I was in CompUSA the the other day and noticed quite a few people in the Apple section. I realized that this was becoming increasingly common everywhere I went. Indeed, much Apple love these days. But why now?

I mentioned to an employee in the PC section that Apple interest seemed to be getting stronger overall, and asked if he had seen the same thing there in the store. He said he’d been there for around three years and that Apple awareness was at an all-time high.

I asked him when he thought things started turning around for Apple.

–

Me: Was it the new iMacs? The iPod halo effect finally kicking in? When did you start noticing a difference? CompUSA Employee: Oh, I know exactly when it was…it was quite obvious.

Me: When?

CompUSA Employee: Around the middle of January of this year [2007].

Me: Really, what came out then that made the difference? [I was thinking Apple]

CompUSA Employee: Vista.

–

The guy was totally nonchalant about it. He didn’t even seem to care. He didn’t laugh. He didn’t smile. He wasn’t joking. He was just relaying what he saw, and he was right.

Apple didn’t give OS X the popularity it has today — Vista did.:

Well my Vista box is already hung. I made the mistake of closing an explorer Window when it wasn’t responding. This crashed your box in Windows 95. It crashed your box in 98. It crashed your box in ME. It crashed your box in 2000. It crashed your box in XP. It even crashes your box in Server 2003.

So now, in the new and redesigned flagship Vista operating system? It crashes your box. My machine is completely unresponsive (I don’t even have a taskbar or start menu). I’ve installed only one program — Office 2007 Enterprise. I’d blame it on VMware if this wasn’t the same exact issue that I’ve seen in every version of Windows I’ve used.

Keep in mind here — my OS is unresponsive because I clicked on a button that they offered to me as an option. They presented me with an interface which, if used, would hamstring my machine.

Nice job on Windows 95 version 7 here, guys. You make me sad.:

Evidently the new version of VMware for OS X lets you run a virtual session right off of your bootcamp partition! Pretty cool stuff.

My buddy Craig has it working.

[ Link: Vista Running From OS X Bootcamp Partition Within OS X ]

So for those of you who are into blogging you’re probably all aware of Robert Scoble, a former Microsoft employee who became popular by bringing blogging to that company for the first time.

He’s famous for being highly biased towards Microsoft, but now that he’s left it seems his exposure to the “real world” has caused him to see things differently. In a blogpost titled, “I love my new Mac (list of cool utilities from Twitter)“, he says this:

I just switched my life over to a 17-inch MacBookPro. Don’t worry Microsoft fans. I still have Vista and Office 2007 loaded too.

He didn’t say he’s trying it. No. He “switched his life over” to it. And he just referred to those left behind as “Microsoft fans”. Think about it: Robert Scoble is keenly aware of all the available technologies out there — especially those from Microsoft. And if he made found the Mac to be better then there’s probably something to it, don’t you think?

Is this proof that Mac is better? No. Is it a good indication that anyone refusing to look at Mac is probably doing themselves a disservice? Yeah, I’d say so…

I’ve been trying to get Chris to the Mac for over a year now, and he’s put my latest attempt up on his site. I’ve received a number of emails commending me on my efforts, but a few pointed out something I’d not considered:

The guy is an absolute Windows icon. He can’t just up and defect like this. It would likely be extremely bad for business.

And when I say business, I mean the roughly $10K/month he makes from Google AdSense. Essentially, he’s been a known Windows expert since before 99.9% of people were on the Internet. He has a massive fan base. So no matter how cool OS X is he’s probably not going to switch due to the potential impact it may have on his income and Internet status.

And to be honest, I can’t say I blame him. I personally would still do it, but I can definitely see why he wouldn’t. Oh well…I’ll keep at it. When Leopard drops and makes Vista look silly, it’ll get a bit easier.

You might be saying no such thing exists, but I beg to differ. I’ve dumped XP as a Windows platform. I now use it only when something specifically requires it (which isn’t often).

I prefer to use Windows Server 2003 as a workstation instead. Why? Mostly because of raw socket limitations. I hate the fact that security software is hit or miss on XP. I simply lack the time to worry about whether or not XP will gimp up a given security tool.

So I’ve just built my latest Windows VMware image (for Outlook, Word and Visio) using Server 2003. Office 2007, by the way, is awesome. I very much like the ribbon concept, as well as the other more subtle improvements. And Office 2007 runs great on Server 2003, so this is a good thing.

It’s become very clear to me that XP is an OS designed for the masses. It’s edges have been rounded so that people don’t cut themselves, which is unfortunate since I was actually using them to get work done. Luckily for me there’s another Microsoft platform that runs Office, and until the next version of server comes out this is what I’ll be running as my Windows “desktop”.

Has anyone else noticed this strategy by Microsoft? Their only means of defending Vista’s flopping seems to be to talk about how cool the next version of Windows will be. It’s like they’re saying:

We know Vista let everyone down, but trust us — the next version of Windows is going to be really, really, extra-super cool! Even better than Leopard, which is about to come out and make us look like fools. So remember, when Leopard does lanuch, and it makes us look completely silly…keep in mind that we have something WAY better than that coming in just two years.

Uh, yeah…I believe you.

Yesterday I wrote about Joanna Rutkowska’s work that highlighted a serious security flaw in Windows Vista. Her finding was that in Vista, many applications require that they be installed with administrator privileges, and that during the install process users are given two options: 1) install with elevated privileges, or 2) don’t install the application at all.

Yesterday’s post was sloppy, however. It came to the conclusion that Microsoft made a security design error in implementing this system. The truth of the matter is that there is a serious security problem with respect to Vista, but that problem is not due to a recent decision by Microsoft.

The real problem is that thousands upon thousands of 9x and XP applications were written according to the old security model, i.e. the one in which installers were able to spray their parts all over the system with no issues because they ran as administrator. This won’t work in Vista because they’ve gone to a restricted user model, so they have only one choice — allow the applications to install with elevated rights.

Microsoft had no other choice, really. The alternative is telling people that their old programs are insecurely written and can’t be used. That wouldn’t go over well. Unfortunately, allowing the applications to go in as administrator creates a major problem for Microsoft: it trains the users to say yes when an application asks to be installed with elevated privileges.

This is what’s going to do the real damage. It’s the fact that people are going to get so used to allowing legitimate applications to install with elevated rights that when a piece of malware asks to do the same they’ll happily oblige.

Not good.

But it’s not a Vista problem, really. It’s going to hurt Vista, but the real problem is that of legacy support. It’s ironic, really. All this work to make Vista more secure and it’s going to be largely undermined by how lax they were in the past.:

I just got done reading something utterly insane about Vista. Evidently, a Polish researcher named Joanna Rutkowska has discovered that Vista, by default, wants executables to install with Administrator rights.

WTF?!?

When I say “wants”, that means that when you install executables in Vista you get prompted to either install with administrator rights or not at all. From her post:

So, when you try to run such a program, you get a UAC prompt and you have only two choices: either to agree to run this application as administrator or to disallow running it at all.

Are you kidding me? All that work that went into the limited user stuff, and the outcome ends up being that 99.9% of users will be installing utter garbage on their Vista systems with elevated privileges.

Seriously…here are how the options will look to users:

1. Do install this thing I want to use (with some technical mumbo jumbo I don’t understand)
2. Don’t install the thing I want to use.

What do you think they’ll pick? Yeah, me too. And in reality their choices are more like:

1. Install this and hope it’s not malware. If it is, you’re about to get owned.
2. Don’t install it.

The Nix Difference

I am completely dumbfounded by this. The whole point of Vista was to get its security model up to where *nix is — via limited users. In OS X or Linux, by default, you install applications with limited privileges — not as root/administrator.

Wow. Vista disappoints once again. First they remove all the cool features like WinFS, and now the only thing they had going for them (increased security) is largely bypassed in the name of convenience. Joanna Rutkowska said it best in her writeup:

If Microsoft won’t change their attitude soon, then in a couple of months the security of Vista (from the typical malware’s point of view) will be equal to the security of current XP systems (which means, not too impressive).

Uh, yeah…more of the same from Microsoft. With Leopard coming out shortly and Ubuntu just getting better and better every day, Microsoft’s days of dominance are numbered.:

– 02.15.07 So it appears I was largely wrong about this. Not about it being an issue (it is), but about my judgment of the design and the severity of the implications. After reading extensively about the issue I came across a comment here on the site that captured it really well:

So, the crux of the situation is that currently a lot of apps and their installers are written to install for the system, and to do so these apps request admin rights.

That’s really it. Microsoft is simply dealing with its insecure past, i.e. a world in which installers had full admin rights to do anything they wanted on the system. As such, most software is still written in this fashion, and since that’s the case, and Vista users are non-privileged, — old, dirty-style programs have to be installed with elevated rights if you want to use them.

In short, it’s still a security problem, but the problem comes from Microsoft’s difficult to handle legacy past, not a recent, poor security decision by Microsoft.

Anyway, I was sloppy, and I apologize for that. I should have nailed down the problem more accurately before posting.