hammond, and Paypal

Filed under: Security and Malware — jamesone111 @ 11:58 am

We’re getting ready to re-run the Get Safe Online campaign. I worked on it last year in my old role, which was how I first got to know Steve. TV presenter Richard Hammond was involved in last years launch, and those who worked with him came back saying what a nice chap he was and how he was genuinely interested (rather than turning up to be a famous as some celebreties do). So it was extra sad for us to hear he had been bad hurt and was “Critically ill” in hospital after an accident filming for the Top Gear programme yesterday. It’s good to hear in this morning’s news that he is improving; we hope he makes a full and speedy recovery.


E-bay were one of the sponsors of GSOL last year, and their PayPal subsidiary are obviously thinking about get safe on line, they sent me a mail overnight entitled “Learn how to spot fake emails and stay safe online.”


Paypal have prepared a  list of tell tale signs for spoof mail. Lets apply their guidelines to their message






;

  1. Generic greetings.
    It’s addressed to me, not “Dear customer”, so that looks OK.
  2. A fake sender’s address.
    It says it’s paypal@email.paypal.co.uk  Fake ? Genuine ? I can’t tell, and mail addresses are easy to spoof.
  3. A false sense of urgency.
    This one doesn’t seem urgent.
  4. Fake links. (Which take you to a spoof website, Install spyware, or cause you to download a virus)
    Fake links. They have a link to  http://email1.paypal.co.uk/u.d?Flk0gMzpcUFlw9=11 is that fake or genuine?  Oh oh! This might be a phishing mail.
  5. Emails that appear to be websites.
    It sure looks like their web site… this is begining to look like a phising mail.
  6. Deceptive URLs. (if you see an @ sign in the middle of a URL, there’s a good chance this is a spoof …  other examples of deceptive URLs include: http://www.paypalsecure.com, http://www.paypa1.com, http://www.secure-paypal.com, and http://www.paypalnet.com. Always log in via the home page   Never  from a link in an email)
    But the want me to go to a a website from a link in this mail !! Lets check the Pay Pal home page – no there are no links to any of these things there.
  7. Misspellings and bad grammar.
    I couldn’t find any.
  8. Unsafe sites. (If you don’t see “https,” you’re not in a secure web session, and you should not enter data.)
    And this links to an HTTP url on an HTTPS one (though it never asks for data)
  9. Pop-up boxes.
    No we don’t have any of those
  10. Attachments.
    No clickable attachments either

 So the Message to paypal would be … when warning people about links in mail, don’t do it with a link in an a mail !! And if your running a campaign, put a link on your home page for it


 


Tagged as Microsoft Get Safe On-line phishing PayPal Richard Hammond

This post originally appeared on my technet blog.

September 20, 2006

The first rule of Politics. Microsoft and the EU

Filed under: General musings,Windows Vista — jamesone111 @ 1:38 pm

Jonathan Lynn and Anthony Jay know a fair bit about politics, which was how they came to write the hugely popular “Yes Minister” series . They wrote that the first rule of politics is “Never believe anything until it has been officially denied”.

A lot of the news I saw yesterday said EU Commissioner Neelie Kroes denies having a vendetta against Microsoft.” She took the slightly unusual step of responding to a letter in the Financial times which said she did. You can read her response … have a close look at the language she uses to describe Microsoft and Windows Vista 

Throughout these discussions, it has always been my aim pre-emptively to minimise the risk that a company with a near-monopoly position, and which has been found to have engaged in anti-competitive conduct in many jurisdictions around the world, releases a product that could have the clear potential to hinder effective competition in the market.

Does this sound like someone whose view of Microsoft (and it’s upcoming products) is (a) positive (b) Neutral  or (c) Negative ? Also, note she wants to minimize the risk that Microsoft releases a product with the potential to hinder competition. Not a product which actually hinders competition, but one which might. She goes on…

I have seen it suggested that the Commission may seek to prevent Microsoft from improving the security of its operating system.
This is categorically not the case. We do nevertheless seek to ensure that rival security software vendors, who have traditionally been the innovators in this area, are able to compete on a level playing field.

Notice the way that Commission Kroes says that that Microsoft’s rivals innovate, but Microsoft does not.  But does ensuring a level playing field mean:

  • No Anti-phishing filter in IE because other people want to provide that service ?
  • No Patch guard, because protecting against rootkits breaks some AV software (e.g. Symantec’s) which is implemented as a root kit ?
  • A European version of Windows without Defender, Firewall or bit locker so customers have to buy equivalent software ?
  • Denying access to http://safety.live.com/ from European IP addresses ?

Actually I have a tiny scrap of sympathy for someone who is charged with matters of Competition but not with the interests of consumers. How so ? Well it is rarely in the interests of competition for any new feature to be added to an operating system. Things we take for granted today were once purchased 3rd party add-ons. Before Windows NT and Windows for Workgroups 3.11 if you wanted IP networking you had to buy a TCP/IP stack. Without GUI PCs with an IP stack it’s hard to see how the Internet would have become all pervasive; that was good for consumers, it was good for jobs, but it was bad for companies like Wollongong, and FTP inc, who produced IP stacks.  A commissioner for competition should really have kept TCP/IP out of Windows, and stifled the Internet. Who wants the job of being the commissioner against progress ?
I’ve yet to meet a consumer who thinks that  Commissioner Kroes is acting in their best interests by keeping features out of the OS. And it’s never consumer interest groups who ask her to act, but Microsoft competitors. At the behest of Real Networks, her office brought about “Windows XP-N” variant. -N meaning “No media, by order of the EU”, or “Nobody wants it” depending on your point of view. Not a single copy has ever been sold.

Does she have a vendetta against Microsoft ? It’s hard to ask that question without thinking about “the fine” ā‚¬497M for not disclosing… well exactly what is a bit of mystery: the commission demanded full and complete disclosure of the working of the Windows 2003 server, but never explained in what ways the disclosure was partial and/or incomplete. Small wonder the matter looks set to be in court for years. SiliconValley.com reported a claim by Kroes that “European policy toward the software company does not differ substantially from that of the U.S” – yet the Americans never told anyone they had to give trade secrets to people to help them build competing products.

It has also been reported that the commission wants to prevent any bundling of software to write PDF files. Currently one company (Adobe) has a “Near-monopoly position” when it comes to supplying tools to do this. If someone else entered the market this would be a good for consumers.. keeping Microsoft out makes it hard for the Commission to claim to be defenders of a level playing field.

The Commissioner complains that There appears to be a co-ordinated campaign to portray the Commission in a negative light. British commissioners are usually chums of the Prime Minister who are embarrassingly hard to find jobs for at home, so much of Britain has had a pretty negative view of the lot of them.  Harry S. Truman, talked about not giving opponents hell he “just told the truth and they thought it was hell” – and I can’t find any evidence of co-ordination.  For example, Sonia Arrison wrote a piece for Tech News World, entitled Europe’s technology problem: the EC which opens – Neelie Kroes and her staff are acting like spoiled children, as they are basically telling Microsoft, “We think you have problems, but we won’t tell you how to fix them.” That’s disappointing leadership from Kroes, who was recently named by Forbes as one of the “World’s Most Powerful Women.”

 So the big question is will this affect the ship date for Vista ? Gartner still doesn’t think we’ll make the date and Tysonhy reports that they’re saying we might blame the EU – though we couldn’t pin a global delay on them. I still think we’ll make the ship date; might we hold off shipping in Europe ? 20 years of antipathy towards the EU means makes me dream of full page newspaper adverts all over Europe explaining how the commission stopped Europe getting the benefits of Vista that the rest of the world was enjoying  (i.e. show them what a co-ordinated campaign really is) – but I just can’t see that happening in the real world (we’d look like spoiled children then). The EU can’t or won’t say if they are happy with our answers to their “79 concerns“; my guess is if we think we’ve covered them we’ll ship.

This post originally appeared on my technet blog.

September 18, 2006

Phew … I can come up for air now.

Filed under: Windows Vista — jamesone111 @ 2:57 pm

I have finally got my outlook unread messages down to zero. There are 1229 Messages in my deleted Items folder and 195 messages from the last 2 weeks still in my inbox, but which have been looked at.

Since getting back I’ve switched over the to Vista RC-1 build I set-up the evening before I went on holiday. I’ve installed an updated (internal only) version of GroupShot which I mentioned before: this works with Vista and has a couple of interesting new features which are still under wraps. More importantly for work, I’ve put the technical refresh of Office 2007 beta on my (Vista RC-1) machine. Not surprisingly I ‘ve spent most of the time in Outlook – which seems to use Vista’s search now. Somewhere when the builds of Vista and Office got out sync Outlook stopped getting RSS from Internet explorer and started doing it for itself – that’s been fixed, too. 

Three items that proved to be  good read in my RSS feeds were:
(1) Mike Calligaro’s called I’m just a feature, although Mike writes about Windows Mobile stuff, this really applies to every product and it’s a useful reminder getting features into products isn’t as easy as you might think.

(2) Steve Riley’s “Mandatory integrity control in Windows Vista” which explains how protected mode in Internet Explorer 7 works.

(3) Jeff Jones’ “Windows Vista x64 Security ā€“ Pt 2 ā€“ Patchguard” which explains a lot of the background and itself contains a lot of intesting links (particularly this one from the vista security team)

Thanks to Steve for #2 and 3 

This post originally appeared on my technet blog.

September 16, 2006

Windows Vista Step by step guides for IT professionals

Filed under: Windows Vista — jamesone111 @ 11:46 am

I’ve been away with the Microsoft Dive Club for 10 days and boy do I have some catching up to do. We were diving off the coast of Tanzania and although we could get a phone signal, there was no data service which meant 10 days out of e-mail contact. The only work related news we heard was the departure of Brian Valentine.

I’ve got my unread messages down to 266. I also found that when I dialed in to set my voice mail message I said “I’ll be away until Wednesday 13th July” instead of “September”  – which created some confusion ….

One bit of news that’s worth sharing is that we’ve recently published 15 step-by-step guides for IT Professionals.

  • Deploying Vista Step by Step Guide.doc
  • Managing Group Policy ADMX Files Step by Step Guide.doc
  • Managing Roaming User Data Deployment Guide.doc
  • Performance Monitoring and Tuning Step by Step Guide.doc
  • Print Management Step by Step Guide.doc
  • Step by Step Guide to Controlling Device Installation and Usage with Group Policy.doc
  • Step by Step Guide to Device Driver Signing and Staging.doc
  • Step-by-Step Guide to Managing Multiple Local Group Policy.doc
  • User Account Control Step by Step Guide.doc
  • Windows BitLocker Drive Encryption Step-by-Step Guide (September 2006).doc
  • Windows Vista Beta 2 Migration Step by Step Guide.doc
  • Windows Vista Beta 2 Trusted Platform Module Services Step by Step Guide (May 2006).doc
  • Windows Vista Multilingual User Interface Step by Step Guide.doc
  • Windows Vista Speech Recognition Step by Step.doc
  • Windows Vista Windows Meeting Space Step by Step Guide.doc

I’ve skimmed through most of these and they look like a good way to get up to speed quickly.

This post originally appeared on my technet blog.

September 1, 2006

Vista RC-1 is ready …

Filed under: Beta Products,Windows Vista — jamesone111 @ 8:36 pm

Go here.


The information I had was that we built 5584 on Monday, which was intended to be the release. Another internal source told me a single “show stopper” bug (I’m not saying what – but it mattered to Microsoft internal people more than most users) caused them to go back and do one more build. 5600 was built on Wednesday.


By a strange twist of fate my daughter came into work with me today. I made a DVD or 5600 and installed it on a spare Dell: on which she has been watching DVDs and playing purble palace all afternoon. I’m still on 5536 – yep, the only one in this household to have any time on the real RC-1 is 6 years old !  5536 -5600 is a a pretty small set of changes, so I don’t expect much difference when I put it on this toshiba.  


I’d keep an eye on this link http://download.windowsvista.com/preview/rc1/en/download.htm for a location of the download. Technet and MSDN subscribers should be able to download it too. Expect it early next week.


 


Tagged as Microsoft Windows Vista (Windows Vista)

Update slight fix to the URL, and a newer build is now here.

This post originally appeared on my technet blog.

On Communication…

Filed under: Uncategorized — jamesone111 @ 9:00 am


We should be able to laugh at some stuff. I guess Microsoft suffers more than most organizations from e-mail overload. I found out about a message that everyone on my team needed to act on – except every one of us mistook it for spam. I think when people say communication is poor this is the kind of thing they mean; it’s a problem people try to solve by creating more intranet sites… not always the right answer.


 I was talking to a new-ish employee this morning who saw the 2004 “Office Values” courtesy of the leak, and Vista prices on turned up on Amazon  – you have to laugh or else you cry.


Bonus links. I’ve got to post something more detailed about things on Ed Bott’s blog – but this link he posted made me laugh.

This post originally appeared on my technet blog.

Blog at WordPress.com.