Mar. 26 2001

MSFT  $57.21 B.G.  $42.4B 01.04.10. Thanks to BillG Networth.

ABCNews Tech
BetaNews.Com
CNN Computing
Infoworld
LinuxNews
MacOS Rumors
NewsNow UK
News.com
The Register
Slashdot
SJ Mercury
Techweb
Wired News
ZDNet News

SPONSORED BY:

On Monday March 19, Microsoft unwrapped a major component of its .NET strategy - a set of programming interfaces and subscription services code named Hailstorm. According to Bill Gates, the services are all built on XML standards (soon to be embraced and extended by Microsoft) and will "take individual empowerment to a new level, create unprecedented opportunity for the industry and trigger a renewed wave of excitement about the Internet." That would be great, if it were actually true. In reality, Microsoft.Net Hailstorm is little more than a thinly veiled invasion of privacy on a scale not even George Orwell could have imagined.
Hailstorm centers around MSN Passport, a Web site using technology Microsoft purchased with Firefly Networks in 1998. Passport is a central repository for user passwords and personal information, so anyone can login to Passport.com and have access to every MSN service. Hailstorm expands Passport into a clearinghouse for user information, providing a wide range of interlocking services from MSN and other Web sites. Various services can check a users' datebook, alert him or her of local events, send targeted marketing (customized spam), and speed up online purchases. Windows.NET and Office.NET will expand the service to computer login screens, so entering a Windows username and password (For now MSN Messenger will be the main entryway) allows seamless passage between Web sites and one-click purchases without filling out forms. It essentially uses XML to do what those hated cookies do now, only it does it across the entire Internet instead of being limited to one site at a time the way cookies are.
To work the way Microsoft promises, Hailstorm will need access to a big valuable pile of personal information from its users. Not only e-mail and name, but credit card numbers, addresses, telephone numbers, personal interests, and a lot more. Microsoft could eventually make more money selling this information to marketers than it makes from selling software. (The privacy policy specifically prevents it from doing that without user permission, but when has Microsoft ever chosen anyone's privacy over a new source of income?) Beyond the risk of having information sold off to the highest bidder, there's an inherent security risk involved with all this: Microsoft's problems with network hackers and continual issues with Windows security ensure that the first dozen versions of this technology will have holes big enough to drive a truck purchased with stolen credit card numbers through.
But the damage this Hailstorm will do to privacy is nothing compared to what it could potentially do to the Internet as a whole. Just like anything else Microsoft does, this is a clever plan to destroy competition. Hailstorm, Hotmail, and MSN Messenger are tied at the hip, a move that will certainly hurt competing free mail services and put a dent into AOL's Instant Messenger service. Additionally, while Hailstorm services are currently based on open standards like XML and SOAP, history indicates it won't be that way for long. Once the entire Internet has swallowed this snake oil they'll extend the standards into a mess of proprietary APIs that require Windows servers - and that's pure poison for other server OSes like Unix and Linux. Don't forget that they call this thing Hailstorm for a reason.
ALSO SEE: PC World, CNET, NY Times, The Register

Late last month Microsoft issued an advisory to its customers warning them that VeriSign gave software security certificates in its name to an impostor from outside the company. The fake certificates were apparently given to someone pretending to be a Microsoft employee on January 29 and 30, but ViruSign didn't catch the mistake and notify Microsoft until a few weeks ago. VeriSign (which owns the company in charge of all .net and .com domains) blamed the problem on human error. This mistake does lie completely in the lap of VeriSign and actually isn't Microsoft's fault. (A rare occurrence, but still no worse than some problems Microsoft has caused all by itself.)
Microsoft uses its VeriSign certificates on software updates and approved ActiveX scripts to ensure users that they are safe to install (as safe as Microsoft software gets anyway), so the faked certificates could be attached to viruses, Office macros, or faulty software updates that add security holes to the operating system. VeriSign and Microsoft both said that they have no knowledge of the certificates actually being used, but there's really no way to know how many viruses or security holes they've been attached to in the last two months. Until a patch is developed, Microsoft recommends that everyone check the dates on any software certificates, since the only ones issued on January 29 and 30 were to the impostor. Outlook users are also advised to download the last bug patch for their e-mail program, since it prevents signed scripts from running without first getting user permission.
ALSO SEE: InfoWorld, PC World, CNET

According to German newsmag Der Spiegel, the German military and some of its diplomatic departments are abandoning Microsoft products in droves because of concerns over their security and the lack thereof. The report claims that the German government is extremely concerned over recently discovered vulnerabilities in Microsoft's software and the infamous Windows NT 'NSAKEY' that apparently gives the US government backdoor access to Windows' built in encryption. If the Spiegel report holds true, software from Microsoft and a few other US companies will be replaced by secure systems developed by native German groups.
A German Defense Ministry official has denied the report and says the government will continue using Microsoft products. But at the same time, he didn't deny that they are still concerned about security trouble with Microsoft, and commented that the problem is currently being handled with firewalls and customized NSAKEY-free encryption software. That statement notwithstanding, a move away from Microsoft products would certainly be a popular move in the country where Linux is becoming more widely used than Windows.
ALSO SEE: The Register, Wired News

Before releasing the first public beta of Internet Explorer 6, Microsoft has been spending time to promote the developing browser's new privacy features. According to Microsoft, IE 6 incorporates privacy tools based on recommendations in the Platform for Privacy Preferences (P3P) specification. The tools appear to give users more control over how cookies are handled by the browser, and lets them block out sites without a privacy policy meeting certain guidelines. Of course there's no guarantee that the tools actually work the way they're supposed to, and the P3P guidelines must also be implemented by individual Web sites before any of the privacy controls can actually do anything. So in the end IE 6's new features provide little more than an illusion of security and control to the powerless masses who have chosen to use it.
ALSO SEE: WinInfo, The Register, CNET

Judge Thomas Penfield Jackson, who recently came under attack from Microsoft for his handling of the antitrust case, has recused himself from a completely separate Microsoft issue. The case in question here is a $5 billion lawsuit filed on behalf of seven former employees accusing the company of racial discrimination [see Jan. 15, 2001]. Jackson was randomly assigned to oversee the case, but in light of Microsoft's bias accusations in the antitrust trial he issued an order on March 12th that will give the case to another yet-unknown judge. In the parting order Jackson again defended his actions in the antitrust case and referred to Microsoft as "a company with an institutional disdain for both the truth and the rules of law that lesser entities must respect."
ALSO SEE: The Standard, TechWeb

Goldman Sachs stock analyst Rick Sherlund recently lowered his estimates for Microsoft's current quarter, saying that slowing demand for new computers will have a slight impact on the company's bottom line. Sherlund dropped his estimates for Q3 to about $6 billion in earnings, a figure at the low end of previous estimates. He said Microsoft's sales are likely to remain down through the end of next year with small peaks around the release of Office and Windows XPs. But Sherlund also noted that Microsoft's depressed stock price probably already reflects the earnings decrease and isn't likely to drop much lower - a comment that set off a market rally and sent the stock soaring for several days.
ALSO SEE: CNET, TheStreet.Com

Microsoft (provider of low-quality software) and Reuters (provider of low-quality news) announced on March 22 that they are working together on secure instant messaging software for financial institutions. The product, Reuters.Net Messaging, will build on Microsoft's MSN Messenger/Hailstorm platform to give employees of banks and brokerages a new method of communication that provides a false sense of security. Reuters.Net Messaging will compete with a similar service from Bloomberg News.
Linux users and anyone else looking to set up partitioned hard disks under Windows XP are being prevented from doing so by Microsoft's latest changes to that system. A recent build of XP used the NTFS 5.1 file system (Win2K uses NTFS 3), which isn't completely compatible with existing disk management tools like Partition Magic. The new file system apparently has few advantages for users, but Microsoft is using it because it breaks the old disk utilities and may also hinder the capability for other OSes to read Windows-formatted drives.
Back when the stock market was popping and 'dotcom' stocks were hot, Microsoft successfully spun off its Expedia Web site as a separate company. HomeAdvisor was being groomed as the next spinoff, but with the stock market now depressed Microsoft has abandoned those plans and is now rolling HomeAdvisor back into the MSN network. With its mortgage software unit up for sale, the site will now focus on real estate listings and home improvement information.
WebAppoint.com, a provider of Internet scheduling and appointment reminder services, was apparently bought out by Microsoft back in October (The acquisition wasn't revealed until recently because WebAppoint was a privately held company). Microsoft appears to be combining WebAppoint's services with the bCentral Web site and plans to use elements of it in Hailstorm.

Microsoft's three-pronged wireless attack
United we stand: MS v. the states
eBay, Microsoft form alliance
Ballmer: It'll Be an XML World
MS plans 'Secure PC' that won't copy pirated files
WinXP testers still in revolt over product activation
Nintendo asks retailers to stop Xbox promos
Pirates Experience Office XP
Windows NT Life Cycle Nearing End
XBox Screenshot Flim-Flammery?