China to mandate Web filtering software on all new PCs

Late last month, China quietly ordered PC manufacturers to bundle Internet access control software with all computers sold in the country. The software, which appears to be Windows-only, looks to provide a mix of features, including whitelists, blacklists, and on-the-fly content-based filtering. But the key feature that appeals to the government may be the fact that it allows blacklists to be updated remotely.

The government has already worked with the developers of the software, called “Green Dam-Youth Escort,” previously. Jinhui Computer System Engineering Co, which developed it, apparently worked out the basic features of the filtering when assisting the Chinese military in securing the distribution of internal documents, according to The Wall Street Journal, which broke the story over the weekend.

Rebecca MacKinnon, who is an Open Society Fellow and worked previously at the University of Hong Kong, has translated some of Jinhui’s press materials, which indicate that the Chinese government has worked with Jinhui to make Green Dam available as a free download, and assisted in getting it installed in schools. Jinhui had apparently already arranged to have the software bundled by a number of manufacturers.

There seems to be some confusion about the exact capabilities of Green Dam, as The Journal reported that one of Jinhui’s founders indicated that the software relies on a database of blocked sites that allows it to be updated remotely. Reuters, however, talked with the same person, who indicated that it can perform semantic and image-based evaluation of incoming content—as such, the founder claimed that it’s impossible for the software to be used for general censorship purposes. Still the two capabilities aren’t mutually exclusive, and it would certainly be possible to tune Green Dam’s semantic engine in a way that enabled it to filter out politics in addition to porn.

In any case, Green Dam will have to have been fairly well integrated into the host operating system in order to function well, which presents manufacturers with a whole host of potential problems. Manufacturers tend to bundle a lot of software with their machines, which raises the possibility of conflicts between Green Dam and other software on the machine. The auto-updating of the blacklist is also mentioned as another potential security risk, and certainly raises the prospect that computer makers will have to support software with behavior that changes over time. Although the government seems to have given manufacturers little time to adjust to the mandatory policy—it’s set to take effect July 1—for now, it appears that they’re being given the option of simply shipping disks in the box, rather than installing and enabling Green Dam.

Although China clearly exerts great control over the political content that reaches its citizens, the government appears to be extremely squeamish about is citizens’ interest in porn. As such, it’s tempting to take this policy announcement at face value: an attempt at social, rather than political control. Still, if the software does have the ability to perform remote updates of a blacklist, it will mean that the Chinese government has given itself the option of having the capacity to filter political content, available at the flick of a server-side switch.

Read more »

Windows 7 to have an ‘XP mode’

Microsoft is trying to make it easier to sway users of Windows XP onto the latest version of its operating system.

For some time now, the company has been quietly building a “Windows XP mode” that uses virtualization to allow Windows 7 to easily run applications designed for Windows XP. According to sources familiar with the product, the application compatibility mode is built on the Virtual PC technology that Microsoft acquired in 2003, when it scooped up the assets of Connectix.

By adding the compatibility mode, Microsoft is aiming to address one of the key shortcomings of Windows Vista: its compatibility issues with software designed for Windows XP and earlier versions of the operating system.

Details of the Windows XP mode, previously known as Virtual Windows XP, were first published earlier Friday by the Windows SuperSite blog.

The technology has not been part of the beta version of Windows 7 or previously disclosed by Microsoft, but is expected to be released alongside the upcoming release candidate version. Microsoft said on Friday that it will release it to developers next week and publicly starting May 5.

According to the SuperSite report, written by bloggers Paul Thurrott and Rafael Rivera, the XP mode won’t come in the box with Windows 7, but will be made available as a free download for those who buy the professional, enterprise, or “ultimate” versions of Windows 7. The site also has some screenshots of the mode in action.

There had been rumors of a secret user interface, but until Friday, no mention of the XP mode.

Update: Late on Friday, Microsoft confirmed XP Mode in a blog posting.

“Windows XP Mode is specifically designed to help small businesses move to Windows 7,” Microsoft’s Scott Woodgate said in the blog. “Windows XP Mode provides you with the flexibility to run many older productivity applications on a Windows 7 based PC.”

According to the post, “all you need to do is to install suitable applications directly in Windows XP Mode which is a virtual Windows XP environment running under Windows Virtual PC. The applications will be published to the Windows 7 desktop and then you can run them directly from Windows 7.”

Microsoft said it “will be soon releasing the beta of Windows XP Mode and Windows Virtual PC for Windows 7 Professional and Windows 7 Ultimate.”

Read more »

Microsoft Research: A look at the intriguing social desktop prototype

Late last week, Microsoft Research shared a couple of things about Social Desktop, a prototype of which they are debuting at TechFest 2009 in a couple of days (along with dozens of other things). From the looks of it, this will be a much talked about product even if it stays in proof-of-concept phase for now.

And if they decide to open it up even just a little, this could be a major breakthrough in tearing down the virtual wall between the desktop and the web, a trend we’ve been noticing for years.

The service would essentially be capable of providing you with a secure unique ID for all the files and folders on your desktop, enabling users to share, comment on, tag and search files like photos and videos via a dedicated web page powered by .NET. Think of this as social URLs that link to files which could easily be pushed to third-party services like Twitter or Digg but also Microsoft’s own Windows Live Messenger without the need for you to copy, move or upload anything. Furthermore, social interaction around the files would be visible from inside the Windows desktop OS, blurring the line between the desktop and the web even more.

You can have a URL drill into a subportion of a document or a PowerPoint deck, or data can come from a Web service or a database. Social Desktop is a local service that maps the user’s local data into a .NET service bus service, enabling local data to be accessible through firewalls. Social Desktop also provides a Web-service view over the same data, with inherent RSS event streams for any container. New data sources can be mapped into the URL hierarchy, enabling a distributed view to be built. There are simple sharing paradigms that enable URLs to be shared temporarily or permanently.

Social Desktop runs on Silverlight and leverages both the Windows OS and Windows Azure, the software giant’s very own cloud services platform which Microsoft announced in October 2008. TechFlash reviewed the service as well last week, and asked the project leads how Social Desktop differs from Live Mesh. The response came from Lili Cheng, who manages Microsoft Research’s Creative Systems Group: “In the Mesh model, you can almost imagine your PC being pushed to the cloud,” she explained. “In this, you can almost imagine the Web being embedded inside your desktop.”

I don’t know about you, but to me this all sounds very promising and I’m curious if using Social Desktop would change my file sharing habits. Even with the plethora of free, simple and fast online backup and sharing services around, there’s still a trust barrier not easily overcome by startups who need to market their services extensively on an inherently low budget to reach any kind of scale. Besides, Social Desktop even relieves you from the not-so-cumbersome task of moving a file to the cloud in order to store or share it, so that makes for one hell of a substantial benefit compared to other services where you’d be required to register and do a series of actions before that happens.

Unfortunately, a Microsoft spokesperson told NetworkWorld that Social Desktop at this point is merely a research prototype which will not be a feature in Windows 7, nor will it be available for public use.

But I still want to get my hands on Windows 7 Beta (it makes use of the new operating system’s file-preview functions) right now even if just to test this application once (and if) they release it.

Read more »

Microsoft to Kill Windows 7 Beta on Feb. 10

Computer enthusiasts who want to get their hands on the trial version of Microsoft’s next operating system have just two more weeks to do so.

The company says it will end availability of Windows 7 Beta on Feb. 10.

There are a couple of loopholes, however. Users who started to download the OS before that date will have until Feb. 12 to complete the process. Also, Microsoft will continue to distribute product keys beyond Feb. 12 to users who have previously downloaded Windows 7 Beta but have yet to obtain a key.

“We are at a point where we have more than enough beta testers and feedback coming in to meet our engineering needs, so we are beginning to plan the end of general availability for Windows 7 Beta,” said Brandon LeBlanc, Microsoft’s in-house Windows blogger, in a post Friday.

Microsoft will post warnings on its Web site that the download program for Windows 7 is about to end starting Tuesday. A final version of Windows 7, Microsoft’s follow-up to Windows Vista, is expected to be available in late 2009 or early 2010.

Perhaps due to Vista’s unpopularity, computer users have been downloading Windows 7 Beta in droves. Microsoft dropped limits on the number of available copies of the software after a crush of download requests for the new operating system brought the company’s servers to a halt during the first weekend of availability earlier this month.

Windows 7 offers numerous new features, including native support for touch-screen interfaces and more than 20 hotkey combinations designed to simplify use.

Microsoft needs Windows 7 to be a hit. Vista has failed to catch on with mainstream computer users and businesses have shunned it outright. Many users have complained about Vista’s hardware requirements, intrusive security measures, and lack of compatibility with older applications.

Dissatisfaction with Vista has allowed Apple to gain share against Microsoft in the computer operating system market in recent months. Windows’ market share in November fell below 90% for the first time in years while Mac OS is now flirting with the 10% mark, according to market watcher Net Applications.

It’s all taking a toll on Microsoft’s bottom line. Last week, the company said second quarter profits tumbled 11%. It also announced a restructuring plan that will see it lay off 5,000 full-time employees and an additional 5,000 contract workers.

Read more »

Microsoft warns of SQL attack

Just days after patching a critical flaw in its Internet Explorer browser, Microsoft is now warning users of a serious bug in its SQL Server database software.

Microsoft issued a security advisory late Monday, saying that the bug could be exploited to run unauthorized software on systems running versions of Microsoft SQL Server 2000 and SQL Server 2005.

Attack code that exploits the bug has been published, but Microsoft said that it has not yet seen this code used in online attacks. Database servers could be attacked using this flaw if the criminals somehow found a way to log onto the system, and Web applications that suffered from relatively common SQL injection bugs could be used as stepping stones to attack the back-end database, Microsoft said.

Desktop users running the Microsoft SQL Server 2000 Desktop Engine or SQL Server 2005 Express could be at risk in some circumstances, Microsoft said.

The bug lies in a stored procedure called “sp_replwritetovarbin,” which is used by Microsoft’s software when it replicates database transactions. It was publicly disclosed on December 9 by SEC Consult Vulnerability Lab, which said it had notified Microsoft of the issue in April.

“Systems with Microsoft SQL Server 7.0 Service Pack 4, Microsoft SQL Server 2005 Service Pack 3, and Microsoft SQL Server 2008 are not affected by this issue,” Microsoft said in its advisory.

This is the third serious bug in Microsoft’s software to be disclosed in the past month, but it is unlikely to be used in widespread attacks, according to Marc Maiffret, director of professional services, with The DigiTrust Group, a security consulting firm. “It is rather low risk given other vulnerabilities that exist,” he said via instant message. “There are a lot of better ways to currently compromise windows systems.”

After seeing the Internet Explorer flaw used in a growing number of online attacks, Microsoft rushed out an emergency patch for the issue last Wednesday. The company says it has also seen “limited and targeted attacks” exploiting a serious bug in the WordPad Text Converter for Word 97 files. As with the SQL bug, this WordPad converter vulnerability has not been patched, but is a prime candidate to be fixed in Microsoft’s upcoming January 13 security updates.

Read more »