jm + microsoft   42

After Seven Years, Microsoft Is Finally Fixing the "J" Email Bug
True story: when I started at Amazon, I thought people were using "J" instead of smileys as shorthand for "joking". Great job Microsoft!

(via Tony Finch)
microsoft  fail  operating-systems  monoculture  character-sets  j  wingdings  exchange  email 
8 weeks ago by jm
JPM | Free Full-Text | Accuracy in Wrist-Worn, Sensor-Based Measurements of Heart Rate and Energy Expenditure in a Diverse Cohort
The ability to measure physical activity through wrist-worn devices provides an opportunity for cardiovascular medicine. However, the accuracy of commercial devices is largely unknown. The aim of this work is to assess the accuracy of seven commercially available wrist-worn devices in estimating heart rate (HR) and energy expenditure (EE) and to propose a wearable sensor evaluation framework. We evaluated the Apple Watch, Basis Peak, Fitbit Surge, Microsoft Band, Mio Alpha 2, PulseOn, and Samsung Gear S2.


tl;dr: wrist-based calorie counters were inaccurate by up to 93% in tests.
fitbit  microsoft  mio  pulseon  samsung-gear  apple  apple-watch  basis  gadgets  health  heart-rate  calorie-counters 
8 weeks ago by jm
The World Is Getting Hacked. Why Don’t We Do More to Stop It? - The New York Times
Zeynep Tufekci is (as usual!) on the money with this op-ed. I strongly agree with the following:
First, companies like Microsoft should discard the idea that they can abandon people using older software. The money they made from these customers hasn’t expired; neither has their responsibility to fix defects. Besides, Microsoft is sitting on a cash hoard estimated at more than $100 billion (the result of how little tax modern corporations pay and how profitable it is to sell a dominant operating system under monopolistic dynamics with no liability for defects).

At a minimum, Microsoft clearly should have provided the critical update in March to all its users, not just those paying extra. Indeed, “pay extra money to us or we will withhold critical security updates” can be seen as its own form of ransomware. In its defense, Microsoft probably could point out that its operating systems have come a long way in security since Windows XP, and it has spent a lot of money updating old software, even above industry norms. However, industry norms are lousy to horrible, and it is reasonable to expect a company with a dominant market position, that made so much money selling software that runs critical infrastructure, to do more.

Microsoft should spend more of that $100 billion to help institutions and users upgrade to newer software, especially those who run essential services on it. This has to be through a system that incentivizes institutions and people to upgrade to more secure systems and does not force choosing between privacy and security. Security updates should only update security, and everything else should be optional and unbundled.

More on this twitter thread: https://twitter.com/zeynep/status/863734133188681732
security  microsoft  upgrades  windows  windows-xp  zeynep-tufekci  worms  viruses  malware  updates  software 
10 weeks ago by jm
MPs’ private emails are routinely accessed by GCHQ
65% of parliamentary emails are routed via Dublin or the Netherlands, so liable to access via Tempora; NSA's Prism program gives access to all Microsoft Office 365 docs; and MessageLabs, the anti-spam scanning system in use, has a GCHQ backdoor program called Haruspex, allegedly.
snowden  privacy  mps  uk  politics  gchq  nsa  haruspex  messagelabs  symantec  microsoft  parliament 
june 2016 by jm
Hey Microsoft, the Internet Made My Bot Racist, Too
All machine learning algorithms strive to exaggerate and perpetuate the past. That is, after all, what they are learning from. The fundamental assumption of every machine learning algorithm is that the past is correct, and anything coming in the future will be, and should be, like the past. This is a fine assumption to make when you are Netflix trying to predict what movie you’ll like, but is immoral when applied to many other situations. For bots like mine and Microsoft’s, built for entertainment purposes, it can lead to embarrassment. But AI has started to be used in much more meaningful ways: predictive policing in Chicago, for example, has already led to widespread accusations of racial profiling.
This isn’t a little problem. This is a huge problem, and it demands a lot more attention then it’s getting now, particularly in the community of scientists and engineers who design and apply these algorithms. It’s one thing to get cursed out by an AI, but wholly another when one puts you in jail, denies you a mortgage, or decides to audit you.
machine-learning  ml  algorithms  future  society  microsoft 
march 2016 by jm
Microsoft terminates its Tay AI chatbot after she turns into a Nazi
'if you tell her "repeat after me" she will parrot back whatever you say, allowing you to put words into her mouth.'


what. the. fuck. Microsoft.
omgwtfbbq  4chan  funny  microsoft  fail  tay 
march 2016 by jm
Microsoft warns of risks to Irish operation in US search warrant case

“Our concern is that if we lose the case more countries across Europe or elsewhere are going to be concerned about having their data in Ireland, ” Mr Smith said, after testifying before the House judiciary committee.
Asked what would happen to its Irish unit if the company loses the case or doesn’t convince Congress to pass updated legislation governing cross-border data held by American companies, the Microsoft executive said: “We’ll certainly face a new set of risks that we don’t face today.”
He added that the issue could be resolved by an executive order by the White House or through international negotiations between the Irish Government or the European Union and the US.
microsoft  data  privacy  us-politics  surveillance  usa 
february 2016 by jm
ECJ ruling on Irish privacy case has huge significance
The only current way to comply with EU law, the judgment indicates, is to keep EU data within the EU. Whether those data can be safely managed within facilities run by US companies will not be determined until the US rules on an ongoing Microsoft case.
Microsoft stands in contempt of court right now for refusing to hand over to US authorities, emails held in its Irish data centre. This case will surely go to the Supreme Court and will be an extremely important determination for the cloud business, and any company or individual using data centre storage. If Microsoft loses, US multinationals will be left scrambling to somehow, legally firewall off their EU-based data centres from US government reach.


(cough, Amazon)
aws  hosting  eu  privacy  surveillance  gchq  nsa  microsoft  ireland 
october 2015 by jm
Hague reassures MPs on Office 365 data storage as Microsoft ordered to hand over email data

William Hague, the leader of the House of Commons, has responded to concerns raised by an MP about the security of parliamentary data stored on Microsoft’s Cloud-based servers in Europe.

“The relevant servers are situated in the Republic of Ireland and the Netherlands, both being territories covered by the EC Data Protection Directive," William Hague wrote in a letter to John Hemming, MP for Birmingham Yardley. "Any access by US authorities to such data would have to be by way of mutual legal assistance arrangements with those countries.” [...]

John Hemming MP told Computer Weekly Hague’s reassurances carried little weight in the face of aggressive legal action by the US government. 

“The Microsoft case makes it clear that, in the end, the fact that Microsoft is a US company legally trumps the European Data Protection Directive [...] and where [the letter says] the US authorities could not exercise a right of search and seizure on an extraterritorial basis, well, they are doing that, in America, today.”


Sounds like they didn't think that through...
mail  privacy  parliament  office-365  microsoft  mlat  surveillance 
january 2015 by jm
Digital Rights Ireland files Amicus Brief in Microsoft v USA with Liberty and ORG
Microsoft -v- USA is an important ongoing case, currently listed for hearing in 2015 before the US Federal Court of Appeal of the 2nd Circuit.

However, as the case centres around the means by which NY law enforcement are seeking to access data of an email account which resides in Dublin, it is also crucially significant to Ireland and the rest of the EU. For that reason, Digital Rights Ireland instructed us to file an Amicus Brief in the US case, in conjunction with the global law firm of White & Case, who have acted pro bono in their representation.

Given the significance of the case for the wider EU, both Liberty and the Open Rights Group in the UK have joined Digital Rights Ireland as amici on this brief. We hope it will be of aid to the US court in assessing the significance of the order being appealed by Microsoft for EU citizens and European states, in the light of the existing US and EU Mutual Legal Assistance Treaty.
amicus-briefs  law  us  dri  microsoft  mlats  org  liberty  eu  privacy 
december 2014 by jm
Update on Azure Storage Service Interruption
As part of a performance update to Azure Storage, an issue was discovered that resulted in reduced capacity across services utilizing Azure Storage, including Virtual Machines, Visual Studio Online, Websites, Search and other Microsoft services. Prior to applying the performance update, it had been tested over several weeks in a subset of our customer-facing storage service for Azure Tables. We typically call this “flighting,” as we work to identify issues before we broadly deploy any updates. The flighting test demonstrated a notable performance improvement and we proceeded to deploy the update across the storage service. During the rollout we discovered an issue that resulted in storage blob front ends going into an infinite loop, which had gone undetected during flighting. The net result was an inability for the front ends to take on further traffic, which in turn caused other services built on top to experience issues.


I'm really surprised MS deployment procedures allow a change to be rolled out globally across multiple regions on a single day. I suspect they soon won't.
change-management  cm  microsoft  outages  postmortems  azure  deployment  multi-region  flighting  azure-storage 
november 2014 by jm
Microsoft Azure 9-hour outage
'From 19 Nov, 2014 00:52 to 05:50 UTC a subset of customers using Storage, Virtual Machines, SQL Geo-Restore, SQL Import/export, Websites, Azure Search, Azure Cache, Management Portal, Service Bus, Event Hubs, Visual Studio, Machine Learning, HDInsights, Automation, Virtual Network, Stream Analytics, Active Directory, StorSimple and Azure Backup Services in West US and West Europe experienced connectivity issues. This incident has now been mitigated.'

There was knock-on impact until 11:00 UTC (storage in N Europe), 11:45 UTC (websites, West Europe), and 09:15 UTC (storage, West Europe), from the looks of things. Should be an interesting postmortem.
outages  azure  microsoft  ops 
november 2014 by jm
Platform Game
I'm ambivalent about Microsoft acquiring Mojang. Will they Embrace and Extend Minecraft as they've done with other categories? Let's hope not. On the other hand, some adult supervision and a Plugin API would be welcome. Mojang have the financial resources but lack the will and focus needed to publish and support a Plugin API. Perhaps Mojang themselves don't realise just how important their little game has become.
minecraft  platforms  games  plugins  mojang  microsoft 
september 2014 by jm
'Join-Idle-Queue: A Novel Load Balancing Algorithm for Dynamically Scalable Web Services' [paper]
We proposed the JIQ algorithms for web server farms that are dynamically scalable. The JIQ algorithms significantly outperform the state-of-the-art SQ(d) algorithm in terms of response time at the servers, while incurring no communication overhead on the critical path. The overall complexity of JIQ is no greater than that of SQ(d).

The extension of the JIQ algorithms proves to be useful at very high load. It will be interesting to acquire a better understanding of the algorithm with a varying reporting threshold. We would also like to understand better the relationship of the reporting frequency to response times, as well as an algorithm to further reduce the complexity of the JIQ-SQ(2) algorithm while maintaining its superior performance.
join-idle-queue  algorithms  scheduling  load-balancing  via:norman-maurer  jiq  microsoft  load-balancers  performance 
august 2014 by jm
Obama administration says the world’s servers are ours | Ars Technica
In its briefs filed last week, the US government said that content stored online doesn't enjoy the same type of Fourth Amendment protections as data stored in the physical world. The government cited (PDF) the Stored Communications Act (SCA), a President Ronald Reagan-era regulation.


Michael McDowell has filed a declaration in support of MS' position (attached to that article a couple of paras down) suggesting that the MLAT between the US and Ireland is the correct avenue.
privacy  eu  us-politics  microsoft  michael-mcdowell  law  surveillance  servers  sca  internet 
july 2014 by jm
Microsoft Security Essentials reporting false positives on the Bitcoin blockchain
Earlier today, a virus signature from the virus "DOS/STONED" was uploaded into the Bitcoin blockchain, which allows small snippets of text to accompany user transactions with bitcoin.  Since this is only the virus signature and not the virus itself, there apparently is no danger to users in any way.  However, MSE recognizes the signature for the virus and continuously reports it as a threat, and every time it deletes the file, the bitcoin client will simply re-download the missing blockchain.


What a heinous prank! Hilarity ensues (via gwire)
via:gwire  av  antivirus  false-positives  fp  blockchain  microsoft  bitcoin  pranks  viruses 
may 2014 by jm
BBC News - Microsoft 'must release' data held on Dublin server
Messy. I can't see this lasting beyond an appeal.
Law enforcement efforts would be seriously impeded and the burden on the government would be substantial if they had to co-ordinate with foreign governments to obtain this sort of information from internet service providers such as Microsoft and Google, Judge Francis said. In a blog post, Microsoft's deputy general counsel, David Howard, said: "A US prosecutor cannot obtain a US warrant to search someone's home located in another country, just as another country's prosecutor cannot obtain a court order in her home country to conduct a search in the United States. "We think the same rules should apply in the online world, but the government disagrees."
microsoft  regions  law  us-law  privacy  google  cloud  international-law  surveillance 
april 2014 by jm
Adrian Cockroft's Cloud Outage Reports Collection
The detailed summaries of outages from cloud vendors are comprehensive and the response to each highlights many lessons in how to build robust distributed systems. For outages that significantly affected Netflix, the Netflix techblog report gives insight into how to effectively build reliable services on top of AWS. [....] I plan to collect reports here over time, and welcome links to other write-ups of outages and how to survive them.
outages  post-mortems  documentation  ops  aws  ec2  amazon  google  dropbox  microsoft  azure  incident-response 
march 2014 by jm
Microsoft "Scroogles" Itself
'Microsoft went through a blogger’s private Hotmail account in order to trace the identity of a source who allegedly leaked trade secrets.'

Bear in mind that the alleged violation which MS allege allows them to read their email was a breach of the terms of service, which also include distribution of content which 'incites, advocates, or expresses pornography, obscenity, vulgarity, [or] profanity'. So no dirty jokes on Hotmail!
hotmail  fail  scroogled  microsoft  stupid  tos  law  privacy  data-protection  trade-secrets  ip 
march 2014 by jm
Ucas sells access to student data for phone and drinks firms' marketing | Technology | The Guardian
The UK government's failure to deal with spam law in a consumer-friendly way escalates further:

UCAS, the university admissions service, is operating as a mass-mailer of direct marketing on behalf of Vodafone, O2, Microsoft, Red Bull and others, without even a way to later opt out from that spam without missing important admissions-related mail as a side effect.

'Teenagers using Ucas Progress must explicitly opt in to mailings from the organisation and advertisers, though the organisation's privacy statement says: "We do encourage you to tick the box as it helps us to help you."'

Their website also carries advertising, and the details of parents are sold on to advertisers as well.

Needless to say, the toothless ICO say they 'did not appear to breach marketing rules under the privacy and electronic communications regulations', as usual. Typical ICO fail.
ucas  advertising  privacy  data-protection  opt-in  opt-out  spam  direct-marketing  vodafone  o2  microsoft  red-bull  uk  universities  grim-meathook-future  ico 
march 2014 by jm
Bruce Schneier On The Feudal Internet And How To Fight It
This is very well-put.
In its early days, there was a lot of talk about the "natural laws of the Internet" and how it would empower the masses, upend traditional power blocks, and spread freedom throughout the world. The international nature of the Internet made a mockery of national laws. Anonymity was easy. Censorship was impossible. Police were clueless about cybercrime. And bigger changes were inevitable. Digital cash would undermine national sovereignty. Citizen journalism would undermine the media, corporate PR, and political parties. Easy copying would destroy the traditional movie and music industries. Web marketing would allow even the smallest companies to compete against corporate giants. It really would be a new world order.
Unfortunately, as we know, that's not how it worked out. Instead, we have seen the rise of the feudal Internet:
Feudal security consolidates power in the hands of the few. These companies [like Google, Apple, Microsoft, Facebook etc.] act in their own self-interest. They use their relationship with us to increase their profits, sometimes at our expense. They act arbitrarily. They make mistakes. They're deliberately changing social norms. Medieval feudalism gave the lords vast powers over the landless peasants; we’re seeing the same thing on the Internet.
bruce-schneier  politics  internet  feudal-internet  google  apple  microsoft  facebook  government 
october 2013 by jm
Microsoft CEO Steve Ballmer retires: A firsthand account of the company’s employee-ranking system
LOL MS. Sadly, this talk of "core competencies" and "visibility" is pretty reminiscent of Amazon's review season, too:
This illustrated another problem with [stack ranking]: It destroyed trust between individual contributors and management, because the stack rank required that all lower-level managers systematically lie to their reports. Why? Because for years Microsoft did not admit the existence of the stack rank to nonmanagers. Knowledge of the process gradually leaked out, becoming a recurrent complaint on the much-loathed (by Microsoft) Mini-Microsoft blog, where a high-up Microsoft manager bitterly complained about organizational dysfunction and was joined in by a chorus of hundreds of employees. The stack rank finally made it into a Vanity Fair article in 2012, but for many years it was not common knowledge, inside or outside Microsoft. It was presented to the individual contributors as a system of objective assessment of “core competencies,” with each person being judged in isolation.
When review time came, and programmers would fill out a short self-assessment talking about their achievements, strengths, and weaknesses, only some of them knew that their ratings had been more or less already foreordained at the stack rank. [...] If you did know about the stack rank, you weren’t supposed to admit it. So you went through the pageantry of the performance review anyway, arguing with your manager in the rhetoric of “core competencies.” The managers would respond in kind. Since the managers had little control over the actual score and attendant bonus and raise (if any), their job was to write a review to justify the stack rank in the language of absolute merit. (“Higher visibility” was always a good catch-all: Sure, you may be a great coder and work 80 hours a week, but not enough people have heard of you!)
amazon  stack-ranking  employees  ranking  work  microsoft  core-competencies 
august 2013 by jm
The NSA Is Commandeering the Internet - Bruce Schneier
You, an executive in one of those companies, can fight. You'll probably lose, but you need to take the stand. And you might win. It's time we called the government's actions what it really is: commandeering. Commandeering is a practice we're used to in wartime, where commercial ships are taken for military use, or production lines are converted to military production. But now it's happening in peacetime. Vast swaths of the Internet are being commandeered to support this surveillance state.

If this is happening to your company, do what you can to isolate the actions. Do you have employees with security clearances who can't tell you what they're doing? Cut off all automatic lines of communication with them, and make sure that only specific, required, authorized acts are being taken on behalf of government. Only then can you look your customers and the public in the face and say that you don't know what is going on -- that your company has been commandeered.
nsa  america  politics  privacy  data-protection  data-retention  law  google  microsoft  security  bruce-schneier 
august 2013 by jm
stuff Google has learned from their hiring data
A. On the hiring side, we found that [interview] brainteasers are a complete waste of time. How many golf balls can you fit into an airplane? How many gas stations in Manhattan? A complete waste of time. They don’t predict anything. They serve primarily to make the interviewer feel smart.

Instead, what works well are structured behavioral interviews, where you have a consistent rubric for how you assess people, rather than having each interviewer just make stuff up. Behavioral interviewing also works — where you’re not giving someone a hypothetical, but you’re starting with a question like, “Give me an example of a time when you solved an analytically difficult problem.” The interesting thing about the behavioral interview is that when you ask somebody to speak to their own experience, and you drill into that, you get two kinds of information. One is you get to see how they actually interacted in a real-world situation, and the valuable “meta” information you get about the candidate is a sense of what they consider to be difficult.

This makes sense, and matches what I learned in Amazon. Bad news for Microsoft though! (Correction: Adam Shostack got in touch to note that MS haven't done this for 10+ years either.)

Also, I like this:

A. One of the things we’ve seen from all our data crunching is that G.P.A.’s are worthless as a criteria for hiring, and test scores are worthless — no correlation at all except for brand-new college grads, where there’s a slight correlation. Google famously used to ask everyone for a transcript and G.P.A.’s and test scores, but we don’t anymore, unless you’re just a few years out of school. We found that they don’t predict anything. What’s interesting is the proportion of people without any college education at Google has increased over time as well. So we have teams where you have 14 percent of the team made up of people who’ve never gone to college.
google  hiring  interviewing  interviews  brainteasers  gpa  microsoft  star  amazon 
june 2013 by jm
Microsoft admits US government can access EU-based cloud data
interesting point from an MS Q&A back in 2011, quite relevant nowadays:
Q: Can Microsoft guarantee that EU-stored data, held in EU based datacenters, will not leave the European Economic Area under any circumstances — even under a request by the Patriot Act?

A: Frazer explained that, as Microsoft is a U.S.-headquartered company, it has to comply with local laws (the United States, as well as any other location where one of its subsidiary companies is based). Though he said that "customers would be informed wherever possible," he could not provide a guarantee that they would be informed — if a gagging order, injunction or U.S. National Security Letter permits it. He said: "Microsoft cannot provide those guarantees. Neither can any other company." While it has been suspected for some time, this is the first time Microsoft, or any other company, has given this answer. Any data which is housed, stored or processed by a company, which is a U.S. based company or is wholly owned by a U.S. parent company, is vulnerable to interception and inspection by U.S. authorities. 
microsoft  privacy  cloud-computing  eu  data-centers  data-protection  nsa  fisa  usa 
june 2013 by jm
Microsoft Code Digger extension
Miguel de Icaza says it's witchcraft -- I'm inclined to agree:

Code Digger analyzes possible execution paths through your .NET code. The result is a table where each row shows a unique behavior of your code. The table helps you understand the behavior of the code, and it may also uncover hidden bugs. Through the new context menu item "Generate Inputs / Outputs Table" in the Visual Studio editor, you can invoke Code Digger to analyze your code. Code Digger computes and displays input-output pairs. Code Digger systematically hunts for bugs, exceptions, and assertion failures.
testing  constraint-solving  solver  witchcraft  magic  dot-net  coding  tests  code-digger  microsoft 
april 2013 by jm
The Bw-Tree: A B-tree for New Hardware - Microsoft Research
The emergence of new hardware and platforms has led to reconsideration of how data management systems are designed. However, certain basic functions such as key indexed access to records remain essential. While we exploit the common architectural layering of prior systems, we make radically new design decisions about each layer. Our new form of B tree, called the Bw-tree achieves its very high performance via a latch-free approach that effectively exploits the processor caches of modern multi-core chips. Our storage manager uses a unique form of log structuring that blurs the distinction between a page and a record store and works well with flash storage. This paper describes the architecture and algorithms for the Bw-tree, focusing on the main memory aspects. The paper includes results of our experiments that demonstrate that this fresh approach produces outstanding performance.
bw-trees  database  paper  toread  research  algorithms  microsoft  sql  sql-server  b-trees  data-structures  storage  cache-friendly  mechanical-sympathy 
april 2013 by jm
Bunnie Huang's "Hacking the Xbox" now available as a free PDF
'No Starch Press and I have decided to release this free ebook version of Hacking the Xbox in honor of Aaron Swartz. As you read this book, I hope that you’ll be reminded of how important freedom is to the hacking community and that you’ll be inclined to support the causes that Aaron believed in.

I agreed to release this book for free in part because Aaron’s treatment by MIT is not unfamiliar to me. In this book, you will find the story of when I was an MIT graduate student, extracting security keys from the original Microsoft Xbox. You’ll also read about the crushing disappointment of receiving a letter from MIT legal repudiating any association with my work, effectively leaving me on my own to face Microsoft.

The difference was that the faculty of my lab, the AI laboratory, were outraged by this treatment. They openly defied MIT legal and vowed to publish my work as an official “AI Lab Memo,” thereby granting me greater negotiating leverage with Microsoft. Microsoft, mindful of the potential backlash from the court of public opinion over suing a legitimate academic researcher, came to a civil understanding with me over the issue.'

This is a classic text on hardware reverse-engineering and the freedom to tinker -- strongly recommended.
hacking  bunnie-huang  xbox  free  hardware  drm  freedom-to-tinker  books  reading  mit  microsoft  history 
march 2013 by jm
IBM insider: How I caught my wife while bug-hunting on OS/2 • The Register
Wow, working for IBM in the 80's was truly shitty.

'IBM HR came up with a plan that summed up the department's view of tech staff: a dinner dance. In Southsea. For our non-British readers this is not a glamorous location.

As a scumbag contractor I wasn’t invited, but since I was dating one of the seven women on the project, I went anyway and was impressed by the way IBM had tried so very hard to make the inside of a municipal leisure centre look like Hawaii. This is so crap that the integrity checks I’ve installed to watch myself for incipient senility keep flagging it as a false memory.

The only way I can force myself to believe the idea that the richest corporation on the planet behaved that way is that the girl who took me is now a reassuringly expensive lawyer who was kind enough to marry me and so we have photographic evidence.

(I wish to make it clear that I’m not saying IBM had the worst HR of any firm in the world, merely that my 28 years in technology and banking have never exposed a worse one to me.)'


And indeed, so were MS:

'We, on the other hand, were regarded as hopelessly bureaucratic. After Microsoft lost the source code for the actual build of OS/2 we shipped, I reported a bug triggered when you double-clicked on Chkdsk twice: the program would fire up twice and both would try to fix the disk at the same time, causing corruption. I noted that this “may not be consistent with the user's goals as he sees them at this time”. This was labelled a user error, and some guy called Ballmer questioned why I had this “obsession” with perfect code.'


(thanks, Conor!)
via:conor-delaney  os2  ibm  microsoft  work  1980s  pc  uk  steve-ballmer 
november 2012 by jm
Microsoft's ill-chosen magic constants
'Paolo Bonzini noticed something a little awkward in the Linux kernel support code for Microsoft's HyperV virtualisation environment - specifically, that the magic constant passed through to the hypervisor was "0xB16B00B5", or, in English, "BIG BOOBS". It turns out that this isn't an exception - when the code was originally submitted it also contained "0x0B00B135".' me, I prefer my magic constants less offensive and more Subgenius-oriented: "0xB0BD0BB5"
constants  via:kevin-lyda  oh-dear  microsoft  fail  magic-numbers  boobs  linux  kernel 
july 2012 by jm
Microsoft’s Downfall: Inside the Executive E-mails and Cannibalistic Culture That Felled a Tech Giant
"They had a great lead, they were years ahead. And they completely blew it. And they completely blew it because of the bureaucracy."
microsoft  bureaucracy  stack-ranking  hr  culture 
july 2012 by jm
Analyzing Flame's MD5 Collision Attack [slides, PDF]
really detailed slide deck by Alex Sotirov, Co-Founder and Chief Scientist, Trail of Bits, Inc. (via Tony Finch) Plenty of security fail by MS, and also: PKI is clearly too hard
via:fanf  flame  security  malware  md5  collisions  hashing  pki  tls  ssl  microsoft 
june 2012 by jm
Microsoft's Azure Feb 29th, 2012 outage postmortem
'The leap day bug is that the GA calculated the valid-to date by simply taking the current date and adding one to its year. That meant that any GA that tried to create a transfer certificate on leap day set a valid-to date of February 29, 2013, an invalid date that caused the certificate creation to fail.' This caused cascading failures throughout the fleet. Ouch -- should have been spotted during code review
azure  dev  dates  leap-years  via:fanf  microsoft  outages  post-mortem  analysis  failure 
march 2012 by jm
Microsoft's new IE "Ribbon" debunked
'nobody — almost literally 0% of users — uses the menu bar, and only 10% of users use the command bar. Nearly everybody is using the context menu or hotkeys. So the solution, obviously, is to make both the menu bar and the command bar bigger and more prominent. Right?
Microsoft UI has officially entered the realm of self-parody.' (via Nelson)
design  hci  microsoft  ui  statistics  user-hostile  ribbon  windows 
august 2011 by jm
MS Exchange Data Provider for Lightning
Thunderbird's calendar can now integrate properly with MS Exchange 2007 and above via OWA.  (via adulau)
calendar  extension  microsoft  exchange  from delicious
december 2010 by jm
That mysterious J
"in e-mail from Microsoft employees, you may find a stray J [...] The J started out its life as a smiley-face. The WingDings font puts a smiley face where the letter J goes. [...] As the message travels from machine to machine, the font formatting may get lost or mangled, resulting in the letter J appearing when a smiley face was intended." aha! mystery solved. Amazon is full of mysterious "J"s in emails, and now I know why
amazon  j  letters  wingdings  microsoft  spoor  fonts  noise  from delicious
november 2010 by jm
Op-Ed Contributor - Microsoft’s Creative Destruction - NYTimes.com
MS internal politics routinely torpedoed cool new projects. surprise, surprise. 'Engineers in the Windows group falsely claimed [ClearType] made the display go haywire when certain colors were used. The head of Office products said it was fuzzy and gave him headaches. The VP for pocket devices was blunter: he’d support ClearType and use it, but only if I transferred the program and the programmers to his control.'
cleartype  microsoft  software  bureaucracy  politics  culture  management  corporate  nytimes  from delicious
february 2010 by jm
Security Fix - Clampi Trojan: The Rise of Matryoshka Malware
'[Joe] Stewart said the sophistication and stealth of this malware strain has become so bad that it's time for Windows users to start thinking of doing their banking and other sensitive transactions on a dedicated system that is not used for everyday Web surfing.' it's that bad
joe-stewart  secureworks  malware  reverse-engineering  clampi  trojans  banking  security  danger  risks  windows  microsoft  fraud 
august 2009 by jm

related tags

4chan  1980s  advertising  algorithms  amazon  america  amicus-briefs  analysis  antivirus  apple  apple-watch  av  aws  azure  azure-storage  b-trees  banking  basis  bitcoin  blockchain  boobs  books  brainteasers  bruce-schneier  bunnie-huang  bureaucracy  bw-trees  cache-friendly  calendar  calorie-counters  change-management  character-sets  clampi  cleartype  cloud  cloud-computing  cm  code-digger  coding  collisions  constants  constraint-solving  conversion  core-competencies  corman-herley  corporate  culture  danger  data  data-centers  data-protection  data-retention  data-structures  database  dates  deployment  design  dev  direct-marketing  documentation  dot-net  dri  drm  dropbox  ec2  email  employees  eu  exchange  extension  facebook  fail  failure  false-positives  feudal-internet  fisa  fitbit  flame  flighting  fonts  fp  fraud  free  freedom-to-tinker  funny  future  gadgets  games  gchq  google  government  gpa  grim-meathook-future  hacking  hardware  haruspex  hashing  hci  health  heart-rate  hiring  history  honeypots  hosting  hotmail  hr  ibm  ico  incident-response  international-law  internet  interviewing  interviews  ip  ireland  j  jiq  joe-stewart  join-idle-queue  kernel  lame  languages  law  leap-years  letters  liberty  linux  load-balancers  load-balancing  machine-learning  magic  magic-numbers  mail  malware  management  md5  mechanical-sympathy  messagelabs  michael-mcdowell  microsoft  minecraft  mio  mit  mit-license  ml  mlat  mlats  mojang  mono  monoculture  mps  mugus  multi-region  nigerian-scam  noise  nsa  nytimes  o2  office-365  oh-dear  omgwtfbbq  open-source  operating-systems  ops  opt-in  opt-out  org  os2  outages  paper  parliament  patents  pc  performance  pki  platforms  plugins  politics  post-mortem  post-mortems  postmortem  postmortems  pranks  privacy  pulseon  ranking  reading  red-bull  regions  research  reverse-engineering  ribbon  risks  root-cause  samsung-gear  sca  scams  scheduling  scroogled  search  secureworks  security  servers  snowden  society  software  solver  spam  spoor  sql  sql-server  ssl  stack-ranking  star  statistics  steve-ballmer  stings  storage  stupid  surveillance  swpats  symantec  targeting  tay  testing  tests  tls  toread  tos  trade-secrets  trojans  twitter  ucas  ui  uk  universities  updates  upgrades  us  us-law  us-politics  usa  user-hostile  via:conor-delaney  via:fanf  via:gwire  via:kevin-lyda  via:norman-maurer  viruses  vodafone  windows  windows-xp  wingdings  witchcraft  work  worms  xbox  zeynep-tufekci 

Copy this bookmark:



description:


tags: