Week in review: Battening down Microsoft's hatches

Microsoft is seeing piracy rates for Windows Vista that are half those of Windows XP, and the decline in those rates is largely due to the fact that Vista is much tougher to fake than XP.

"Piracy rates are lower because it's harder," Microsoft Vice President Mike Sievert said in an interview.

There are a variety of reasons for that, including the fact that businesses no longer have volume license keys that can be used to activate an unlimited number of machines. Another is the fact that Vista machines that aren't properly activated pretty quickly become basically unusable once they enter "reduced functionality mode."

For Microsoft, the gains have been significant. In its last earnings call, Microsoft said five percentage points of Windows growth could be attributed to gains in piracy.

However many CNET News.com readers, critical of the new operating system's value, had other theories to the lower piracy rate.

"The reason the piracy rate is down is because nobody wants Vista."
-- CNET News.com reader

"I can see people getting stuck with Vista installed on a new computer and then looking for pirated copies of XP to install over it," one reader wrote in News.com's TalkBack forum. "I wouldn't be surprised if Vista has actually caused the XP piracy rate to go up."

Microsoft is also touting Internet Explorer as being more secure than Firefox and comparing the number of vulnerabilities found in the two browsers, but critics say this study is flawed.

Jeff Jones, security strategy director of Microsoft's Trustworthy Computing Group, released a study comparing the flaws in Microsoft's Internet Explorer to Mozilla's Firefox browser; unsurprisingly, he concluded that Microsoft is doing a better job than Mozilla.

Challenging early predictions that Mozilla's Firefox browser would experience fewer vulnerabilities than IE, Jones conceded that both companies' browsers have experienced significant flaws. Jones said Mozilla has fixed more flaws in its browser than Microsoft during equivalent periods, which he said renders Firefox more vulnerable than IE.

However, Jonathan Oxer, technical director and founder of Web application development company Internet Vision Technology and president of Linux Australia, said the study is flawed because Microsoft tends to bundle its fixes, which leads to a lower count over the period being compared.

Indeed, Microsoft's current emphasis on security can be traced back to Internet Explorer. Until 1997, security was seen mainly as a set of features that the company bolted on to its software long after product design and development. The idea of securing code as it was being developed had not been considered.

That all began to change in March 1997, when the first significant flaws were discovered in Internet Explorer. In the aftermath, Microsoft created the Microsoft Security Response Team, as well as a separate Internet Explorer security group.

In a three-part special report, CNET News.com looks at how 10 years of painful lessons have changed Microsoft's approach to security, as well as the major threats of today that the software maker is battling.

Crackdown in Congress
The Bush administration officially entered the file-sharing fray pitting the major record labels against a Minnesota woman named Jammie Thomas, and it's siding with the record labels. In legal documents filed in federal court, the U.S. Department of Justice said it wants to defend the constitutionality of the copyright law that a jury decided Thomas violated.

"The federal copyright statute...has consistently included special provisions to ensure significant monetary awards in copyright infringement suits that will make copyright owners whole and deter further infringement," the department said in its filing. Basically, the department said it was perfectly reasonable for a jury to slap Thomas with a $222,000 penalty for making 24 songs available on Kazaa.

The Justice Department's move is not exactly unexpected. The department is charged with defending the constitutionality of statutes that Congress enacts, even ones (like the Communications Decency Act) that are unlikely to survive judicial scrutiny.

In the aftermath of the Thomas case, Congress is preparing to amend copyright law to increase penalties for infringement. Top Democrats and Republicans in the U.S. House of Representatives introduced a sweeping 69-page bill that ratchets up civil penalties for copyright infringement, boosts criminal enforcement, and even creates a new federal agency charged with bringing about a national and international copyright crackdown.

The U.S. House of Representatives also overwhelmingly approved a bill saying that anyone offering an open Wi-Fi connection to the public must report illegal images, including "obscene" cartoons and drawings--or face fines of up to $300,000.

That broad definition would cover individuals, coffee shops, libraries, hotels, and even some government agencies that provide Wi-Fi. It also sweeps in social-networking sites, domain name registrars, Internet service providers, and e-mail service providers such as Hotmail and Gmail, and it may require that the complete contents of the user's account be retained for subsequent police inspection.

The SAFE Act represents the latest in Congress' efforts--some of which have raised free speech and privacy concerns--to crack down on sex offenders and Internet predators. One bill introduced a year ago was even broader and would have forced Web sites and blogs to report illegal images. Another would require sex offenders to supply e-mail addresses and instant-messaging user names.

Peeling Apple
A little more than a month away from the Macworld Expo, expectations are starting to get a little clearer for what is arguably Apple's biggest show of the year. CNBC reported that Apple plans at Macworld to introduce a 12-inch Mac laptop with flash memory in place of a hard drive. Apple followers have long anticipated such a product, and several other reports have come out this year predicting a similar type of announcement.

The ultraportable Mac is said to be 50 percent thinner and lighter than a current MacBook Pro, the largest notebook in Apple's lineup. And CNBC is also saying it expects the price to be about $1,500, the same price as the 13.3-inch black MacBook that's currently available on Apple's site.

As Apple gears up for Macworld, one analyst has a suggestion for Apple concerning its iTunes rift with NBC Universal: kiss and make up. Despite what Apple loyalists may think, iTunes needs NBC Universal more than the network needs iTunes, according to a report issued by Forrester Research.

As NBC shows such as The Office and Heroes began disappearing from iTunes last weekend, James McQuivey, a Forrester analyst, warned Apple executives that it was in their best interest to "win NBC back."

In the report, McQuivey asked what good it is equipping iPods with video monitors if there isn't any video to watch. The way McQuivey sees it, NBC Universal is the clear winner in the feud between the two companies.

"The loser here is Apple, which relies on NBC Universal to deliver 30 (percent) of video download sales," McQuivey wrote. "Any supposed backlash against NBC will not materialize because NBC has made its content available, for free, on NBC.com and six other major portals sites."

Meanwhile, Apple has been sued for patent infringement over the iPhone's visual voice mail feature. Klausner Technologies claims the visual voice mail feature infringes on two patents that are said to cover the iPhone's method of selectively listening to voice mail messages rather than in the order in which they were received.

Klausner has already won cases against AOL and Vonage asserting the patents in question here, and is asking for $360 million in royalties and damages.

Also of note
Microsoft said it is working to develop a version of XP that can run on computers without a hard drive, including the XO computer from One Laptop Per Child...Beginning in the next few weeks, Dell notebooks and desktops will be for sale at Best Buy...Microsoft announced that it will have seven patches available on Patch Tuesday, three of which will be ranked as critical.