Dump the IE.. You are Vulnerable

If you’re still looking for a reason to finally switch loyalty from Internet Explorer over to one of many competing browsers, trust me, this is it.

A major flaw in Microsoft’s Internet Explorer that allows hackers to gain the password details of the user has been revealed.

This is not a rumor, it has been confirmed by Microsoft who in fact announced the discovery themselves admitting a “vulnerability in Internet Explorer” that “could allow remote code execution.” Not Good.

Microsoft are preparing an emergency patch to resolve the flaw.

MICROSOFT SECURITY ADVICE

Change IE security settings to high (Look under Tools/Internet Options)
Switch to a Windows user account with limited rights to change a PC’s settings
With IE7 or 8 on Vista turn on Protected Mode
Ensure your PC is updated
Keep anti-virus and anti-spyware software up to date

Unsurprisingly, “switching browsers” isn’t on that list.

“I cannot recommend people switch due to this one flaw,” said John Curran, head of Microsoft UK’s Windows group. “At present, this exploit only seems to affect 0.02% of internet sites. In terms of vulnerability, it only seems to be affecting IE7 users at the moment, but could well encompass other versions in time.”

To summarise, SWITCH. And better SWITCH to Firefox

Why is firefox so popular?

Over the last 4 years, firefox is becoming more and more popular, and its market share is increasing by 5% each year over the last 4 years. But since one has to actively download and install the program (on Mac and Windows), why do people choose to download and install Firefox? Why not Opera, Safari, Konqueror or any other browser?

This week, several articles I read brought the breaking news that the market share of Microsoft’s internet explorer is shrinking to below 70% for the first time since 1999 (http://marketshare.hitslink.com/browser-market-share.aspx?qprid=1). Internet Explorer gained a near monopoly, simply by forcing it to the customers by bundling/integrating it with the operating system Windows, and I believe this is the major reason why this browser still holds such a big percentage of market share. Many people simply use the browser they are given, unless there is an alternative that has significant advantages.

On the other hand, apparently, the near-monopoly has made Microsoft extremely lazy, resulting in a browser that does not even meet the open web-standards, it is slow and has to catch up with alternative browsers. The lack of meeting open standards is an increasing frustration with web-designers and alternative producers of web-browsers like Opera (http://www.opera.com/press/releases/2007/12/13/). Having to catch up with other browsers is painfully clear when simply looking at tabbed browsing and extensions. The tabbed browsing was introduced by Opera in 1994 and only after practically all other browsers supported the “tabbing”, Microsoft introduced this feature in Internet Explorer 7, more than ten years after Opera did.

Also speed is in favor of Opera, when compared to the top-4 of the web-browsers, and also in this case, the market-leader (Internet Explorer) does not do a very good job (http://lifehacker.com/396048/speed-testing-the-latest-web-browsers). Firefox is left somewhere in the middle.

The only field where Firefox beats all competitors is when it comes to extensions. Though there an amazing amount of well-designed and useful extensions (or widgets) for Opera, and a few extensions for Internet Explorer, the real master of extensions is Firefox. Its open source code combined with a decent market share apparently is a very attractive combination to developers and resulted in more than 5000 Firefox extensions in just a few years (http://www.mozilla.com/en-US/firefox/customize/), and the number of extensions is growing rapidly. There are many types of translators, weather add-ons, but also highly specific add-ons such as “biofox”, “FireMath” and “Water Levels of German Rivers” (if someone finds a more weird add-on please let me know!!!). The most curious extension that is being worked on is one provided by Microsoft and is called the Open XML Document Viewer, which allows you to view OOXML document right in your browser (http://www.youtube.com/watch?v=NKSF6w0EK0s). Also the look of Firefox is highly flexible and you can install many different themes.

When looking at features like speed and innovation, Firefox and Opera are a close match and Internet Explorer is lagging far behind. Looking at the market share trends however, Opera and Internet explorer are no match for Firefox, probably due to the numerous extensions, though there might be several other small advantages that add to the popularity of Firefox.

Ain't Nobody like my Desigirl :(

Well this is what i can say after beinng away from India since 5 months :(

dekh lakh lakh pardesi girls,
ain't nobody like my desi girl.
whoz the hottest girl in the world.
my desi girl.
my desi girl.
thumka lagaikey she'll rock your world.
my desi girl.
my desi girl!

But the million dollar question is Who is the Desi Girl? Keep guessing!!!

The rise and fall of Chrome!

In a Computerworld report that summarizes recent Net Applications data, interest in Google Chrome has now died down to a standstill. Most of the people still downloading it are either night owls or from countries outside of the US, such as China, because the only activity is at night.Chrome searches have now fallen in line with Firefox. This, after a week or hype and unforeseen inmade it seem like Google was going to a) take over the browser market b) usher in the end the OS as we know it and c) probably make Google really rich.

It turns out that Chrome is just another fast browser without any really compelling features that will make people switch once and for all. It may even just be merely a developer tool and not a real browser at all. Yet, there are a few things that have contributed to the flat-lining interest, issues that Google could still fix if they get busy, well - today or sooner.

1. Chrome is relatively stable, but minor irritants such as the undo bug make you wonder why you are using it. Chrome is not like a low-level beta app that sort of works and where you put up with bugs because it is so new and innovative. Instead, a browser is the main tool we all use every day, and it better work - we have no patience for buggy browsers like IE.

2. Google has not released an obvious Chrome 1.1 update yet to address bugs, although they have released point upgrades and you can get new versions through a developer program. Huh? A developer program? In Internet time, it has been eons since Chrome was released, and no one wants to figure out how a developer program works just to get a more stable version.

3. There were early concerns over how Google was going to use your private data. They fixed the problem, but a minor glitch at the launch of a social networking site like Lively is nothing compared to a minor glitch with a browser. Everything is more critical and higher profile.

4. Google tends to use very simple anchor pages for their products, but it also makes people think the product is under supported. I'm sure there is a Chrome support forum; the issue is that it is not easy to find and that makes the average user nervous. Are they serious about Chrome? Or was it just an internal browser they used for testing that runs fast and decided to release it publicly? Wait, that's exactly what it is.

5. As Opera has learned, you have to keep the momentum going. Google obviously move don quickly to hype Android and will be in Android mode for some time. Here's the reality check: Google is not Microsoft. They do not have several hundred people working on one product at a time. It's more like a few people or maybe 50. No one knows for sure except Google, but at least on the outside Chrome still seems like an internal project and not a serious product.

6. I wonder where Google can really go with Chrome. For starters, you can't really put advertising on the browser wrapping and on the pages as well. You can tie a search box to advertising, but they already do that with Firefox. It's kind of too late to really beef up the features, and that has never been the goal of Google anyway. Look at Gmail - it is about as barebones as you can get - it runs much faster than Hotmail but has nowhere near as many features. That minimalistic concept works okay with Web software, not as well when it comes to a browser.

7. It's interesting to note that Android is really the first Google product you will be able to hold in your hands - you can literally touch the interface. More importantly, it will be a product you buy - for $180 from T-Mobile. (Google does make an enterprise search appliance but that doesn't really count.) Everything else, including Chrome, is free and in persistent beta.

8. (Updated) Here's one last major issue with Chrome: compatability. I just tried watching a Netflix streaming movie and of course Chrome is not supported. It doesn't work with Movielink or Cinemanow, either. I can imagine that these kinds of sites have no plans to support Chrome, especially when many of them just started supporting Firefox or are still working on Firefox support. As with any software, Web site operators must consider the field: which browser is the most popular?

So will Chrome stick around for years? Probably. But my opinion today is that it rose to quick prominence and then died out just as quickly. It may never come back.

Why is Microsoft scared of Linux?

Microsoft is frightened. Even Ballmer is telling users that they can skip Vista, which tells you everything you need to know about Vista's failure. In the past, Microsoft wouldn't have sweated this kind of flop. "What can users do?" they'd say. "Move to Linux or Macs? Ha!" That was then. This is now.

Today, major PC vendors are selling netbooks like hotcakes on a cold Vermont morning and three out of ten of those are running Linux. As my comrade in arms, Preston Gralla observes, "Microsoft isn't just worried about ceding 30 percent of the netbook market to Linux. It's also worried that if people get used to Linux on netbooks, they'll consider buying Linux on desktop PCs. Here's what Dickie Chang, an analyst at research firm IDC in Taipei, told Bloomberg about that: 'It's a real threat to Microsoft. It gives users a chance to see and try something new, showing them there is an alternative.'"

Exactly, and that's why Microsoft is rushing out Windows 7, which is a stripped down Vista SP2, as fast as they can and jerking out features so it will run on netbooks with minimal hardware. Gralla thinks Windows 7 will kill Linux on the netbook, I don't see that.

For all the mistaken excitement about Windows 7, the earliest anyone is going to see Windows 7 is the 2009 holiday season. That's eternity in Linux terms. Linux is already better than Vista and the equal to Microsoft's best desktop operating system, Windows XP SP 3. By the time Windows 7 appears, Fedora, openSUSE and Ubuntu will have all gone through at least two more generations of upgrades.

Windows is a slow dinosaur competing with the fast-moving Linux mammals. It's not a race I expect Windows to win.

Linux is already more stable, more secure, vastly faster boot times, and it's far less expensive than Windows. With efforts afoot to make desktop Linux even more new user friendly and its much faster evolution, I'm not worried about Windows 7 sweeping Linux off the desktop. But, I can certainly see why Microsoft would worry about Linux gaining a substantial, say 30%, of the desktop market or even more if Windows 7 isn't a rip-roaring success.

The days when Microsoft ruled the desktop are numbered and Windows 7 is Microsoft's frantic attempt to forestall the inevitable.

Joker n the Oscar

Warner Bros has publicly begun its push with this Variety advertisement for Heath Ledger in The Dark Knight for a Best Supporting Actor nomination. Academy Award ballots are mailed on December 26th, polls close on January 12th, and the nominations are announced on January 22nd.

I hope that the "Joker" wins this time!!!

Mumbai blasts - What needs to be done!!

We need to act and we need to do it now….here are a few pointers

Mumbai city, and its people, have been held hostage by 'militants'. This is a clear indication that we are on the global terror map. This was NOT a gang war. The whole reaction from the state and central machinery was slow. Now when we talk of steps to be taken there are a lot changes required on many fronts.

Our leaders need to resign
I am not all upset that the chief minister Vilasrao Deshmukh has been asked to resign. Shivraj Patil should never have been made the union home minister in the first place. Just as you need an able and responsible police director general and commissioner, we need an equally responsible and able home minister.

We want new leaders who will NOT just announce new plans. We want a timeframe within which we will see a new NSG formation, funds for security, funds to improve the lives of the police, whose morale is below zero. The state should improve training for Anti-Terrorist Squads, and new security agencies. They will procure on an immediate basis new guns, ammunition and weapons that will help our police force. Our poor baton-wielding constables have played a major role in foiling the plans of these hardcore militants. We lost 14 constables in this attack. The constables only had wooden batons. But let me tell you, the captured militant has admitted that they could not believe that even a constable chased them to bust their operations. I salute these heroes who were committed to their jobs and lost their lives so that the city could rest peacefully.

Accept that we are on the global 'terror' map
The minute we realise that foreign militants are using Indian turf for terror, we will be able to plan and activate various agencies from the village level to national. We will be able to get a holistic picture of international militancy. Many great scholars ridicule readers who love espionage and thrillers. But one reason I keep reading them is to get a perspective on global militancy. The way their minds work, the way they operate, from local to international networking.

Now when I heard that the Jewish couple was held hostage, it was a natural instinct for me to understand this is something larger than what the government authorities are saying. This was NOT an attack. This was a full-fledged militant war.

Activate ground workers, Khabris
You may ask how khabris can help in the war of terror? Well the fact that these militants ordered 200kg mutton from the local butcher in Colaba, who expressed shock, is a vital clue. This incident would never have gone unreported had our khabris been a part of the Anti-Terrorist Squad network or even part of the local police network. Let us not forget the 1992 riots, and the 1993 blasts that isolated many minority groups, especially Muslims. Most butchers are Muslims. The fact is had the informer network been active this information would have helped the police.

Security must be beefed up along our coast
In 1993, after Mumbai city was rocked by RDX bomb blasts, it was noted that how, due to poor coastal security, all the RDX came from across the border to the Raigadh and Konkan coast. Have we learnt from our mistakes? No. But if the PM or president is in town every helicopter is used to protect them. This should be stopped.

Instead we should have more regular air surveillance can spot suspicious movement along the coast. We need a more alert tourist police. Not those who drink at night and come along pushing a baton into people's stomachs, but those who check identification papers, and keep constant vigil.
We need a pro-active Coast Guard. This time round there were NO coast guard boats at the Yellow Gate when it was reported that few militants had landed using ferries from Porbunder. Three days prior to the attack, fisher folk had held protests on the seafront near Bandra. Our so-called alert Coast Guard had taken their boats there for vigilance.

A source in the CG admitted that the officers did not call back the boats, instead they let them remain at Bandra. This lapse has proved very dear to us. We can't afford such lackadaisical approach when we have a huge coastline.

We need more non-corrupt and efficient navy that doesn't simply use the Mumbai's ports to anchor their ships. We need khabris within the dockyard workers, staff and naval police, who will alert the navy. We need the navy to do its job with as much commitment as our local police have done in the last 60 hours.

Respond like the armed forces
Once we treat this issue like an insurgency we need to tackle and respond like armed forces. This whole combat operation that took place on Friday should have taken place on Thursday itself. The government and security agencies could have taken the hotel management into confidence, asked them of their preparedness for blowing up the building in order to kill the militants. The US armed forces deal the problem of militancy at their level. They utilise police in the city for local operations, maintaining law and order, however, the real operations are handled by top bosses in the US army. They attack at the ground level; they give a specific time for the exchange of fire but do not lose time finishing off the militants. They accept full responsibility for the civilians killed.

Instil fear in the minds of insurgents and militants
We looked as if the whole country was scared and so was our government. We need to study other countries. They talk tough; their body language is serious. The leaders of most countries do not look like they have stepped out of their beds, like ours did. We were completely at sea for 60 hours. We need to instil fear in the minds of the militants.

They need to realise Indians aren't soft. To the world we look like soft targets, which we are, let's accept that. Our leaders, negotiators and NSG or army need to talk tough. They must realise we are serious about dealing with this issue of terror war.

Electronic media needs to mature
Our electronic media is in its infancy. Yes, of course if we send young little reporters who have NO experience to cover a war situation they will treat it like common local crime. It was shoddy reporting. Anchors, who have sadly become icons and idols for wannabe reporters, conducted dramas and soap operas at the scenes where military operations were going on. They revealed the locations of the armed forces, the NSG, their movements and screamed out how these operations have gone wrong. This wasn't an ordinary situation; it wasn't local crime. I expected lot more mature reporting. We should have seen how the foreign media sent its experts - who by the way were oldies with grey hair. But the fact that you need experienced hands, who know the city well, the issue well, and who have experience in covering such disasters. Our reporters don't seem mature at all. The government should have blacked out the news channels right at the beginning.

Public needs to be more mature
The onus of a disciplined nation lies on us citizens. We are a very political race, Asians and Indians. However we lack manners and maturity. The government had asked its people to sit at home. So many revelled at home, had their drinks and holiday snooze.

Later they came out on to the streets. Bystanders, passersby, and absolutely lukkhas whiled away their time laughing at the media and wanting to see the attacks. The police totally failed in controlling the crowds. They in fact pushed the media behind a cordon, screamed and shouted at us. While they allowed the crowds to pile up near the places where combat operations were going on. People came with their pets, toddlers, infants and couples who took time out to romance near these three places. Mumbai has shown complete disrespect to those who fought for us and gave up their lives. People had too much curiosity and breached all norms and rules of civil society. Their children were shooting pictures with flashes -this was all within the one kilometre of the attacks!

People had come to 'see' and inspect these three spots. We are a nation that simply doesn't realise someone else's problem is one's own problem. Till we don't get affected the middle class is NOT concerned at all. We treat it casually and in an immature manner. We have to realise this is regarding our national security, coming to the sites and laughing, clapping, and treating it like a tamasha is a breach of our security, and shows disrespect to the hostages and our forces. We need to see footage of 9/11 to see how their citizens behaved and how they helped, rather than treat these incidents as a joke.

Live repoting!! - Banned??

"Several foreign nationals are trapped in the Taj Hotel Mahal"

"The top management of a multinational corporation was meeting…"

"Terrorists are suspected to be on the 9th floor…"

"NSG troops are about to have arrived in Mumbai…"

"NSG commandos have entered the Hotel…"

The above is just some of the information telecast live by all news channels on last week's terror attack on Bombay.

News channels have an objective—to fetch the latest news and share them with viewers, much before a competitor channel does that. But I feel this habit of indiscriminate live reporting, while a combat operation is in progress, can be catastrophic for the success of the military operations against terror.

Let us just think for a while. Do we really need to know everything on a ‘as soon as it happens’ basis? I feel not. Whether NSG commandos have just arrived at airport, or have entered the hotel or are on the first floor or second at this moment, is not necessary to be revealed to the general public on a realtime basis.

Showing such news live, will be immensely useful only to terrorists and their supporters outside.

Consider this. The commandos only know that the militants are somewhere inside the hotel, but the militants know everything about the movements and positions of their pursuers through TV.

Like:

• Who is on their trail (Army/ NSG/ local police, etc)
• What is their ETA (estimated time of arrival), which tells them, how much time they have before a gun battle would begin)
• Where they are right now, at the main entrance/ just entered their floor
• How is the world responding? Is there pressure mounting on the government to succumb to the demands of terrorists to get the hostages freed (so that they can act tough during negotiation)?
• How many of their friends are alive or dead (so that they can assess their strength)?
• What has been the impact of their strike-how many police and civilian dead, the current morale of police, who all as been detained/suspected?
• Live visuals of the street-to assess a possible escape strategy
• What information about them the outside world has (which floor they are in, their head count etc. And much more…

In my view, all this information, while useful to viewers and relatives of victims, also helps the terrorists/ militants to consolidate their position and pose a greater challenge to commandos trying to hunt them down and/ or rescue the hostages.

Why is our media helping them by airing live all the sensitive information about the anti terror operations?

The common man does not need to know them on a live basis.

Can’t the information & broadcasting ministry think of banning live reporting during a hostage crisis? Let the channels air the news with a delay of few hours, so that the police and security agencies will have a lead time of few hours, wherein terrorists would be as equally uninformed as they are.

Please note that I am not advocating censorship. I am all for free speech and expression. What I am proposing, is that security agencies should have the power to impose a delay of say three to six hours w.r.t live reporting of anti-terror operations.

Let the TV channels record whatever they want, but they should be aired only after a gap of few hours. I do not think anyone loses anything with this.

The movie A Wednesday also shares same opinion.I feel the good old days of once in a day news bulletin was far better.

What do you think?

Why is Open Source/Community Developed Better?

I have recently have debated (three times now) with a person I know over why open source and community developed software is better than software that you buy or that comes pre-installed on a computer. Our debates included Linux versus Windows versus Macintosh, Gimp versus Photoshop, and Internet Explorer versus Firefox versus Opera versus Safari versus Chrome. Wow, that's a lot of web browsers.

Anyway, just in case anyone was wondering, we are still arguing over which software is better, and I don't think we will ever stop, even if it is clear open source software has several advantages. What kind of advantages? Many: portability, enhancement, minimization, security, and dedication.

To begin, since the source code of open source programs is out in the open (hence the name), if one person wants to use the program on a platform that it is not available on, they might port the program to that new platform, and eventually a whole group of dedicated people will to manage the port will arise. This is all possible because certain sections of the code (which is available to everyone) are compatible across platforms, and the few sections that aren't might easily be changed.

Since anyone and everyone (with an interest) will view the source code, the internal workings of an open source program will inspire developers to enhance the current program, or create a new program completely based on the internal workings of a current program. Basically, open source programs produce other programs.

Since everyone who wants to is helping develop these programs, you can be guaranteed that the software you are getting successfully does what it has to in the least amount of code. The more people that work on a program, the more likely it is that there is going to be less useless code.

Yes, it's true that being able to view the source code of a program may allow hackers to develop bugs more easily for code, but this openness will also allow security programmers to more easily develop patches for the software and find the errors before they are exploited. What should minimize security actually increases it. The population of dedicated developers working on an open source program will also provide benefits when a bug is found: patches for this type of software will become available more quickly than patches for commercial software would.

Also, because the community is managing all this open source software, we will not have reluctant programmers creating this software. The people who are developing Linux, Firefox, and every other piece of free software are dedicated programmers who are doing this for their own personal satisfaction and the enhancement of computing all over the world. A person getting paid will not put their heart into the program. Sure, money helps in some aspects, but money can't buy love. (Wow, classic bollywood dialogue!)

So that's why open source and community developed software is better. I still don't see how my friend can argue with me. But I don't even care anymore. He can continue using Windows Vista, Internet Explorer, and Photoshop. Even if he has to pay a buttload of money for it all. Most people just pirate it all anyway.