Copacetic

Ronan Geraghty wrote a long and informative email to my previous rant (since removed, I wasn’t comfortable with it) about Microsoft. I repost here with his permission.

Developers have consistently written applications which require excessive user rights and Windows privileges meaning that enterprises have had to prioritise ease of deployment over security. As you probably know one of the major goals of Vista was improved security, and one of the design goals of UAC is to prevent installations being run without the user’s knowledge, requiring explicit consent for writing to protected locations. As you know, %ProgramFiles% is a protected location and is a good example (along with say writing to HKEY_LOCAL_MACHINE\Software) where applications that do not separate user and admin functionality run into problems.

 

Bearing all this in mind, the aim of virtualization is to improve compat for _legacy_ apps running as standard user on Vista.

Taking your main point:

‘Well not anymore, nope with UAC (User Access Control) turned on, config files written under the C:\Program Files directory get virtualized. i.e. This is not a normal file system any more, its some weird, hacked up, broken, not the file system you were brought up on. So edits with notepad don’t work, file saves don’t work right and uninstalls and upgrades just go straight to hell in a hand basket.’

The rule is that if an app hasn’t requested explicit permission to write to a protected location then virtualization kicks in. Below is an example of this on my machine. Note the “Compatibility Files� button on the explorer bar. The reason for this is that when it’s run this particular application attempts to write a log file to %ProgramFiles%. Since that’s a protected location if the app is run as a standard user the file is virtualized, hence the compatibility files button shows up in explorer. From that point on app reads will be from the virtualized folder, so rather than attempting to edit e.g. the log file or config file directly you should click this button and it will take you to the location where you can use e.g. Notepad to edit your virtualized files. In my case for example editing my virtualized sim.cfg file with Notepad allowed me to hide/show a toolbar in the application.

Bear in mind that Virtualization is for legacy applications : new applications ideally should strive not to use Virtualization i.e. not cause files to be written to the virtualized store. Say you have an app which attempts to save user preferences such as window co-ordinates in your config file to %ProgramFiles%. The first time this is run by a standard user the file will be virtualized for that user. Subsequent updates to the config which are pushed out by e.g. SMS will be picked up by first-time users but not by those users which have already used the app and been virtualized. Also, on uinstall, the virtualized files won’t be uinstalled.

To reiterate, Virtualization is there to enable legacy apps, however the long term approach should be to fix the app to take UAC/least privilege into account, and actually request permission to write to the protected locations if that’s required. In fact if user settings are separated out then there may be no need for the app to write to the protected location at all.

A quick solution for your existing app is to right click it and select Run as Administrator. Or alternatively users can apply a compatability fix to indicate that the application requires administrative privileges.

So Flash isn’t good enough for the iPhone.  Not having a rich client on the iPhone is nonsensical so Steve must have a flash-like play up his sleeve. Perhaps Microsoft and Apple are cooking up a little SilverLight pie?

Microsoft need a serious partner to put SilverLight on the “its not a Windows only play” route. Steve hates giving license fees to Adobe and would prefer to have his own solution. So barring that the best spoiling play is to get into bed with Microsoft. Who knows what deal he could get from Microsoft on the back of that bet, better support for Microsoft Office on the Mac, or even access to the Bejing Olympics for Apple technology…

Price of 44.6billion USD or $31 dollars a share.

Interesting clash of cultures both at the technological and organisational level. These mega-mergers rarely work with the final entity being less than the sum of the parts. Expect to see both stocks plummet and Google’s share price to rise.

Google must be shouting Yahoo! right now.

Fantastic night last night at the inaugural TechLudd, big crowd turned up (I’m never good at these estimates, but my guess is at least 70 100 people) Microsoft paid for the beer (big shout out there, thanks Clare and Martha) and Ireland’s current crop of Entrepreneurs provided the entertainment and conversation. Marcus took a bunch of snaps which are now up on pix.ie.

Full marks to Anton and Sabrina for doing all the heavy lifting. Looking forward to the next one already…

So according to an InfoWorld article,

…legislators in Massachusetts, which in 2005 first required that all agencies would be forced to store public documents in non-proprietary formats like HTML or PDF, admitted in the discussion that they have not yet been able to provide tangible evidence that moving to an ODF system would deliver the financial savings some backers of the movement envision.

So one single state decides to change from a file format and suddenly faces the full might of the Microsoft marketing machine.  There are intrinsic benefits to using an open  format that accrue over the lifetime of a document, but the costs in the initial phase of changeover (the case in any transition) will outweigh the benefits. It would be doubly difficult of Massachusetts to account for its costs given the huge legal battle it has fought to date.

Its like looking into a startup six months after it hits the start line and saying, “why aren’t you profitable?”

I see Microsoft has taken the gloves off in the Open Source/Closed Source battle. Surprise, Surprise they found the infringing patents in the three areas where Microsoft makes most of its revenue, operating systems, Office and the Windows user interface.

But he does break down the total number allegedly violated - 235 - into categories. He says that the Linux kernel - the deepest layer of the free operating system, which interacts most directly with the computer hardware - violates 42 Microsoft patents. The Linux graphical user interfaces - essentially, the way design elements like menus and toolbars are set up - run afoul of another 65, he claims. The Open Office suite of programs, which is analogous to Microsoft Office, infringes 45 more. E-mail programs infringe 15, while other assorted FOSS programs allegedly transgress 68.

Watching this from the sidelines is gonna be a hoot.

Addendum: Of course the real reason for this may to head off the new version of the GPL at the pass.

Microsoft’s partner site crashes IE 7

Originally uploaded by Joe Drumgoole.

I’ve crashed IE 7 three times in a row now. Does anybody know what telephone syntax the Microsoft partner program will accept?

 TechCrunch reports that Zimbra will deliver a desktop client for the software suite allowing offline functionality. Expect to see the world and his wife “getting over” webside only services in the coming months. As Microsoft is moving all its stuff onto the Web I expect Google, Yahoo and friends will be marshalling their forces for an assault on the desktop. One of their invasion routes will be the IE and Firefox plugin architectures.

Several commentators have remarked that Sun’s decision to make Java available under the GNU Public License is unusual. Why did they not use the standard Sun CDDL license? Well the CDDL was crafted with a specific some specific goals,

• Allow Sun to Open Source Solaris
• Prevent Solaris key features from leaking into Linux by applying an incompatible license
• Allow relicensing with Apache-like flexibility especially to (Sun would love Dell to ship solaris on their servers)

So why the GPL for Java. Well despite all kiss and make up shenanigans between Sun and Microsoft, Sun would still dearly love to stick it to Microsoft in a big way and it has always seen Java as the key tool to pick the Microsoft lock on the market.

So the thinking goes, if we CDDL it (CDDL is a variation on the Mozilla license, which is a variation on the Apache License) then Microsoft gets to grab the code and do any number of things that would ruin Jonathan Schwartz’s day e.g.

• Fork Java and create an incompatible version that only runs on Windows (they tried this before)
• Swipe any cool virtual machine technology that Sun has developed and plug it straight into the Microsoft C# engine
• Gratuitiously extend Java so that developers are sucked into building applications that only run on Windows (a pretty standard Microsoft tactic)

The GPL prevents all this because the highly integrated nature of most of Microsoft’s technology means that the they key GPL constraint of linking to a GPL component entails extending the license to all linked components means they would have to open source most of the .NET framework. That is not going to happen anytime soon.

Its a double whammy for Sun because practically all the compilers on Linux are GPL licensed, so they dovetail nicely into that collection. Who’s not to say that Java could eventually migrate to the GNU backend so that Java just becomes another personality on top of that engine. They would reap huge portability benefits for very little work.

Tricky one for Microsoft, they can ignore Java and watch as the rest of the platform work (most importantly mobile) embraces this new language, but that won’t work becuase the mobile platform is a key plank of Microsoft’s strategy going forward. Or they could adopt it properly as a Visual Studio language, but it would always be a second class citizen becuase of the linking restriction.

Damned if you do, damned if you don’t. Almost makes you feel sorry for the poor sods, especially after stuffing their whole  Visual Basic community with VB.net.

One of the worlds most popular RAD environments is Excel. But Excel is a pain to share and god forbid you need a third party to enter data into your carefully crafted spreadsheets. Now imagine this problem compounded n times over when an organisation attempts to collate data via a shared spreadsheet. You get to play our favourite corporate games  such as,

• Who has the master copy?
• Where did all my changes go?
• I updated that last week
• We’ve changed the format this month

So we all love Excel, but we need better ways to control data entry and sharing.

So take your Excel spreadsheet and parse all the presentation material out it in order to generate a web page.  Now use an AJAX interface to hide intermediate workbooks, behinds the scenes tables etc. etc. Now ink in the data entry fields so they become highlighted. You now have a AJAX/HTML application version of your spreadsheet.

Now you load this into a runtime framework (probably encompassing the Excel DLL ‘cos who wants to rewrite all that code) and you wrap it in a proper web login environment along with profile and preference information and you store all computation and changes in a database so every version of the spreadsheet is kept when each set of values is changed by each user.

Finally you allow the designer to upload new versions of the spreadsheet and store that in a history as well. Finally you offer a sharing capability so a user can invite other users to access and use spreadsheet, safe in the knowledge that a single master and all changes are held centrally.

Now you can offer it as a hosted service, charging each user a few cents for each spreadsheet they access or charging the owner a most substantial fee on a monthly basis for hosting their application.

How hard can that be?