Windows Vista

Experience the WU based Vista SP1 installation by following 4 simple steps. Windows Vista SP1 RC distributed through Windows Update will be applicable to Windows Vista machines that are running on any of the 36 languages supported by Vista RTM.

Download: Vista SP1 RC

Systems running on Windows Vista RTM require as many as three updates before SP1 can be installed. These updates are permanent to your Windows Vista systems. Windows Update will detect your system configuration and offer the prerequisite packages that are applicable to your system.

On Vista RTM:

1. Download the command (.cmd.remove) script to your machine, rename it by removing deleting “.remove” at the end of the file name. Run the newly named script on an elevated prompt.

• To run the script on elevated prompt, after you download the script, right click on the file and select “Run as administrator” option.
• The script sets a registry key on your system. The registry key is required for WU server to recognize your machine as a valid target for Vista SP1.
• After running the script, Windows Update automatic updates would normally automatically update your machine each night for the next several days with the prerequisites and then offer the Service Pack. However if you would like to install SP1 quicker you can manually do the next few steps to speed up the process.

2. Install all pending “Important” updates and reboot. You may have to do this several times to get fully up to date.

• Check for updates on Windows Update. Go to Control Panel à System and Maintenance à Windows Update and check for updates by clicking on “Check for Updates” in the top left of the task pane.
• You will be offered all previously released Windows Vista updates that you may not have installed on your system. Install all applicable updates. If you have a clean install of RTM, there might be quite a few updates to install. You may need to do this a couple of times to get fully up to date. At some point Update for Windows (KB935509) will be in this list. This is the first pre-requisite install. Reboot your machine when prompted.
• If you see Ultimate Extras, you can hide them by right-clicking and hiding. Simply unchecking them will not let the remaining updates show up. Please install all of the remaining “important” updates.
• If you reboot and rescan right away, at times you may not see all updates right away. Wait 10 minutes and scan again.

3. Install Update for Windows (KB937287) and Update for Windows (KB938371) as they are offered sequentially

• The first package that will be offered is Update for Windows (KB937287) and it does not require a reboot.
• Check for updates on Windows Update again, install and reboot when prompted for Update for Windows (KB938371). You may need to wait 10 minutes and re-scan again if it does not show up right after reboot.

4. Install Windows Vista Service Pack 1 (KB936330).

• Check for updates on Windows Update again, install and reboot when prompted for Windows Vista Service Pack 1. You may need to wait 10 minutes and re-scan again if the package does not show up right after the previous reboot.
• This process will typically take from 30 minutes to 1 hour but may take longer on some systems.

To reduce the number of reboots required to install Windows Vista Service Pack 1, the prerequisite packages will be released to Windows Vista customers through WU prior to the release of Windows Vista Service Pack 1. These prerequisite packages will be coupled with other updates that are applicable to Windows Vista RTM systems and require a reboot. Consequently, the systems that are getting updates through automatic updates will already have prerequisites installed at the time of the SP1 release and be directly offered SP1 through WU.

Microsoft is giving away copies of Vista Ultimate and Office if you will let the Vole closely monitor how you use the software.

While the more cynical amongst us might think that Vole can’t sell its software and so is giving it away, the deal is part of Microsoft’s Feedback programme.

According to its website, the Feedback Program allows you to connect directly with the Windows product team using your computer.

It will help the Voles work out which features the punters actually use and tell its designers where it needs to be simplified.

Those interested have to fill in a survey feedback form and allow Vole to snuffle the PC for an automated feedback .

However they can give feedback in the form of data that is automatically collected on your computer and uploaded to volish servers.

The automated feedback program takes two minutes on a 56K modem.

Currently you can only sign up for the program if you are American, over 18 and running Vista and XP.

Tiffany, the world’s second-biggest luxury jeweler, said eBay is a “rat’s nest” for counterfeiting and urged a judge to rule that the biggest online auctioneer was liable for infringement.

Tiffany assailed eBay in a legal brief submitted Dec. 7 to U.S. District Judge Richard Sullivan in Manhattan, as the companies await his ruling in a trademark infringement trial. EBay said in its brief that it’s a “model citizen” in the fight against counterfeiting.

At issue is whether eBay must pay damages for failing to make adequate efforts to block sales of counterfeit silver jewelry. New York-based Tiffany and other retailers claim online sales of counterfeit clothes, bags and jewelry cost them about $30 billion a year.

“At some point, eBay had to have realized that counterfeiting was rampant” on its site, lawyers for Tiffany wrote in their brief. “Indeed, it was a proverbial ‘rat’s nest.’ ”

In its brief, eBay said an adverse ruling might “wreak havoc” on some Internet-based businesses. It didn’t elaborate.

Testimony concluded Nov. 20 after Tiffany Chief Executive Officer Michael Kowalski said the only effective way to fight online sales of fakes is to go after the distribution network. Sullivan said he would rule shortly.

In its brief, Tiffany said EBay, of San Jose, was legally bound to fight counterfeiting after Tiffany and other retailers notified the auctioneer about sales of hundreds of thousands of fakes from 2003 to 2005. EBay should have taken “all feasible steps” to block such sales, Tiffany said.

In response, EBay said the law places the primary burden to fight counterfeiting on retailers like Tiffany, which has devoted “relatively few resources” to the fight.

Today sp1 ships. hurray. It’s not up there yet but should be later today.

Looking down the list of fixes, here are some that caught my eye (read the whitepaper for the full list):

• Communicator won’t let you IM a distribution list any more for security reasons
• Icons for presence have been modified so that red/green colour blind people can tell the difference between available and busy by looking at the icon rather than the text next to it
• That Excel bug with 65,534 getting shown as 100,001 is fixed
• SharePoint works on Windows Server 2008
• ASP.net AJAX supported on SharePoint for web parts
• Outlook delays with opening large psts eliminated

Office Online Downloads (SP1 will be available here)

AMD reached its lowest share price for more than four years last week and, as a result, its market value dropped to around US$5 billion – that’s $400 million less than it paid for ATI in July 2006.

Intel, AMD’s major competitor in the CPU business, has been on a roll for the past 18 months and is now worth around US$162 billion, which makes the chip giant more than 32 times the size of AMD in monetary terms.

Even worse for AMD is that its partner-cum-archrival, Nvidia, has a market cap of around $19 billion, which makes it almost four times as valuable as the struggling platform company.

It’s fair to say things haven’t been going well for AMD since the middle of last year, as its two major rivals launched products that remain largely uncontested even today. Neither the Core 2 Extreme QX6700 nor the GeForce 8800 GTX have been truly surpassed in terms of performance yet and it’s not going to happen until next year.

There are no two ways about it: the Phenom launch was a disappointment. This was largely down to the fact that the company found an erratum in the L3 cache Translation Lookup Buffer, which could cause serious system instabilities in certain scenarios and it prevented the company from launching a 2.4GHz Phenom CPU at the eleventh. AMD issued a TLB fix to motherboard manufacturers to implement into their BIOSes and when the results for the TLB fix came out, it wasn’t pretty.

This wasn’t all that disappointed us about the Phenom launch though, as AMD also prevented all but a select few publications from running their own independent benchmarks on the new CPUs before the launch. I don’t think there was any malice in that choice personally, but it didn’t really help AMD’s street cred when, come launch day, reviews were few and far between.

Let’s hope that AMD’s fortunes in 2008 change for the better because as an industry we need AMD to continue to innovate and deliver great choice to consumers. In recent times, we wouldn’t have had great products like the GeForce 8800 and Core 2, if it wasn’ for AMD’s forward-thinking innovations like the Athlon 64 and Radeon X1900-series, which were class leading products at their time of introduction (and continued to be class-leading for much of their lives).

Two labs of America’s top scientists have fallen for the oldest trick in the hackers’ book

A report featured on ABC News concluded that two nuclear labs had been “hacked.”  The true story is a bit more entertaining and the reveals that there is no threat to the country’s nuclear safety.  Real threats such as concerted “hacks” conducted by the Chinese against the U.S. government are certainly a concern, but the only thing dangerous about the compromise at these labs is the stupidity of a few scientists and workers at the plants.

The Oak Ridge National Laboratory (ORNL) in Tennessee and Los Alamos National Lab in New Mexico have made a habit of collecting the social security numbers, names, and birth dates of scientists who visit the plants.  The information is put into a database, which reads like a who’s who of America’s top scientists.

Unfortunately, nobody thought such a practice might be a bit insecure.  Starting October 29, workers at the labs began receiving phishing emails, which followed a traditional attack pattern of containing malicious Trojan-containing attachments. 

There is no evidence that the attacks were specifically geared at the lab.  If the attacks were just a general Internet attack, those responsible might have been excited at the big fish they caught.  The two labs both have reported that the phishing emails gained access to their system, which indicates at least two employees — one at each plant — were foolish enough to click the attachment and commence the damage.  The result was that the database with the scientists’ information was compromised.

The phishers gained access to the records of all visitors at the plant between 1999 and 2004. 

Don’t blame the news networks solely for sensationalizing the attack and making it sound like a sophisticated assault.  Leaders at the labs have gone on record trying to fudge the facts in statements, making the attacks sound more complex than they really are and icing over that the attacks only succeeded due to employee failures.

In 2006 Los Alamos fell victim to social engineering and phishing when its emails were stolen and ended up on the USB stick of a drug dealer found in a police raid.  The emails contained data of simulated nuclear weapons tests considered sensitive.

At the time executive director of the Project On Government Oversight (POGO), Danielle Brian blasted Los Alamos for their lax security stating, “This appears to be a new low, even drug dealers can get classified information out of Los Alamos.”

Expect more pressure for  ORNL and LANL as the smoke of sensationalism begins to blow away, revealing atrocious security due to user stupidity.  Looks like some of America’s top minds have just fallen for the one of the oldest tricks in the hackers’ book. 

The chain’s 103 retail stores will remain open and staffed during the holiday season, offering discounts on computer and electronics.

CompUSA, the computer and gadget retailer controlled by Mexican billionaire Carlos Slim, has been sold to a restructuring and investment firm that will close stores and sell some company assets.

The new owner is Boston-based Gordon Brothers Group, which recently helped CompUSA sell under-performing stores. The terms of the deal were not not disclosed.

“An orderly and expedited wind-down and asset sale process is the best option for CompUSA and its creditors at this juncture,” said Bill Weinstein, a Gordon Brothers principal who will be running CompUSA as its interim president.

“We worked long and hard with Gordon Brothers Group to achieve a business solution that maximizes CompUSA’s assets,” said Roman Ross, CompUSA’s current chief executive, who will continue to serve the company in an advisory capacity.

Friday’s sale did not come as a complete surprise to industry watchers.

News reports have suggested that Slim — who is among the world’s wealthiest individuals — was seeking to unload more of his interest in the company.

Piracy rates are lower because it’s harder

Microsoft said Monday that it’s seeing piracy rates for Windows Vista that are half those of Windows XP.

Now cynical me wanted to write this up as “even pirates prefer XP two to one over Vista,” but that wouldn’t be fair. In reality, the decline in piracy rates is largely due to the fact that Vista is much tougher to fake than XP.

“Piracy rates are lower because it’s harder,” Microsoft Vice President Mike Sievert said in an interview Monday.

There are a variety of reasons for that, including the fact that businesses no longer have volume license keys that can be used to activate an unlimited number of machines. Another is the fact that Vista machines that aren’t properly activated pretty quickly become basically unusable once they enter “reduced functionality mode.”

For Microsoft, the gains have been significant. In its last earnings call, Microsoft said that five percentage points of Windows growth could be attributed to gains in piracy.

Interestingly, though, Microsoft makes the experience a little less harsh for those running pirated versions of Vista. With Service Pack 1, Microsoft is doing away with reduced functionality mode in favor of putting prominent notifications on systems that are not found to be genuine.

Non-genuine systems with SP1 will display a warning at start-up that the system is not properly activated. Users will have the option to “activate now” or “activate later,” though the second option won’t show up for a time. Users will also have their desktop background changed to white and a prominent notification placed in the lower right hand corner saying that the machine is not genuine.

Also with SP1, Microsoft is closing two key loopholes that pirates have used to evade Microsoft’s security measures. One involves mimicking the process used by large computer makers to preactivate their Vista machines, while the other extends the grace period that customers have to activate their machine, in some cases extending it for decades. It’s not the first time that Microsoft has moved to close holes in its activation process. A year ago, the company changed Vista to disable a hack known as “Frankenbuild” that merged elements of the final Vista with a prerelease version.

An interesting list containing the first 100 .com domains registered.

Many of the names you haven’t heard of, many you have. What was interesting to me is that it took 2 years just to get 100 domains on-line.

SYMBOLICS.COM   March 15 1985
BBN.COM         April 24 1985   
THINK.COM       May 24 1985     
MCC.COM         July 11 1985    
DEC.COM         September 30 1985
NORTHROP.COM    November 7 1985 
XEROX.COM       January 9 1986  
SRI.COM         January 17 1986 
HP.COM          March 3 1986    
BELLCORE.COM    March 5 1986    
IBM.COM         March 19 1986   
SUN.COM         March 19 1986   
INTEL.COM       March 25 1986   
TI.COM          March 25 1986   
ATT.COM         April 25 1986   

GMR.COM         May 8 1986      
TEK.COM         May 8 1986      
FMC.COM         July 10 1986    
UB.COM          July 10 1986    
BELL-ATL.COM    August 5 1986   
GE.COM          August 5 1986   
GREBYN.COM      August 5 1986   
ISC.COM         August 5 1986   
NSC.COM         August 5 1986   
STARGATE.COM    August 5 1986   
BOEING.COM      September 2 1986
ITCORP.COM      September 18 1986
SIEMENS.COM     September 29 1986
PYRAMID.COM     October 18 1986 
ALPHACDC.COM    October 27 1986 
BDM.COM         October 27 1986 
FLUKE.COM       October 27 1986 
INMET.COM       October 27 1986 
KESMAI.COM      October 27 1986 
MENTOR.COM      October 27 1986 
NEC.COM         October 27 1986 
RAY.COM         October 27 1986 
ROSEMOUNT.COM   October 27 1986 
VORTEX.COM      October 27 1986 
ALCOA.COM       November 5 1986 
GTE.COM         November 5 1986 
ADOBE.COM       November 17 1986
AMD.COM         November 17 1986
DAS.COM         November 17 1986
DATA-IO.COM     November 17 1986
OCTOPUS.COM     November 17 1986
PORTAL.COM      November 17 1986
TELTONE.COM     November 17 1986
3COM.COM        December 11 1986
AMDAHL.COM      December 11 1986
CCUR.COM        December 11 1986
CI.COM          December 11 1986
CONVERGENT.COM  December 11 1986
DG.COM          December 11 1986
PEREGRINE.COM   December 11 1986
QUAD.COM        December 11 1986
SQ.COM          December 11 1986
TANDY.COM       December 11 1986
TTI.COM         December 11 1986
UNISYS.COM      December 11 1986
CGI.COM         January 19 1987 
CTS.COM         January 19 1987 
SPDCC.COM       January 19 1987 
APPLE.COM       February 19 1987
NMA.COM         March 4 1987    
PRIME.COM       March 4 1987    
PHILIPS.COM     April 4 1987    
DATACUBE.COM    April 23 1987   
KAI.COM         April 23 1987   
TIC.COM         April 23 1987   
VINE.COM        April 23 1987   
NCR.COM         April 30 1987   
CISCO.COM       May 14 1987     
RDL.COM         May 14 1987     
SLB.COM         May 20 1987     
PARCPLACE.COM   May 27 1987     
UTC.COM         May 27 1987     
IDE.COM         June 26 1987    
TRW.COM         July 9 1987     
UNIPRESS.COM    July 13 1987    
DUPONT.COM      July 27 1987    
LOCKHEED.COM    July 27 1987    
ROSETTA.COM     July 28 1987    
TOAD.COM        August 18 1987  
QUICK.COM       August 31 1987  
ALLIED.COM      September 3 1987
DSC.COM         September 3 1987
SCO.COM         September 3 1987
GENE.COM        September 22 1987
KCCS.COM        September 22 1987
SPECTRA.COM     September 22 1987
WLK.COM         September 22 1987
MENTAT.COM      September 30 1987
WYSE.COM        October 14 1987 
CFG.COM         November 2 1987 
MARBLE.COM      November 9 1987 
CAYMAN.COM      November 16 1987
ENTITY.COM      November 16 1987
KSR.COM         November 24 1987
NYNEXST.COM     November 30 1987

Tens of thousands of Britons’ financial details are sold on the internet

Security breaches that are allowing the financial details of tens of thousands of Britons to be sold on the internet are to be investigated by the country’s information watchdog.

Without paying a single penny, The Times downloaded banking information belonging to 32 people, including a High Court deputy judge and a managing director. The private account numbers, PINs and security codes were offered as tasters by illegal hacking sites in the hope that purchases would follow.

The discovery comes as public alarm is growing about the dangers of identity theft. HM Revenue & Customs has yet to retrieve two lost CDs containing the banking details of 25 million Britons, which ministers admitted had vanished in the post a fortnight ago. At current underworld prices, these could fetch more than £100 million if they fell into the hands of hackers.

Last year The Times discovered internet chatrooms where the hacked credit card details of 400 British people were being sold every day.

Hacking sites act as online bazaars for stolen personal information. They are well run, hierarchical groups structured like businesses. Some even have review sections where buyers can recommend a particular fraudster.

Stolen identities

Criminals use three main methods to extract personal information

- Viruses contained in e-mails that install malicious software to collect information such as login names, bank account details and credit card numbers. Make sure you use up-to-date antivirus software

- Handheld credit card readers are used to “skim” cards and copy data that is then used to clone another one. Check your accounts regulary for unusual transactions

- Bin raiders go through rubbish bins to find discarded bank statements and utility bills. Make sure that all personal documents are shredded before you throw them out