Earlier today I published a lengthy blog post questioning some of the sensationalist conclusions raised in press coverage of a paper presented by Alexander Sotirov and Mark Dowd at last week’s Black Hat Conference in Las Vegas. This afternoon, I received an e-mail from Sotirov, who says he was "horrified by the lack of understanding displayed by the tech press when they covered the paper." He agreed to a follow-up interview, in which we discussed Microsoft's reaction to their research, how Windows users should respond to this news, and how they conducted field research into whether girls really are impressed by browser memory protection bypasses.
The Ed Bott Report
Get outspoken insights and expert advice on the products and companies that define today's tech landscape, from a source who knows these technologies inside and out.
Ed Bott is an award-winning technology writer with more than two decades' experience writing for mainstream media outlets and online publications.
Oh dear. The Chicken Little contingent is out in full force. Break out your Kevlar helmets, everyone, because the sky is falling on Windows! At last week’s Black Hat conference in Las Vegas, researchers Alexander Sotirov and Mark Dowd presented a paper that outlined some new attack vectors they had discovered targeting some security features introduced in different versions of Windows XP and Windows Vista. Unfortunately, most people who read about Sotirov and Dowd’s work didn’t bother to read the technical paper. Instead, they relied on quick summaries, most notably the one provided by SearchSecurity, which was picked up by Slashdot and our own Adrian Kingsley-Hughes. Alas, those stories are wildly inaccurate and hopelessly sensationalized. Here's the real story.
I got a lot of great questions and comments via e-mail and in the Talkback section of my previous post on the sudden surge in adoption rates for Windows Vista x64. In this follow-up, I summarize the answers I’ve found for questions like whether Vista x64 uses more memory than x86 (yes, but not as much as you might think), where you're most likely to run into compatibility problems (got a scanner?) and why anyone who uses a VPN should think twice before making the move to 64-bit Windows.
In the TalkBack section of my earlier post on the sudden popularity of x64 Vista, a commenter notes that Adobe's Flash player is not yet available in a 64-bit version, which means that if you go to a site that uses Flash, your 64-bit browser will not render the content correctly. That’s one of the minor annoyances in using 64-bit Vista, and Adobe's been silent on the subject for six months except to say, "We're working on it." Can someone light a fire under the Flash development team?
Last year, x64 editions of Windows Vista were hard to come by and seen as mainly for early adopters. This year, with little warning, the tide seems to have shifted dramatically. By my back-of-the-envelope calculations, at least 20% of all Vista PCs sold in the second quarter of this year came with 64-bit editions of Windows Vista preinstalled. By fall, it’s possible, even likely, that we’ll reach a tipping point, with more than 50% of new PCs sold at retail coming with 64-bit editions of Windows Vista preinstalled. So why the sudden shift? And what's in it for you?
Last October, roughly one year after the release to manufacturing of Windows Vista, I did a comparison of how well Windows Vista was living up to its promise of being more secure than its predecessor, Windows XP. My data source was the Microsoft Security Bulletin Search page, where I tallied up security bulletins rated Critical or Important for the two Windows versions. The result? Vista had an overwhelming edge over XP. So, has Vista maintained its security edge in the succeeding nine months? I did the same comparison for that period. Go see the numbers for yourself.
A new ad at Microsoft.com tries to make the case for a fresh look at Vista by pointing out that "at one point, everyone thought the earth was flat." Aligning its most vocal Vista critics with the Flat Earth Society is a clever way to get people's attention, but can this approach really overcome the overwhelming negative buzz about Windows Vista?
Sony is finally taking on its crapware problem. For the past two months, I’ve been using an astonishingly light and agile Sony VAIO notebook and loving every minute of it. The best part of all was that this machine was absolutely, completely, unequivocally crapware-free, which meant I was able to be productive within a few minutes of unboxing. Sony's Fresh Start delivers exactly what it promises: a crapware-free PC. In today’s post, I show you why this VAIO is different from its predecessors and explain how Sony plans to widen its selection of crapware-free models.
More than two years ago, Microsoft purchased Apptimum, Inc., which had developed two system utilities for transferring programs and settings from one computer to another. Roughly six months later, around the time Windows Vista was released to corporate customers, Microsoft announced that it would release the software under a new name, Windows Easy Transfer Companion. Last month, the “extended public beta” ended suddenly, with no announcement and no plans for a replacement. What's going on?
A few months ago, Steve Ballmer publicly noted that Windows Vista was “a work in progress.” That inspired a predictable outpouring of Vista-bashing. After all, look how many updates Windows Vista has had since it was first released. Obviously, it was a disaster, or there would have been no need for that many updates, right? Why couldn’t Microsoft get it right the first time? The reality? All modern operating systems used as mainstream business and consumer platforms are “works in progress” and require frequent updates to fix bugs and resolve security issues (and occasionally to add features). That point became abundantly clear to me over the weekend as I updated a pair of Linux-based virtual machines. Want to guess how many updates each one required after only 51 days?