Cryptosmith

One of my personal nightmares is in the automatic software updating mechanism that infests every significant modern software package. It’s a huge vulnerability.

Many vendors ignored the problem because they hadn’t seen a real exploit. In a recent article, Security Fix tells of a researcher in Argentina who has implemented a sample exploit, so vendors are (finally!) paying attention.

In these days of commercialized hacking, it makes sense to armor plate the whole software distribution pipeline. It’s about time people started paying attention.

Continue Reading »

Posted under Information Security | No Comments »

Ray Ozzie was talking at a conference, reported on by Mary Jo Foley in which he briefly compared the risk to Microsoft by Google and open source. The report also talks about Microsoft’s “culture of crisis.” I think the culture of crisis is the key to their success. Bill Gates was always identifying threats and demanding action: that’s how he kept the company energized even as it grew huge.

Of course, Microsoft is burning their own bed regarding open source. A lot of people stay with Windows because it is familiar and they are afraid of the alternative. They’ve learned how to use XP (which was pretty similar to 2000, and 98, and so on) and it’s easy to just keep using it. Then they arrive at Vista and everything is different! Menus hidden and holding different info. Start menu is radically different. Window frames are completely different.

In other words, at least 80% of computer users could switch from Windows XP to Ubuntu and not suffer any worse than if they’d switched to Windows Vista. Probably the same is true for the ‘upgraded’ Office product versus Open Office.

Continue Reading »

Posted under Household Tech | No Comments »