Archive | Original Site

Windows 7 Eliminates AutoRun/AutoPlay Security Hole

Posted by Harry McCracken on April 28, 2009 at 2:47 pm

It seems unlikely that Microsoft has any major news involving Windows 7 features up its sleeve, but interesting tidbits are still coming out. The latest is today’s news that it’s eliminating the venerable AutoRun feature for USB drives. A blog post at the company’s Engineering Windows 7 blog explains that the Conficker worm  used AutoRun (which identifies programs on a removable device and lets users choose to have them run automatically) and AutoPlay (which notices that you’ve inserted a removable storage device and provides a menu of tasks to choose from) to provide an AutoPlay item that looks like it’ll open up a folder but which actually launches Conficker. Windows 7 won’t display AutoRun items in this menu, and Microsoft says it’ll update Windows Vista and Windows XP to behave the same way. Conficker may be devious, but the security hole was pretty gaping all along; it’s surprising that it took this long for it to be publicized and for Microsoft to seal it up.

AutoPlay will still display AutoRun items on CDs and DVDs–which are presumably far less likely to carry worms than USB drives–but Microsoft is tweaking the message you get to make it clearer that launching an AutoRun item involves running a program from an external device.

Side note: Microsoft’s Security Research and Defense Blog also has an item on the change, in which it says that “AutoPlay will no longer support the AutoRun functionality for non removable optical media” This momentarily confused me–it brought to mind visions of a DVD drive with a single disc sealed up inside the computer–but I’m reasonably sure that it’s a typo and that the poster meant to say “non-optical removable media.”

6 comments

WSJ Says Microsoft is, Indeed, Working on a Phone

Posted by Harry McCracken on April 28, 2009 at 12:36 pm

The rumors about this have been flying for months: The Wall Street Journal is reporting that Microsoft is in talks with Verizon to launch an iPhone rival next year. (Here’s a link to a story at Silicon Alley Insider; the Journal’s piece is behind a paywall.)  The project is code-named “Pink,” and Microsoft would handle the software and services, with the manufacturing being done by someone else.

Silicon Alley Insider’s Dan Frommer says there’s a good chance that a Microsoft phone would flop, because Microsoft is late to the game and its prior mobile products have been uninspiring. This may be a contrarian view, but I don’t think timing is in a issue–we’re still very, very early in the smartphone revolution, and a knockout product with lots of money and resources behind it could still be a big deal. (Remember, the iPhone looked like a late entrant when it was announced in 2007.) The bigger question is whether Microsoft can come up with anything truly exciting–and, actually, whether it can come up with anything that feels like it’s part of the future of phones rather than its past.

I keep harping on the idea that smartphones are the new PC, and that they’ll eventually replace PCs as we know them. So far, that’s an out-there notion–when I raise it, folks usually nod their heads in agreement and then say “Yes, but…” I’m fixated on it because I believe it with all my heart. I think that most of the major companies of the PC era, from Microsoft to HP to Dell to Adobe to Intuit, are going to have to figure out how to make themselves part of this world, or they’ll get left behind–just as all the minicomputer companies that once lined Route 128 in the Boston area once did. (I grew up in Boston in an era when Digital, Wang, Data General, Prime, and Apollo were titans–bought a computer from any of them lately?)

It was Microsoft software running on commodity hardware, as much or more than anything else, that did in the minicomputer back in the 1980s. I can’t imagine that any rational person outside or inside of Microsoft truly believes that Windows Mobile 6.5 is a platform for a robust Microsoft presence on smartphones over the next five to ten years–and no matter what happens, it’s going to be fascinating to see how Microsoft and dozens of other companies respond to this sea change.

12 comments

Opera Turns 15, Claims Title of World's Oldest Web Browser

Posted by Harry McCracken on April 28, 2009 at 12:03 pm

Opera LogoThe folks at Opera are celebrating the fifteeth anniversary of their Web browser today. They’ve got some fun celebratory items up, including memories from cofounder and CEO Jon von Tetzchner, a secret origin in comic-strip form, some predictions for the future, and a list of fifteen reasons to use Opera.

The company’s saying that Opera is the oldest browser that’s still extant, and while that’s a defensible interpretation of history, it’s subject to debate. It’s marking its fifteenth birthday not on the anniversary of the first public release of the browser–that didn’t happen until 1996–but on the anniversary of the beginnings of coding on the first version, which was a research project at Norwegian telecommunications company Telenor. If you determined the oldest remaining browser based on general availability, Internet Explorer, which was released in 1995, would predate Opera. And IE was originally based on code from Spyglass Mosaic, the commercial version of NCSA Mosaic, the first graphical browser–but I don’t know if there’s any Mosaic code kicking around in today’s IE 8.

Firefox, meanwhile, is a descendant of Netscape Navigator (which first appeared in late 1994 and was officially discontinued in 2007). But work on Netscape began in mid-1994–after Opera development was already underway, apparently.

Meanwhile, there’s at least one dark-horse candidate for the title of Oldest Browser Still Standing: Lynx, a text-only browser which I used myself back in the early 1990s. Here’s an OS X version posted at Apple’s site a little over a year ago, and here’s source code from 2007 with a note that a new version is under development.  Lynx supports neither graphics nor JavaScript, and I suspect that most modern sites are simply unusable in it–let’s not even talk about Flash here, folks–but it’s a browser. And if it’s gone to browser heaven, it did so only recently.

Anyhow, Opera is one of a handful of popular Internet apps of the mid-1990s that’s still with us, still evolving, and still doing interesting things–especially on alternative devices such as phones and gaming consoles. Long may it wave…

6 comments

Zoho Goes Mobile, But I'm Still Waiting For the First Great Web-Based Office Suite for Phones

Posted by Harry McCracken on April 28, 2009 at 11:13 am

Zoho Mobile LogoZoho–also known as the little company that takes on Google in the world of Web-based productivity, and sometimes outdoes it–has released a new version of its Zoho Mobile service for phones today. As usual with Zoho, it’s ambitious: The new version works on iPhones, BlackBerries, Android phones, Symbian phones, and Windows Mobile ones, and provides access to the service’s mail, calendar, word processor, spreadsheet, presentation package, and database. Here’s Zoho’s blog post on the news; the suite itself resides at m.zoho.com.

I tried Zoho Mobile this morning on my iPhone, and ran into multiple glitches: The e-mail and word processor looked good, but I couldn’t get spreadsheets or presentations to load properly. And the calendar’s “Quick Add” feature for entering appointments didn’t work. (Actually, I can’t get it to work on my notebook, either.) I just dropped a note to Zoho to see if the company knows what’s up.

Doing productivity well on a phone remains one of the larger challenges in software: I can’t get Google’s iPhone version of Google Docs’ presentations app to work either, and have problems with its spreadsheet, too. And neither Zoho nor Google offers full-blown editing of word-processing documents and spreadsheets in mobile form. (Google does provide some rudimentary editing in its spreadsheet, with an oddball user interface.)

In other words, I’m still waiting for the first great Web-based suite I can use on my iPhone. I’m sure it’ll come along–and Zoho and Google are the two primary candidates to make it happen. But both Zoho Mobile and Google Docs still feel experimental at this point.

4 comments

Amazon Buys Itself Another iPhone E-Book Reader

Posted by Harry McCracken on April 27, 2009 at 8:41 pm

Amazon.com, whose Kindle for the iPhone is an iffy application with impressive content, has bought Lexcycle, whose Stanza is a much better piece of iPhone software whose content offerings, while diverse, don’t compare with the profusion of big-name best-sellers in the Kindle catalog.

Commenting on the deal at Lexcycle blog, Lexcycle’s honchos say:

We are not planning any changes in the Stanza application or user experience as a result of the acquisition. Customers will still be able to browse, buy, and read ebooks from our many content partners. We look forward to offering future products and services that we hope will resonate with our passionate readers.

I hope that the above does mean that Stanza won’t become a Kindle-only proprietary reader. But I do hope that Stanza adds the ability to access Kindle content, or the Stanza developers redo Kindle for the iPhone–in other words, that Stanza and Kindle get mashed up in a way that preserves the virtues of both. And I assume this will happen in one fashion or another. Why else would Amazon invest in an impressive piece of e-reader software?

4 comments

Apple Gadgets From Verizon? This Summer?

Posted by Harry McCracken on April 27, 2009 at 8:02 pm

verizonmainlogoOver at Business Week, Spencer Ante and Arik Hesseldahl have a story (warning: auto-playing video on page) saying that Apple is in talks with Verizon Wireless to have the wireless giant sell a couple of new devices: a smaller iPhone Light” phone and a “media pad” that does photos, movies, music, and–via Wi-Fi–phone calls. One of the devices could be out this summer, the story says.

The details here sound a tad odd–which doesn’t, of course, mean they’re not true. If Apple doesn’t have a deal nailed down with Verizon for a phone, could it really have a model that works on Verizon’s network out in just a few months? (Seems unlikely, but who knows?) Would Apple make a smaller, cheaper phone that couldn’t run iPhone apps (it sounds improbable, although Apple often does things that seem improbable until it does them?) Would Verizon Wireless really want to sell a device that made phone calls over Wi-Fi? (Actually, that sounds entirely plausible, if the company’s in the mood to do something different.)

One part of this does sound logical: If Apple were to work with Verizon on some new devices, it could expand its carrier relationships while still signing a deal to extend AT&T’s iPhone  exclusivity

4 comments

Location-Based Services: Cool! Disturbing!

Posted by David Worthington on April 27, 2009 at 7:35 pm

GigaOM has published an interesting read about how Apple’s iPhone has driven demand for location-based services. The rise of these services was inevitable, but now there need to be recognized, accepted practices about what they can and can’t do.

A few years ago, I changed a setting on my Nokia to avoid commercial SMS messages. I did that as a precaution after I read a magazine article about how my local Starbucks could send me a coupon as I passed by on the street. That never came to be, but it’s looking more probable now.

Many of my friends have iPhones, and I was compelled to install the location-aware social networking app Loopt after a friend told about how great it was over the holidays. It’s still installed onto my phone, but I’m glad that it only updates itself when I invoke the application and want my location to be known. The AroundMe application can be useful for locating local points of interests, and again, it is not evasive.

However, it’s only a matter of time until application makers begin to get more creative with their terms of use. The possibility of an advertisement-subsidized phones also exists.

It might be my imagination running wild, but picture walking by an electronic billboard that upon detecting your presence, notes that you ate five Papa John’s pizzas last week to all passers by. (Note: When I told Harry I was working on this post, he told me that he was spammed via Bluetooth by a Land Rover billboard in Times Square back in 2006.) Or, an inbox full of solicitations appearing after walking through a busy marketplace.

Worse still, tech-savvy criminals could crack the data stream of location aware application to target users above a certain income level. That might sound far fetched, but is information that these services send up into the cloud even encrypted?

Customer feedback (and distaste) for services that sap away privacy might be enough, but I feel that stakeholders including advertisers and phone makers need appropriate guidelines before there is misuse.

7 comments

Swine Flu Takes to Google Maps

Posted by Jared Newman on April 27, 2009 at 1:55 pm

swineflu1Whether you’re nervous about a possible pandemic or just want to stay informed, some Google Maps mashups are making it easy to track the worldwide spread of swine influenza.

My favorite, put together by Pittsburgh biomedical researcher Henry Niman, pinpoints the location of every case around the world, with colored markers denoting whether swine flu was suspected, confirmed or tested negative. Clicking on a marker brings up a short description of the case and the date of infection. When the marker has no dot in the center, it means the victim has died.

It’s a pretty easy way to get frightened.

Other maps are out there as well. The 2009 Swine Flu Outbreak Map offers a similar level of information but as a collaborative document, lending itself to more frequent updates. Meanwhile, the Guardian has posted a database of cases, encouraging readers to create their own mash-ups and visualizations.

When the world was dealing with H5N1 avian flu a few years back, Google Earth was the tool of choice, with Nature reporter Declan Butler putting together one notable example. In 2007, Google introduced My Maps, allowing for easier map creation through simple pointing and clicking. This has no doubt caused the migration of flu tracking from Google Earth to Google Maps. And it’s happening quickly, just days after swine flu hit the public spotlight.

Of course, if you’d prefer not to worry, the Internet is also full of perspective.

17 comments

Facebook Outside of Facebook

Posted by Harry McCracken on April 27, 2009 at 12:35 pm

Facebook LogoThe race between Twitter and Facebook is starting to look like Tortoise vs. Hare. I don’t mean that as a value judgment, or a prediction that Twitter is headed for victory and Facebook for a fall. It’s just that Twitter’s strategy to to go slow and steady–it’s only just now making search a core feature–and Facebook’s strategy is to pursue change fast and furiously.

The latest news on that front is today’s announcement that Facebook is opening up its stream to outside developers. Just as Twitter’s API has let TweetDeck, Twitterific, Tweetie, and a bevy of other clients for multiple platforms get at Twitter users’ tweets, Facebook will let developers build sites and services that can tap into users’ status updates, shared activities, and more. For the first time, it’s possible for companies other than Facebook to write Facebook clients–Seesmic, for instance, is adding rich Facebook support.

But will anyone write a Facebook client that’s better than Facebook, in the way that the majority of Twitter users have found clients that they prefer to Twitter.com? That’s a tricky one. Facebook is a fundamentally richer and more complicated world than Twitter, and the information that gushes from it may be harder for new clients to process than Twitter’s river of 140-character tweets. And Facebook, unlike Twitter, has an array of privacy options that must be taken into account. The company understandably doesn’t want third-party clients to cheerfully ignore the privacy controls it’s put into place.

It’s going to take awhile to gauge how significant today’s announcement is (although we can start soon–it sounds like an Adobe Air-based Facebook client based on the new developer features will be available later today). But there’s no way this isn’t good news. From now on, if Facebook’s official BlackBerry client isn’t ideal, for instance, it’s way less of an issue–because someone else with the interest and technical chops will be able to come along and build a better one.

I’d also expect some of the folks who have built clients and services for Twitter and other social networks to add Facebook support, as Seesmic is already doing. That’s good news for social networking fans, and also good news for Facebook: The more time I’ve spent in  Twitter clients, the less time I’ve spent hanging out at Facebook. One great client that gives me access to both services would be mighty appealing.

4 comments