A Bear's Face on Mars Blake Lively's New Role Recognizing a Stroke Data Privacy Day Easy Chocolate Cake Recipe Peacock Discount Dead Space Remake Mental Health Exercises
Want CNET to notify you of price drops and the latest stories?
No, thank you

Week in review: See Vista in your future?

Consumer version of Vista generated relatively slow sales during first week on store shelves, but PC sales got a boost.

Although the consumer version of Vista saw tepid sales during its first week on store shelves, the new Microsoft operating system did seem to help PC sales.

Sales of boxed copies of Windows Vista at retail stores significantly trailed those of Windows XP in each product's first week on shelves. Market research data showed that the number of copies of Vista purchased was nearly 59 percent lower than the number for its predecessor. Revenue was also down, but less dramatically, with the dollar value of first-week Vista sales off 32 percent from that seen with XP.

Although boxed-copy sales were weaker, PC sales during the launch week were up 67 percent over computer sales in the same week a year earlier.

An overwhelming majority of readers on CNET News.com's TalkBack forum seemed dubious about the value of the upgrade.

"I think people were just stocking up on a stable system before Microsoft pulls it from the market," one reader wrote. "That also includes people buying new computers with Vista but actually (wanting) to use them."

Sales may be hurt further by an IT professional who claims to have discovered a way of upgrading to a full version of Vista from scratch, while paying only the cost of an upgrade for an earlier version of Windows.

As part of the Vista launch, Microsoft is offering Windows users a range of upgrades, allowing them to move to one of six versions of Vista without paying the full cost. These upgrades are supposed to work only on a PC that contains an existing copy of Windows. The key to the IT professional's method is that the upgrade package contains a complete version of Vista, which the package can be encouraged to install on a machine without checking for an existing authorized copy of Windows.

Times are tough for Vista in the virtual world as well. Although Microsoft recently threw a splashy launch party for Windows Vista in Second Life, those running the operating system may have had trouble enjoying the festivities.

According to a recent post on Second Life's official blog, some people running Vista can't reliably connect to the virtual world, where millions of people hang out as avatars or as 3D versions of themselves. Second Life engineers are working to hammer out the technical problems. Ensuring that Vista users can access Second Life could prove important to Linden Lab, which makes money selling virtual clothing, real estate and other goods.

Indeed, not everyone even in the tech industry is in a hurry to upgrade to the new operating system. John Thompson, CEO of security company Symantec, went so far as to warn against viewing Windows Vista as a solution to security woes. In an interview with CNET News.com, Thompson said he has not updated to Vista and doesn't see a need to do so.

People still need the efficacy that comes with the products that Symantec and others in the security industry build, and so computer users should not confuse the marketing rhetoric with what Vista is, Thompson said. "It's a hopefully much better product than XP or any of its predecessors, but it's not a security solution."

In a wide-ranging interview, Thompson highlighted what he and his company see as the shortcomings of Microsoft's new offering, and he also discussed some of the challenges the security company faces from competition and product development.

The wireless frontier
The 3GSM World Congress, one of the world's largest trade shows for mobile services and devices, showcased the cutting edge of the wireless industry for three days this week in Barcelona, Spain.

In a bold move to accelerate the adoption of location services for mobile devices, the world's two largest handset makers, Nokia and Motorola, each introduced their own navigation services, a move that could pit them against mobile operators.

In addition to adding new hardware products that will be able to receive signals from satellites to fix a subscriber's exact location, the companies have also introduced their own navigation services, which they plan to sell directly to consumers.

While the business models on these services vary slightly, it's clear that these companies are no longer content to wait for mobile operators to begin offering their own location services.

The cell phone industry is also looking for a bigger piece of the mobile-music sector. But it must improve the experience for consumers or risk losing out to new competitors like Apple, Warner Music Group's CEO warned.

Edgar Bronfman Jr. said in a keynote speech that although there are already millions of music phones available throughout the world, only about 8.8 percent of people with the devices actually buy their music over the air. The reason, he said, is because such purchases are expensive, complicated and slow.

On average, Bronfman said, it can take a person 20 clicks to buy a ringtone, depending on the carrier network the consumer is using. He also complained about the fact that ringtones, full-track songs, music videos and album art are all sold in separate online stores.

Meanwhile, handset makers unveiled new phones at 3GSM. Hewlett-Packard plans to offer its own smart phone with voice command and remote-access features this spring. The iPaq 500 smart phone will run on the new Windows Mobile 6.0 platform and come with voice over Internet Protocol compatibility, push e-mail, Microsoft Internet Explorer and Outlook Mobile.

Research In Motion introduced its BlackBerry 8800. , designed to offer multimedia consumer features to the corporate userAdopting some of the features of its consumer-oriented handheld, the BlackBerry Pearl, the BlackBerry 8800 includes a media player and a microSD expandable memory slot for music and videos.

Hacks, holes and heartbreaks
If you haven't changed the default password on your home router, let this recent threat serve as a reminder. Attackers could change the configuration of home routers using JavaScript code, security researchers at Indiana University and Symantec have discovered.

The researchers found that it is possible to change the DNS, or domain name system, settings of a router if the owner uses a connected PC to view a Web page with the JavaScript code. This DNS change lets the attacker divert all the Net traffic going through the router. For example, if the victim types in "www.mybank.com," the request could be sent to a similar-looking fake page created to steal sensitive data.

Meanwhile, Microsoft released fixes for 20 vulnerabilities in a variety of products including Windows, but none of the operating-system flaws affect Vista. The fixes arrived in a dozen security bulletins, released as part of Microsoft's monthly patch cycle.

Six of the alerts were tagged "critical," the company's most serious rating. These flaws could enable an attacker to gain complete control over a vulnerable computer with no action, or minor action, on the part of the user, Microsoft warned.

The critical Microsoft vulnerabilities are in Windows, Internet Explorer, Office and security tools such as Windows Live OneCare and Windows Defender. None of the Windows or Office flaws affect Vista or Office 2007, Microsoft's latest updates.

A few days later, Apple issued four security updates to fix flaws in Mac OS X and iChat identified by the Month of Apple Bugs project. Two of the flaws could allow an attacker to execute code on an unpatched system. Patches are now available on Apple's Web site or through the Software Update selection under the Apple menu on a Mac.

Apple noted that proof-of-concepts for the flaws were posted on the Month of Apple Bugs Web site. But it doesn't appear that attack code has surfaced using the concepts outlined by the project. Apple has fixed several flaws identified by the project, which took place in January, but some remain open.

In honor of Valentine's Day, at least two romance-theme security threats arrived in e-mail in-boxes Wednesday. One purports to be an electronic card from American Greetings and includes "Happy Valentine's Day!" in the subject line. When a recipient clicks on an in-message link to view the "card," however, a Trojan horse virus surreptitiously turns the computer into a spambot, or zombie, said Dmitri Alperovitch, a research scientist at Secure Computing.

Also of note
The Federal Trade Commission has asked a U.S. district court to permanently halt operations that engage in telephone record pretexting...A ruling against Google in a copyright case in Belgium may influence courts in other European countries but not in the United States, where copyright laws are more permissible...D-Wave Systems gave a public demonstration of Orion, its quantum computer, at the Computer History Museum in Mountain View, Calif...Residents of New York, Detroit and Los Angeles are the most at risk of having their identity stolen, according to new research.