Month: August 2007

The Zhelatin worm is a fairly serious plague on the Internet right now  — you may have seen it recently in its most pervasive form, an email offering a “free greeting card”.  (It’s often loosely referred to as the “storm worm”, since it’s an evolution of the worm that occurred earlier this year, which spammed users with the malware attached as a file, to emails about a storm in Europe.  Now, instead of an attachment, it simply tries to get users to a website through spammed emails. The website attempts to install the malware through exploits.)

The latest tactic tries to trick the user into believing they’re downloading a YouTube video.  F-Secure has a write-up here.  They also have a good video here.

This worm is vicious and nasty, and the spams are quite ubiquitous. User education, fully patched systems and current AV software are your best bulwark against this one.

Alex Eckelberry

We have word of a new IRS phishing tactic making the rounds, disguised as a survey:

From a source who provided us with this information:

Victims receive a spammed email purporting to be from the IRS asking them to participate in a customer satisfaction survey. The link in the email sends the victim to a site in Iran, which then redirects them to a site in Korea. Displayed on the page are several questions, the most significant of which are the taxpayers name and phone number.

No where on the site is the victim prompted to provide a social security number, bank account or credit card. Those submitting the information can expect a follow up call asking for that information. This appears to be a prelude to a vishing attack.

Alex Eckelberry

There are two interesting article (unfortunately, in German) which describe an apparent hack on German government PCs, using infected Word and PowerPoint files.

From Andreas Marx:

This stuff is really interesting, even if the articles are — right now — only available in German language. They are telling the readers that hackers from China have installed trojans on many PCs of the German government (and related
organizations) using “infected” DOC and PPT files (using 0day exploits?).

At the time, the infections were found, the IT people were able to hinder the transfer from 160 GB of “remaining data” — it is unknown how many data has already been transferred earlier. For details, please look at the two articles below.

Articles in Spiegel (and Spiegel 2) and Heise (and Heise 2).

Alex Eckelberry

Last month we blogged about fake Windows domains being registered, which used the cute trick of placing two “v’s” together to make the site look authentic (vvindowsupdate, etc.) — here and here.

Now, we see a similar pattern, used in phishing — this time, targeting Western Union. Below is a sample phish that we just picked up in one of our email traps:

Clicking through on the email takes you to the domain: wumt(dot)vvesterunion(dot)us

Here, we are taken through the standard practice of gathering information needed in order for criminals to take over your account:

Once you have successfully “activated your account”, you are re-directed to the real Western Union domain:

This particular phish has been reported to PIRT for takedown.

Adam Thomas

A thousand here, a thousand here, it all adds up.

Alex Eckelberry
(Hat tip to GMSV)

Veteran tester Andreas Marx has done another major test of antivirus engines, and it’s worth taking a look at — notwithstanding the caveat that it’s only using the on-demand capabilities of the scanner (as opposed to real-time protection, which is another bulwark in an antivirus program’s defense of a system).

It should be contrasted with much weaker testing, such as this one.

Andreas’ results haven’t received that much attention, except for a few publications: PCWelt, VirusBulletin, and Security.nl.

So with the permission of Andreas, I’m publishing a more comprehensive look at the results.

First, some (slightly edited) commentary from Andreas:

The results are in of our latest test of 29 anti-virus and anti-malware products, performed on Windows XP (English, SP2) using the on-demand scanner utility. All products were last updated at 2007-08-10 (8:00 h GMT). The scan required about a week completing on 28 identical Core 2 Duo 6600 PCs with 2 GB RAM. We only used regular products and updates (no special or beta versions) of all scanners, in their most current edition for home users or small companies (the ones which are usually labelled “2007”, as the “2008” series of products are not yet released).

For this test, we only used current samples which were seen spreading (or which were distributed by malware authors) within the last six months. A total of 874.822 unique malware have been used for this test, including worms, backdoors, bots (zombies) and Trojan Horses.

All samples were intensively tested (e.g. if they are really malware) and replicated (e.g. to ensure that the samples are really running) before putting them in our collection — a process which took several weeks completing.

Besides looking at the detection rates of this large collection, we also checked for the size of the AV signature databases (DB) on disk.

Of course, one cannot easily compare the detection scores and the DB size, as some products includes a large set of disinfection routines (which were not reviewed) and some vendor’s DBs are compressed while others are not. All tested products are using incremental update mechanisms, so the “big” DB will only be transferred to the PC once.

Later, only the differences of this version and the newest pattern file from the AV company will be send over the internet, usually not more than 20 to 50 KB per day, depending on the program.

Products which haves small DBs might have better heuristics or generic detection routines when compared with products using large databases which might often — but not always — points to the extensive use of CRC checksums which usually can only detect one malware file per signature. Heuristic and generic detection routines are often able to detect thousands of malware files by the use of just one pattern (detection string) or algorithmic rule. Even if you can’t really compare the DB size differences of the products (it would be like comparing apples and eggs), it is interesting that some products require less than 10 MB to detect a high amount of files while other products require a lot more space on disk, but still detects less malware.

Of course, this is a “snapshot” test only and as AV updates are usually released every few hours, the results might change dramatically over time. It’s important to keep in mind that AV products shouldn’t be seen as a replacement for a proper patching of Windows and other software, or “safer surfing” practices — all individual components are important. Good scanners might get better in the next test, the results might stay at the current level or they might get worse, what wouldn’t be a good sign. So it’s essential to not only check the results of this test, but it’s a good idea to monitor the results of “your” product over time, based on different tests, to see how the product develops.

The first two products in this round of testing (AVK 2007 and WebWasher) uses two scan engines, what is good for detection scores, but which might also have some impact on scanning times and false positives. Positions 3 (BitDefender) and 4 (AntiVir) are occupied by single-engine products. The products representing position 10 (Microsoft’s OneCare and Forefront Client Security) were quite a surprise to us, as their detection scores have developed significantly in the good direction over time. (When compared with our last test, they are more than 10% up.) It looks like that the high amount of malware researchers Microsoft has hired from other AV companies (including many people from Symantec, McAfee, Trend Micro, F-Secure and CA) has paid off.

When one looks at both the DB sizes and the detection rates, the products on position 13 (Nod32) and 16 (Dr Web) appears to have the best trade-off between detection scores and signature sets: with less than 10 MB of signatures and scan engine routines they are already able to detect more viruses than the average scanner we tested (which is at a 90% level).

Trend Micro and Symantec, on the other hand, have one of the largest DBs what doesn’t point to “inefficient scanners”, but to the fact that their DBs are not compressed — and indeed, one could easily ZIP the DBs to about half of their current size. Another factor for the large DBs are a high amount of specific disinfection routines which are included, so that found malware can be removed properly (a fact, what was not tested here, but in some of our past reviews).

You can also check out the “Papers” section on his website, where more details about Av-test.org’s testing procedures and some general information can be found.

You can see the whole test results here (pdf).

Another test which is interesting is the constantly evolving results over at oitc.com (graph here, tabular data here, methodology here). Now, this is a test which has to be taken with some reservations. First, it exclusively uses VirustTotal, itself an outstanding service, but one which which does not reflect the performance of the real-time scanner portions of antivirus engines. Second, it primarily uses samples that come out of the CastleCops Malware Incident and Response team (the antimalware branch of PIRT), who submit samples to VirusTotal as they are found. This will likely bias the results toward certain types of threats versus others. However, it’s interesting to see real-world results as they happen, and it’s a further datapoint to use in evaluating antivirus engines — but should not be used as a sole evaluation of antivirus performance. A beta version of our VIPRE engine, which is going to be part of our own upcoming antivirus product, is also in the results.

Generally, I believe you’ll find that antivirus test results tend to cluster among a few top contenders, and these results are fairly consistent over time.

Alex Eckelberry

Earlier this month, I wrote about how our friends over Network Instruments had started a blog. Their specialty is packet capturing and analysis, and their blog is starting to look pretty good.

A recent blog post highlighted security and compliance issues:

Only around 16% of respondents felt their current network tools were good enough to ensure compliance with government regulations, including SOX, HIPAA, or Basel II. 47% weren’t confident in the ability of their tools to ensure compliance, while an additional 37% were unsure.

40% of respondents felt they needed to improve their ability to track network security breaches. This compared to 12% who thought they were well prepared to track a security breach.

Nearly 30% of respondents felt they lacked the ability to enforce internal HR acceptable use policies on the network, while 49% thought they were well prepared or satisfied with their ability to monitor prohibited network use.

To provide a little context on the companies responding, 46% had 2000 or more network users, 39% had between 100 and 1,999 users, and 15% had fewer than 100 users on their network.

The survey results are interesting, although in order to provide clarity, a cross tabulation would be useful (in other words, size of company against the various survey metrics).

You can see the post here.

Alex Eckelberry

I’m on vacation this week…

Alex Eckelberry

Word breaks
I got up Wednesday morning to find that after installing this month’s Patch Tuesday fixes, Word 2007 was broken – again. Same old problem: I couldn’t open documents from Explorer by double clicking them and I couldn’t place the cursor within a document by clicking. The problem was solved by rolling back to a System Restore point just prior to the installation of the updates, but that’s not a good solution since some of those security fixes were for critical vulnerabilities. Finally I tracked down the culprit: KB936048, a security update for Office 2003. At first I didn’t even know why that was installed since I’m running Office 2007, but I figured that out, too. You can read the whole saga on my blog, starting with the August 15 posts.

Vista DRM: What’s the real story?
Lots of us are opposed to Digital Rights Management (DRM) technology that prevents computer users from playing their legitimately obtained media when and where they want to. But some folks are exaggerating the effects of the DRM in Vista and scaring people away from using the operating system at all. But sometimes real world experience shows the dire warnings are overblown. Now our friends Ed Bott and George Ou over at ZDnet are telling the other side of the story. Link 1, Link 2

Reliability of VoIP takes another blow
After the problems Vonage faces with the Verizon lawsuit and the bankruptcy of SunRocket that left thousands of customers stranded with no phone service, the last thing Voice over IP needed was another widespread problem with VoIP service, but last week Skype users found themselves unable to log in and make or receive calls. Those of us who kept a landline around for our security alarm systems or faxes when we got VoIP service are beginning to be glad we did. Read more here.

Get Hotfixes without calling Microsoft
Microsoft doesn’t post all their hotfixes on their download site; for some, you have to call Support Services. Some folks are phone-shy and others, because of hearing problems or other disabilities, just can’t use the phone comfortably. But there’s a way to get some of those hotfixes without getting on the phone: through The Hotfix Share. Check it out at here.

Gadget lovers can expand beyond the Vista sidebar
If you love Vista’s sidebar but your collection of gadgets is too large to fit and you don’t like the idea of having to click to go to a “second page” of the sidebar to find some of them, you can create your own second and/or third sidebars like I did, by detaching some of the gadgets and lining them up on another edge of your screen. This works especially well with multiple monitors. You can see how I did it and what my favorite gadgets are on my blog.

How to find out what DVD decoders are installed in XP
Have a DVD that won’t play and suspect you don’t have the correct decoder installed? You can find out what DVD decoders are installed in Windows XP by doing the following:

1. Click Start Run
2. Type cmd to open a command prompt window
3. Type dvdupgrd /detect

A dialog box will show you the decoder name, file name, version and company that makes it. Note that this doesn’t work in Vista.

How to apply XP themes to third party applications
Some apps don’t have your XP theme applied, but you can apply the theme to those applications by following the steps here.

Security tip for eBay/PayPal users
The following tip is from Ted K. at http://www.kekatos.com/: If you are a eBay or PayPal member, I recommend that you consider getting the PayPal Security Key. This security key adds another authentication factor for access to your eBay and PayPal accounts. The pocket size device generates a unique six-digit security code about every 30 seconds. You enter that code when you log in to your PayPal or eBay account with your regular user name and password. Then the code expires – no one else can use that code. Once the security key is activated for your account, no one can access your account with using the key. Simple! Online banking websites should have been doing this long ago. Read about it and get one here.

Q&A: Why doesn’t YouTube work for me anymore?
QUESTION: I used to be able to play the YouTube videos that you sometimes have in your Favorite Links section but lately they don’t work. I really miss them. I’m using IE 7. Any idea what might be causing this? Thanks! – Anne B.

ANSWER: Coincidentally, I just got a message on that same subject that offers the following solution: “Even though Adobe’s online tool said I was running the latest version of Flash (9.0.28), it still wasn’t working properly. I ran across a forum post that suggested trying several things, so I found the install folder for Flash: C:WindowsSystem32MacromedFlash

Inside that folder, there are two files: Flash9b.ocx, the ActiveX control that IE7 uses, and FlashUtil9b.exe. I shut down IE7 then ran FlashUtil9b.exe and it said that there was an update for my version of Flash – it downloaded a new version, I rebooted the PC as it suggested, and now I can view all Flash content on YouTube and Revver as I should. What’s interesting is that the version number of Flash didn’t change. I suspect the issue is more one of registering Flash with the system properly, and Adobe has a bug in the installer. This worked for me, so I hope it will work for you!”

Blank Window in PowerPoint Presentation with XP SP2
If you’re using XP with Service Pack 2 and you open a local Web presentation created with PowerPoint 2003 or earlier, you may get a message that IE has restricted the file from showing active content and get a blank window with no menu bars. This is caused by IE’s default security settings. For a way to avoid the behavior, see KB article 878463.

“Access denied” message when you’re redirected to another web page on XP computer
If you’re using XP SP2 and a web site directs you to another web page containing a particular type of script, you might get an “access denied” message. There is a hotfix available from Microsoft, but it’s one of those that you have to call for. For more info, see KB article 889386.

Icon and label for HD DVD or Blu-ray disc not displayed correctly in XP
When you connect a high definition DVD player to your XP computer, you may find that the icon and drive label don’t display correctly in My Computer and Windows Explorer. It’s because the Explorer shell doesn’t recognize the new drive types, but functionality isn’t affected. For more info, see KB article 926969.

Vista’s Windows Experience Index (WEI) displays an incorrect value
The WEI rating in Vista is useful for determining what system components are the bottlenecks in your system and slowing down your Vista computing experience. However, sometimes an incorrect higher or lower value may be displayed in certain circumstances because earlier ratings have been inherited. For resolutions to the problem, see KB article 933478.

Until next week,

Deb Shinder

This is the first of a series of seminars we are hosting in our Sunbelt Auditorium in Second Life. This seminar is for end-users and home-office users that need to be trained on PC security and how black hats may be trying to steal their confidential data. There will be four seminars and the next two dates of the first seminar are:

– August 21st 6pm SL time
– August 25th 6am SL time

(SL time is equal to Pacific time, which is 3 hours behind Eastern).

Seminars will be given by AbsolutWoman Sunbelter, who in real life is an experienced Network Administrator for a U.S. State Government.

To attend any of these seminars, use the following link below to start up Second Life and teleport directly to the Sunbelt Auditorium.

On the bottom right of the screen click on “Map” to close the world map. Then walk up the stairs, go inside and click on an empty seat to sit down and learn!

Note: you must have Second Life already installed to access the link above. To download the latest version, visit their download page.

Deb Shinder

Last week, we took a look at the idea of storing your files with an online service for easy off-site backup. I reviewed a few of the file storage services in my blog, and readers wrote to tell me about their favorites and/or their aggravations with various services. One thing I learned is that there are even more online file storage services out there than I thought. The largest number of votes seem to be for Mozy. Marc said, “when I read your item I immediately tried MediaMax but found it too slow, too cumbersome to use and encountered to many errors. Then I tried Mozy and they are really ‘doing the right thing’.”

However, Michael H. wrote to point me to his blog post titled “Everybody likes Mozy – except me” that discusses some of its drawbacks.

John K. recounted his bad experience with MediaMax: “I set up the account and selected a set of 300 files to upload … after 3 plus hours of uploading, it had said that it collected all the files… when I went to look for them / at them there were ZERO FILES!!! … I then tried ONE file … NOPE nothing doing … it said it uploaded but nope not there!!! Then I downloaded and installed ther SUPER DUPER UPLOADING / DOWNLOADING manager software .. After it installed the little 1.3 MB program brought my AMD 64 2.2 GHTZ machine to a screaming halt…. It couldn’t even open up the file directory … and then went non responsive…”

Eugenio C. said, “I use “Back Up for All” , a program that saves the files in folders in a compressed ZIP format. This program saves a lot of space in the backup copy while one can extract the files directly with any Zip routine, not needing the main program for this purpose.”

Brian B. said, “I don’t really have a need for on-line storage, so I don’t ever think I would pay anyone for it … I do use on-line storage to back up my photos now, and it’s none of the solutions that you mentioned. In fact, it’s might not even be one you know about. When I signed up for the Microsoft OneCare 2.0 beta, I thought I would just be testing a security solution. However, I was also asked if I wanted to test the on-line backup for my photos. It’s really easy to use; you just tell it which folders of pictures you want to back-up, and it does the rest.”

Patricia P. appreciates the necessity for off-site backup: “I lost everything I had saved for over 25 years when Hurricane Katrina and the flood destroyed our home in Chalmette Louisiana. I had always used Quicken for finances but had never used their web backup service. NOW I USE IT!”

Syd W. took a different approach: “The cheapest but dependable online service I have used is to have my own website in which to stash the files in a protected area. The monthly hosting fees are minimal for the security you get and the data is available from any place in the world, 24/7.”

Followup: FTP and SFTP
Several of you wrote in response to my mention of using File Transfer Protocol (FTP) or Secure FTP (SFTP) for transferring files. You can set up an FTP site with Windows Internet Information Services (IIS) on XP Professional. There are instructions here.

A good SFTP server program for Windows is FTPShell. It’s relatively easy to install and configure. Good FTP client programs include WSFTP , CuteFTP and Filezilla. Some of these companies have FTP server programs, too.

Deb Shinder

More and more municipal and county governments across the country are getting into the Internet provider business. It started out simply enough, with free access to Internet-connected computers at local libraries. That’s relatively inexpensive, since the cities usually already have an Internet connection for the use of employees. Putting a few public computers on the network was no big deal, and it allowed citizens who couldn’t afford computers and ‘net connections to have a way to get online.

Of course, those entities soon found that it wasn’t quite as simple as that. They had to contend with a slew of new issues, such as whether the computers should be filtered to prevent access to pornography and other undesirable content, how to keep them from becoming infected with viruses and worms, how to prevent their being used for illegal activities such as child porn or terrorist communications, etc.

Then wireless networking took off and the equipment to set up and use it became inexpensive and almost ubiquitous, what with almost all portable computers that you buy today having built-in wireless network interface cards and modern operating systems making it easy to connect to a wi-fi network – sometimes without even intending to.

A number of local governments then took it upon themselves to fund wireless networks covering some or all of a city or county, where citizens could use their own computers to connect to the Internet for a small fee or even at no cost at all. At first glance, it sounds like a great idea: Internet access for everybody.

But as last Thursday’s edition of the Wall Street Journal reported, once again cities are finding that it’s not as simple as they expected. Many of the projects are going over budget – and it’s the taxpayers who have to pay for that overage. Some of them aren’t too happy about it. According to the journal, the cost of building a wi-fi network for a large city can be tens of millions of dollars.

Private Internet service providers aren’t thrilled with the idea of having the government compete with them for customers, either – especially when the government service is subsidized by taxpayers and so can be offered to users at a lower cost than a traditional ISP can afford to charge.

These city-wide wireless services can face other problems, too. Outdoor equipment is subject to damage from weather and subsequent outages. How reliable will they be? How many users will prefer to keep their traditional wired broadband services such as cable and DSL rather than subscribe to a city- owned service, even if the latter does cost less?

Privacy concerns are another big issue with government-owned networks. If you connect to a wi-fi network owned by the city, will city employees be able to read the email that you send through it or see what web sites you’ve visited? There is an implicit trust that we put in our ISPs who, after all, have control of the servers we use to connect and in many cases are technologically able to look at everything we send through those servers. Do we trust the government just as much?

Some folks argue that Internet service should be run by the government because it’s a necessity, like other utilities. Yet in many areas, other utilities such as electricity are provided by private companies, not the city. Cable service is almost always provided by a private company. Services such as garage pickup for which cities are responsible are being contracted out by more and more of them. Water and sewer services are, in many cases, the only remaining utilities that cities provide directly.

What do you think? Do you, as a taxpayer, want the city or county to spend tax dollars to build city-wide networks, or is something you think is best left in the hands of the private sector? If you think cities should be ISPs, should service be “free” (fully taxpayer funded) or should it be self-supporting from fees charged to those who use it? Would you personally use a city-provided Internet service, or would concerns about privacy, reliability and performance cause you to keep your traditional provider even if such a service was available in your area? Or do you already have such service, and if so, do you love it or hate it (or somewhere in between)?

Deb Shinder

It’s not a bug, it’s a…

Alex Eckelberry
(Thanks Greg)

PaperGhost has already blogged about it but I think the word needs to be spread.  A site, ZingoZango.com, recently received a cease and desist letter from Zango. 

You can read the gory details here.   He’s looking for free legal advice as well.

Alex Eckelberry

Earlier this week, we discovered a trojan that encrypts the contents of key files and demands a ransom. Upon some research, we were able to obtain a decryptor that we have been offering at no charge to people who have been infected by this trojan. The tool un-encrypts the files affected by the trojan.

As a result, we’ve had a number of people stumble upon our blog posting and reach out to us. Using this tool, we have been able to help these victims get most, if not all, of their data back.

Here’s a letter we received today in thanks:

It worked!!!!!! You have no idea the relief when I opened the first file that was fixed. You can’t imagine the heartache you’ve helped me avoid!! I had years worth of journals, diet logs, movie reviews, etc that I most likely would never have gotten back without your decrypting tool. That’ll teach me not to keep putting off backing everything up!! Thank you so much!!! Do you accept any sort of donations to your company or your cause?? I’d be more than happy to donate to help continue your work! Thanks again and I hope your tools help others in the future!!

Just in case you’re interested, basically what happened to me is yesterday, an alert popped up on Norton Antivirus saying there was some sort of Backdoor Trojan infecting my computer, but that it couldn’t do anything to resolve it. I rebooted in Safe Mode, did a full scan with Norton, AdAware, and Spyboy and it found NOTHING! So this morning I made the mistake of leaving my computer on when I went to class and when I returned, there was the infamous text document opened up on my desktop asking for $150 (mine was called ASAP!!!.txt) and saying to write to [redacted] for more information on how to proceed. Honestly my first instinct was to take a chance and consider paying them to get my documents decrypted, but I was lucky enough to happen upon your site. Again, let me know if your company accepts donations and where to send them!! THANKS!!!!

To this user: Your letter itself is payment enough.

Alex Eckelberry

Earlier this week, some friends came into town and I took them on the boat to the backside of Caledesi Island, where we anchored and took a brief walk among the Florida pines. It was blissful peace, just a few minutes away from the tourists. Known for having one of the best beaches in the nation, this protected island is more than just “fun in the sun”. It’s a pristine natural environment, where you can really see Florida as it was — before the endless nauseating high rises, golf courses and cheap motels.

Our creative director, Robert LaFollette, and I both share this appreciation for nature, and he’s been driving throughout the state, taking pictures. I’ve posted plenty of them on this blog, and I just posted to my Flickr account some pictures of the Hillsborough River State Park.

Now, another photographer who captures old Florida is John Moran, who was recently commissioned by the state to create a calendar of native Florida.

Check out this stunning photograph of Mill Pond Spring at the Ichetucknee river:

(You can download this image as a desktop background here.)

How did John do this?

Lots of preparation, and lots of strobe lights. All at once, the strobes hit and he caught this priceless moment.

You can read about his preparation here.

Old Florida is disappearing fast, from business and civic interests that are, for the most part, at odds with the goals of maintaining the old beauty of the place. I appreciate these talented photographers who are capturing images of the backwoods and byways for future generations.

Alex Eckelberry

Douglas Smith has a post up over at the new Network Instruments blog:

In a nutshell, the study states that drive failure rates are between 2-13% per year. We have seen other studies that state average failure rates are around 5% per year. Keep in mind that these rates are for average use (studies include data centers and user systems). Hard drive manufacturers would have you believe the average rate of failure (MTBF) is over 1.5 million hours. This equates to roughly over 171 years of constant service before problems. A 5% failure rate translates to 100% failure in 20 years, a far cry from 171 years…

We’ve enjoyed working with the people over at Network Instruments (they acquired our LanHound customer base) and they seem to take their software work seriously. And it looks like they have a good blog effort starting.

Alex

Earlier today we blogged about a trojan which encrypts key files on your drive and demands a ransom of $150.  (We are calling this malware Trojan.Ransom.AT.)

After the posting, an anonymous source sent us program that appears to reverse the encryption done by this trojan. We have checked the executable and it looks like it will work in reversing the ill-effects of this ransomware.  If you are infected with this trojan, please contact us and we will try and assist you in un-encrypting your files (no guarantees or warranties, of course).

Sunbelt Software Malware Research Team

My friend Kinichi sent over some pictures of Tokyo recently during the Buddhist O-bon festival.

As he said:

“These photos were taken on the weekend of O-Bon. The one group photos were shot at 8th Block (end block) intersection of Ginza Strip and Old National Highway 0ne on August 12. The freeway shots were taken on August 13 from my window at Hakozaki Intersection which is a notorious intersection for the 24-7 congestion.”

Amazing. No cars, no smog in Tokyo during a weekday. As he put it, “nice and quiet week for a change.”

I have put the pics on my Flickr account, here.

Alex Eckelberry

Today, Lenovo chairman Yang Yuanqing was quoted as saying “At the Olympics, we need the most reliable and stable system,” to explain their choice of XP over Vista. Link here (via GMSC).

Is this a fair statement?

Well, we run “SunPolls” on our website. These are completely unscientific but can provide you with a quick read into the “zeitgeist” of the market. We believe that the polls tend to reflect the attitude of corporate system administrators because the SunPolls are often promoted through one of our newsletters, wservernews, which is targeted to IT managers. Of course, just to say it again, there’s absolutely no science in these polls, and they should be considered largely entertainment.

Well, one of the most popular SunPolls in recent years asked the question “ Now that Vista is there, what are your plans for rolling it out?”. A whopping 30% of responders said they uninstalled Vista from their admin station because Vista does not provide the admin tools that are in WinXP.

Comparing the results of before and after Vista was released are interesting. In October 2006, we asked the question “Now that Vista is close, what are your plans for rolling it out?”. You can compare the two and see the differences in opinion. Poll 1. Poll 2.

We’re running a similar poll again this week, with the same question asked again, but with slightly different answers. You can see it for yourself, at the low bottom right of our website.

Now: Contrast this negativity with a conversation with one of my brothers this week. He can’t stop raving about Vista. But he is gulping Microsoft from a firehouse — this is almost a pure MS install, with Office 2007 and Vista. All unnecessary stuff third party apps have been taken off. And I think that has a lot to do with the attitudes out there. Vista, plain vanilla Vista, is great. But the problem is like the problem with all new operating systems — driver and application compatibility. It’s nothing new to say this, but I think Vista will have a chance as software support is improved and companies (Sunbelt included) continue to work out the kinks in their products to support this evolution in Microsoft’s OS.

In the meantime, I’m still running XP. I just can’t afford any downtime and may need to run applications that might not be fully supported on Vista.

Alex Eckelberry