Archive for July, 2005

Trusted Computing: If you don’t know what it is, you should

Friday, July 22nd, 2005

Since today marks another step towards the next generation of Windows, we thought it would make sense to post an item about Trusted Computing, which will be supported by Vista and which will likely be supported by the hardware many if not most people are buying by the time Vista is released.

If you’re not familiar with Trusted Computing (TC) then you should probably read the WikiPedia article on TC. To sum it up (crudely) for those not yet convinced it’s worth clicking the hyperlink: By using hardware-based security/encryption the goal of TC is to tightly control what you can/can’t do with the data that comes into, goes out of, and runs on your computer. Much of this is good for the user, it has the potential to protect your data from being intercepted/stolen by others, by being tampered with/destroyed by viruses, etc. But, some of it is potentially very bad for the user. Most notably bad (as far as most people are concerned) is that it allows for and therefore almost encourages anti-competitive/anti-consumer behavior. It has the ability to effectively prevent reverse-engineering, since all the decryption occurs in hardware where the keys can’t be easily intercepted. The practice of reverse engineering can be noble or ignoble, it can seek to make something more useful to all (while injuring no one), or it can seek to prevent vendors/content owners from enforcing their rights. The noble side of reverse engineering has been profoundly important to innovation over the last decade, I shudder to think where we’d be if TC was in place 10-15 years ago. The good form of reverse engineering has allowed users to run various office software packages to read/write Microsoft Word documents, it has allowed Linux users to interoperate with Windows file servers (via Samba), it has allowed Trillian/Gaim/and other multi-service IM clients to be released, and taken to the extreme, TC could allow web browsers to completely refuse to operate with unapproved operating systems or operating systems running any unapproved software. In addition, because file contents can be in encrypted & practically irreversible formats, and because product licensing is strongly protected, and because the trend has been towards a subscription model for software purchases, you could suddenly find that you are perpetually forced into yearly software upgrades, otherwise the data you created/own becomes inaccessible to you (until you renew). There’s more to the down side having to do with your being effectively a third-party to your computer under the TC model, and you can read more about that elsewhere.

I’d recommend the following Electronic Frontier Foundation article which nicely summarizes the topic, and offers a potential change in the TC implementation that might go a long way to protecting all our rights. The future of TC may turn out to be quite nice, it may be that suitable public pressure will naturally ensure that all the vendors act responsibly, reasonably, fairly. But, it seems safe to say that they won’t unless they feel a persistent public pressure to do so, and the more people who know about TC (the good and the bad) the better.

Microsoft Changing Tactics Towards Linux?

Wednesday, July 20th, 2005

There’s been some talk this week related to Microsoft’s attitude/approach towards Linux. It seems to mostly stem from comments made by Bill Hilf,
director of platform technology strategy at Microsoft. In part his comments address the long existing speculation by some that Microsoft would try to control/disrupt Linux by putting out a Microsoft version of the open source UNIX-like operating system. The thinking goes something like this. Microsoft could put out a version of Linux which would be far more compelling to many than existing Linux distributions. Ignoring for a moment technical difficulties. They could include true Windows software support (something that projects like Wine/etc. can never hope to fully achieve) so that you could run any Windows application or library within that Linux OS. They could even bundle in many of the Windows-bundled applications, which would be compelling for many home and office users. They could even provide some level of live/human support for novices/pros. And they could do any/all of this while still setting a price that approached $0; they have the resources to afford the experiment/campaign. I think it’s fair to say we’ve seen Microsoft use their muscle, manpower, and means before. Whether it’s with their entry into the browser arena with Internet Explorer, their customizations of the Java virtual machine that many would argue severely affected Java’s success in the applet arena, or their browser/media player integration into the OS. It all seems plausible enough that they could by some strategy like this seek to divert large segments of the IT community who rely upon Linux mostly out of cost considerations, and who would eagerly turn to a solution which addressed that and gave them greater interoperability with Windows. Anyway, that’s been at the heart of many people’s theories that MS might do such a thing. Apparently Bill Hilf addressed that issue (more or less), and while I don’t read it as a categorical denial that it could ever happen and hasn’t ever been discussed, he certainly treats the issue as though it’s not something they’ve seriously considered or expect to do.

Also, a number of things were said which seem to suggest that Microsoft is giving up on their “ignore Linux” strategy, and is beginning to increase support for interoperability with Linux. One sign of this is that their Microsoft Virtual Server 2005 SP1 will support Linux, a feature they had specifically removed from the product once it was bought from Connectix in 2003. Virtual PC was the previous incarnation of the product, and soon after buying the company, Microsoft eliminated from it support for FreeBSD, OS/2, NetWare, Solaris and Linux, leaving only Windows and Macintosh support. So their re-enabling support for Linux is a marked change of course for the product, and perhaps for Microsoft.

Anyway, for more on some of the changes in Microsoft’s approach to Linux read the PC World article entitled Microsoft Warms Up to Linux.

I try to sign up and it says I already have.

Monday, July 18th, 2005

I try to sign up and it says I already have. I don’t think I have. What do I do? Ed P.

Ed,

In your case, and every other case we’ve come across where someone has reported this problem, you actually did sign up, but it was so long ago you presumably forgot. Our records show you signed up with our new system on November 4th, 2004. Since then you may have been using the old system login and therefore not using your new account, but it was there the whole time. And the system shows that you validated the account, which indicates you received the confirmation e-mail, and clicked the link inside of it. So, unless a family member or coworker shares your e-mail address, it must be you. Presumably you’ve forgotten your password, which is no problem, all you need to do to access your account is click this link and you’ll be led through the steps to pick a new password.

DG

Should I ‘trust’ you?

Monday, July 18th, 2005

Should I ‘trust’ you? I like that you now include a trust rating on your drivers, but I’m not sure at what point I should trust a driver. – Maggie Reuben

Maggie,

There is no simple answer, at least not a complete and simple answer.

Most people would feel comfortable downloading a driver from a manufacturer’s website (or trusted site). There is a still a chance that the manufacturer (or trusted site) could accidentally have a virus infected file on their webserver (it has happened before), but those odds are very tiny. So, at the most basic level, if you see a driver comes from a manufacturer’s site (or a “trusted site”) then you should probably feel very, very comfortable.

Slightly less safe are files uploaded by trusted users. We do trust those users, and there is good reason to. They’ve been given strict instructions about what sites/files to trust. And they have proved to us in the past that they’ve observed those instructions. But, because humans are more involved in the process, this is one notch less secure than a file coming from a trusted site. Still, you should feel very comfortable with a file coming from a trusted user.

Beyond this, it’s more difficult to say what you should trust, it really depends on the type of person you are, what your comfort zone is. Most people feel comfortable downloading from shareware/freeware sites, so long as those sites have a rating/comment mechanism where people can report problems. If you’re one of those people, then the same rules would apply to us. If you see a file has been downloaded 10,000 times and no one has commented about it having a virus or malware, then it’s extremely, extremely unlikely that it would. On the other hand, if the file has only been downloaded 10 times, perhaps you’d feel more comfortable if other people tried it first. That’s a personal choice, and we certainly can’t make that determination for you. When in doubt, err on the side of caution.

And just a reminder, every file we have is routinely virus scanned with the latest virus definitions. This will eliminate all common threats and many uncommon ones, providing you very good protection. But no anti-virus program can guarantee to protect you from every conceivable threat. You should make sure you have your own anti-virus software installed, and you should backup your computer as often as your situation warrants. Hard drives fail, computers crash, and viruses infect.

If you’re looking for a simple answer, and feel like you’re too much of a novice to make any complicated decisions/choices, then just keep in mind that the vast majority of users on the ‘net would feel comfortable downloading drivers from trusted sites and trusted users.

DG

DriverGuide Trust Ratings Launched! (MUST READ!)

Wednesday, July 13th, 2005

We’ve launched one of the most exciting features in years, every driver/firmware detail page now includes an analysis of those factors which should make you trust or mistrust that driver/firmware. You have to make the final call, but we’ll tell you what we think, and why. The factors for trust we analyze include: file origin, virus scan results, and member feedback.

And what’s most exciting, you’ll find that more than 2/3 of our drivers/firmware come from a trusted source! A trusted source can be a trusted site (e.g., manufacturer’s site) or a trusted user (e.g., our paid DriverGuide Techs who upload only from trusted sites or installation CD-ROMs/floppies).

We’ve always tried to ensure you only get the safest drivers, by encouraging and displaying ratings/comments, and by always scanning for viruses, but now we take it a big step further. So, welcome to the new and more trustworthy DriverGuide!

Which Tech Blogs Do You Read?

Saturday, July 9th, 2005

We’re going to be adding a more comprehensive news section on our site and we’re looking to include entries from the most relevant blogs (with permission of course). So, please let us know what tech/hardware/driver/firmware related blogs you read that you think others would enjoy as well. If you write such a blog yourself, let us know.

New features: My Searches, My Downloads, My Recently Viewed Drivers…

Thursday, July 7th, 2005

We have recently launched some new “preview access” features, part of our personalization effort. Each search you do will be remembered and can be redone days later. Each driver you download will be remembered. Each driver you view will be remembered. For these features to work you MUST have one of the new (free) personalized accounts (which means anyone who signed up after April ‘05, or who volunteered to upgrade their account); if you haven’t yet, go to http://members.driverguide.com/ums/index.php?action=r.

These new personalized features are “preview access”, which means a) it might have bugs, b) its interface has improvements yet to be made, and c) it will eventually become part of a “premium” offering. Don’t let the “premium” worry you, features currently free will remain free. The premium offerings will enable us to continue to expand our free features while also developing additional tools (and tech-managed data) of particular use to computer professionals (and advanced hobbyists) who use our site. The reality is that we must create additional revenue sources to expand our features and stay ahead of the competition in an environment where banner advertising and the like continue to wane as a revenue source. As we’ve seen all of our other competitors abandon their free offerings and convert entirely to paid membership we’ve never waivered from our commitment to keeping this site a free resource, and we believe that the best way to guarantee that for the future is to develop tools which will make the jobs of our professional and advanced users easier, and in that savings of their time (and their money) we’ll earn their premium membership. But, it’s not all about money. All our premium memberships will be able to be earned by member participation. If contribute to our site, by doing such things as uploading needed drivers and helping others resolve their driver problems, you will earn our respect and all the benefits of premium membership. Stay tuned for details as the new features are launched.

My DriverGuide
http://members.driverguide.com/my

Slow downs and errors on Thursday.

Friday, July 1st, 2005

If you were on our site this past Thursday you probably experienced some slow searches, page loads, and even errors. We’re sorry about that. Our site was being unlawfully hammered by another site. It took us a little while to properly diagnose the problem and shut them down.

If you’ve ever wondered why we have to have that annoying “human check” (a.k.a., Turing test) to ensure that a human is downloading a file, this was one such occasion. We periodically have other sites try to copy cat us, stealing our content, and slowing down our site considerably in the process. By using such methods we’re able to keep the site abuse to a minimum.