[Update August 8: I note, via Groklaw’s News Picks that “Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system [...] By taking advantage of the way that browsers, specifically Internet Explorer, handle active scripting and .NET objects, the pair have been able to load essentially whatever content they want into a location of their choice on a user’s machine. Researchers who have read the paper that Dowd and Sotirov wrote on the techniques say their work is a major breakthrough and there is little that Microsoft can do to address the problems. The attacks themselves are not based on any new vulnerabilities in IE or Vista, but instead take advantage of Vista’s fundamental architecture and the ways in which Microsoft chose to protect it. “The genius of this is that it’s completely reusable,” said Dino Dai Zovi, a well-known security researcher and author. “They have attacks that let them load chosen content to a chosen location with chosen permissions. That’s completely game over. “What this means is that almost any vulnerability in the browser is trivially exploitable,” Dai Zovi added. “A lot of exploit defenses are rendered useless by browsers. ASLR and hardware DEP are completely useless against these attacks.” [...] “This stuff just takes a knife to a large part of the security mesh Microsoft built into Vista,” Dai Zovi said. “If you think about the fact that .NET loads DLLs into the browser itself and then Microsoft assumes they’re safe because they’re .NET objects, you see that Microsoft didn’t think about the idea that these could be used as stepping stones for other attacks.” So much for “the most secure” OS.]
John C. Dvorak has a column up, comparing Microsoft to a ‘Spandex Granny‘:
Vista is essentially the old hooker with a bad facelift and too much makeup. She also can’t remember her customers. Microsoft cannot seem to arrive at this self-realization, and, instead, hopes to be the debutante forever. The situation is beginning to take on the feeling of a Tales from the Crypt story—both sad and creepy. [...] Microsoft has seen better days, like an athlete at the end of a career. Some endings are good, some are bad. I hope Microsoft will find one of the good ways. Pretending to be a small, agile company after 20 years isn’t working.
And so with that lovely introduction, let’s segue to what Linux is up to:
“For the first time, IBM and leading Linux distributors Canonical/Ubuntu, Novell and Red Hat will join forces globally with their hardware partners to deliver Microsoft-free personal computing choices with Lotus Notes and Lotus Symphony in the one billion-unit desktop market worldwide by 2009. Citing shifting market forces and the growing demand for economical alternatives to costly Windows and Office-based computers, the four leaders sense an ideal set of circumstances allowing Linux-based desktops to proliferate in the coming year. Linux is far more profitable for a PC vendor and the operating system is better equipped to work with lower cost hardware than new Microsoft technology. “The slow adoption of Vista among businesses and budget-conscious CIOs, coupled with the proven success of a new type of Microsoft-free PC in every region, provides an extraordinary window of opportunity for Linux,” said Kevin Cavanaugh, vice president for IBM Lotus Software. “We’ll work to unlock the desktop to save our customers money and give freedom of choice by offering this industry-leading solution.”
“Zimbra, the open-source e-mail software that Yahoo acquired for $350 million last year, is officially coming to Ubuntu Linux. Coinciding with this week’s LinuxWorld conference in San Francisco, Zimbra has announced a partnership with Ubuntu parent company Canonical. Ubuntu users have been able to access Zimbra for the past year. But now, the e-mail software will be in the Ubuntu Partner Repository [the package name is zdesktop, just FYI], providing easy access to both offline and online Yahoo Mail, Gmail, AOL Mail, and any IMAP or POP e-mail accounts. Zimbra also offers document and spreadsheet functions, as well as mashup features with services like Flickr, Amazon.com, and Yahoo Maps.”
“Bob Sutor, VP of open source and standards at IBM, told attendees of the LinuxWorld Conference in San Francisco, that what the open source community needs to make Linux popular as a desktop OS used by consumers and businesses are “some really good graphic designers.” “Stop copying 2001 Windows. That’s not where the usability action is,” Sutor said during his afternoon keynote. [...] Sutor said he believed the many open source licenses, as well as the many software standards bodies, that exist today, would eventually dwindle to only a few. As it is now, five or six open source licenses cover more than 90% of the available software today. [...] Going forward, however, the Linux community had to be conscious of the “enemies of open source” and couldn’t rest. Although Sutor didn’t say who these enemies are, Microsoft has certainly been a major detractor.”
“For customers in the United States [...] the Dell XPS M1530n and Studio 15n notebooks are now available with Ubuntu 8.04 factory installed.”