Robert Peston/BBC: Dear Bill Gates (again)
March 26 2007
BBC business editor Robert Peston takes a second look at his progress moving to Microsoft Windows Vista. The going is not good at all:
I installed Office XP on my new [Vista] laptop, and have been puzzled and irked that Outlook will not save sign-on passwords. It means I have to type in my passwords every time I check my e-mail accounts for new mail.As if "rip and replace" is anything new or surprising? What's more, I'm amazed that they wouldn't find some way to continue to make single sign-on work -- it was one of the features MS touted aggressively in the past as to why users would "prefer" Outlook.
For weeks I've been investigating possible fixes to this annoying glitch. But yesterday I came across an explanation from someone called the Microsoft AppCompat Guy, on Microsoft's discussion forum for "General Windows Vista Development Issues".
This is what AppCompat Guy says: "This was a difficult deliberate choice. During the development of Vista, it was discovered that the password storage algorithm used by Outlook was too weak to protect your data from future, potential attacks. Both the security and application compatibility teams decided that protecting your data outweighed the inconvenience of having to retype your passwords. As the appcompat representative, I can assure you this was not a decision we took lightly..."
So just to be clear, Microsoft has created a new operating system that isn't properly compatible with a best-selling, still perfectly useable version of its own software.
Link: Robert Peston/BBC: Dear Bill Gates (again) > (via vowe dot net)
Post a Comment
- 2
Keith Brooks http://www.keithbrooks.com | 3/26/2007 8:14:52 AM
Ed,
SSO in the past, and evidently still is the IBM default to knocking MS. No knock on you but you know, something more interesting to C execs would be useful.
Is someone going to dump exchange because outlook has "greater security" by logging in everytime? NO.
I already have that as part of my yahoo mail and other web mails.
But it's not like we have a better solution, we don't even offer an O/S for clients, well linux I guess is it.
How about playing this, in reference to the other posting you had how IBM has a Linux client and SSO within in for the apps.
- 3
Richard Schwartz http://www.rhs.com/poweroftheschwartz | 3/26/2007 9:22:32 AM
It's not clear to me that this issue has anything to do with Exchange. Both the Preston article and the post on the Microsoft forum refer to passwords and mail accounts-- in the plural, which to me implies that he's talking about managing multiple POP/IMAP accounts in one instance of Outlook.
- 4
Charles Robinson http://cubert-codepoet.blogspot.com | 3/26/2007 10:49:38 AM
@3 - I take it to be something similar, as well. I don't use Outlook but I have a hard time believing that there isn't something somewhere that lets you enter the password for POP3 or IMAP accounts. I'm not sure exactly how this worked previously or what has been changed that has Robert Peston so up in arms. I'm also not sure what this has to do with any kind of "rip and replace".
- 5
Ed Brill http://www.edbrill.com | 3/26/2007 10:57:07 AM
It has to do with "rip and replace" because Microsoft is saying that the way to solve the problem is to upgrade to Outlook 2007 (though there are various reports found through google that this problem may well exist with Outlook 2007 as well).
As for whether this is an Exchange+Outlook issue or just an Outlook as stand-alone client issue, you're right, I don't know. But I thought Microsoft had changed Outlook in 2007 so that it didn't have those different operating "modes".
- 6
tonyo | 3/26/2007 11:22:21 AM
Ed,
when I'm connected to the Microsoft Corpnet , no passwords are asked for. SSO works as advertised.
However when I connect to Exchange via HTTP from a public place like a coffee shop, then I'm asked for my AD password as a second verification of my identity. That seems a good thing to verify me twice when the network can't verify my physical location.
- 7
Richard Schwartz http://www.rhs.com/poweroftheschwartz | 3/26/2007 12:34:54 PM
@5 Ed, point taken as to the rip and replace. When the old stuff is so fundamentally insecure as to (apparently) be unable to be fixed with a patch, however, it's a damned if you do/damned if you don't situation.
- 8
Naveen Jain http://www.billgatesmicrosoft.com | 3/27/2007 4:56:50 AM
Vista was launched with the priority on security.Everything good comes at a price this time was outlook.
- 9
Sean Jennings | 3/27/2007 7:25:44 AM
I think this is the least of Vista's woes...
{ Link }
seems that Vista isn't too good at the radically new concept of copying and deleting files....
- 10
Luke Coverdale http://www.illuminotes.com | 3/28/2007 5:53:11 AM
Just reading "Joel on Software" at the moment, and there's a great line in it, paraphrased:
"Buffer overflows was how 95% of hacking was done, until Microsoft released Outlook, making hacking possible for teenagers to do."
I suppose Vista is pretty good, all things considered, although I feel that the relevance of an operating system will only decline as time goes on, with 'all features in the application' products like Notes 8 becoming more prevalent, and running on whatever O/S you like.
Luke
My company purchased a new computer for me, and I have to admit I am a little disappointed at the level of performance Vista gives me. Its a 2GIG machine with a 2.4 Ghz dual core - and it still isn't as fast as my 3 year old AMD with XP. I guess I'll have to disable Aero. I do like some features though, the file searching seems quite quick.
Meanwhile, we got a MacBook for home - never used an Apple before, just kept reading they were the best laptops around - and we've fallen in love with it - it is VERY fast on a 1.8Ghz Dual Core - I have to admit, I'm starting to convert... maybe other Windows diehards will too?