When I'm online with Internet Explorer, I frequently see this warning before a page is displayed:

Some security measures - like Vista's UAC - are momentary pauses for a second thought about whether you truly initiated some action on purpose. Some people object to the Vista UAC warning box but I find it to be a worthwhile compromise for the security it provides.

The IE "secure and nonsecure items" warning does not seem worthwhile. It seems annoying. I can't imagine the set of circumstances that would lead me to say "No" and have it make any difference.

Maybe it's just me, but it feels as if I've been seeing that window more and more frequently in the last year.

If you get frustrated by it, this is the process to disable the warning.

• Open Internet Explorer.
• From the menus in the upper right, click on Tools / Internet Options.
• Click on the Security tab.
• Highlight "Internet" and click no the "Custom Level" button.
• Scroll to the "Miscellaneous" section.
• Change the bullet on "Display mixed content" from "Prompt" to "Enable.

This setting goes back to Internet Explorer 6, according to this Microsoft support document, so either web sites are being designed in such a way that the warning is appearing more frequently, or I'm getting older and crankier. Hmm. Tough call.

Labels: IE, security

posted by bruceb at 5/31/2008 02:19:00 PM | permalink

Cory Doctorow is one of the most interesting science fiction authors working today, as well as an editor and frequent contributor to Boing Boing, one of the most popular blogs in the world.

His new book, Little Brother, is a young adult novel about a high school student caught in the aftermath of a major terrorist attack on San Francisco.

"In the wrong place at the wrong time, Marcus and his crew are apprehended by the Department of Homeland Security and whisked away to a secret prison where they?re mercilessly interrogated for days.

"When the DHS finally releases them, Marcus discovers that his city has become a police state where every citizen is treated like a potential terrorist. He knows that no one will believe his story, which leaves him only one option: to take down the DHS himself."

It is smart and funny and important. It makes technology look like fun and it explains clearly and convincingly why our freedoms matter and why our government's obsessive secrecy and wiretapping and paranoia are not making us safer.

I'll be buying copies and pressing them on high schoolers. You should read it. It's not just for kids.

Neal Gaiman's quote sums up my feelings:

"I'd recommend Little Brother over pretty much any book I've read this year, and I'd want to get it into the hands of as many smart 13 year olds, male and female, as I can.

"Because I think it'll change lives. Because some kids, maybe just a few, won't be the same after they've read it. Maybe they'll change politically, maybe technologically. Maybe it'll just be the first book they loved or that spoke to their inner geek. Maybe they'll want to argue about it and disagree with it. Maybe they'll want to open their computer and see what's in there. I don't know. It made me want to be 13 again right now and reading it for the first time, and then go out and make the world better or stranger or odder. It's a wonderful, important book, in a way that renders its flaws pretty much meaningless."

Labels: parents, security

posted by bruceb at 5/30/2008 11:09:00 AM | permalink

Adobe Flash Player is installed as an add-on to Internet Explorer on almost everyone's computer. It's become the ubiquitous way to display online videos from YouTube and all the other sites streaming video.

Now there's another security flaw that has the researchers getting all excited. There are reports of bad guys setting up web sites that feed malformed strings to Adobe Flash. If you're tricked into visiting one of those sites, your computer will immediately begin creating giant insects that will destroy the planet. Well, something like that - the details are always a little hazy about what the bad guys will accomplish if they gain access to your computer, but it's something awful, I'm sure.

The current version of Flash, version 9.0.124.0, is apparently secure against this attack. Here's more information from Adobe about the need to update Flash to be safe.

If you visit this page, you will be told the version of Flash installed on your computer. You can install the latest version from this page.

The update only takes a minute and does not require a restart. Please take a minute and update your Flash Player!

Labels: IE, security

posted by bruceb at 5/30/2008 09:53:00 AM | permalink

AT&T has a special place in my heart.

One of my clients is a small business with its own domain name and several users receiving POP3 mail addressed to that domain name - gertrude@businessname.com, for example.

The business has an AT&T DSL line.

A couple of months ago, they started having trouble sending mail - AT&T's SMTP server refused to take outgoing messages from Outlook.

Eventually we discovered that AT&T had sent this message a few months earlier, warning that its SMTP servers would only accept outgoing messages on an AT&T DSL line if certain conditions were met.

The first condition wasn't terribly unusual - Outlook had to be set up to authenticate itself to the SMTP server with an AT&T account - an email address and password. The business had set one up as part of the DSL account (businessname@pacbell.net) and we were able to dig that information out.

But wait! There's more! The outgoing mail also had to be set up as an SSL connection for additional security, on a non-standard port. You know, the settings in Outlook under Tools / Account Settings / Change / More Settings / Advanced - surely you've been there? Yeah, right.

I sympathize with the difficulty for ISPs of dealing with an unimaginable amount of spam, but this is a terrible, unforgivable thing to do to people.

We were able to get the mail flowing again for a couple of months. It stopped again with no warning.

I've spent more than two hours and although I found a workaround, I'm still pretty horrified at what appears to be going on.

I tried every combination of SMTP server name, authentication on/off, SSL on/off, port 25/465, with no success. The returned messages had an unfamiliar error in them - the sender's address was not "verified" to use the SMTP server.

AT&T and Yahoo have set up an extraordinary labyrinth of conflicting sites to log in with a @pacbell.net account. Eventually I found the Yahoo login page and was able to get to Member Center / My Account & Billing, where there was a reference to "Alternate email addresses."

"Your alternate email address is an address you can add to your AT&T Yahoo! account for use with a variety of products and services across the AT&T Yahoo! network. An alternate email address can be used any time you don't want to use your AT&T Yahoo! member ID for a particular function."

Great! Put in the business email addresses, respond to an email confirmation, and the addresses showed up as "Verified." Problem solved!

Not. Outgoing mail was rejected just as firmly. I kept typing test messages and pushing "Send" over and over, because I couldn't think of anything else to do.

I located an ominous sentence in an AT&T support document -

"Please make sure that you have entered your AT&T Yahoo! Business Email address as the "From" address in your email client. You will not be able to send mail if you have entered another address."

If I read it correctly, that support document only applies to people using an "AT&T Yahoo! Business Email address," whatever that might be.

But on a hunch, I went back to the account settings in Outlook and entered the @pacbell.net email address on the first screen for a POP3 account.

Outgoing mail immediately started flowing. And every outgoing message shows the sender is businessname@pacbell.net, from every computer onsite.

I spent more time and got nowhere. I thought about the horror of calling AT&T for technical support on an issue like this and put the idea out of my head. We may get to that point but my hourly rate becomes a very real consideration for this kind of headache.

And that's where things stand. Somewhere there's an answer. It can't be the case that a business cannot send email using its own domain name on an AT&T DSL line - but, well, that's where it stands.

By coincidence, Susan Bradley complained recently about changes AT&T has made to her incoming mail at an @pacbell.net address that make the account virtually unusable.

Sonic is still taking orders for DSL, and I'm hoping this business will just switch over and we can put this behind us. But what will we do when AT&T is the only DSL provider left?

[Postscript 05/30 1pm: after more experimenting, I found that mail.pacbell.net is apparently still running - messages can be sent from the business address. (Settings: authentication required; port 25; no SSL.) It's not clear whether this is a permanent solution or whether AT&T intends to shut down those servers, as their support letter suggests. But for the moment, the business can use its mail again]

Labels: broadband, mail, Outlook

posted by bruceb at 5/30/2008 01:05:00 AM | permalink

I'm starting to get annoyed when I sit down at a Windows XP computer because it's missing so many things that I take for granted in Vista. I just reformatted a hard drive and installed Windows XP from scratch for a client and it required far more work than it would have been to do a fresh install of Vista on newer hardware.

Dell and the other manufacturers will stop selling Windows XP on new computers at the end of June (with some weird exceptions), and I don't think I'm going to miss it much.

• Vista's integrated Start menu search is invaluable. I haven't looked through the Start menu in ages - it's completely natural to click Start and type in a few letters of a program, then click on it. It's far easier than hunting through XP's typically huge cascading menus.
• The breadcrumb bar in Windows Explorer makes it possible to jump around in a way that simply isn't possible in XP.
• Vista's Aero interface is more than just eye candy - the live previews of items on the task bar or in the Alt-Tab task switcher provide instant feedback that can't be duplicated in XP.
• The shadow copy that Vista Business makes twice a day has saved me several times when I've been able to roll back to a previous version of a file or recover one that had been accidentally deleted. And Vista's backup programs are top notch.

And there's more - new features, new ways of working that have become second nature. Whether it's doing searches, or speech recognition, or the snipping tool, or using the new performance and monitoring tools - a fair amount of what I do these days is only possible in Vista.

Setting up the Windows XP computer reminded me how many things are required before Windows XP becomes acceptable.

• A lengthy trip to Dell's web site to accumulate the hardware drivers required. After installing Windows XP and Service Pack 3, the network card, video card, audio, and modem were all still dead until I downloaded the drivers from a different computer and brought them over on a USB drive. (The hardware drivers supplied with the computer on a Dell CD were woefully out of date, of course.)
• Outdated programs that have to be removed, even if no third-party programs are installed at all: MSN Explorer, Windows Messenger, Outlook Express.
• Programs that have to be manually installed for minimal security or essential new functions: Windows Defender; Internet Explorer 7; Microsoft Update; Windows Desktop Search. (Do you remember that by default Windows XP Search features a cartoon dog?)
• Changes that are required to avoid irritation: turning off the language bar that appears down by the clock; editing the properties of the desktop and start menu and task bar; and more.

Windows XP runs faster on older computers, and it's good enough. Great! Lots of people should use it.

But there's another measure of performance that is not well understood. After Service Pack 1 and 18 months of compatibility and driver improvements, Vista's performance is identical to or better than Windows XP on new, reasonably well-chosen hardware. ExtremeTech just did some tests and reluctantly reported that Vista out-performed XP on the same hardware. The test results were unambiguous but not enough to stop the author from using the usual supercilious, dismissive tone about Vista, which "of course, has been plagued by criticism . . ." Ed Bott's reaction to the ExtremeTech article makes the point nicely:

"Anyway, the first page was practically a parody of every I-hate-Vista blog post published in the past 18 months, so much so that I almost didn't bother clicking through the whole thing. And even then it took some effort to continue clicking past Page 2 (a mostly cut-and-paste list of features in XP SP3) and Page 3, which offers a mere three paragraphs (shameful) of "observations" about XP SP3.

"It is not until page 5 that the editorial bias begins to crumble, albeit reluctantly, with a pair of graphs and this priceless description:

"'Vista somehow outperformed XP in PCMark05's overall score, but its important subsystem scores (CPU and Memory) were very close to the older operating system.'

"That "somehow" is a nice touch. I found that to pronounce it properly one needs to lift one's nose in the air, just so, and then stretch out the syllables in somehow, the way Thurston Howell III might have done it. "Vista somehow outperformed XP." Makes it appear that the actual improvement in performance when running Vista with SP1 on the same hardware as Windows XP is a fluke. Well played, editors!"

Labels: computers, hardware, Vista, WinXP

posted by bruceb at 5/29/2008 12:35:00 AM | permalink

On a Dell laptop, it is crucial to DISABLE one "power-saving" feature guaranteed to drive you mad.

In Vista's "Power Options" panel, the bottom item on the left is "Dell Internal Network Card Power Management." It is intended to save power by disabling the network card if no network cable is plugged into it. You'll see it in this screen shot.

Invariably the NIC will not wake up again and you won't be able to connect when you plug a cable in at your next stop. It will take you a long time to discover that "Local Area Connection" shows as Disabled.

When this happened to me I gnashed my teeth and rent my garments until I found this setting by accident. Set it to "Always activate on battery" and you won't have to rend your garments.

Labels: computers, hardware, mobile, Vista

posted by bruceb at 5/28/2008 12:01:00 AM | permalink

Vista is very smart about power management! Use the default settings, you might be pleasantly surprised.

As always, the goal is to make a computer more like other appliances - ready to be used within a few seconds after turning it on.

Any computer - Windows XP, Vista, or Mac - will be slow to start and be usable after it has been turned completely off. Realistically, you're looking at a delay of 1-2 minutes after you hit the power switch. Yeah, the desktop appears quickly, but you know you can't really do anything for a while after that.

So the goal is to find a way to leave the computer in a low power state that allows it to come on almost immediately, like a television. These aren't new terms but let's review.

• When a computer goes to sleep, it memorizes what's onscreen and stores it in RAM, then draws just enough power to keep it there. While it's sleeping, the computer uses almost no power and it can wake up almost instantly (5-10 seconds) when a key on the keyboard or a button on the mouse is pressed.
• When a computer hibernates, it memorizes what's onscreen and stores the information on the hard drive, then shuts itself down so that no power whatsoever is being used. When the power button is pressed, it's ready to use within 30-40 seconds.

By default, most Vista desktops go into "hybrid sleep" when the power button by Start is pushed. The computer goes to sleep, but it also puts the information on the hard drive as if it was hibernating. That way it can resume quickly without starting from scratch, even if the power is lost and the "sleep" information in RAM is lost.

Hybrid sleep isn't a good choice for laptops - it requires a lot of hard drive activity to park the hibernation info on the hard drive and it's frequently not necessary since the battery makes it less likely that it will lose the "sleep" memory. I compromise - my laptop goes to sleep when I close the lid or hit the onscreen power button, but it hibernates if I hit the hardware power button. (Hit Start and type in "Power", then click on "Power Options" - the options for closing the lid and hitting the power button are on the left.)

If the laptop is asleep for long enough to use most of the battery, then it wakes up just enough to store the info on the hard drive and go into hibernation.

This is still not bulletproof but it's much more likely to work than ever before. The Vista team is very proud of what they delivered - here's their explanation of what's been done to reduce energy consumption on AC power, maximize battery life, and still speed up the on/off cycle.

Here are a few more tips.

• Windows Live OneCare, like most other security programs, will not bring your computer out of sleep or hibernation to do overnight chores. When your computer wakes up, it may want to do a tuneup and slow things down for a half hour. For some reason OneCare wants to do tuneups on laptops more often than the schedule seems to demand. There's no good answer to this. It can always be cancelled if it's a problem - right-click OneCare's animated icon by the clock and cancel the tuneup.
• If your computer is asleep or hibernating, you cannot access it remotely. If you think you might want to reach your business computer remotely on a Small Business Server network, or if you use LogMeIn or GoToMyPC, don't let it go to sleep.
• If you want the battery to last on your laptop, memorize a couple of things.
• Find the switch that turns the wireless and Bluetooth adapters on and off! Turn off the wireless adapter if you're not using it.
• Use the FN + arrow up and down keys to adjust the brightness, and turn it down if you're on battery. On Dell laptops, use the FN + Auto keys to use Vista's default settings for screen brightness - full brightness on AC power, dim display on battery.

Now go out and sleep and hibernate happily!

Labels: computers, hardware, mobile, Vista

posted by bruceb at 5/27/2008 01:04:00 AM | permalink

A number of people have had the same problems after installing Windows XP Service Pack 3:

• Device Manager is empty
• System Restore is empty
• the Network Connections screen is empty
• other USB devices are not working
• in some cases, My Computer will not open up or starts slowly

Almost all of those people had a Norton product installed - Norton Antivirus, Norton 360, or one of the others.

On close examination, people dealing with these problems have found that the registry turns out to have thousands of unnecessary entries added during the service pack installation. Although some people have laboriously removed those entries one by one, the procedure that is successful for many people is:

1. Go to Control Panel / Add-Remove Programs and uninstall anything remotely related to Norton or Symantec products. Restart.
2. Download and run Symantec's cleanup tool to remove all further vestiges of its products. Restart.
3. Look through the Program Files folder and remove all Norton or Symantec related folders (including any folders located under Common Files).
4. Open RegEdit and delete the value HKEY_LOCAL_MACHINE/SYSTEM/CURRENTCONTROLSET/ENUM/LEGACY_LIVEUPDATE_NOTICE.
5. Use RegEdit to search through the registry for the string $%& in Keys, Values, or Data. Delete each key. (There may not be any remaining keys after deleting LEGACY_LIVEUPDATE_NOTICE. If there are, they have to be removed one by one.)
6. Restart the computer.

Here's the forum thread where this issue is being actively discussed, and here's an article about the brouhaha.

I haven't run into this yet. Before you launch into that cleanup sequence, please be sure you are confident about working in the registry! Heed this warning carefully!

One of the routines during the service pack installation apparently is going haywire when it hits the Norton registry entries, which must have some peculiar characteristic that's different than anyone else's registry entries.

The service pack was available during development and testing to all of Microsoft's partners, including Symantec.

So the question being actively debated: is this Microsoft's fault because it should have discovered this during its own testing of the service pack, given that Symantec products are widely used?

Or is this Symantec's fault, because it is each vendor's unambiguous responsibility to make their products compatible with Windows?

Personally, I think a different question ought to be asked of anyone facing this problem: Why in the world are you still using a Symantec product? Stop it! Uninstall it now! Life is too short to wrestle with the system slowdowns, compatibility problems, bugs, and instability introduced by Norton software. Go read a short overview of the considerations you should have in mind when you choose security software, then get something better on your computer!

[Update 06/05/08: Tool released by Symantec to fix this problem.]

Labels: computers, Microsoft, security, WinXP

posted by bruceb at 5/25/2008 12:14:00 AM | permalink

If you're looking for a quick way to get something online, take a look at what Google is doing.

There's no shortage of ways to get started online with a web site, a blog, a place for collaboration, a shared calendar, a shared photo gallery, or any of a hundred other things. In fact, for many people that's the problem - it's not easy to articulate what their goals are for an online site, and there's no way to make an informed choice and be confident that a service will match their technical skills, meet their needs, and still be in business a year from now.

Traditional web hosting - register a name, sign up with a web hosting company, get a web site designed, and keep it up to date - has many pitfalls. Name registration and simple web hosting cost virtually nothing, but there are many ways to muck it up, and it's hard not to feel helpless and lost while trying to decide what companies to choose. Very few web site designers are willing to work cheaply on a simple web site, for obvious reasons - there's no money doing inexpensive work for a customer who likely won't come back for repeat business.

Lots of companies big and small have jumped in to make it easier to get started, typically by offering the web hosting for free or nearly free and providing templates for cookie-cutter web sites. Don't underestimate that! Many of those services are just great and some of the templates are beautifully designed.

Microsoft, for example, has introduced Microsoft Office Live, intended to provide small businesses with the tools to start a web site and do useful things with it - online commerce, marketing, online document storage and collaboration, and more. A motivated business owner with strong technical skills can probably do wonderful things with it. I've only looked at the first few screens and I can see the potential, but wow, there's a lot of things to learn! The thought of working with them enough to be confident makes me want to go lie down.

Google offers simple web hosting for individuals and very small businesses with typical Google features - drop dead simple controls, nice designs for the templates, and all completely free. Details are on the Google Web Hosting page. For a modest monthly fee, you can hire professional designers to help put your site together.

All of these services have quirks. I don't know the details about Google's web hosting, but I can give you one quick example. Google is not offering to host http://www.yournamehere.com for free! The service creates pages with an address in this format: http://yoursitename.googlepages.com. That's fine for an individual, a bit funky for a business. That also means that Google will not be providing email to a custom domain name, although you can have mail from your site sent to any email address (including a Google GMail account.)

Let's be clear: that means you can have a web site online in minutes, for free, that can be updated from anywhere. Nice!

Today Google opened up another service that looks fascinating. Google Sites also lets you get a web site online in minutes, for free, that can be updated from anywhere. But these sites are designed for groups - sports teams, community groups, classrooms, clubs, families, anything that might involve more than one person.

The pages can easily be used for calendars, photos, videos, documents, blog-style news, gadgets, and more.

Anyone can view the pages online, but it's also easy to give people permission to add information - enter an email address and immediately give someone permission to update the calendar, contribute to the news items, or upload pictures, for example.

This is very good stuff! The world is pretty overwhelming, I know, but this ought to be in the back of your mind so you can use it when the need arises.

Sites created with Google Sites will have names in the format http://sitename.googlepages.com.

Here's Google's announcement that Google Sites is now available to anyone, and here's a news article with a few more details. Go put it to good use!

Labels: domains, Google, Internet, Microsoft, web_services

posted by bruceb at 5/23/2008 01:27:00 AM | permalink

The same problem has now turned up twice in two weeks. So far I'm not aware of any recent update or change that makes this happen, but keep this in the back of your mind in case it comes in handy.

The symptom is a black screen and a blinking cursor after the computer restarts or is turned on. The manufacturer's logo might or might not appear and the computer won't even bring up the BIOS setup screen.

If there's an external hard drive connected to the computer, turn off the computer and unplug the drive, then turn the computer back on. If you're lucky, it will start up completely normally. You'll be able to plug in the external hard drive after the system starts.

Isn't that interesting? That's been enough to solve the problem twice now. It may not be that simple the next time, and there are always more things to try.

• The last time I dealt with this was a couple of years ago, when a computer froze while it tried to boot from the card reader on an HP printer. (Honest!) The next troubleshooting step, then, is to unplug all USB devices except the keyboard and mouse.
• Some computers have a BIOS setting that can prevent this - "disable USB legacy devices" or a checkbox for "boot from USB." Many of the major manufacturers are now limiting the number of options in the BIOS setup screens so I haven't seen those for a while.

Labels: computers, hardware

posted by bruceb at 5/22/2008 09:58:00 AM | permalink

GrandCentral is a phenomenally useful service for some people. The service assigns you a free phone number; you can route calls so when that number is dialed, the phone rings at any number of places you choose. When you call my GrandCentral number - the only number I give out now - both my office phone and my cell phone ring, so you can reach me wherever I am, crucial in an area like Sonoma County where cell phone coverage is spotty. The web interface plays voicemail messages, which are indefinitely archived, and allows calls to be rerouted on the fly - forward your calls to Grandma's house when you arrive for Thanksgiving, then turn the forwarding off when you leave. Brilliant! Here's my notes about GrandCentral when I signed up.

Google bought GrandCentral last year and seems a little uncertain what to do with it. The service immediately stopped accepting new users, instead offering signup on a waiting list with only occasional openings for new people to join. Service has been spotty at times lately. The features haven't changed and there's been little discussion about what to expect. The official blog is almost dead, although a post last month promised that work was proceeding on "the next great version of GrandCentral and a ton of cool new features."

Today's episode is probably just an "Oops!" moment, not an indication of anything. But it was almost a big Oops.

Google almost let the registration lapse on the domain name www.grandcentral.com. Somebody forgot to renew it.

The web site actually went dead for many people today, the last day of its registration, as the registrar began to take it over.

Late in the day, somebody from Google managed to get the site back online by renewing the name for a year.

Here's a blogger summing up the day's events.

Isn't that marvelous? It's some pretty embarrassing stuff. I hope Google is doing a better job on the big picture than it is on the details!

Labels: business, Google, Internet, phone

posted by bruceb at 5/21/2008 01:34:00 AM | permalink

The best security software will not protect you if you click "OK" and install something from a web site.

Adware/spyware was at epidemic levels until a couple of years ago when Microsoft released Windows Defender and the antivirus vendors reluctantly stepped up with their own products, and bitter experience taught us to surf with a high degree of paranoia. Security programs now monitor constantly to prevent adware/spyware from installing in the background and Internet Explorer has been hardened against stealth attacks.

Vista brings even more security - Windows Defender is included with the OS and Internet Explorer operates with very low privileges, which stops bad programs in their tracks. Vista will protect you in many cases even if you click "OK," but let's not test that, eh?

On Windows XP, you have authority to install any malicious, dangerous program you choose. You're protected against programs that try to do a "drive-by" stealth install simply because you visited a web site, but Windows XP and your security program cannot completely protect you if you click "OK" and authorize a program to be installed!

I spent too many hours today trying to clean adware off a perfectly nice, up to date Windows XP system running security software. The adware had probably arrived during a MySpace visit, although we don't know what was clicked that allowed the invasion to occur. The last time this happened to one of my clients, it was a porn site whose innocent looking window said a "video codec" had to be installed to view the movies. Well, sure, click OK, whatever - and bang! the system has bad stuff on it, leaving the security program trying to play catchup and gamely reporting about whatever it notices. The bad guys have become smart and devious enough that if their adware gets installed, the security programs simply can't remove all of it.

The adware folks are still up to the same old tricks. On the compromised computer today, all Google searches were diverted over to advertising pages and all security web sites were blocked, as was Windows Update for some reason. The adware sets up multiple layers of increasingly deeply hidden ways for it to reinstall itself after efforts are made to clean the system. I can go clean out startup programs and browser helper objects and IE addins and shell extensions and a few other places in the registry where things hide, and run scans to remove or quarantine a few more things - and there will be more stuff to replace them when the system restarts. Often now the names of the adware files and DLLs are randomized strings of letters so they won't turn up in searches, and frequently they immediately go online and invite more adware onboard as often as possible.

I might lose this system; it won't be the first time. We've done deep cleaning (a lot of deep cleaning), installed IE7, installed Windows XP SP3, and made no progress yet. Now we'll turn to system restore and a few other tricks. It's time consuming work. All it took was a single errant click but now I may wind up having a frustrating conversation about the economics of struggling with the repair versus the expense of buying a new computer. (It's almost never economical to pay me to reformat the hard drive of an old computer. It takes a  horrendously long time to back up data, install Windows, install other programs and restore the data, and at the end you still have an old computer.)

You are responsible for the health of your computer. Some of that responsibility is discharged if you have up to date security software that covers the computer's basic needs. You must be conservative about installing software and never agree to anything requested online unless you are completely confident that you are doing the right thing. The bad guys are liars. They will say anything to get past your defenses, without conscience or remorse. Please, be careful out there!

Labels: computers, Internet, OneCare, security, Vista, WinXP

posted by bruceb at 5/20/2008 12:56:00 AM | permalink

The latest wave of media overcoverage concerns Windows 7, the followup to Vista, which Microsoft hopes to have ready in 2-3 years. The theme of many blogs and news articles is that Vista is obviously a horrible, misguided mistake but it's okay because Windows 7 will be swell.

This article in Business Week is typical:

"CLOSING THE DOOR TO MICROSOFT VISTA

"A number of companies are opting not to embrace Redmond's latest operating system and, like GM, are waiting for Windows 7 instead

"General Motors may take a detour around Vista, the latest computer operating system from Microsoft. The automaker has encountered so many speed bumps getting Vista to work on its machines that it may just wait for the next version of Windows, due in 2010 or 2011. 'We're considering bypassing Vista and going straight to Windows 7,' says GM's Chief Systems & Technology Officer Fred Killeen."

You get the idea. The argument is that Vista is unacceptable because it requires new, more powerful hardware; there are software compatibility issues with LOB applications; it will take time to port software to the new OS; and in any case the desktop OS is increasingly irrelevant "when so many applications are available via a Web browser."

And Windows 7 - well, what a paradise THAT will be! It's being designed to be more modular, "letting Microsoft release portions of the product, including its Web browser, on a faster pace." Old programs can be run with virtual machine technology, "freeing Windows from the burden of having to support a slew of outmoded code, which could step up release dates." Whoa! That's great!

Can you find any flaw in this logic?

"Vista is not completely compatible with my line-of-business apps and older hardware, despite years of development and testing, 18 months on the market, thousands of updates from hardware and software manufacturers to improve compatibility, and hundreds of fixes and performance improvements in the first service pack. THEREFORE, I'm not going to use that nasty old Vista - I'm going to plan on adopting Windows 7 right away after a really short development cycle, because it will be swell and everything will work perfectly with it! Also, Microsoft will be including magic fairy dust that will make our offices larger! And maybe cookies! Boy, I can't wait! Windows 7 will be GREAT!"

Yeah, right.

Silly stuff. And not to be petty, but are you really supposed to pay much attention to the long-term judgment of a company whose ten-year stock chart looks like this?

Labels: business, Microsoft, Vista

posted by bruceb at 5/19/2008 12:42:00 AM | permalink

We have learned a lot about Windows XP in the last seven years. I can work deeply in Windows XP with confidence, and I've developed a pretty good collection of tools for troubleshooting - some from third parties but a lot that are included with Windows XP and tucked out of sight in nooks and crannies.

Over the last eighteen months, I've begun to accumulate the same kind of knowledge of Windows Vista, and I'm still finding new tools that do amazing things - it's possible to get a lot of information together about a Windows Vista computer using well-designed programs that are all included on every Vista computer, waiting for someone to discover them.

This article describes some of the built-in Vista tools for troubleshooting and maintenance. I recommend it for anyone supporting Vista as well as anyone curious enough to look under the hood!

Vista can easily display a beautiful list of the details of the computer's major subsystems - processor, system make and model details, memory, storage, video, and network.

There are enhancements to Task Manager that let it reveal far more useful information than in Windows XP.

The Resource Monitor provides information visually that was not available anywhere in Windows XP.

Not mentioned in the the article, but don't overlook Vista's Reliability and Performance Monitor, which keeps track of every software install/uninstall, every program or OS crash, every update, and every hardware failure, then displays the information visually and in tables.

One more tool: Vista's Event Viewer is completely different than the rudimentary program in previous versions of Windows. Here's an article that describes some of the new ways to filter and group various kinds of events, as well as a brand new display with summaries and detailed information about various kinds of errors in the logs.

Good luck out there!

Labels: computers, hardware, Vista

posted by bruceb at 5/16/2008 12:07:00 AM | permalink

An interesting problem has developed, and there's no good answer in sight. Email is no longer a reliable business tool. We're going to keep using it but there will be more occasions when I have no good answer to mail-related complaints.

Spam is the primary reason that things are falling apart. It's at record high levels and I've seen predictions that this is the calm before the storm.

For a while we could deal with that at the Exchange Server - drop messages that are not addressed to valid recipients in the business, turn off non-delivery reports, rely on Outlook's junk mail filter and supplement it with Exchange's Intelligent Message Filter after Exchange Service Pack 2.

After a while that's not enough. Servers are using processor power and bandwidth just to drop thousands of misaddressed messages. Most of my business clients have now been set up with Exchange Defender, a third party service that filters spam and viruses. That will work for a while. Most people will read the daily reports from ED at first, until the spam builds to a volume that makes the daily reports overwhelming.

The third party services frequently don't filter messages that seem to have been returned as "undeliverable," leading to the recent waves of "NDR spam," flooding mailboxes with hundreds of messages per hour for a day or two. I've gotten a call about this every day or two for the last month or more, helping people set up an Outlook rule to delete any message with "Undeliverable" in the subject. It undermines our confidence in the mail system a little more - and ensures we will never find out that we've accidentally sent a misaddressed message.

Spam is not the only thing undermining our confidence in email. We're dealing with larger and larger files, and at the same time we're doing more work outside the office or collaborating with people all over the world. The world's email systems were not designed for large file attachments! I'm constantly hearing the frustration of people whose messages with 20Mb PDF attachments do not get where they're going. There is no answer - except to learn to use a different method because email is not a reliable business tool to exchange files.

Another problem is going to affect more small businesses in the next year or two. Outlook folders are exploding in size in a way that was never intended by the designers of Exchange Server. It's convenient to exchange huge files with co-workers down the hall by email, or to use email to send the PDFs scanned by the cool copier, but the result is that mailboxes are far exceeding the sizes called for by best practices. Outlook's built-in archiving is confusing and fragile - people just don't understand the process and have no idea what to do with an unruly collection of .PST files. (Not to mention the backup problem - PST files should not be stored on a company server but desktop computers are generally not backed up, putting those PST archives at risk.)

It's wildly expensive to set up a second Exchange Server and maintain it; third party archiving and hosting solutions are out there but not exactly easy or affordable for a small business with no onsite IT employees. But mailboxes that are 4 and 6 and 8Gb in size are going to run slowly and are at far greater risk to become corrupted, either on the local computer (requiring a long, slow process to rebuild the local cached copy), or worse yet, on the server, where the process of recovering a mailbox is painful to think about. Yeah, I can set mandatory size limits and automatically disappear mail after a certain time. I can also be fired, which would be one of the likely side effects if I try that.

I'm watching a slow deterioration in our confidence in business email, with no idea what to do about it.

Labels: business, mail, SBS, spam

posted by bruceb at 5/15/2008 12:29:00 AM | permalink

The world of cell phones has some things in common with the computing world, including the sense of dread and helplessness that weakens the knees when we walk into the stores. Here's a few things that came up during too many hours at the Verizon Wireless store this weekend.

• There simply is no answer to the question, "How much is it?" The variations in price are breathtaking. Prices for phones by themselves, without extending your contract for another two years, are absurdly high. If you can swallow the contract extension, you enter a blur of rebates and promotional offers that are never straightforward. Our salesman gamely described the price for a phone, and a mail-in rebate for good citizenship, and another hundred dollar rebate if we signed up for the required monthly data plan - but came back later with, "Oops, that's only a fifty dollar rebate because it's a secondary line, not a primary line, I mean, obviously, right? Oh, and you have to switch to the Nationwide Choice plan, which is the same price and has the same features as the America's Choice plan, we just gave it a different name to screw with you." Whatever. Present the credit card and sign whatever is handed to me, like just about everyone else there.
• Virtually every non-PDA phone is designed for children. There are no cell phones for people who really only want to use their phones to make phone calls.
• More and more phones are designed with slideout QWERTY keyboards. Most of them are ergonomic disasters. You cannot choose a phone with a keyboard unless you stand in the store holding it, trying to type on the keyboard!
• Phones with a two inch display cannot display very much onscreen that's interesting or useful. That doesn't change just because the screen is rotated ninety degrees. Switching from portrait to landscape to gain an extra half inch of width does not improve an unreadable web page.
• Do not underestimate the carriers' willingness to hold you up for a few more dollars! Our new Samsung Glyde comes with a USB cable - but it does not register as a "mass storage device" when it's connected to a computer. In other words, it doesn't show up as a drive - there is no way to copy photos or music to and from the phone. Verizon wants to charge you to upload the photos to its online gallery; Verizon wants you to install its proprietary music software and sell you music from the Verizon store. Ringtones? No way you're gonna use your own music - buy 'em.
• Some phones have slots for "MicroSD cards," where music and pictures can be stored. (At least that way you can get them on and off the phone using a computer.) Did you know there were "MicroSD cards"? Little, tiny fingernail sized things. Are they the same as "MiniSD cards" Good god, I don't know. (But I can look it up. Answer: no.)
• Hey, I've gotta tell you a funny story. I got a new camera, a Panasonic Lumix DMC-FX55 - great camera, really small but the image stabilization feature in new cameras is a big deal. I read that the camera takes better quality short movies with an "SD-HC" card, capable of storing video at higher speeds. The SD-HC cards are rated by speed - 2, 4, 6. This was all news to me. What? So I bought a 4Gb SD-HC card and took some pictures and plugged it into the card reader on the computer and it couldn't read it. Hmm. Tried a couple of other SD card readers - nope, can't read it. No, the "SD-HC" cards needs a new generation of card reader - the card reader on the computer is ancient, probably more than a year old. Had to figure out what adapter to buy before I could get the pictures off the camera. Ha ha! Isn't technology fun! I was laughing, you betcha.
• Blackberries look great. They don't work the way you think they do. You've been warned!
• Windows Mobile phones work seamlessly with Small Business Server, for my business clients. I can set them up in two minutes to sync your Outlook email/calendar/contacts over the air. We got another Motorola Q - now a couple of years old but still a sleek, straightforward design. It does not have a touchscreen but I've come to think of that as an advantage after trying many quirky touchscreens. The Q9m on sale now at Verizon has a horrible "multimedia" home screen that might rear its ugly head with a single errant click, but the same click sends it back to the normal Windows Mobile screen. For fifty bucks more, the brand new Q9c adds a GPS function to the phone. Verizon likes the GPS feature. It will charge you a monthly fee to use it. Of course.

VERIZON *228

Does everyone know this but me?

Verizon erects new towers, signs new deals with other carriers to share towers, and changes its roaming areas pretty regularly.

Your phone doesn't know that until you manually update it.

In your home area, dial *228 and choose option 2. If you're lucky, your signal will improve because your phone has learned about a nearby tower that it wasn't previously using.

Verizon recommends doing this every three months. Here's Verizon's FAQ about the "Preferred Roaming List" update.

Maybe it's just me, but this is the weirdest thing I've heard in a long time. So I'm going to drive by Verizon towers but my phone ignores them because it's not smart enough? Get outta here.

The salesman assured me that my signal strength would improve because of all the towers Verizon had added west of Sebastopol.

I pushed *228 and updated my phone and drove home breathless with anticipation, and he was just kidding, of course. If I'm talking to you on my cell phone, the call will still be dropped just when you're about to tell me the punchline.

Happy cell phone shopping!

Labels: mobile, phone

posted by bruceb at 5/13/2008 12:28:00 AM | permalink

Every time I think Microsoft is going to learn a lesson and show some communication skills, it makes another misstep.

Windows XP Service Pack 3 is a collection of previously released security patches and updates, with a handful of new features and absolutely nothing that is noticeable when you sit down to get work done. That's not trivial! Setting up a new Windows XP computer had turned into an unbelievable ordeal, with as many as 95 updates to install on a new computer fresh out of the box, before anything else could be done. The service pack collects all those into a single short installation; when it's installed, you have confidence that you've got the latest protection against the bad guys, plus perhaps a modest improvement in performance. Great!

Service Pack 3 has been extensively tested. Its release date was kept a secret until it was suddenly made available to consultants and developers on short notice at the end of April - but then it was quickly withdrawn while a last minute problem was fixed, a conflict with "Microsoft Dynamics Retail Management System," a retail chain management program for small and midsize businesses that nobody uses.

Then, only a few days later, with no adequate warning, bang! There was Service Pack 3 being pushed out in the Microsoft Update system. Bang! There's OneCare turning yellow, insisting that it be installed right now!

Well, here's the thing. 99.5% of you will install SP3 painlessly. It will take 15-20 minutes, you'll restart, and you'll go back to work.

But if I had gotten a warning of when to expect it, I might have been a bit more ready for phone calls from .5% of you, or perhaps sent out an email blast with some specific instructions. Service packs are a big deal and they do NOT need to be installed on the first day they are available! Here's Susan Bradley complaining about the same thing a few days ago.

A few people are not having good luck with the installation, and of course they're screaming bloody murder - and so another round of Microsoft bashing kicks in.

Before you install Windows XP Service Pack 3:

• Make sure you have free hard drive space! Open My Computer and right-click on the C: drive, then click on Properties. You should see a big chunk of the pie labeled "Unused."
• If you have an AMD processor instead of an Intel processor, don't install SP3 until you read somewhere that the AMD endless-reboot problem has been fixed. You can check your processor by opening Control Panel and clicking on System.
• If you are technically proficient, look for BIOS updates and video driver updates. If you're not proficient, go ahead and install SP3 without checking for those updates - the odds are strongly in your favor.

If you have problems after installing Windows XP Service Pack 3:

• This article has a thorough look at the most likely causes and some resources to recover your system. Jesper Johansson was the first to document the AMD processor problem and appears to be updating this blog entry regularly with more problems and solutions.
• Microsoft has put together this Knowledge Base article about some of those issues.

[Addendum 05/12/08 2pm] Today I sat down at a PC that was blue screening after SP3, displaying the message: "An attempt was made to execute non-executable memory. (Error code) 0x000000FC." Using some interesting tricks to gain access to the drive, I was able to fix the problem by following a tip in a response to this forum post: replace windows\system32\drivers\usbehci.sys and windows\system32\drivers\usbport.sys with the same files from an SP2 computer. Once I did that, the computer started right up. I don't know whether there will be any side effects from that.

Labels: computers, Microsoft, security, WinXP

posted by bruceb at 5/12/2008 12:53:00 AM | permalink

Within a month or two we'll have a second-generation iPhone, with higher data speeds through AT&T's 3G network and built-in support for connections to Microsoft Exchange Server. As always, Apple is being reticent with the details and the launch date but it's likely to be soon.

Paul Thurrott today spoke an important truth that must not be overlooked.

"Just so we're clear, if Apple ever opened up its iPhone to rival cell phone networks in the United States, AT&T would lose about 99 percent of its iPhone customers overnight, and that number is artificially low because the final one percent would leave eventually. But that's because AT&T Wireless is, perhaps, the worst wireless carrier in existence."

And really, that's about all there is to it. Verizon is no treat to deal with but - I can't sign up with AT&T. Even for an iPhone. I just can't go there.

Labels: Apple, mobile, phone

posted by bruceb at 5/09/2008 01:36:00 PM | permalink

If you work in a business run by Microsoft Small Business Server, you probably know about Remote Web Workplace, one of the best things Microsoft has created in the last few years. With just a few clicks, an SBS user can bring up the company's RWW web site and connect to an office computer using Remote Desktop.

Recent changes caused by service packs and security updates have changed that experience a bit. At some point you may need to know a few new tricks.

INSTALLING THE ACTIVEX CONTROL IN VISTA

The first time a connection is made to an office computer with RWW, a small Remote Desktop ActiveX control has to be installed. On Vista computers, I could not get the ActiveX program to install - I'd click the bar and say OK and be taken right back to the message asking for it to be installed.

If that happens to you, click on Start and type in "Internet" so you can see Internet Explorer on the menu. Right-click on IE and click on "Run As Administrator." (You won't have that choice if you right-click on IE where it always appears at the top of the Start menu.) That session of IE will run with elevated permissions and you'll be allowed to install the ActiveX control when you return to the RWW site. Once it's installed, IE can be run normally and it will start the session just fine.

ENABLE THE ACTIVEX CONTROL IN WINDOWS XP

Susan Bradley reports that the Remote Desktop ActiveX control may be disabled after installing Windows XP Service Pack 3. You'll get this screen:

Click on the little gear at the bottom to bring up IE7's controls to manage addons, or click on Tools / Manage Addons / Enable Or Disable Addons. You can enable the Microsoft Terminal Services ActiveX control there.

SCARY SECURITY MESSAGES

There's new Remote Desktop software with some security improvements, a few improvements in video quality and speed, and improved support for Vista and Windows Server 2008. But it adds a security warning that looks alarming, even when you're connecting to a computer you know is safe.

If you're connecting to your business network or a safe computer, go ahead and connect.

It's a little like the unnecessarily alarming screen that appears when you connect to the Remote Web Workplace web site, if your company server is using the server's default security certificate. The warnings are really poorly chosen for SBS users! Everything's fine - click OK to go to your company server if you see this screen.

Labels: IE, remote, SBS, Vista, WinXP

posted by bruceb at 5/08/2008 12:56:00 AM | permalink

Vista's firewall is significantly beefed up from the firewall in Windows XP - it monitors outgoing traffic, it's able to adjust easily when a computer is moved from one network to another, and the settings are easier to find in Vista's Network and Sharing Center.

Firewalls have become far more important on individual computers as our lifestyles change. Many home users and most business users are behind a firewall when they sit at a computer in the home or office - the router or wireless access point controlling the Internet connection is acting as a simple but effective firewall. With the explosive growth in notebook computers, there's a lot of information on computers that are outside the edge of the network, away from the home or office, exposed to networks and Internet connections that are not necessarily trustworthy.

When a Vista computer connects to a network for the first time - an unfamiliar wireless network or a cable plugged in at a new location - Vista inquires whether the network is Home, Work, or Public.

If you are connecting directly to the Internet or in a location where you will not access any other nearby computers, choose Public. Vista will make your computer invisible on the network; it will turn off file and printer sharing; and it will lock down various services.

On the other hand, if you are safely behind a router or another firewall and you will be communicating with other computers - sharing files or using a shared printer, for example - choose Home or Work.

I found myself wondering - what is the difference between Home and Work? What different services and features would be enabled in one but not the other?

According to this article, they're identical. No difference at all. That leaves the interesting question of why they're presented as separate choices - but don't worry about that, just pick one when it's appropriate.

(If you're detail-minded, you should know that a computer joining a company domain won't be asked about network location. There's an additional set of policies for a domain and the Vista computer automatically adopts them.)

I see notebooks frequently that have multiple network connections - a Verizon/Sprint connection, say, along with an 802.11 connection and a network cable. I've learned from experience that Vista examines all available network connections and chooses the most restrictive firewall policy. If there is any Public connection anywhere on a network, the Vista computers are going to lock themselves down. I've added that to my troubleshooting when I can't print to a shared printer or reach a shared folder.

Labels: Internet, mobile, network, security, Vista, wireless

posted by bruceb at 5/07/2008 01:18:00 AM | permalink

If you have a wireless notebook, there's yet another way the bad guys can get past your defenses.

When you connect to a wireless access point, normally you're in "infrastructure" mode. Network traffic to all the computers using the wireless network passes through a wireless access point. In a public place - an airport or hotel, say - you can reasonably hope the access point has some built-in security to keep each connected computer separated from each other.

Windows computers are also able to connect directly to each other wirelessly in "ad hoc" mode - no access point required. I can imagine sophisticated arguments about what that might enable people to do but here in the real world I've never ever seen anyone use that capability.

A computer in ad hoc mode is broadcasting a wireless SSID, a name that other nearby computers can see and connect to. Once the second computer joins the ad hoc network, it also broadcasts that name - and might continue to do that even after it gets to a different location. (Windows is designed to remember those settings by default. It's a feature, not a bug.)

If one of the computers in the ad hoc network also has an Internet connection, all the connected computers can use that Internet connection to get to the outside world.

Enter the bad guys. You flip open your notebook at the airport and see a wireless network named "Free Public Wi-Fi" or "Free Internet" or "US Airways Free WiFi" or something else tempting; you highlight it and click Connect, and you're able to get online. Great!

Unknowingly, you have joined an ad hoc network and every bit of data to and from your computer is going through the bad guy's computer at the next table. Your login names and passwords, your email messages, your online accounts - the bad guy is logging it all, analyzing it, and preparing to clean out your bank accounts and mortgage your house. If you've set up your computer for file sharing, he's rummaging through your files. If your security isn't up to date, he's installing software to send spam or let him control your computer at his leisure later.

This isn't a new problem but a recent study found that 10% of all the wireless users it scanned across all airports were broadcasting at least one of these viral SSIDs, and in some airports, the percentage was much higher. I've seen "Free Public Wi-Fi" in downtown Santa Rosa - maybe a bad guy, maybe a laptop user who didn't know his computer was broadcasting the fake name.

PREVENTION

Don't connect to ad hoc networks.

In Windows XP, the icon for an ad hoc network is different than a conventional wireless network, and it's described as a "computer-to-computer network."

In Windows Vista, the only indication of an ad hoc network is the appearance of the icon!

There are settings in Windows to prevent your computer from suggesting ad hoc networks at all. In Windows XP, advanced wireless network settings include the screen below, which can be set to force connections only to access point networks.

If you've done a lot of traveling and used wireless networks freely on the road, you may want to visit your computer's list of recognized wireless networks and clean out anything unfamiliar - especially a suspicious name like "Free Airport WiFi" or anything else on the list in this article.

There are more details in this article about how this works and steps to take to prevent being a victim.

And here's a scary story where a traveler learned that it was possible to access anything in any folder on his computer - from two rows away on an airplane.

I'll tell you more about how your security works and what you need to know, but as always, your best defense is your common sense. Don't click on anything without thinking long and hard - especially anything free! Be careful out there!

Labels: broadband, computers, Internet, mobile, network, security, wireless

posted by bruceb at 5/06/2008 12:23:00 AM | permalink

Sebastopol-based O'Reilly Media has clearly filled a need with Make Magazine, devoted to do-it-yourself technology - but a long, long way from Popular Mechanics and the other DIY magazines that baby boomers recall from their dad's garage in the 60s. The magazine features creative, eccentric projects that might require technical prowess, or fearlessness, or some cool power tools - or a little bit of all three.

A couple of years ago the first "Maker Faire" was conceived; the fourth one just concluded at the San Mateo fairgrounds. For two days, an oddball collection of people who make cool stuff was assembled in one place, a sort of updated county fair for the new century. Every corner had something that you haven't seen before! Big metal things belching fireballs (I overheard fairground workers disgustedly grousing to each other, "There's fire all over the place! Everywhere you go, there's something on fire!"). A guy offering electrical shocks to passersby. A lifesized replica of a Mousetrap game. The stars of the famous Diet Coke & Mentos video, dousing the crowd with a choreographed display of fountains from 104 Diet Coke bottles. Rockets. Steampunk. Battling robots. Pinball machines. Bending neon. Really large sculptures. A bus powered by pedaling passengers smiling and yelling at each other, "Pedal! No, wait, stop!" And a lot more! You can see a handful of my pictures here, and a lot of pictures and videos at the fair web site.

There was something so wonderful about watching Corey Fogel grimly knitting while he played the drums, pressed against the wall of one of the fair buildings. It's hard to know why - it just fit the scene so well.

Unfortunately, the Faire was a victim of its own success this year. Organizers could tell from the online hubbub that this year's fair would attract more people than prior years, but the most frequent comment I overheard from staff people was that the crowd far exceeded even those expectations. Traffic was backed up - it took 45 minutes to crawl from the freeway to the parking lot. Too few ticket booths - another 45 minutes of standing in line to buy a ticket and enter.

The Maker Faire is intended to have a loose, homemade feel, offering hands-on experiences and interaction with the creative people behind each exhibit. All too often, the crowds kept that from being possible - too many people mobbing a scheduled event, no real chance to engage a maker in much of a conversation. Expect some changes for the next Maker Faire - or plan to attend, but get there early on Sunday instead of the middle of Saturday afternoon, which didn't work out as well as I hoped.

But that's nitpicking a truly interesting family event. Keep an eye on O'Reilly and Make Magazine - they're doing something very cool!

Labels: business

posted by bruceb at 5/05/2008 12:13:00 AM | permalink

Microsoft Office 2007 features top-to-bottom rewrites of Word, Excel and Powerpoint, with ribbons replacing the familiar menus and toolbars. There is another change lurking under the hood that might affect you even if you don't buy a new computer and start using the Office 2007 programs.

All three programs save files in new formats by default - .DOCX, .XLSX, and .PPTX. If you're running Office 2003, a window will be displayed when you try to open a .DOCX or .XLSX email attachment for the first time, explaining that a free "compatibility pack" is required before you can open the file.

The "Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats" is a 27.5Mb download that installs quickly and does not require a restart of your computer. It can be installed anytime - there's no harm in putting it on now, even if it hasn't come up as an issue yet. There's more information from Microsoft about prerequisites and potential issues on this page.

When the Compatibility Pack is installed, you can open and save in the new Office 2007 file formats.

So what's it all about?

There were some problems with the old formats. They created overly large files; they were insecure; and they were prone to becoming corrupted. The new formats address all of those problems. But there's more. This is about money.

The old formats were proprietary and Microsoft guarded their secrets jealously, trying to keep competitors from making programs that could potentially compete with Office. In the last ten years, advocates of open formats began to make inroads in the world of public opinion - and more importantly, in large corporations and governments - with arguments about the disadvantages of proprietary formats and expensive office suites.

Someone once said that Microsoft's revenues are essentially divided between Fortune 500 companies, on the one hand, and everybody else, on the other hand.

When Microsoft develops a new program, they hand a CD to a Fortune 500 company in exchange for Brinks trucks full of gold bullion. The Fortune 500 company then does all the work of rolling out the program and supporting its users.

When Microsoft sells a program to us, we resent paying $80 for it and we want to call Microsoft for support all the time. Make no mistake - Microsoft would not lose much sleep if all of its customers left except the Fortune 500 companies.

Microsoft decided it had to change direction to protect Office's position in large corporations and governments in a changing world.

Almost ten years ago, Microsoft began to develop "Office Open XML" with the intent of creating an open international standard. In 2005 the project was turned over to an independent company for further development and dissemination into the open source and software developer communities. These are not "Microsoft" formats any more; they are fully documented standards that can be used by anyone.

In April, the Geneva-based International Organization for Standardization (ISO) approved Office Open XML as an international standard. Here's an article about the ISO ratification. Governments and large corporate customers are frequently under pressure to buy ISO-certified products; now they can continue buying Microsoft Office with no apologies. Other companies can make word processors and spreadsheets that save files in the identical formats but big companies are slow to change and will continue buying Microsoft Office for a long time to come - especially now that its foes can't attack it for being non-standard.

There are no consequences for those of us using Word at home or in small businesses - this battle was fought bitterly between Microsoft and IBM about issues that only matter to large organizations. There's no downside for us, though - use the new formats freely.

Labels: business, Microsoft, Office

posted by bruceb at 5/01/2008 01:09:00 AM | permalink