NewsBot

<img alt="" height="1" width="1"> The birth of cool? ReportonBusiness.com, Canada - Aug 21, 2008 “The image of Vista is beyond saving at this point – and yet it has outsold every previous version of Windows at this point in its lifecycle by a mile. ... More...

<img alt="" height="1" width="1"> Why does Apple get a break? Computerworld, MA - 17 minutes ago Only about 10% of the computers at the show were running Windows, none of these, I might add, were running Vista. Of course, not all those Macs were running ... More...

<img alt="" height="1" width="1"> Heads Up: Trojans and Viruses Are Out to Get You PC World - 20 minutes ago Windows Vista Small Business: 866/613-0270. Vista Small Business Assurance is available for free to all small businesses purchasing a new PC with Windows ... More...

<img alt="" height="1" width="1"> Windows dressing Financial Times, UK - 29 minutes ago By Richard Waters Technology blog (Richard Waters): I am always struck, when writing about Windows Vista, by how many PC users there are out there who feel ... More...

<img alt="" height="1" width="1"> Linux Not Supported For Democratic Convention Video Slashdot - 15 minutes ago Please try again on a computer with the following Compatible operating systems: Windows XP SP2, Windows Vista, or a Mac with Tiger (OS 10.4) or Leopard (OS ... More...

I'm thoroughly updating all of the existing articles in my Windows Vista Feature Focus series for Service Pack 1 (SP1) and will begin working on new articles in the series this week! More...

Previous posts have covered trustworthy principles in general and some product specifics as well. Privacy is an important part of trustworthy computing. This post discusses one aspect of privacy on the web: third-party content. When most people browse the web, they think what they see in the address bar and the site they are visiting are the same thing. However, web sites today typically incorporate content from many different web sites. For the sake of clear terminology, the site the user browses to directly (seen in the address bar) is the first-party site; the other sites that the first-party site incorporates in its site experience (but that the user hasn’t navigated to directly) are third-party sites. When you browse to a first-party site, you know that it can collect information about how you use the site. What many users don’t realize is that technically, third-party sites can collect information about users as well. Users aren’t typically well-informed about which third-party sites are collecting what information, how the sites use this information today, or how the sites could use the information in the future. Identifying Third-party Sites Most websites today are actually mosaics, or mash-ups, of several different sites. To see this, you can bring up the Privacy Report in Internet Explorer (from IE7’s Page menu or IE6’s View menu, choose the Web Page Privacy Policy menu item) for any site you visit. Here’s part of the report for a news site, and another from a credit card site: http://ieblog.members.winisp.net/images/privacy.report.1.png http://ieblog.members.winisp.net/images/privacy.report.2.png While the address bar shows the address of the current, first-party, site, this dialog shows the addresses of all the different web sites (including third-party sites) that the current web page includes content from. The browser visits every one of these sites in order to show the current web page’s content. The way that sites can pull content in from other sites is useful and powerful and typical on the web today. It’s part of the underlying design and structure of the web, and enables functionality (like an interactive map in the middle of a restaurant’s website, or a “share this” link in the middle a news article) that people value. Third-Party Sites and Privacy At the same time, bringing information together from different websites has privacy implications. A good example of this issue that most people have experienced involves email. Many email systems treat email messages that come from unknown senders in a special way, blocking images in them and displaying a warning like this one: http://ieblog.members.winisp.net/images/blocked.content.warning.png The message body typically has some missing images (“red X’s”) with text nearby, like “Right-click here to download pictures. To help protect your privacy, Outlook prevented automatic download of this picture from the Internet.” Why do email systems block these external images? The sender may have programmed some information in the external image that is ­unique to the recipient – for example, having the image’s file name or location include the recipient’s email address. When the sender sees that a particular image was downloaded, then the sender knows which email message arrived in a valid account and was opened. By not downloading the content, the email recipient prevents his email system from disclosing information and protects his privacy from the unknown sender. Potentially, the recipient protects himself from more unsolicited email. In general, every piece of web content that a computer requests from a website discloses information to that website. This basic technique enables a third-party site to track visitors across different first-party websites that include content from the same third-party. When several websites show content (like a syndicated photo or article) from the same third-party website, that third-party site can determine which of the websites a particular visitor has browsed to. For example, say two totally unrelated sites, Site1.com and Site2.com, both include images from MySyndicatedPhotos.com. The user browses to both Site1.com and Site2.com, and the user’s browser calls MySyndicatedPhotos.com in order to get the images these sites include. MySyndicatedPhotos.com can figure out (by various means) that the same machine visited these two different sites. As the user visits additional sites that show content from this same third-party site, this third-party site is in position to build a profile of the user’s activity across the different sites that include its content. While cookies can definitely contribute here, and there’s been long-standing concern and confusion about “tracking cookies,” the fact is that any content coming from a third-party site can function like a tracking cookie. The intent of the content (a photo, article, logo, or site-specific analytics; image, text, or script) is technologically irrelevant to its potential use as a tracking mechanism. Note that even if the user had blocked all cookies, other content on third-party websites could still be used to build a profile. Third-party content isn’t inherently good or bad; it’s just technically possible to use it this way. Actually Happening or Just Technically Possible, and Other Questions To be clear, this post is about what a website can do when several other websites use content from it. It’s not what all third-party sites actually do when other sites refer to content on them. What is actually done with the available information is up to the third-party site, and in some ways very hard for anyone else to figure out. The third-party site could have a clear, well-written, and prominently posted privacy policy that guides its operations. It might not. The site could have an employee who loses a laptop with the data collected, or has malware on his machine and discloses collected information against policy. The site could have business arrangements with other sites that involve pooling data. Also, this blog post isn’t meant as a technical deep-dive on the techniques sites can use to track users, or the different counter-measures technically-savvy users might take to avoid being tracked. The common technical theme here (as described above in the email case and here) involves ways that first-party sites enable information that can uniquely identify site visitors to flow to third-party sites. For example, many of the web addresses you’ll find in the Web Page Privacy Policy dialog are often quite long and contain unique identifiers. There are better discussions of this topic elsewhere. For example, a recent IRC discussion about developing new standards for rich websites covered aspects of this topic. While it’s quite long, some parts are very relevant, like this one (that people “are being tracked whether they send cookies or not”) and this one (“anyone who wants to track people across the web can trivially do so at this point, even without cookies…. you can pretty easily ‘fingerprint’ people through things like their user-agent string, ip address, screen size, other js- and http- accessible prefs, etc and then with a simple set of analysis scripts you can easily work out who is who just look at the ‘anonymised’ search query string data aol released”). Web browsing isn’t anonymous or perfectly private even without third-party sites. For example, the provider of Internet access (to a person’s home, hotel room, café table, or desk at school or work) can observe where the computer goes on the Internet. These providers typically provide terms of use, so users have clear notice and can choose to accept or decline connectivity under the stated terms. Any software running on the user’s machine can determine the websites the machine has visited; this is the basis of features like History, or toolbars that copy a user’s browser history up to the web so users can get at it from different machines. Again, terms of use and privacy policies are important tools here for users. The websites a user visits can determine information about the user (for example, the user’s likely location). Also, users give the sites they visit information directly in terms of what they click on and choose to do. Third-Party Sites and Trust Issues Given that web browsing isn’t anonymous and in some ways this is “how things work” on the web, what exactly is the trust issue? For many people, trust begins with security. The security risk here is plain: visiting one website exposes the user to potentially malicious content from other websites. The user visits one site and sees content on it that seems trustworthy (it’s on the site!) but actually comes from a different source. Finding examples of this problem on the web isn’t hard; it’s happened to visitors of several top tier websites. Trust includes privacy as well. The privacy concern involves users having a choice, and being able to exercise control about what information they share. Today, users are not in control of which websites can get information about their browsing activities. As a result, web sites that users aren’t aware that they’ve visited and don’t have a well-defined relationship with are in position to build a profile of the users’ browsing patterns. A guiding principle for Internet Explorer (and Microsoft overall, as part of Trustworthy Computing) is that the user should be in control. Consumers have come to expect security protections from their browsers, and are starting to have higher expectations about privacy protections as well. Control here means that users have clear notice and can tell what sites they may be disclosing information to and under what terms. Control also means that users can exercise choice about what information they disclose to whom. Preventing information disclosure means blocking content; blocking content creates a possible impact to the appearance and functionality of the page. Beyond these issues, accountability is a question here as well. When a user visits one site after another, and each one includes some third-party content, who is accountable and who takes responsibility for the information collected about the user? On today’s web, that’s not at all clear. The privacy and trust issues around third-party content are complex and important. As discussed in this blog before, trustworthy browsing involves many industry challenges, and, like many other efforts (e.g. interoperability), requires cooperation and trade-offs. Web privacy involves more than just blocking cookies. Enabling users to be in control starts with making users aware of the issues. In another post, we’ll cover IE8 functionality that helps users stay in control of their information. Dean Hachamovitch General Manager http://blogs.msdn.com/aggbug.aspx?PostID=8894325 More...

As others have written here before, users should be in control of their information. That’s at the core of privacy. Privacy has two aspects: disclosure and choice. Disclosure means informing users in plain language about the data collected about them and how it’s used. Choice means putting users in control of their data and giving them tools to protect it. Have you ever wanted to take your web browsing “off the record”? Perhaps you’re using someone else’s computer and you don’t want them to know which sites you visited. Maybe you need to buy a gift for a loved one without ruining the surprise. Maybe you’re at an Internet kiosk and don’t want the next person using it to know at which website you bank. What if you want to delete your browsing history after the fact, but you don’t want to lose your preferences at websites that you use frequently? When we began planning IE8, we took a hard look at our customers’ concerns about privacy on the web. As evidenced by some of the comments on this blog during the IE7 days, many users are concerned about so-called “over-the-shoulder privacy”, or the ability to control what their spouses, friends, kids, and co-workers might see. What about your privacy as you browse the web? As Dean outlined is his post earlier today, there is so-called “3rd-party” content on websites, some of which can gather data about how you browse the web. How do you know what that is, or how to control it? With respect to privacy, IE8 gives users more choice about controlling what information they keep and exchange. In the first part of this post I’ll describe two Internet Explorer 8 features that help you control your history, cookies, and other information that Internet Explorer stores on your behalf. In the latter part, I’ll describe two more features that can help you control how your browsing history is shared by websites. By default, IE8 browses the web the same way IE7 does. InPrivate™ Browsing lets you control whether or not IE saves your browsing history, cookies, and other data Delete Browsing History helps you control your browsing history after you’ve visited websites. InPrivate™ Blocking informs you about content that is in a position to observe your browsing history, and allows you to block it InPrivate Subscriptions allow you to augment the capability of InPrivate Blocking by subscribing to lists of websites to block or allow. InPrivate Browsing If you are using a shared PC, a borrowed laptop from a friend, or a public PC, sometimes you don’t want other people to know where you’ve been on the web. Internet Explorer 8’s InPrivate Browsing makes that “over the shoulder” privacy easy by not storing history, cookies, temporary Internet files, or other data. Using InPrivate Browsing is as easy as launching a new InPrivate Browsing window. When you’re done, just close the window and IE will take care of the rest. http://ieblog.members.winisp.net/images/InPrivate.homepage.png While InPrivate Browsing is active, the following takes place: New cookies are not stored All new cookies become “session” cookies Existing cookies can still be read The new DOM storage feature behaves the same way [*]New history entries will not be recorded [*]New temporary Internet files will be deleted after the Private Browsing window is closed [*]Form data is not stored [*]Passwords are not stored [*]Addresses typed into the address bar are not stored [*]Queries entered into the search box are not stored [*]Visited links will not be stored Delete Browsing History In Internet Explorer 7, we added a feature called Delete Browsing History that lets you delete in one click all of the information that IE saves. This is a necessary tool that is a standard feature in all modern web browsers. If there are things in your web browsing past that you want to erase, you can do that easily. The problem is that usually you don’t want to delete everything! Cookies, in particular, are really useful for storing preferences on websites that you use frequently. Many sites have a “remember me” option, which stores a cookie on your PC and identifies your user account. Other sites, particularly financial websites, will store a cookie on each computer that you use to eliminate extra challenge questions (i.e. “What was your high school mascot?”). IE8 solves this problem by adding an option that lets you keep cookies and temporary Internet files from websites saved in your Favorites list: http://ieblog.members.winisp.net/images/Delete.Browsing.History.png To avoid having your favorite sites “forget you”, simply add them to your Favorites, and make sure the “Preserve Favorites website data” checkbox is selected. IE will preserve any cookies or cache files that were created by websites in your favorites. Oh – and by the way – we heard your feedback about checkboxes! Now Delete Browsing History will remember your preferences. We also added a “Delete Browsing History on Exit” feature if you really want to keep your history squeaky-clean! To do so, click Tools->Internet Options: http://ieblog.members.winisp.net/images/Browsing.History.Preferences.png In his post earlier today, Dean outlined some of the privacy issues surrounding third-party content, which powers some of the rich experiences you get on the web today, such as interactive maps and social networking shortcuts (“add to Digg”). Some third-party content is shared by multiple websites. If you happen to browse to sites that refer to the same third-party resource, i.e. a script, image, stylesheet, information is sent to that third-party. Over time, the third-party can create a profile of which websites you go to, what links you click on, etc. It’s hard to know exactly how your data will be used and with whom it will be shared without reading and understanding the privacy policy of each third-party site providing content to the website you visit,. Consider this hypothetical example. You walk into a shopping mall. In the middle of the shopping mall, there is someone in front of a kiosk who asks you if he can record what stores you visit while you’re there as part of a survey. In order to do so, he writes down a description of what you look like – not your name – but what you’re wearing, your height, etc. In several of the stores throughout the mall, there are people who identify you based on this data, and record whether or not you visit a particular store. When the mall closes, the surveyors in the store report their tallies back to the kiosk. What the surveyor ends up with is a list of some of the stores you visit while you’re at the mall. This is analogous to how some third-party content works on the web today. Again, without reading specific privacy policies, it’s hard to say in general what third-parties do with the data (or whether or not they record it at all). The first difference between this mall example and the real world is that the mall survey is hypothetical. Again, different third-party sites do different things with the data they can collect, and the best way to understand what they actually do is reading their privacy policy. The other major difference between this example and the web is how explicitly users are presented with a choice about sharing their information. Clearly there are benefits to sharing your information, starting with richer experiences. Many web sites rely on third-parties to provide content and services like interactive maps and financial data, or analytics and advertising in order to operate effectively. These third-party services often collect information in order to do their jobs. There are also potential drawbacks, such as privacy risks (who has what information?) and increased exposure to malicious content. Put simply, the web relies on a trade, or value exchange, between users and sites. Information goes back and forth: in exchange for “free” services and content, users “pay” with information, not money. There is nothing wrong with such a trade, as long as users are informed and are in control of the choice. InPrivate Blocking InPrivate Blocking is a feature designed to help give you information about third-party content that has a line of sight into your web browsing, and gives you a choice about what information you share with these sites. As Dean mentioned in his post, it’s possible for sites to track users without cookies. The only way to ensure that your data is not disclosed is to block content and prevent communication to sites. While you browse the web, your IE keeps a local record of which third-party items your browser accesses, and where they were accessed from. For example, if you visit http://www.contoso.com/index.html, which contains the following snippet: Contoso.com Homepage … … and then visit http://www.wingtiptoys.com/, which contains the same snippet: Great deals at Wingtiptoys.com … … Woodgrove-int.com is now in a position to know that you’ve been to both contoso.com and wingtiptoys.com. InPrivate Blocking keeps a record of third-party items like the one above as you browse. When you choose to browse with InPrivate, IE automatically blocks sites that have “seen” you across more than ten sites. You can also manually choose items to block or allow, or obtain information about the third-party content directly from the site by clicking the “More information from this website” link. Note that Internet Explorer will only record data for InPrivate Blocking when you are in “regular” browsing mode, as no browsing history is retained while browsing InPrivate. An easy way to think of it is that your normal browsing determines which items to block when you browse InPrivate. http://ieblog.members.winisp.net/images/InPrivate.Blocking.png InPrivate Subscriptions Users can augment the capability of InPrivate Blocking with InPrivate Subscriptions. Some users want to protect their privacy, but don’t want to make granular decisions about content to block or allow. Users can delegate these decisions to publishers of InPrivate Subscriptions. Users can subscribe to a list the same way they add an Accelerator, Web Slice, or search provider to IE: by clicking a link on a web page and confirming that they want this functionality: http://ieblog.members.winisp.net/images/InPrivate.Blocking.Subscription.png Under the covers, InPrivate Subscriptions are simply RSS feeds of Regular Expressions that specify sub-downloads to block or allow. Anyone can publish an InPrivate Subscription on their website, just as they can offer an Accelerator or Web Slice on their website. We’ll post details about the file format as part of the updated IE8 Developer’s Guide with Beta 2. Conclusion IE8 helps put you in control of your data, both on your PC and on the Web. IE8 Beta 2 is coming soon, and I encourage you to download it and give us feedback. Andy Zeigler Program Manager P.S. Check out Dean and Andy talking about IE8 and Privacy on Channel 9. Edit: Added a P.S. http://blogs.msdn.com/aggbug.aspx?PostID=8894366 More...

<img alt="" height="1" width="1"> Update: Vista may still have its day InfoWorld, CA - 9 minutes ago [ Get the analysis and insights that only Randall C. Kennedy can provide on PC tech in InfoWorld's Enterprise Desktop blog. And download our free Windows ... More...

<img alt="" height="1" width="1"> Microsoft May Have 2000 Developers Working On Windows 7 DABCC.com (press release), FL - 1 minute ago ... for the Windows 7 operating system said there are 25 "feature teams" of about 100 employees each working on the upcoming replacement to Windows Vista. ... More...

<img alt="" height="1" width="1"> ON COMPUTERS : Blog Talk offers Net time to radio-show wannabes Arkansas Democrat Gazette, AR - 9 minutes ago Spybot works with all Windows versions from Windows 95 on up to Vista. It also works with some versions of Linux. Vista comes with a built-in anti-spyware ... More...

<img alt="" height="1" width="1"> You don't know tech: The InfoWorld news quiz InfoWorld, CA - 12 minutes ago Dan Tynan is contributing editor at InfoWorld and author of the Tynan on Technology blog. Windows Vista: A Cyber Security Shield - Windows Vista ... More...

<img alt="" height="1" width="1"> Microsoft and Seinfeld: A Comedy of Errors? TechNewsWorld, CA - 21 minutes ago By Katherine Noyes Microsoft's hiring of Jerry Seinfeld as a Windows Vista pitchman had the Linux community in stitches last week. ... More...

<img src=http://news.google.com/news?imgefp=e3a1ZCPL0xkJ&imgurl=www.adweek.com/adweek/photos/stylus/36861-JerrySeinfeldL.jpg width=80 height=67 alt="" border=1> Adweek <img alt="" height="1" width="1"> Seinfeld Selection Finds Critics Online Adweek, NY - 2 hours ago "If there's one surefire way to convince everyone Vista is cool, cutting edge and not liable to get frazzled by life's minor complications, it's hiring a ... More...

<img src=http://news.google.com/news?imgefp=e3a1ZCPL0xkJ&imgurl=www.adweek.com/adweek/photos/stylus/36861-JerrySeinfeldL.jpg width=80 height=67 alt="" border=1> Adweek <img alt="" height="1" width="1"> Seinfeld, Microsoft Pairing Finds Critics Online Adweek, NY - 38 minutes ago "If there's one surefire way to convince everyone Vista is cool, cutting edge and not liable to get frazzled by life's minor complications, it's hiring a ... More...

<img alt="" height="1" width="1"> Microsoft lists Windows 7 in patching tool Computerworld, MA - 9 minutes ago Microsoft started talking about it publicly earlier this year, and the Windows development team launched a Windows 7 blog this month. ... More...

<img alt="" height="1" width="1"> Windows 7: Vista-like hell or an OS heaven? iTWire, Australia - Aug 18, 2008 The first post at the E7 blog is designed to introduce the blog to the world, to make lots of promises, to explain that Windows 7 will be explored in ... Windows 7 to be Previewed in October? IDM.net.au all 5 news articles More...

I have reported about Seinfeld’s next act at Microsoft here. More details around the web on this new marketing strategy of Microsoft. In an excerpt:Michel Gondry, the innovative director of films, music videos and numerous TV commercials, is directing at least one of the TV spots starring Jerry Seinfeld touting Microsoft Corp.’s Windows operating system, [...] More...

<img alt="" height="1" width="1"> The Live Search Olympics collection LiveSide - 52 minutes ago ... to I think I'll stick with my current verrsion (9.0.1407.1107) until they ditch this header gimmick and start making things that match Windows Vista. ... More...

<img alt="" height="1" width="1"> LXer Weekly Roundup for 24-Aug-2008 LXer (press release), TX - 6 minutes ago Jack Wallen, host of the Linux and Open Source blog, started a lengthy discussion asking the question: Why would you choose Windows over Linux? ... More...

In the latest episode of the Windows Weekly podcast, Leo and I discuss going all in with Microsoft technology, the wonderful world of data sync, Windows 7 blogging, more Vista stupidity, and Microsoft's Olympics gold! More...

<img src=http://news.google.com/news?imgefp=y3DpbuP5wlIJ&imgurl=regmedia.co.uk/2008/08/21/photosynth_oops.jpg width=80 height=72 alt="" border=1> Register <img alt="" height="1" width="1"> PhotoSynth released as a Worldwide “Software + Services” Download ... LiveSide - 35 minutes ago Photosynth.net; a broadband connection; and the Windows XP SP2 or Windows Vista operating system. Our ace reporter Sunshine is busy playing with Photosynth, ... Microsoft's Photosynth Lets You Step Inside The Picture CRN Virtual Viewpoint Newsweek Microsoft Photosynth Goes Live PC Magazine photographypress.co.uk - Appscout all 387 news articles More...

If you are feeling magical then this Windows Vista Disney theme is right for you. It has a lot of happy and bright colours to keep you alert, images to add fun while using Vista, and a number of Mickey’s ears to look at. The theme comes in various variations — red, blue, green, [...] More...

Microsoft has hired the services of Seinfeld to the tune of 10 million dollars to boost Windows Vista campaign. This is part of the 300 million dollars of marketing budget that Microsoft has allocated to turnaround the image of Vista.As Robert Passikoff, Brand Keys president (NY branding firm), says that Microsoft is not seen as [...] More...

WinVistaClub and Windows Vista - The Official Magazine has teamed up to find the best Windows Vista blog and site. In an excerpt of their contest:We invite you to participate in this first-of-a-kind Contest to Judge the Best Windows Vista Blog or Website. So if you run a blog or a website, which primarily focuses [...] More...