Sunday, July 31, 2005

LUA LUA, oh baby - you've got to grow

As I mentioned, I've been playing with the OS formerly known as Longhorn. One of the key deliverables this time around is that it is now supposed to be actually possible to run as a "User" or in LUA (Least-privileged User Access or Limited User Account depending on who you talk to) mode. With LUA, apparently we won't all laugh when MS publishes a security bulletin claiming that if we were running as a limited user, we would not be vulnerable to a certain issue. Today we all do laugh as next to nobody actually runs as a LUA user (outside of kiosks and the like) because nothing works correctly.

So, as part of the testing I tried to change the Time Zone. Nope, NADA, not gonna do it. Since the TIME can be security critical, but the Time Zone itself CANNOT (on NTFS, file time stamps are stored as GMT and the display in explorer adds offsets for the current time zone, also Kerberos uses GMT and ignores time zone offsets) it should be something that a LUA user can change. After all, when they travel from the US to Kazakhstan their appointments in Outlook should show in local time - not 12 hours off from local time. So changing the Time Zone is a fairly critical operation for people who globe-trot.

Lest you ask - I did go through the policy settings and found that although there is a setting to allow either just Administrators or Administrators and Power Users to change the system time - there is nothing about the time zone and lowly LUA folks.

Come on MS - let's not screw this up yet again. We really do WANT to run as LUA users. Let us do it this time.

Friday, July 29, 2005

The Horn of Plenty?

Recently (like most of the rest of the IT universe) I've been playing with Windows Vista™ Beta 1 build 5112. The OS formerly known as LongTime, ah, I mean LongHorny, er make that Longhorn. Actually, they might as well have kept the name since IT geeks like me keep working with it until the cows come home.

A couple of cohorts and I have tried it on about 7 different hardware types so far. We've seen a couple of blue screens, some installs of various programs that make Vista reboot over and over, some annoyingly large icons on the desktop (that are nigh impossible to shrink down to regular old 32x32 size) and a virtual plethora (yes, that's for you Steph - think I wasn't paying attention to your presentation? Call my picture stuffy and get razzed, right?) of other issues both minor and major.

So far the biggest let down has just been the lack of features. You name it and feature X is shipping in the "Beta 2 timeframe". That and I think I'd kill for a working VPN client about now. Oh, and maybe some Anti-Virus that works - right, that would be good.

So I brought a notebook home running Beta1 to show off (damn, I'm a geek) and my wife and kids got that "oh, no, here he goes again" expression on their faces and came up with any excuse to get the heck away from me and the shiny new OS. You know, the "I have to take the garbage out", or the "I had better go do my homework." Is it just me, or could it have been the large icons that scared them off?

So - good experiences with Beta1? Bad ones? I'll be reading about them and publishing more of the things I run across here.

Tuesday, July 26, 2005

Do you see OWC?

From the rant of week dept...

Recently we've been pushing sites on our network to hurry up and deploy Office 2003 already. Our original image was built with Office XP and we have had the 2003 version availble for the users to install for almost a year. It won't be mandatory until later this year due to corporate politics. However, one of the fun things we've been encountering is the lack of consistency provided by Microsoft in their OWC or "Office Web Components". Office XP shipped with "OWC10" which has a unique CLSID and does not have a version independent ProgID. Now Office 2003 Standard comes with OWC11, and Office 2003 Pro - mostly because the MS Access team couldn't get their act together - comes with OWC10 and OWC11. Guess what? OWC11 has a new CLSID and still has no version independent ProgID. So to instantiate them, you have to use the actual CLSID. It's created a problem for those folks who actually used the Office Web Components to do spreadsheet type things on their web sites. They end up having to change their code on their production sites to do an instantiation of the CLSID for OWC11, then check the object to see if it is == Nothing. If it is, try an instantiation of OWC10 instead. Seems a bit silly - and unfortunately the people who built the pages are never around anymore so maintenance can be iffy.

Why Microsoft, why? Why can't you create version independent ProgID's for these things like you do for say Excel? It's almost like the OWC team likes to physically hurt their customers (similar to Dilbert's boss). Couldn't those folks have just went into dentistry or something and let people who actually like customers write the OWC code?

Sunday, July 24, 2005

Virtual History...


Well everyone is talking about the supposed "Google Maps killer" Microsoft Virtual Earth. As many people know, it was up for several hours to test the production servers and is coming back Monday. I took a few moments to check it out, and came away with a sense that it is really more like virtual history; at least in the satellite imagery department. This is due to the obvious age of many of the satellite (or aerial) images available. As many noted, this seems endemic to the service and not just to one or more particular areas. However for my own home region it is at a minimum 10 years out of date (and in black and white or greyscale) while the analogous Google satellite image (same approximate size and exact same region) is in color and seems to be from about 18 months ago. A couple of schools, a Wal-Mart, an Orchard Supply, a Water-Park are just a few of the things missing from the Microsoft Virtual Earth satellite image.

Earth to Microsoft: It's all about the data dummy! You can stick a great UI, perfect UX, etc. onto the thing - but at the end of the day you need to have great data or nobody will use you a great deal. Hopefully that's something they'll get right soon. Although for now I can enjoy seeing my home region as it looked in days gone by...

Saturday, July 23, 2005

While on the ranting path...

Our company setup a deal with some people that provide little clip on pedometers (with our company name on them) and a web site that allows you to track your steps as miles on one of several famous paths. You go to the web site to sign up for the free deal and they send you your unit. So far, so good.

One of the first things you are supposed to do is calibrate your pedometer to your "steps". Now, one of my friends at work went into a whole spiel about how the mile came from the Romany military where 1,000 steps was a "mil" which became a mile. Pretty cool, and neat to learn some history as part of this. He mentioned that the way they counted was each time their right foot came down was 1. Great. So I look through the manual that is telling us to set the thing to low sensitivity and then take 100 steps and see what it says. If it is saying something too low, up the sensitivity. OK, fine. Not hard. But first, how about if you define a step? Turns out that I couldn't find out from their manual OR their web site what the heck a step is (each time you put a foot down or each time the right foot comes down like those Romans). So I finally find on their web site - not the definition of a step - but a statement that 2,000 steps is roughly a mile. OK - so now I know - I have it set wrong because it is counting like them pesky Romans. My friend had his set that way all weekend. We had to re-calibrate the things (again not hard).

But --- how hard could it have been to put in that darn manual or even on that web site what the heck they counted as a step? Come on, that's pretty lame.

So, anyway the family and I took a nice walk this morning before it got hot (It's 106 now) and I got in 11,147 steps. Measured the way the web site people want it.

Update: OK today the thing started counting about twice the steps it should have and I had to change the calibration again. It is still clipped onto the same shorts in the same spot as it was yesterday - but apparently that isn't good enough. Seems these units aren't very good at counting steps...

There oughta be a Law...

<rant>

So what is it with these non-techie internet users anyway?
And the companies that "provision" them (set them up to be
pwned)? I've gotten tired of hearing from people that take their corporate notebook or corporate home machine (you know, the one the team I am on worked hard on creating a solid image for), and try to load PPoE or some lame ass cable company software on it. Fortunately most of them fail as they aren't administrators. Some folks however have gotten admin rights and screwed up their machines royally loading this crap.

Then comes the really unpardonable part - the installer hooks them up on the raw naked internet. No firewall, no NAT router, just "we like SPAM and you'll be sending it in 10 minutes". Sometimes the user does this hookup themselves. Don't these people realize that this is dangerous? How many of those same folks would leave their car parked and unlocked at night in an inner city? Why haven't they "gotten" it yet that you have to treat the internet the same way?

I mean come on - a basic Linksys or Netgear type NAT router is what $39? Is there some reason the installer doesn't bring one with them? Or build NAT into the darn cable/dsl modem? If the user does install a firewall and the ISP's service in the area goes down - what happens? The user call some tech support script reading drone in some other country who tells them they have to disable their firewall and anti-virus.

Let's examine a few other things people want to do:
  • If you want to drive a car in most places, you take a written test and an actual driving test so that they can confirm that you actually do know you aren't supposed to speed up and go through red lights, cut other cars off, get drunk and drive, etc. Flunk the test, no drivers license.
  • If you want to operate a HAM radio, you take a written test, and... - hey seems to be a theme here - you need a license for this stuff and you have to be tested to get one.
  • If you want to be an internet user, you get out your wallet and give some money to an ISP. Wait a minute? That's IT? Where's the mandatory testing?
The problem becomes more clear. We let people (synonym Idiots or as Scott Adams says "InDuhviduals") connect up and start surfing with no actual knowledge of correct or safe behaviors.

Any takers? There oughta be a law...

</rant>

Friday, July 22, 2005

RSS Bandit

I'd been using SharpReader for quite some time for RSS feeds and had been pretty happy with it. I had just "stumbled" into it when reading about MSDN RSS Feeds. SharpReader was the first one on the list, so it had to be the best, right? Well today my buddy at work Josh pointed out RSS Bandit. It seems to be a more friendly UI and the way it hosts the browser in its own tabs "holds" the UX together better than SharpReader does. If you've been using SharpReader, you may want to give RSS Bandit a try.

Testing the System

OK, I just wanted to see if I was able to email in a blog post. It is supposed to work - but who knows: I might have set the thing up incorrectly. We will see if it works.

What's in a name?

It's hard to believe after a couple of years of "Windows Longhorn" and "...in the Longhorn timeframe" that it is now Windows Vista. We're already seeing all the jokes about "Hasta la Vista" and how one of the meanings of Vista - "A distant view or prospect" means it will be even later than expected.

It'll take some getting used to - I seem to remember that Windows XP seemed like a really stupid name too when that first came out. Of course at that time, Windows XP was a lot closer to shipping when it changed from "Whistler" to "Windows XP". Names like that just make you think that Marketing (for most companies, not just Microsoft) has a two drink minimum.