In an update to yesterdays information about the upcoming Service Pack for Vista, and the Service Pack for XP Jon Devann Senior VP of Windows Core Operating System divulges his thoughts and process’s for this update and any future updates.

I have taken some of the more interesting questions out from the PressPass Q&A with Mr.Devann and have posted them below. You would think that this Q&A segment would be pretty boring coming from a VP of COSD, but actually he makes some great points about their new update process, which I am very excited about.

“PressPass: How do you know and decide what gets fixed for a service pack?

DeVaan: We are constantly monitoring the quality of users’ experience through Windows Vista’s built-in, automated feedback systems, such as the Customer Experience Improvement Program (CEIP) and Windows Error Reporting (WER). These are systems that customers anonymously and privately participate in via an explicit opt-in choice. Through the data we get back, we can identify, diagnose and then repair the most detrimental and prevalent problems users encounter.

Our primary focus after launch became addressing ecosystem compatibility issues that the data showed had adversely impacted some users’ Windows Vista experience. For example, when consumers see a “Device Not Found” message or the systems report back that a device failed to install, we can prioritize getting the needed drivers available on Windows Update or up on the hardware vendor’s Web site. As a result, our driver coverage went from 1.4 million in January to more than 2.2 million today. We also work directly with our partners to improve overall driver quality. We are able to see which drivers are causing system crashes or contributing to hangs and other performance problems, and then work across the ecosystem to bring solutions to market via Windows Update.”

PressPass: What about security improvements in Windows Vista SP1?

DeVaan: Windows Vista continues to be the most secure version of Windows ever. For instance, we can know from a recent vulnerability reports comparison that Windows Vista had 50 percent fewer critical vulnerabilities than XP SP2 and far fewer critical vulnerabilities than other competing operating systems in their first respective 180 days after release. We have addressed any known vulnerabilities in the appropriate manner and those changes will be in Windows Vista SP1 as well. At the same time, we are always looking at the proactive work we can do to improve the product before we receive reports of potential vulnerabilities. We have invested significantly in tools, training and techniques to improve the security of our software. We are constantly looking for and learning about new means of improving security, as well as new ways software is being pushed by those wishing to do harm. Using these learnings, we improve our tools, which we then use to analyze and proactively continue to harden Windows Vista.

Windows Vista SP1 will contain a significant number of code changes focused on the ongoing work to continue making Windows Vista the most secure operating system available. We are being proactive — these code changes do not represent vulnerabilities, rather they are coding practices that we continue to hone and improve in the ongoing race against escalating and evolving security threats.

PressPass: It sounds like a lot is changing. Is this a sizeable update for Windows Vista?

DeVaan: It’s true that at first glance it will look like a lot is changing, and it’s true that there are thousands of files being changed to varying degrees in Windows Vista SP1. However, the first measure of “size” most people will encounter will likely be the download of Windows Vista SP1 through Windows Update or Windows Server Update Services (WSUS), which we predict will be about 50 MB. The second measure of size will be the free disk space requirement for installing Windows Vista SP1, which is currently around 7 GB for the beta, although we will be working to bring this down for the final version as we optimize the servicing algorithms used.

IT Professionals not using distribution tools like WSUS will work with the “stand-alone” image of Windows Vista SP1. This image will be considerably larger than the download, at about a gigabyte in the beta, but it’s large with good reasons. This package includes all of the localized language resources for 36 languages, so that companies with worldwide install images have all the files they need in one place. Also, this image utilizes servicing algorithms that update all files of an operating system component, even if only one of the files has changed, which increases the size of the image but allows IT Pros to service their images in any order they chose without worrying about creating inconsistent system states across their organization. Finally, Windows Vista and Windows Server 2008 share the same code base, and we are choosing to unify the servicing between the two in order to simplify the long-term maintenance process and lower support costs for customers. To do this, we’re changing the files necessary to align the servicing components, which contributes to the larger size of the stand-alone image.”

Click here to read the full transcript of this Q&A session.

For me reading this really made me feel a lot better about this new process, and the reasons why they have waited so long. A lot of it makes sense. Microsoft has taken a lot of flack for releasing updates to late or to early, this Service Pack is no different, but they are improving the process so they can create updates that take care of a whole issue not just a patch that is temporary.

Well they finally did it. No, no no they didn’t release it yet. Today is kind of a teaser for all of us out of the pre-beta loop. We have all heard the industry chatter about Microsoft sending SP1 out to a group of beta testers, and now they are saying all of us can soon enjoy testing the beta ourselves. Nick White over at the Windows Vista Team Blog writes about the new addition to Vista and what changes and fix’s we are expecting to see. I am very impressed by the whitepaper write-up posted by Brandon Leblanc that follows Mr.White’s introduction. A lot of updates and fix’s. This really looks like it might actually be the key to unlocking Windows Vista.

I assume everyone wants a list of all the major fixes, and yes they fixed the file transfer issues as well. But like I said it’s in beta form, hurry up and just give it to me in omega form!

“The updates in Windows Vista SP1 fall into three categories”

• Quality improvements, including all previously released updates, which address reliability, security, and performance.
• Improvements to the administration experience, including BitLocker^TM Drive Encryption (BDE).
• Support for emerging hardware and standards, such as an Extensible Firmware Interface (EFI) and an Extended File Allocation Table (exFAT).

Security Improvements

• Provides security software vendors a more secure way to communicate with Windows Security Center.
• Includes application programming interfaces (APIs) by which third-party security and malicious software detection applications can work with kernel patch protection on x64 versions of Windows Vista. These APIs help ISVs develop software that extends the functionality of the Windows kernel on x64 computers without disabling or weakening the protection offered by kernel patch protection.
• Improves the security of running RemoteApp programs and desktops by allowing Remote Desktop Protocol (RDP) files to be signed. Customers can differentiate user experiences based on publisher identity.
• Adds an Elliptical Curve Cryptography (ECC) pseudo-random number generator (PRNG) to the list of available PRNGs in Windows Vista.
• Enhances BitLocker Drive Encryption (BDE) to offer an additional multifactor authentication method that combines a key protected by the Trusted Platform Module (TPM) with a Startup key stored on a USB storage device and a user-generated personal identification number (PIN).

Reliability Improvements

• Improved reliability and compatibility of Windows Vista when used with newer graphics cards in several specific scenarios and configurations.
• Improved reliability when working with external displays on a laptop.
• Improved Windows Vista reliability in networking configuration scenarios.
• Improved reliability of systems that were upgraded from Windows XP to Windows Vista.
• Increased compatibility with many printer drivers.
• Increased reliability and performance of Windows Vista when entering sleep and resuming from sleep.

Performance Improvements

• Improves the speed of copying and extracting files.
• Improves the time to become active from Hibernate and Resume modes.
• Improves the performance of domain-joined PCs when operating off the domain; in the current release version of Windows Vista, users would experience long delays when opening the File dialog box.
• Improves performance of Windows® Internet Explorer® 7 in Windows Vista, reducing CPU utilization and speeding JavaScript parsing.
• Improves battery life by reducing CPU utilization by not redrawing the screen as frequently, on certain computers.
• Improves the logon experience by removing the occasional 10-second delay between pressing CTRL-ALT-DEL and the password prompt displaying.
• Addresses an issue in the current version of Windows Vista that makes browsing network file shares consume significant bandwidth and not perform as fast as expected.

They say the full release of SP1 is slated for the first quarter of 2008!
If you want the detailed information from the Introduction to the Whitepaper head on over to the Windows Vista Team Blog.

All I can say is that I am ready for the WOW!

Microsoft has retooled its online Linux FUD campaign, killing the “Get the Facts” site and replacing it with a softer Linux FUD site that takes at least a small step toward normalizing relations with the Open Source Software (OSS) community. The new “Windows Server/Compare” site still hammers the total cost of ownership, security, and complexity issues the old site did. But the in-your-face approach has been toned down, even if there’s still some tough love directed at Red Hat.

Microsoft says the new site is “designed to help enterprises with their server purchasing decisions, and provide customers with real-world examples of comparative evaluations.” That means lots of case studies, videos and quotes from customers, more along the lines of a typical marketing site. In announcing the site, Director of Platform Strategy Ryan Gavin struck a more conciliatory tone. “It’s important to clarify that we don’t compete with OSS per se, but with some products or technologies that may come out of open source. There will naturally be products that compete with Microsoft products, from commercial or open-source companies. Open source is a software development model; it’s a way of licensing technology, and it’s something that Microsoft participates in.”

Some observers are speculating that recent agreements with Novell, Linspire, Xandros and others led to the tactical switch. And that could very well be a contributing factor. But really, is it good business practice to alienate so many customers by continuing to recklessly disparage the software they’re using every day in the server room?

Via ArsTechnica

“Tafiti, which means “do research” in Swahili, is an experimental search front-end from Microsoft, designed to help people use the Web for research projects that span multiple search queries and sessions by helping visualize, store, and share research results. Tafiti uses both Microsoft Silverlight and Live Search to explore the intersection of richer experiences on the Web and the increasing specialization of search.”

My first words when I saw Tafiti was “WOW”. I was not really sure the purpose of this experiment but with playing with it a little more it makes a ton of sense. I can now find so many results then I can real time bookmark my findings via the Tafiti side bar, which is very cool. Its really pleasing on the eyes. But I ask the same question TechCruch asks, “Will many people use it?“. I’m not going to say yes or no, only time will tell. But I don’t think they are expecting a lot of people to switch over to it from the quick content oriented search sites. Its an experiment, and very cool one at that. If you want to learn a little more about Tafiti jump over to the Live Side blog. If you have some time to burn download the Silverlight plugin and have some fun with Tafiti!

Success! Paramount and Dreamworks Animation are exclusively running with HD-DVD. They have said sayonara to Blu-Ray and hello to HD-DVD. The rumor mill is fully buzzing on this one as well. Saying that a $150 million dollar “consideration fee” was payed outright to the studios. People are already screaming “bribe”, “consideration Fee” or “bribe” does it really matter? Don’t you think the Blu-Ray fellows had to lay some dough out for the Blockbuster and Target deal ? I think this is a great thing for HD-DVD, I am a bit bias though since I have already purchased an HD-DVD player and HD-DVD’s. So you will get nothing but bias reporting from me on this one. I did this silly tango when laser-discs came out as well, so I pray I wont have to eventually buy a Blu-Ray player, I better not be wrong like I was with the laser-discs, those things were awful.

I cant wait for Transformers on HD-DVD. Take that Blu-Ray! More info on this deal below.

(more…)

Well they really are not melting the polar ice caps, but I bet Skype could figure out a way to blame them for it though. But in the recent he said she said management battle over at Skype it makes me think why cant companies take the fall for there own shortfalls. Why blame it on everyone’s favorite fall guy. I myself understand the seriousness of this problem with the restarts after updating, but I would think the techs at Skype would understand that usually after an update you have to restart, I mean how long has MS been pushing out updates ? And why do they have automatic updates on? Seriously was it imminent to restart their boxes without doing some research on how those updates might affect their software and hardware. Skype is a large corporation I hope that their CIO gets an evil glare every time he walks through the hall from his techs. Don’t they have process’s. They should take a chapter out of Dell’s book in management mishaps.

To me it just seems like a complete cop out to blame Microsoft. It is there fault and there fault alone. I think they just still have no idea on what happened. Someone messed up and I don’t think it was MS. I think this move will come back and really bite Skype in their backside after this has all cooled down.

But if anyone wants to blame anything else on MS feel free to do it. They are that warm cuddly bear that never comes back at anyone. Everyone is always on their case about everything. If you hate them so much use someone else’s software. Maybe one day MS wont take these kind of blame game insults directed at them. I would say, “Here is your money back, we will take our software back now. Now survive.” Everyone always has something bad to say, but they never have an alternative solution. I honestly think this is a horrible PR move.
This issue I really think will end Skype. They should have taken the high road, and confessed it was a problem with their system. But with EBay management running the show now we will never get honesty out of them.

I do have a message for Microsoft though. Stop being that doughy fat kid that everyone picks on. Go pick up some weights, start working out, and start putting these rumors to rest. Come out fighting, release counter statements on what you think might have happened or have known to happen. Instead of bloggers spreading “hear say” why don’t you just lay them all to rest with an uppercut. I have only seen Microsoft do this once or twice in the past.

Microsoft has released a fairly important Internet Explorer update to fix at least three code vulnerabilities in IE.

The cumulative IE update (MS07-045) takes care of a list of nine updates that contain fixes for 14 vulnerabilities.

“The update affects IE 5.0 through IE 7.0 on Windows Vista but, because of defense-in-depth mitigations, the severity rating has been reduced to “important” on the newer versions.”

Microsoft describes 3 issues:

1. A remote code execution vulnerability exists in the ActiveX control, tblinf32.dll. This control can also be found under the name of vstlbinf.dll. Both of these components were never intended to be supported in Internet Explorer. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user visited the Web page.
2. A remote code execution vulnerability exists in the ActiveX object, pdwizard.ocx. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution.
3. A remote code execution vulnerability exists in the way Internet Explorer parses certain strings in CSS. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user.

In all, there are six critical bulletins in this latest release. These effect XML Core Services (Windows 2000 through Windows Vista); Object Linking and Embedding (OLE) automation (Vista is not affected); Microsoft Excel (Office 2000, Office 2003, Office XP and Office 2004 for Mac); Graphics Rendering Engine (Windows 2000 through Windows Server 2003); and Vector Markup Language (IE 5.0 through IE 7.0 on Windows Vista).

The other three bulletins cover:

MS07-047 — Two code execution holes in the way Windows Media Player parses and decompresses skins. This is rated “important.”

MS07-049 — Patches an elevation of privilege vulnerability in Microsoft Virtual PC and Microsoft Virtual Server could allow a guest operating system user to run code on the host or another guest operating systems. This update carries an “important” rating.

MS07-048 — This applies to at least three serious flaws in Windows Gadgets. This “important” update is specific to Windows Vista and affects the Feed Headlines Gadget, the Weather Gadget and the Contacts Gadget.

These vulnerabilities have been thrown around that past couple of days without fixes; glad they issued these fairly quickly. More info to come… 

Sorry I had to post this. Its just too funny.

Anyone remember this keynote? I do.

What can I say about SkyDrive that has not already been touched on?

Well first off this is really a great service that is free. Their is a lot of competition in this sector of “Cloud Storage” but the majority of them are clunky and are not that easy to use for the everyday user. The best site I have found for online storage is BOX.net. But that is not the greatest either. You have to pay quite a bit for monthly and yearly service, and you really don’t get that much storage for what you pay.

So I do have a couple qualms about this it so far. I do understand it is still obviously under beta. But I thought I would criticize it anyway, not to be a jerk, but just some suggestions on which directions they should head for.

1. MORE STORAGE!

2. Ability to map your SkyDrive as a mapped drive.

3. Allow users to connect via ODBC. (or just me:))

4. KEEP IT FREE!!!

I obviously don’t think this service will continue to be free. If they do intend to keep a portion of it free I hope they at least give the user 1GB of free space. I am already starting to use the SkyDrive around the office, loading smaller utilities and other work oriented documents on it. So far so good, no hang ups at all.

Once I read Brandon Leblanc’s post over at the Windows Vista Team Blog about the new change over from the “Live Spaces” name to “SkyDrive” it got me really excited. As I was reading through his post it got my little brain running with ideas on what I could use SkyDrive for. To me “Cloud Storage” is the future. So many small businesses’ use similar services already because of the easy and worry free way to backup all data. But at the same time these services can get very expensive. Hopefully MS notices this, and they act on it. It’s so hard for the small business owner or even home user to find out what company and service is reliable and trustworthy when it comes to virtual storage. Everyone knows MS and the MS brand. I think if they were able to work themselves slowly into this market of small business it could really spark a lot more interest with SkyDrive. But I think as of now they are more directed at the everyday user rather then small business and mid grade enterprise, which is fine for now.

I see a lot of potential with SkyDrive, a lot. Hopefully Microsoft pays attention to the all of the customer reviews and criticisms of the service and changes them to suit their user base.

The two most important features I would like to see are more storage and a way to connect via ODBC connection. Other then that I probably would not mind paying a small monthly fee of lets say $8.00- $15.00 for 7-15GB of storage, as long as I was able to map the drive and connect via ODBC. Obviously not everyone is as picky as I am. This program has a wonderful future, and I hope this is not a project that gets left on the back burner of Live Labs.

A little over a year ago I was wishing I could get a invite to TED. Obviously that did not happen. But I did not cry, mainly because they now stream mostly all of the keynotes, and they offer a full commentary. So it is no longer a secret from the public. If you don’t know what TED is then just click here. You are in for a treat!

The main reason I wanted to go to TED is because I knew Blaise Aguera y Arcas was speaking. He is a Microsoft Live Labs Architect. He was there to speak about his two babies SeaDragon and Photosynth. Which in words I just cannot explain.

Video: Take the Photosynth Tour

Well the people at Microsoft’s Live Labs have been working away at content to make the experience even more enjoyable, and when I say an experience I mean it. This software blows my mind. So

Microsoft and NASA have teamed to create a 3d image of everything NASA, including the next launch shuttle Endeavor. You’ll need to download the Photosynth viewer to see the images (sorry Mac users, for now Photosynth is only available for Windows XP and Vista — running either IE6 or IE7).

NASA says it hopes this joint project will lead to more collaborative initiatives with Microsoft. And Microsoft is no doubt hoping the same, especially since most recent NASA collaborations have been with rival Google, which gets some of its Google Earth data from NASA.

Video: Photosynth meets NASA

Also worth noting is that, near the end of the promotional video pictured above, Blaise Aguera y Arcas says that Photosynth with soon offer features which allow users to stitch their own photos together.Given that Photosynth relies on image data from a normal SLR camera, it might soon be possible for even you and I to stitch together some impressive 3-D tours, provided you take enough images.