Ed Brill

Post a Comment

1. 1  Charles Robinson http://cubert-codepoet.blogspot.com | 12/28/2006 5:36:00 PM

   It doesn't surprise me. I'm sure you knew this was coming, but when are we going to see pricing for Activity Explorer? :-) I checked the Workplace site and couldn't find anything.

1. 2  Greg Walrath http://www.univarusa.com | 12/28/2006 5:51:49 PM

   Another hit to the armor. I've always heard that one of the big reasons for using Outlook is that it's included in Office and in the the Exchange license, so why not use it? Now they have to buy it separately.

1. 3  Keith Brooks http://kbmsg.blogspot.com | 12/28/2006 8:04:28 PM

   Not surprising at all, in fact it is drug dealer plan.

   Give it to them for free then they come begging for it and will pay any price.

   Granted I don't think anyone will go begging for Outlook, but they will have no choice but to pay for it.

   Is this a good way to convince people to migrate to Lotus?

   Only if we offer it for free, which we won't right Ed?

   You got to pay to play and MS has the table for the minute.

1. 4  Karl-Henry Martinsson  | 12/28/2006 11:24:00 PM

   Did anyone see this comment: { Link } ?

   "Outlook is more virus resistant than just about any mail client that run on windows. Not to mention that its manageable."

   Anyone with a ZDnet-account that want to comment? ;-)

1. 5  David Russell  | 12/29/2006 7:04:29 AM

   @4: I recently had a heated 'exchange' with our Network Manager, where they were considering giving some users Outlook and I had to put a stop to it, as I only wish to support Notes. In any case, the point is - his impression was that Microsoft have fixed all of their 'virus' problems and is a much more stable product. So perhaps MS are now convincing people that viruses with Outlook are no longer an issue - that seems to be the impression with our Networking group ?!!

1. 6  Sylvain  | 12/29/2006 8:51:49 AM

   Aïe ... how will we convainc users now ? it's already very difficult because they don't love Notes client GUI ... I often tell them Lotus is less sensible against virus ... :(

1. 7  Randy Shimizu  | 12/29/2006 11:04:16 AM

   I am not surprised at all by Microsoft's decision to charge for Outlook. Microsoft does everything in it's power to get all the money it can from it's customers.

1. 8  Dave Madison  | 12/29/2006 1:41:00 PM

   @5 David, do you have evidence of people running the latest version of Outlook or even the most updated older versions of Outlook having their mail systems being hit with a virus launched by Outlook? Scanned your Domino servers lately for any latent viruses?

1. 9  Jim McBee http://www.directory-update.com | 12/29/2006 2:25:48 PM

   @5 - You said "I only wish to support Notes". Quick question for you, what do your users and company management want you to support? Too often I work in organizations where the tail (IT) tries to wag the dog.

   I agree 100% that Microsoft is trying to get a few more dollars from their customers. I don't like it one bit. I am an Exchange guy. IMHO, this type of "bait and switch" business practice is pretty slimy and it will slow/delay deployments of future versions.

   HOWEVER, something we all need to recognize is that Microsoft (IBM, Computer Associates, Symantec, etc...) are all publicly held corporations. They are not the United Way or Salvation Army. They have an obligation to their stockholders to MAKE MONEY. When most of your employees are also stockholders, every stockholder has a vested interseted in GROWTH. Something Microsoft has not done a lot of these past few years.

   My $0.02 worth.

1. 10  Charles Robinson http://cubert-codepoet.blogspot.com | 12/30/2006 11:38:00 AM

   @8 - The only person I know running Exchange is on 2000 due to budget constraints and she fights trojans and worms constantly. I don't know the specifics, I just know she's always bemoaning the latest round of Outlook and Exchange specific malware.

   I run Domino on iSeries and RHEL. I don't care about viruses.

   @9 - I think David has a right to question the value in supporting both Notes and Outlook. As IT professionals we can't just blindly do everything we're asked without taking an objective look at it. I believe we are in trust positions and have to provide input to help guide the people who are not as technically adept. We have a responsibility to maximize investments, and if we just blindly did everything we were asked it would be utter chaos and impossible to manage.

   I understand IBM and Microsoft need to make money, I just wonder what the long-term effect is going to be. I see the collaboration environments getting way more complicated than they need to be. Like you, I see this slowing down deployments, and that is not going to create the anticipated growth.

1. 11  David Russell  | 12/31/2006 3:58:47 PM

   @8: Not sure if you are picking at me or not. I merely said I am not interested in support Outlook (i.e. supporting two mail clients)

   And no, we have had no virus problems.

   @9: Actually I recently asked that question in an internal survey, and 80% who responded love Notes and wish to continue using it. 1500 our of 2300 users responded.

   There is a small group in our I.T. department who wish to switch to Outlook and they do not reflect the opinion of our users, hence I take their stance. If they change their minds, I'll happily make the switch.

1. 12  Rob Ingram http://www.dominoblog.com | 1/2/2007 9:10:09 AM

   This comment { Link } on Mary Jo's blog also caught my eye. Journaling is not part of the standard Exchange 2007 CAL. Essentially , you must buy the higher priced Enterprise CAL if you need to do complaince and archiving. Domino has included this capability at no charge in the Notes CAL since the journaling feature was added. Why chose a messaging server that does not to include all its core messaging features in the base CAL price.

1. 13  Dave Madison  | 1/2/2007 5:38:12 PM

   @10. Still running Exchange 2000? So, they are still running a product that is no longer supported by the vendor and the vendor has released fixes to address known virus threats but that person has chosen not to address those risks in their environment? And the company refuses to invest the money to ensure their environment is free from security threats? This is the example you are using as Exchange and Outlook being vulnerable to viruses? Don't most Domino admin's make sure they install the latest patches and fixes to know security risks? (and don't tell me Domino is immune to security threats)

1. 14  Charles Robinson http://cubert-codepoet.blogspot.com | 1/2/2007 6:51:53 PM

   @13 - I didn't uphold Exchange and Outlook as any more or less vulnerable than Domino and Notes. I simply said the only person I know running Exchange is stuck on the 2000 release because they don't have the money to rip and replace their current infrastructure.

   I don't know of any security-specific Domino or Notes patches that have been released since I started using it in 1999. So to answer your question, no, I don't install the latest patches to address security problems in Notes and Domino.

1. 15  Ed Brill http://www.edbrill.com | 1/2/2007 7:56:18 PM

   Domino (and Notes)'s not immune to security threats, but it sure has had far less of them than Exchange/Outlook.

1. 16  Martijn de Jong  | 1/3/2007 8:13:56 AM

   Dave, we all know that the costs of upgrading a Domino server to the latest version is only a fraction of the costs for upgrading an Exchange environment. You can't bash Exchange customers for staying on older versions when the upgrade path offered to them by Microsoft is so bumpy.

1. 17  Dave Madison  | 1/3/2007 3:30:10 PM

   @15. No argument there. But, much of that, I submit, has to do with adoption. It's no secret that Outlook are far more widely used by both businesses and home users than the Notes client is (I personally don't know of anyone that uses the Notes client at home to read their non-business mail...that being someone that doesn't use it at work as well) So, just like terrorists, virus creators go for the most visible impact. And when a security threat hits your server, does it really matter what the record of another vendor's product is at the moment? You have an investment you have to protect.

1. 18  Dave Madison  | 1/3/2007 3:31:06 PM

   @14

   this might help as a start:

   { Link }

1. 19  Charles Robinson http://cubert-codepoet.blogspot.com | 1/3/2007 3:52:58 PM

   Thanks, I never knew that page existed. It doesn't change the fact that I have never installed a Domino patch because of a security concern. Maybe I've been lucky. I think it helps that Domino is pretty hardened already and doesn't have many OS dependencies. Notes is likewise pretty tightened down and gives arcane warnings that scare users whenever they try to do anything they're not supposed to, virtually guaranteeing they either cancel the action or call someone in IT. :-P

1. 20  Charles Robinson http://cubert-codepoet.blogspot.com | 1/3/2007 4:04:51 PM

   In the enterprise space Notes and Domino have about the same marketshare, so you can't say it's "far more widely used" there. You are correct about the home segment, though.

   I would also say that along with visibility and accessibility is ease of compromise. You can't iterate through the Notes address book (for a Notes client using an ID with a password) without authenticating. A user is going to think it's weird if he opens an attachment and it asks him to log in to Notes.

   Since Notes is business oriented, people are aware that what they're doing is likely being logged and possibly being monitored. The volume of frivolous e-mail is lower than it is with home accounts, and social engineering has less of an impact than it does on home users where people tend to open every attachment. I think the lack of a consumer focus has helped Notes in this regard, but hurt it in other areas.

1. 21  Ed Brill http://www.edbrill.com | 1/3/2007 6:41:24 PM

   @17 Dave, you are propogating Microsoft spin on this one.

   The first Outlook viruses appeared when Outlook was less than two years old (Melissa was March, 1999, for example) -- hardly "far more widely used" even considering both business and consumer usage. The first Notes virus appeared...oh wait, that hasn't happened.

   Looking at the list of CERT advisories for 2006 { Link } , they are still posting away on things like Winamp or Microsoft Publisher. These are hardly "most visible impact" targets.

   I don't claim Lotus Notes to be immune to security issues, though you should note that almost all of the issues on the page you linked are Domino server-related. Still, seventeen years without any virus issues is a track record that speaks for itself. There are more than seventeen occurances of Microsoft issues alone in the 2006 list on CERT. Again, I don't buy the footprint issue, since some of them have been Exchange 5.5, Windows Publisher, Works, etc.

1. 22  Dave Madison  | 1/5/2007 1:45:39 PM

   @19 My point is, I think any IT person running Domino and connecting it to the internet for messaging would be under a false sense of security if they thought their system was "pretty hardened" and in no need of ensuring they had the latest security patches and fixes installed. But, that's just me. Maybe I have a better sense of due diligence to my company's corporate assets than others.

   @17. Ed, I think you are missing my point. I'm not attempting to gloss over the fact that earlier versions of Outlook were prone to being transports for viruses for email systems. That was because it was very easy to program on top of Outlook. My point is, because of the visibilty of Microsoft, because it was somewhat trivial to write applications on top of Outlook, and because Outlook was widely used both INSIDE and OUTSIDE companies, the product was a much bigger target when compared to the Notes client.

   Every virus that was launched via Outlook was designed to attack a mail server, not the client. They were designed to spread viruses through mail systems and bring mail servers to a crawl. They were designed to take down a client. How many Outlook clients were unusable as a result of the Melissa virus?

   I would be curious to see how many dormant viruses were hanging around Domino servers.

   You'll get no argument from me that MS products are not security free. Hell, how long had IE7 been out before the first flaw was reported?

   My point is Domino admins would be naive to think they are completely immune to security attacks.

   I'm still waiting for evidence of an Outlook borne virus being reported in the last few years. Anyone?

1. 23  Wayne Weinheimer  | 1/5/2007 10:17:35 PM

   @22 Dave, whole companies using Outlook and Exchange were brought to their knees with some of the viruses. Their clients didn't work when the servers they attached to were down. Or from experience an Outlook client was tied up for hours while sending the virus to everyone in the address book.

   I've seen a Domino server web site hacked, this was due to a database being left open. I've also seen a Domino server being used as a mail relay.

   The Domino server issues are related to someone not reading the manual or following a checklist to ensure the system was "hardened".

   The Exchange servers and Outlook clients were infected by viruses in spite of all the proper steps being taken.