Month: April 2007

More for the Money: Is Software “Bloat” Really Such a Bad Thing?
One complaint we often hear about Microsoft software, especially Microsoft Office, is that the programs are too big and have too many features that many people never use. But with today’s huge hard disks, is that really a problem? Wouldn’t you prefer to have those features there in case you do need them someday? My friend George Ou tackles this topic in his blog post here. And I expand more on my own thoughts about it in my April 27 blog post here.

Closer Look at Windows Home Server
When we announced Windows’ new Home Server product a while back, we got lots of responses from readers expressing interest. The need for an easy to set up and maintain server for home networks seems to be out there, but does WHS fit the bill? Ed Bott certainly thinks so. He offers a good review of the product along with a comprehensive image gallery so you can see exactly what the interface looks like. Take a look here.

Track your airline flight in 3D
If your loved one is in route home to you from far away, now you can track him/her every mile of the way – and do it in 3D. FboWeb has an application that works in conjunction with Google Earth to show the flight path of a selected flight over a virtual landscape, all in real time. How cool is that? There’s a detailed review here.

First Public Beta of Longhorn Server Released
Microsoft released the third beta (and the first one available to the general public) of the next generation of their Windows server operating system, code named Longhorn, on April 25th. It includes a number of new security enhancements, improved management tools, the Internet Information Services (IIS) 7.0 web server, Network Access Protection (NAP) technology and is designed to work with the Vista client OS to provide a more secure and feature- rich networking environment. You can download the beta here.

If you don’t want to install it, but would like a look at the interface, there’s a slideshow walk- through here.

Where’s the built-in Administrator account?
In previous versions of Windows, many users used the built-in Administrator account on a regular basis. This account has full control over everything on the computer. When you install Vista, you may be surprised to learn that the Administrator account is disabled by default. That’s to encourage you to follow best practices and create your own administrative account. It also makes it a little harder for hackers; they all knew that the account named Administrator existed and so had half of what they needed (the account name) to log on with it.

You can enable the built-in Administrator account if you really want to, by running the Command Prompt as administrator (right click its icon and select Run as Administrator; click Continue at the UAC prompt) and typing the following:

net user administrator /active:yes

This causes the Administrator account to appear on the Welcome screen. Note that it does not have a password set by default; the first thing you should do is set a strong password for it.

How to set up a wireless network with Windows Connect Now
Windows XP Service Pack 2 and Windows Vista both include the Windows Connect Now technology that makes it easier to set up a wireless network and add devices to it. You can use a USB flash drive to save the network configuration information and transfer it to compatible devices. Here’s how:

1. Click Start Control Panel.
2. In XP, click Network and Internet Connections, then Wireless Network Setup Wizard. In Vista, click Network and Sharing Center, then Set Up A Connection or Network, then Set Up a Wireless Router or Access Point.
3. Select “Use a flash drive” on the “How do you want to set up your network?” page.
4. Insert the USB flash drive into a USB port on the computer. The wizard will save your wireless configuration settings to the flash drive.
5. You will then plug the flash drive into each computer or other compatible device (printers, routers) that you want to add to the network.

If you don’t have a flash drive or some devices aren’t compatible with Windows Connect Now, the wizard will guide you through the process of setting up the network manually.

Beware QuickTime exploit no matter what browser you use
A newly discovered vulnerability in Apple’s QuickTime poses a risk to anyone who has the QT plug-in installed and Java turned on. That includes users of most major web browsers: Safari, Firefox and IE (including IE 7). It’s been rated highly critical. There are two ways to protect yourself: uninstall QT or turn off Java. Read more here.

Phishers exploit call forwarding to steal your information
A new form of phishing attack has emerged recently, in which identity thieves send an email that attempts to trick you into forwarding your calls to the phisher’s own phone number after supposedly updating your personal information with your bank (actually with the phisher’s site). Now if the bank calls you about suspicious transactions, the phisher can intercept the call. Always be on the lookout for these types of scams. You can read more here.

Just the fax?
QUESTION: Now I have this new Vista machine (only had it for two days) and I can locate the fax modem, but I do not have any way to send a fax. One tech support said since I have Home Basic, I cannot use the fax modem. Another told me that if I looked hard enough I would find the fax console, and yet another told me I had to install third party software. PLEASE help me! I need my fax sending ability. Thanks! -Angie H.

ANSWER:
I’m afraid the person who told you to install third party software is correct. If you take a look at the features comparison list for the Vista editions, you’ll see that Vista Home Basic doesn’t include the Windows Fax and Scan program – and in fact, neither does Home Premium, since faxing is considered to be more of a business application. It’s included in Business and Ultimate editions. Link here.

Several people have reported that Snappy Fax version 4.0 works well with Vista Home editions. It costs $29.99 and there’s a 30 day free trial so you can find out if it works for you before you buy. Note that there are reports that it doesn’t work well with Vonage VoIP lines but if you have a traditional phone line for faxing, it should work fine. There are undoubtedly other fax programs for Vista out there, but this is the one I’ve been hearing good things about. Link here.

Can’t start Windows firewall service in XP SP2
If you get an error message when you click the Windows Firewall applet in Control Panel or try to manually start the firewall service from the Services console on an XP computer running Service Pack 2, it may be because certain administrative templates from the XP Security Guide were applied to the computer before SP2 was installed. There are a couple of ways to fix the problem, both of which are described in KB article 892199.

How to determine whether your version of XP Media Center Edition works with Xbox 360
You can use the Xbox 360 as a Media Center Extender – but your XP Media Center Edition computer must be running the correct version. If you’re thinking about buying an Xbox for this purpose and want to know first whether your Media Center will work with it, see KB article 909343.

.BMP files don’t appear in the Media Center Picture Library in Vista
If you’re running Windows Vista Home Premium or Ultimate edition with Media Center and you add a folder containing only bitmap files to the picture library, you may find that the pictures don’t appear in the library. This is because Windows Media Center uses the Windows Media Player 11 picture library and it no longer supports .bmp or .gif files. However, there’s an easy workaround, which you can find in KB article 933667.

Until next week,

Deb Shinder, MVP

Last week, I read that well known security expert and writer Bruce Schneier recently opined that there should be no network security industry, because software vendors should make their products so secure that there would be no need for third party security products. He apparently said this at the Infosecurity conference in London (which, interestingly enough, is sponsored by security vendors). You can read about his comments here (incidentally, all of us here hold Bruce in very high regard, so this blog post is not intended to be criticism of him).

At first glance, it sounds like a reasonable rant. Why don’t the software makers just build complete security into every one of their programs to begin with? But when you think about it a little more deeply, you realize he’s asking the impossible. There’s no such thing as a completely secure software program (just as there’s no such thing as complete secure in any other aspect of life). Even if an application or operating system, at the time of its release, was designed to lock out every possible type of attack or exploit known at that time, it wouldn’t stay secure for long.

That’s because attackers are always coming up with brand new ways of getting into systems. And a computer or network isn’t a static thing. We’re always adding new programs, new devices, that can provide new attack surfaces.

Saying that there should be no need for third party security vendors is a little like saying there should be no need for the home or business physical security business, that builders should make all houses and commercial buildings impervious to intruders right “out of the box.” That means you mandate that every home sold must have a deadbolt locks on every door and window, a built in alarm system, and an electric fence around the perimeter. Maybe the builders should also throw in a growling pit bull and give each homebuyer a .40 caliber Glock, for good measure.

The problem is that even with all those security mechanisms, some determined burglars would manage to get in if they really wanted to. They can always break a window or even cut a hole in the side of the house. So now we have to mandate that all houses be made of steel plates and windows be unbreakable glass.

At this point, we’ve created a much more secure (although still not completely secure) house, but we’ve also priced most people out of the possibility of ever owning a house. But let’s say price is no object. We could go a few steps further and make the house almost completely secure, by doing away with points of attack such as doors and windows completely. We’d have one steel vault door through which the inhabitants go in and out. No chimneys, no vents or other entry points that can be exploited by would-be intruders. Now not only can almost no one afford a house, almost no one would want one. Who wants to live in a steel box that you can’t see out of, even if it does make you feel really, really safe.

Of course, there’s still a chance that a really determined and/or really smart bad guy can find a way to get in through that same vault door that you use. If you want to ensure that doesn’t happen, you have to seal up the door and lock yourself permanently inside. Now you’ve made the house secure – and completely dysfunctional. It no longer serves its purpose as a place to live.

Likewise, you can only build security into software up to a point. At that point, it becomes too expensive or too unusable for the average person. One reason third party security vendors will always be necessary is that not everyone’s security needs are the same. Just as some homeowners, because they have many valuables or because they live in a particularly dangerous neighborhood or because they have high profile names that make them targets, need the electrified fences and surveillance cameras and laser beam motion detectors and others don’t, some computer users need a higher level of security than others.

OS and application vendors are paying much more attention to security these days, and that’s great. But expecting them to ship software that’s completely secure is just silly. Of course it would be nice if we didn’t need to buy extra products to protect our computers. If we want to fantasize about Utopian situations, it would be nice if we didn’t need to take vitamins to protect ourselves against deficiencies and pay for car insurance to protect ourselves from financial ruin in case of an accident and do all the other things we do on a regular basis to prevent bad things from happening to us.

But in my opinion, third party security vendors will always be necessary, in part because they give us choices. And choice is a good thing. The illusion that perfect security is possible is not a good thing, and the demand that software vendors “just make their products secure” feeds into that illusion.

Schneier himself is famous for saying, years ago that “security is a process, not a product.” Back then he noted that “Security processes are not a replacement for products; they’re a way of using security products effectively. They can help mitigate the risks. Network security products will have flaws; processes are necessary to catch attackers exploiting those flaws, and to fix the flaws once they become public.”

Sounds a lot more reasonable to me than a demand that product vendors make their products completely secure. Fact is, security is a process, on ongoing one. Protecting your network from attackers, like protecting your physical valuables from burglary, isn’t a “feature” that can just be “built in” to an operating system (or a house) and then forgotten about. I wish it were; it would make all our lives a lot easier.

What do you think? Should software vendors be expected to provide perfectly secure products? Is that even possible? If it is possible, do you want all network security to be “taken care of” by the original product vendor, or do you prefer being able to choose from different third party products? Let us know what you think.

Deb Shinder, MVP

We have posted version 4.5.916.0 on the site. Download link here.

A major change in this version is the migration to the name “Sunbelt Personal Firewall”, removing the name “Kerio” in the product name.

Additional enhancements (readme file here):

• Numerous bug fixes.
• Significant improvement in web filtering performance.
• Enhanced Process Injection prevention to prevent code inject attempts into Windows system DLLs.
• Significant improvement in product stability.

All customers who are running prior versions of the Kerio 4x version will be auto-updated in the near future, but customers are more than welcome to download this version at their convenience.

Vista 32–bit support is in the works and 64–bit support will follow the 32–bit support.

Our current plans are to:

• Release Vista 32–bit support
• Release version 2.0 of the Sunbelt Server Firewall (a version of the personal firewall designed for servers).
• Release Vista 64–bit support.

Alex Eckelberry

There’s a big wave of a variant of image spam hitting this weekend.

Clicking on the link brings you to a stock spam image:

URLs we’ve observed used in this wave:

hxxp://s6(dot)bilder-hosting(dot)de/img/Y7K2O(dot)png
hxxp://s6(dot)bilder-hosting(dot)de/img/YGN06(dot)png
hxxp://www(dot)imagehosting(dot)com/out(dot)php/i553781_ebsXGNl(dot)png
hxxp://img131(dot)imageshack(dot)us/my(dot)php?image=g5lsbxmuvj4(dot)jpg
hxxp://www5(dot)upload2(dot)net/download/9f94d8b7c299fc72d7e94e2ba8499bc3/4633333c/I5C8mKMtv43M4DQ/Qd(dot)gif

(This is assuredly only a small part of the overall list.)

Alex Eckelberry

I continue to be amazed at the quality of Daniel Eran’s RoughlyDrafted blog (he calls it a magazine), which centers around the world of Apple. The graphics are polished and the content is well researched and well-written.

He also uses hilarious graphics.

The Windows WOW campaign:

His portrayal of InfoWorld’s coverage of a Mac vulnerability:

And so on.

Now it’s worth knowing that this blog is totally, absolutely, completely supportive of Apple. You will not ever find one negative article or word on Apple in this blog.

But that’s ok. It’s a heck of a good blog — one of the best — and I would highly recommend it if you’re tracking the Apple space at all.

You can read at roughlydrafted.com.

Alex Eckelberry

Web 2.0, that silly overused label for what is basically a social, community-based web, has been the subject of some concern for security researchers (WebSense Veep Dan Hubbard describes it as “Web 2 dot uh oh”). 

Dharmesh M Mehta shares those concerns and has published a paper on the subject.  It’s available at OWASP, in both PDF and HTML versions. 

Alex Eckelberry

Our building is a haven for pigeons.  And it’s no exaggeration — this building has had a major pigeon problem for years, and everything has been tried to combat the problem.

Enter Hudson, our neighborhood hawk.  He lives in a tree nearby and every day, swoops over to our building for lunch.  I was standing out in the garage once when he dropped by for a snack — it was quite an experience to see a hawk grab a less-than-enthusiastic pigeon right in front of me.  Let’s say that the pigeon problem isn’t nearly as bad as it once was… 

And our well-fed predatory friend makes for some stunning photographs, and our creative director, Robert LaFolette, has been photographing Hudson routinely (as well as other hawks, including recording their beautiful cries).  The pictures are great, and Florida Wildlife Magazine recently picked up a picture of Hudson (as well as a bunch of others) for its latest issue.

Now, I wonder if we could figure out a way to point Hudson in the direction of…

Nevermind.

Alex Eckelberry

That fake DNS trojan we blogged about earlier points to an IP range starting with 85.255. You can see what it’s been doing here.  Earlier this month, SpamHaus put it on their block list (here). You can see all kinds of familiar names there — Intercage, Inhoster, Pilosoft, the usual.

Ugly.

Alex Eckelberry
(Thanks Adam)

This is actually pretty funny. Last week I blogged about how WebRoot was doing some really weird things to get customers, like scraping our website for names from case studies, showcase customers, etc., and then contacting these customers. We had sent them a legal letter back in March on this activity, where they were doing this and giving customers misleading information. (If you’re curious, you can hear an actual wav file from a customer who was contacted here from WebRoot’s telemarketing boiler-room.)

It would have been probably regarded by most people as just a small spat between two competitors, but then someone posted a rather ugly comment on my blog, from what was clearly recognizable as a WebRoot IP number. This got a few people wondering exactly what was going on over there.

Today, CNET ran a story on the whole kafuffle, and WebRoot’s response was actually brilliant — right out of the Karl Rove fieldbook on PR:

In a statement provided to CNET, Webroot said “There is a long tradition of small, pushy tech companies picking fights in the press with industry leaders to generate attention. While we welcome healthy competition and debate, acknowledging thinly veiled publicity stunts is counterproductive to our business.”

I got a good chuckle out of this — really, you can’t take this stuff seriously, and I have to admire what is actually pretty good PR spin. It’s up there with one of my favorites, the “so-called beaches” spin that Exxon used to describe the pristine Alaska beaches wrecked during the Valdez oil spill

At any rate, moving on…

Alex Eckelberry

Adam Thomas in our malware research labs took a video of a Trojan DNS Changer a while back. This is a piece of malware that uses rootkit technology and changes your Windows DNS settings. Its purpose is to redirect your search results in popular search engines.

It’s an interesting video. You can view the YouTube video, or if the quality is too low, you can download a higher quality MPEG version here. Also, raw footage here and here.

Alex Eckelberry

Florida Department of Education warns parents about a cyber-squatting website, with a decidedly similar URL.  PDF here.

Alex Eckelberry

As John Murrell notes wryly, AOL’s beta version of its new website is awfully similar to another…

Imaginary meeting: “I don’t care what you do, so long as it looks like Yahoo”.

Alex Eckelberry

Enigma Software, the maker of SpyHunter, has been fighting a wee battle recently over some statements by various people. 

They’ve done something unique:  Created an open forum for discussion of their business practices at SpywareWarrior.  You can see the link here.

Alex Eckelberry

It’s the season for owls to hatch.  So, yesterday after work, Robert LaFollette (our creative director) and John Jacobson (our IT manager) took their cameras up to Honeymoon Island to take pictures of the baby owls.  You can see Robert’s pics are here and John’s pics here.  (Robert shoots a Canon 30d and John shoots a Nikon D80).

Alex Eckelberry

As part of our winning a couple of awards, I was interviewed by Info Security Products Guide. You can read my interview here.

Alex Eckelberry

Info Security Products Guide has named Sunbelt Software the winner of two 2007 Global Product Excellence Awards.  CounterSpy Enterprise and Sunbelt Messaging Ninja were winners of the 2007 Global Product Excellence Customer Trust Awards in the Anti-Spyware and Email Security categories.

Information from our propaganda department here.  The winners list is here.

This is a very nice honor, and of course, I have only my team to thank for their dedication and hard work.

Alex Eckelberry

Great Leap Backward.

“Development and administration of Internet culture must stick to the direction of socialist advanced culture, adhere to correct propaganda guidance,” said a summary of the meeting read on the news broadcast.

“Internet cultural units must conscientiously take on the responsibility of encouraging development of a system of core socialist values.”

Link here.

大跃进!!

Alex Eckelberry
(Hat tip)

The sentencing in the Julie Amero case has been rescheduled to May 18^th.  More here.

Alex Eckelberry
(I am no longer discussing this case publicly as I am part of a forensic team working with the defense.  I also won’t be blogging about this case in any detail until it’s finished.)

Internet Laws: the Good, the Bad and the Ugly
For a long time, lawmakers left the Internet alone. Not anymore; state and federal governments are introducing legislation left and right to try to tame cyberspace. Some of these regulations (such as the moratorium on new taxes) are good. Others, not so much. For a good synopsis of the best and worst laws affecting the Internet, see Eric Goldman’s article here.

Windows XP Back by Popular Demand at Dell
(Alex says: “Oh, thank you!) Dell announced last week on their web site that consumers will now be given the choice between XP and Vista with more desktop and laptop models. Read more here.

Get The Classic Menu Back in Office 2007
Not everyone is happy with Office 2007’s new “ribbon” interface. Some people (like me) like it; others don’t. Well, in another case of “you asked for it, you got it,” a Chinese developer has come up with an Add-on for Office 2007 that reportedly gives back the standard toolbars in Word, Excel and PowerPoint. I installed it today on the “tank” (our monster laptop) and so far, no problems. It does indeed restore the menus on a Menus tab, and you still have the ribbon tabs, too – the best of both worlds. I’ll be testing it more next week and will report any problems, but if you’re in hurry, you can download a free trial at your own risk here.

Fix Outlook 2007 Performance Problems
I like Office 2007 but I don’t like the way Outlook slowed down when I upgraded. I get hundreds of messages per day and most of my business is conducted via email; I’m also heavily dependent on my calendar. Outlook is the interface in which I “live” for a good part of every day, so performance problems in that application cost me time – and money. And I’m not the only one who’s been experiencing this problem. Well, there’s good news: Microsoft recently released an update that helps to fix some of Outlook 2007’s performance issues. I installed it on both my desktop and my laptop (the latter suffered most from this problem) and noticed immediate improvement. If you’ve been disappointed in Outlook’s performance, give it a try. You can read more about it and find links to the download here.

Does Windows Mail Censor your Messages?
I received a question from a reader who said Windows Mail won’t allow him to send outgoing email messages that contain four letter words. I’ve tried to duplicate the problem, but haven’t been able to do so – my test messages with bad words went right through. My guess is that Chris’s messages are being blocked either by his or the recipients’ ISP or local spam filters. But if you’ve had the same problem with Windows Mail and can send messages containing the same words from another email program, please let us know.

New Help Format in Vista
Instead of relying on static Help information installed when the operating system is installed, Vista defaults to Online Help, so that when you ask for help on a topic, you’ll get the latest updated content from the Microsoft servers (assuming your computer is connected to the Internet). If you’re offline, you can still use Help content stored on your hard disk. The Help and Support window has a down arrow in the lower right corner that you can click to select either Online or Offline Help.

The bad news is that Vista won’t open the old style Help files (.hlp format) that you might still have around for some applications. Previous Windows operating systems included the WinHlp32.exe program that’s used to open them, but Vista doesn’t. However, if you need it, you can download and install the program in Vista. You’ll find it here.

How to Set Password Expiration in XP Home
For better security, you can force users to change passwords periodically. In XP Pro, passwords expire every 42 days by default, but there is no default expiration period in XP Home. However, you can set one using the command line. Here’s how:

1. Click Start Run and type cmd to open a command prompt window.
2. At the prompt, type net accounts /maxpwage: followed by a number representing the number of days for which you want passwords to be valid.

Note this also works for Vista (all editions) and XP Pro.

Easier Way to Set Password Expiration in XP Pro
You can change the password expiration period in XP Pro by using the Group Policy Editor. Here’s how:

1. Click Start Run and type gpedit.msc, then click OK to open the Group Policy Editor console.
2. In the left pane under Computer Configuration, expand Local Computer Policy and then Windows Settings, then Security Settings, then Account Policies.
3. Double click Password Policy.
4. In the right pane, double click Maximum Password Age.
5. In the Properties dialog box, enter the number of days in the field labeled Password Will Expire In.
6. Click OK.

How can I get Vista to stop being an overprotective mother?
Vista’s “overprotective” behavior is one of the biggest complaints I hear. Just like with an overprotective mom, User Account Control (UAC) really is for your own good – but if you want to take the risks, you can disable the prompts.

This is done through the Local Security Policy settings in Vista Business, Enterprise and Ultimate editions. At the command prompt or in the Search/Run box on the Start menu, type secpol.msc to open the LSP console. Vista will, of course, ask for your permission to continue (but this could be the last time). In the left pane, expand Local Policies, then click Security Options.

In the right pane, scroll down to User Account Control: Behavior of the Elevation Prompt for Administrators in Admin Approval Mode. Double click it, and on the Local Security Setting tab, click the down arrow in the drop-down box and select Elevate Without Prompting. Now, when you’re logged on with an administrative account, you won’t get that annoying “are you sure?” dialog box (and you also won’t know when programs are elevating privileges). Click OK, and you’re done.

Recover from corrupt registry that prevents XP from starting
If your XP computer won’t start because of corruption in the registry, this Guided Help article will help walk you through the process of resolving the problem. Find out more in KB article 307545.

Folder doesn’t open when you click it in the All Programs list in Vista
If you click a folder to open it in the All Programs list in Windows Vista and it won’t open, this could be because the folder is stored in a certain location. There is a hotfix available to fix the problem, but you have to contact Customer Support Services to get it. For more info, see KB article 932404.

Until next week,

Deb Shinder

Last week, Deb Shinder posted a wee bit of a rant on Open Source.

Reaction was fast and, as can be predicted, a range of emotions were shown.

We had lots of feedback in the Comments section. And Deb also got emails, which she’s summarized here:

Many of you use a combination of commercial and open source products; even adamant Windows fans are likely to have one or more favorite open source or freeware programs. And some who use open source extensively admitted that they use it because it’s free, not because it’s better.

Jim M. said, “I tried using Mandrake (now Mandriva) for a couple of years on a computer that I literally built out of trash can parts aka Frankenputer. I am considered and alpha geek by most who really are, but when I got a better spare, I went back to XP. I simply have less trouble. I use Firefox, Thunderbird, and several other either Open Source or freeware with adequate results.”

Fernando A. said, “I believe that Open Source software perfectly suits the academic world, giving students the opportunity to deal with the nuts and bolts of technology. Sometimes it also is the only choice in thin pockets environments such as non-profit organizations, underdeveloped countries, etc. But when it comes to business, I prefer commercial software because I have a counterpart (corporate or individual) who is responsible for it in terms of warranty (and not only money-back), support, etc. I think that investing in commercial software is part of the value chain.”

Some of us who rarely or never use open source, however, are still glad it’s around. As Chuck M. put it, “The one good thing about Open Source apps is that they put pressure on the ‘Big Boys’ to keep their prices reasonable and to make more of an effort to keep their customers happy with them and the support of their product.”

Locutus Borg (who just might be a Star Trek fan) took issue with my statement that no one is forced to use Windows. He said, “While there are some options to emulate Windows or at least the APIs inside Linux already, none of them are up to the task of real gaming yet. Any gamer is totally stuck in Windows if they want to play more than solitaire, unfortunately.” And Herb W. said, “All in all, I would rather move to a platform that MS doesn’t own, but until I can and still do the everyday things I require … I’m a bit stuck.”

I don’t know; to me this sounds like saying, “Well, I’d like to drive an economy car but darn it, until they make one where all my friends and I can party sip champagne and watch TV and spread out on the leather seats in the back, facing each other, I’m stuck with this stretch limo.”

On the other hand, not all Linuxes are created equal, and some are obviously more user friendly than others. Ridge K. said, “I have been working with the Ubuntu Linux distribution, and it really is pretty remarkable. You can, pretty painlessly, take a door-stop quality, 7-year-old PC and turn it into a very functional computer.” And Ed G. said “You’re actually spreading propaganda about compiling kernels and writing drivers on Linux. I downloaded and installed Fedora Core and Ubuntu, and both work “right out of the box”. My “propaganda” is just based on my own experiences, but I have to admit that Ubuntu is a distro I’ve never tried; maybe I’ll give it a go next time I get an urge to experiment with Linux.

Dave C. offered an interesting observation: “MS … started out when things were done more on an individual level and are playing catchup to a networked world. Linux started out in a network world and is trying to make things work for an individual.” Good point, and does help to explain some of the differences.

Geoff notes that, “some of the open source fervor is just part of the ABM (anybody but Microsoft) movement. I agree that MS has done some stupid things and there are better alternatives in some situations, but they have mastered the “Good Enough”. In many ways, the Mac is a better platform, but the PC is “good enough” and much more open… At the opposite end is Linux. I think it is also ‘Better’ at some things, and is even more open, but also suffers in areas where the Mac excels. I think of the Mac and Open source as opposites, with Windows in the middle. With most things, people are most comfortable in the middle.”

Thanks to all of you who wrote on this topic.

Alex Eckelberry and Deb Shinder