Practical Technology

for practical people.

August 12, 2009
by sjvn01
0 comments

Security is a process

I often point out that Windows is insecure. It’s so insecure, in fact, that I, in all seriousness, propose that ISPs (Internet Service Providers) should start forcing users to secure Windows-since neither users or Microsoft will do the job, Windows PCs should be banned from the Internet. That said, nothing, and I mean nothing is really secure.

People keep having this delusion that security is a product. That, if you just buy some magic box, you’ll have a program or an operating system that’s as secure as Fort Knox. Or, if they just use a Linux desktop or a Mac, they’ll be safe. I wish!

It doesn’t work that way. Security is a process, it’s not a product. Some systems are more secure than others. Linux, as anyone who pays any attention to security news knows, is a lot more secure than Windows. If we were talking cars, Linux would be an Audi A4, the Mac, BMW 330 and Windows would be a mid-70s Ford “Hit here to blow up” Pinto.

More >

August 12, 2009
by sjvn01
0 comments

Microsoft banned from selling Word

It sounds like a joke. But, it’s real and it’s anything but a joke for Microsoft. Judge Leonard Davis, of the U.S. District Court for the Eastern District of Texas, has issued an injunction (PDF Link) that "prohibits Microsoft from selling or importing to the United States any Microsoft Word products that have the capability of opening .XML, .DOCX or DOCM files (XML files) containing custom XML."

Microsoft had been sued by i4i, a collaborative content solution and technology company. Its founder, Michel Vulpe, owned a patent covering a way of reading XML (Extended Markup Language) documents. XML is the basis of Microsoft’s controversial Open XML document formats. The U.S. District Court for the Eastern District of Texas is infamous for supporting patent lawsuits and fast-tracking them. In intellectual property law circles, this Court has become known as "A Haven for Patent Pirates."

In this case, though, i4i isn’t a patent troll. It’s a real company that uses its patented technology in real products. It also believes that Microsoft has used its patent in Word. And, what’s to the point, they convinced Judge Davis of this.

On May 20th 2009, Judge Davis and his court’s jury ruled that Microsoft owed i4i a $200 million patent infringement verdict for having infringed on i4i’s "A system and method for the separate manipulation of the architecture and content of a document, particularly for data representation and transformations," patent # 5787449.

Microsoft didn’t settle. Boy, was that a mistake.

As lawyers who have dealt with Judge Davis before know he doesn’t suffer fools lightly. So on August 11, he signed the order that blocks Microsoft from selling Word. According to the document, "This injunction becomes effective 60 days from the date of this order." So, on or about October 12th, Word, and Microsoft Office since all versions contain it, will go off store shelves.

Some people, like Michael Cherry, an analyst with Directions on Microsoft, don’t think that Microsoft will have to stop Word sales. Sorry. Microsoft may very well have to stop sales or disable Open XML, Word’s new standard document format. This injunction will not be easy to dodge.

Nick Eaton at SeattlePI reported that, Microsoft wants to fight this out. Eaton wrote that Microsoft spokesman Kevin Kutz said, "We are disappointed by the court’s ruling. We believe the evidence clearly demonstrated that we do not infringe and that the i4i patent is invalid. We will appeal the verdict."

Good luck with that Microsoft. No, I’m not being sarcastic.

Now, I am not a lawyer, but I know something about IP law and a fair amount about markup languages since I’ve been covering them since SGML (Standard Generalized Markup Language), showed up in the late 1980s and before anyone had dreamed up the Web’s HTML (Hypertext Markup Language) or XML. To me, the i4i patent reads like a classic, over-reaching patent that covers prior art, which should have prevented it from ever becoming a patent. It’s these kinds of patents, and courts like the Eastern District of Texas, which approve these IP patent lawsuits almost as a reflex, which harms everyone in the technology business.

As anyone who reads my stuff knows, I’m no fan of Microsoft. I also think Open XML is a junk standard. But, that said, while Microsoft’s legal team certainly mishandled this case so far, Microsoft doesn’t deserve this kind of punishment for this particular misdeed.

This time it’s Microsoft’s turn to be bashed, but next time it may be an open-source company, or your company. Many big technology companies pay up to patent pirates,

A version of this story first appeared in ComputerWorld.

August 11, 2009
by sjvn01
1 Comment

Obama, open source & healthcare

Linux-based and open-source healthcare software has been around for years. Unless you were in health IT, however, chances are you never even heard of it. It’s time to pay attention, because it may soon be tracking your medical records.

With the passage of ARRA (American Recovery and Reinvestment Act of 2009), $19-billion dollars has been ear-marked for Medicare and Medicaid technology incentives over the next five years. Collectively, this program is known as HITECH. If open-source, medical software advocates have their way, some, if not most, of that money will be going to free software and open standard based EHR (electronic health records).

The most important of the open-source EHR systems are the ones built on VistA (Veterans Health Information Systems and Technology Architecture), the US Veterans Administration’s public domain EHR. Don’t let the name fool you. VistA has nothing to do with Microsoft Vista. The core, open-source VistA code is called WorldVista.

Like Linux with Canonical and Novell, WorldVista has been commercialized by ISVs (independent software vendors). The best known of these suites is Medsphere’s OpenVista.

More >

August 10, 2009
by sjvn01
1 Comment

How to save the Internet from Windows

After last week’s near-collapse of the social networks, such as Twitter, due to a Windows-based, botnet DDoS attack, I made a modest proposal: Throw Windows off the Internet. Here’s how we can do it. Or, at the very least, force Windows users to maintain basic security standards.

Is the problem really so bad that ISPs (Internet Service Providers) must start encouraging users to abandon Windows or enforce Windows security? I think so.

Think about it. Besides last week’s attack, in early July many South Korean and American government and business sites were knocked out, In May, it was Google’s turn to be battered. Massive attacks that knock out part of the Internet are becoming commonplace. Since Windows-based botnets, are what’s strangling the Internet, I don’t see that we have any choice but to start, at the least, regulating the use of Windows.

More >

August 7, 2009
by sjvn01
0 comments

It’s time to get rid of Windows

I thought that the massive DDoS (Distributed Denial of Service) attacks that knocked Twitter and other social networks out was because of Iran’s government trying to shut down its protesters. I was wrong. Hundreds of millions of Internet users were annoyed because of Windows botnet-based DDoS aimed at one (1) person.

According to security company McAfee’s director of security research Dave Marcus, “This was a very targeted attack, and what the research shows is that it was aimed at one particular person, and that person’s accounts on Twitter, Facebook, YouTube and LiveJournal.” The target is a pro-Georgian blogger, but he’s still just one man.

Let me spell this out for you. Some people out there used no fewer than six Windows botnets to go after this one guy. And, in the process, they knocked out, for hours at a time, most of the major social networks.

How did this happen? It happened because Windows is an insecure piece of junk. Anyone who knows anything about security knows that this kind of disaster was only a matter of time. Windows botnets are responsible for DDoS attacks and most of e-mail spam.

More >