Microsoft: CardSpace attack works but was too rigged
Microsoft is disputing that its CardSpace authentication management technology can be hacked despite a research paper that outlines a proof-of-concept attack.
CardSpace manages personal information that might be needed to access certain Web sites or conduct e-commerce transactions. CardSpace, which ships in the Windows Vista OS, keeps personal information in virtual cards stored on the computer.
Also, that information can be held by a trusted organization that acts as an identity provider. That provider can then tell another Web site the information is valid. An encrypted token is sent to the Web site, which reduces the chance of identity theft.
View Full Article: InfoWorld
New HP-Microsoft Live Search deal is all about Silverlight
Following the recent announcement of Live Search cashback,
Microsoft has today disclosed a new deal with HP that is expected to
give a slight boost to the usage of both Live Search and Silverlight in
the US and Canada, starting in January 2009. The deal centers around a
Silverlight-powered toolbar (not to be confused with the recently
updated MSN Silverlight toolbar) that Microsoft is specifically developing for HP.
View Full Article: Ars Technica
From Win32 to Cocoa: a Windows user’s conversion to Mac OS X—Part III
Peter Bright: In part 1 of this series, I described how misfortune and adversity left Apple with a new OS platform free of legacy constraints; in part 2, I discussed how Microsoft had failed to do the same, choosing instead to hobble its new OS with way to much legacy baggage. In this part, I look in more detail at what Apple has done with its platform to make it so appealing.
Of course, if you’re already writing software for the Mac, then I’m not going to tell you anything you already don’t know. But all of this was new to me, because it wasn’t until I became so thoroughly disappointed with Windows that I really looked in earnest at what the Mac had to offer. My mistake.
View Full Article: Ars Technica
Microsoft releases its latest Dynamics for CRM
Today, Microsoft released Dynamics AX 9000, a major update that adds Role Centers, increased business intelligence, and myriad other new features to what many consider to be the best of Microsoft’s four products in the CRM space.
HP to make Microsoft Live Search its system default
UPDATED Today the world’s largest computer maker, the company that now embodies two of Microsoft’s most vocal opponents with regard to Web tactics (counting Compaq), no longer has any reservation about giving Microsoft prominent placement.
Microsoft May Be Repeating Vista Mistakes with Windows 7
In the world of technology, success is linked to perceptions. Microsoft demonstrated its multi-touch technology in a Windows 7 demo at the D: All Things Digital conference this week, and the software giant may have hoped to overcome the perception that Apple owns touchscreen interfaces. Instead, some observers are wondering if Microsoft is making the same mistakes that now plague Windows Vista.
View Full Article: Yahoo News
Researchers breach Microsoft’s CardSpace ID technology
A trio of computer security researchers say they’ve successfully compromised Microsoft’s CardSpace, a technology intended to strengthen the security of personal information on the Internet.
CardSpace ships with the Windows Vista operating system. It works in concert with a browser when someone uses a Web site that asks for information such as an address or a credit card number. That personal information can be stored on the user’s computer or with a third-party identity provider.
CardSpace keeps a set of virtual ID cards on the user’s computer. When a Web site asks for information, the user picks one of the cards. “Self-issued” cards store identity information on a user’s PC, while “managed” cards are stored by an identity provider.
View Full Article: InfoWorld
Microsoft Appoints John Vassallo to Vice President, EU Affairs
Microsoft Corp. today announced the appointment of John Vassallo as Vice President, EU Affairs. Vassallo joins Microsoft from General Electric, where he served as Senior Counsel & Director of European Affairs.
In this new Microsoft position, Vassallo, who will also serve as Associate General Counsel for the company, will be responsible for leading the company’s EU Corporate Affairs and Regulatory team. The creation of this role reflects the increasing importance of Microsoft’s engagement with the European Union across a wide range of policy areas.
“I am very excited to join Microsoft,” said Vassallo, who officially begins in his new role July 1. “The company is a world leader in software technology and investing a lot to advance its relations across Europe. I look forward to helping lead the company in this area and strengthening the ongoing constructive dialogue with the EU policy and regulatory community.”
View Full Article: Microsoft PressPass
Article Authoring Add-in for Microsoft Office Word 2007
This Beta 1 release of the Article Authoring Add-in for Microsoft Word 2007 provides authors of scientific articles with the ability to read and write files from Word 2007 into the XML format used by the National Library of Medicine for archiving articles in the U.S. National Institutes of Health (NIH) free digital archive of biomedical and life sciences journal literature, PubMed Central.
This Beta 1 release is targeted at the staff of scientific and technical journals, Information Repositories, and early adopters within the scholarly authoring community, as well as developers of publishing solutions and workflows.
Download: Article Authoring Add-in for Microsoft Office Word 2007
Windows 7 multi-touch SDK being readied for PDC in October
By Scott M. Fulton, III, BetaNews
As details continue to emerge about Microsoft’s evidently well-made plans for its next operating system, we learn that full documentation for how multi-touch capabilities will work in Windows, will be ready for demonstration by this fall.
For Microsoft’s next Professional Developers’ Conference currently scheduled for late October in Los Angeles, the company plans to demonstrate the use of a system developers’ kit for producing multi-touch applications for Windows 7. Such applications would follow the model unveiled yesterday by executives Bill Gates and Steve Ballmer at a Wall Street Journal technology conference in Carlsbad, California yesterday.
For the session tentatively entitled “Windows 7: Touch Computing,” the PDC Web site — which went live just this morning — describes, “In Windows 7, innovative touch and gesture support will enable more direct and natural interaction in your applications. This session will highlight the new multi-touch gesture APIs and explain how you can leverage them in your applications.”
We were surprised to find the PDC site reads better when viewed in Internet Explorer.
The early suggestions from Microsoft’s developers — some of whom have been openly hinting that multi-touch was coming to Windows 7 since last December — is that the next version of Windows will be endowed with technology that emerged from the company’s Surface project, its first to implement such controls. Surface is actually an extension of the Windows Vista platform — specifically, it’s the Windows Presentation Foundation extended so that it sees a surface display device as essentially just another container control, with an expanded list of supported graphic devices.
What is not known at this stage is how much today’s Windows Vista will have to be extended to enable multi-touch in Windows 7, especially for the sake of downward compatibility with existing and earlier applications.
Prior to the advent of Windows XP, when applications were largely compiled using Microsoft Foundation Classes (MFC), application windows were very generic containers with standardized window gadgets and menu bars. When a developer used the standard MFC library, he could be assured that scroll bars could respond to mouse events and that contents that spilled off the edge of the visible area would not, as a result, descend into some invisible twilight zone.
Holding that MFC fabric together was the concept that graphic elements responded to individual events, often called “mouse events.” And the basic premise of a mouse event was that it had to do with a single element positioned at one spot, or one set of coordinates, on the screen. A keyboard event could alternately trigger a mouse event (pressing Enter while the highlight was over “OK,” for example), but the developer would only have to write one event handler for managing what happened after clicking on OK.
The first touch sensitivity in Windows came by way of Tablet PC, which was a platform extension to Windows, coupled with a series of drivers. Adding a stylus as a new device for input could indeed change the way applications worked unto themselves; they could add all kinds of new gadgets that would have been pointless under mouse control only.
In addition, Microsoft opened up a wide array of so-called semantic gestures, which was a library of simple things one could do with a stylus that could potentially mean something within an application. For example, scratching on top of a word could be taken to mean, “Delete this word.” Drawing a long arrow beside a graphic object could mean, “Please move this object over here.” It all depended on how the application developer wanted the user to see things; and there were certainly some good suggestions, but not the kind or level of standardization as prescribed by IBM’s Common User Access model (PDF available here) of the early 1990s.
However, outside of the application’s native context, whatever a stylus can do in the Windows workspace is relegated to substituting for a mouse event. In other words, the Windows desktop was not supposed to know or care whether the user was operating a mouse, a keyboard, or a stylus, just as long as the same events were triggered.
For instance, a tap of the stylus on the surface will send an event whose constant code in Visual Studio is WM_LBUTTONDOWN, followed immediately by WM_LBUTTONUP, as though the user had pressed and released the left mouse button (the “L” in these constant codes). By comparison, holding down the pen on the surface will trigger the WM_RBUTTONDOWN event just after the time the pen touches the surface, followed by WM_RBUTTONUP when the user lifts it from the surface. However Windows would normally respond to a left or right button click, respectively, is how the Tablet PC developer would expect Windows to respond to a stylus tap or a press-and-hold.
Here, because standard Windows functions must be capable of working reasonably within a Tablet PC environment, the interface between the general functions and the outside world is standardized.
Since that time, we’ve seen the advent of Windows Presentation Foundation, a little piece of which is distributed with every copy of Silverlight. An application built to support WPF operates under a new set of rules.
