An often irreverent look at some of the week's other news...

Ballmer Verifies Longhorn Plans in Note to Microsoft Employees
Thanks to yet another leaked email message from Microsoft CEO Steve Ballmer to his employees, we now know a few crucial details about the company and its plans ("Linux is a threat" and so on). As far as I'm concerned, the only interesting parts of this message concern Longhorn, the next major version of Windows, currently due in 2005. "In addition to the Longhorn client, there will be a Longhorn version of Office, Longhorn server enhancements, Longhorn development tools, and a Longhorn version of MSN," Ballmer wrote. "We will do the work and take the time required to get it right, because it truly is the next quantum leap in computing, which will put us years ahead of any other product on the market." In other words, yep, you guessed it. Longhorn could be delayed, even beyond 2005. Unbelievable, isn't it?

Linux Not as Secure as Windows Server
Curiously, this news will come as a surprise to some people, but according to a report from the security experts at mi2g, open-source poster child Linux is losing the security fight--big time--to Windows Server. Yes, you read that right: In May 2003 alone, Linux-based corporate and government systems experienced 19,208 successful breaches worldwide, whereas similarly oriented Microsoft Windows Server systems suffered only 3801 breaches. During this time period, more than 75 percent of all server-based breaches occurred on Linux systems; Windows systems were responsible for just 15 percent of breaches. Furthermore, the reports says that Windows-based systems were far more resilient than Linux-based systems during the Iraq war months from March to May 2003, a time of increased hacking activity. mi2g, which has been tracking server attacks since 1995, now oversees a database that contains more than 220,000 individual attacks and more than 7000 hacker groups. So why are Linux servers more easily compromised? The security experts quote several primary reasons: First, most Linux servers are improperly configured and don't come with decent default security configurations. Second, the open-source community doesn't have a coherent "trustworthy computing" initiative. Third, Linux is a target because of its increasing popularity in the server world. And, fourth, Frank Stallone. In other words, everything I've been saying about Windows, Linux, and security not only is true but is evolving in a wonderfully predictable way. Shouldn't we stop all the bogus "Windows isn't secure" baloney when a far less secure competitor is just waiting to be compromised?

Giga: Linux Desktops Not Viable Until 2005
And speaking of suddenly diminishing Linux expectations, let's take a look at the Linux desktop, which, as you've been reading for years, is on the cusp of taking over the desktop OS market from Windows XP. Not so fast, say the suddenly aware researchers at Giga Information Group. "It's a high risk strategy to make any decisions based on being upset with Microsoft or wanting to give Linux a chance," said one of the analysts. "This is no time for platform religion. One thing you do not want to be is an early mover. You need to learn from other people's mistakes." The only amazing part of this story is that anyone listens to analysts, given that their constantly evolving opinions usually change dramatically from year to year.

Intel: Linux Servers Now Viable
On the flipside of the Linux coin, we present Intel, the microprocessor giant that recently embraced Linux faster than a turbo-diesel VW Van hurtling down the autobahn. According to Intel, a 32-way Itanium-based Linux server rivals Windows Server and UNIX for performance, racking up more than 600,000 transactions per minute (tpm) on an industry-standard Transaction Processing Performance Council (TPC) TPC-C benchmark. That score still isn't as good as the 707,000 tpm record that a Hewlett-Packard (HP) server running Windows Server 2003 recently obtained, but given Linux's relative age and immaturity, it's nothing to sneeze at. UNIX fans, it's time to sit up and smell the coffee. Despite its troubles in the desktop world, Linux is doing just fine in the server realm. Currently, Linux is the most popular OS for low-end, small-sized servers, although you could attribute this fact largely to its enthusiast community. But if Linux can prove it has the muscle to run with the big boys, Microsoft and UNIX have some work to do.

Pocket PC 2003: About as Exciting as a New Dishwasher
Well, it's official: The Pocket PC is a mature product. I know this because the next major revision of the PDA product, which is due next week, contains absolutely nothing exciting. Pocket PC 2003 (code-named Ozone) will include no-configuration wireless-networking support, native Bluetooth support, an improved Microsoft Internet Explorer (IE), Short Message Service (SMS) and Multimedia Messaging (MMS) Instant Messaging (IM) capabilities, Windows Media Player (WMP) 9, barely improved versions of the bundled Pocket applications, and native support for the XScale processors that all modern Pocket PCs now use. Thanks to its underlying Windows CE .NET 4.2 OS, the new Pocket PC will also support multithreading, which will add even more to the performance picture. If you're scanning through that list looking for a killer feature, don't bother--it isn't there. As Keith Furman remarked to me the other day when I complained about how boring this release is, "What did you want Microsoft to add?" Hmm. I guess I can't think of anything.

AD "Lite" on Tap
Microsoft shipped the first beta of its Active Directory Application Mode (AD/AM) release this week, giving testers their first look at the company's lightweight Active Directory (AD) version that's designed to host single-application data separately from a corporation's core AD infrastructure. AD/AM is based on the Lightweight Directory Access Protocol (LDAP) and will be packaged as an alternative installation of AD in companies that want to maintain higher security by separating application data from the core directory service. Data stored in AD/AM isn't replicated throughout an enterprise, making it easier to change that data without affecting the entire AD infrastructure. "This is just a new mode of \[AD\]," Kannan Iyer, a Microsoft program manager, said about AD/AM this week at TechEd 2003. "It has the same store technology, the same tools, and the same storage management infrastructure as \[AD\]. But it gives you local control, autonomous schema, and naming flexibility." Sorry, I nodded off there for a second.

The Letdown That was TechEd 2003
And speaking of TechEd 2003: What happens when Microsoft plans one of the biggest launch parties in its history but none of the products show up? Well, after wiping that "deer in the headlights" look out of their eyes, the company's PR people started talking "vision" instead. Boring? Oh yeah. This year's TechEd was originally going to be a coming-out party for the new Microsoft Office System and Microsoft Exchange Server 2003. Instead, TechEd 2003 began as a giant apology and ended with a whimper: No new products are ready, Microsoft has no definitive release dates for those products, and the show had little real meat for its 10,000 attendees. Exchange and Office will ship at some indeterminate date later this summer, and even the promised Office 2003 Beta 2 Refresh won't ship until late June. Virtually every product touted at the show is destined for a late 2003 or 2004 launch. In one painful example, Paul Flessner, senior vice president of Microsoft's Server Platform Division, presented one of the most exciting products--Microsoft SQL Server 2000 Reporting Services--during his keynote address, leading many people to believe the product is ready. It isn't ready, and the public beta won't even ship until late this year.

SQL Server Yukon Delayed to Late 2004
TechEd 2003 attendees witnessed a rare admission during Flessner's keynote address: Microsoft is delaying the next version of SQL Server (code-named Yukon) from the first half of 2004 to the second half of 2004. Flessner said both the public beta and the file release are being delayed: "We've pushed Yukon back a bit," he said. "There will be a public beta, as we had originally announced, that will come on this summer. You'll see a public beta, and originally we said we'd ship in the first half of calendar year 2004. We are pushing that back into the second half of calendar year 2004, not driven by anything specifically; we just want to get the QA cycle right and more work around embedding the Common Language Runtime, which we're super excited about, as I hope all of you are." Why is this comment notable? Typically, Microsoft doesn't make public promises about release dates so that the company can later claim ignorance about delays. ("We only ship products when they're ready" is the usual PR spin.) But having a major league Microsoft executive actually admit to a delay is unprecedented. Yukon, by the way, is important for several reasons: The product is a major platform that will be accompanied by a new Visual Studio (VS) release, and its new data store will form the basis for the Longhorn WinFS file system extension, the Blackcomb AD, the Exchange Server Kodiak release, and various other storage-related products coming down the road. So this product truly is one that Microsoft should delay again and again until the company gets it right. My guess is that Yukon will ship simultaneously with Longhorn. In 2006.

Borland C# Tool to Ship with Suddenly Inexpensive SQL Server Developer Edition
One bit of good news that came out of Flessner's address is that SQL Server 2000 Developer Edition will get a price reduction from $499 to just $49. The company told me it wanted to make SQL Server more accessible to developers, but I suspect the price reduction has something to do with the free and quite popular MySQL database, an open-source product. Regardless, the new SQL pricing will drive sales, and at least one major company, Borland Software, has already agreed to include SQL Server Developer Edition in its products. The first will be Borland C# Builder, due this summer.

Windows 2003 Gets Its First Patch
This week, Microsoft issued its first Windows 2003 security patch, which fixes a vulnerability that can let malicious sites run code on the server. But before you start ranting about how Windows 2003 is insecure, consider this: Because this vulnerability relies on services that are turned off by default in Windows 2003, the vulnerability is actually far less damaging on that system than it is on Windows 2000 and will affect only people who manually turned on those services. Indeed, although the patch is rated critical for other versions of Windows, it's rated only moderate for Windows 2003. And because Windows 2003 includes the Auto Update and Windows Update tools, enterprises can keep their servers automatically updated with the most recent security patches. Good stuff, methinks, and yet another example of how Microsoft is doing the right thing with security.

Some Updates on Microsoft's Web Browser Plans
After I wrote about Microsoft's nonplans for IE development, CNET curiously and immediately picked up the story (ahem), which became big news in the wider nontechie world. The big question is this: Is Microsoft really serious about not updating IE until Longhorn ships in 2005? The company seems to be waffling a bit. "Nothing has been decided yet," one Microsoft representative said. "There are a lot of different options, and it's too early to talk about any of them." A Microsoft source told me to wait until October, suggesting that the PDC might yield some clues. But the PDC is an area in which Microsoft will provide updates about Longhorn, suggesting that IE is, indeed, now just another part of the platform, not a standalone application. In a related move, various Macintosh sites have taken the chat transcript I mentioned last week and the release of MSN for the Mac to mean that Microsoft is discontinuing IE for the Mac because they believe that everything Microsoft does, even if not explicitly stated, is designed to screw Mac fans. I'm not sure that's the case, but given the quality of Apple Computer's Safari browser, I see no point in future Mac IE development. So what's the story with IE? Given Microsoft's ability to constantly change its plans, I don't think anything is written in stone yet.

Some People Just Don't Get Office
For the record: Office has always been a tool for corporate users, not consumers. Put another way, Microsoft doesn't expect people to walk into their local electronics superstore and plunk down $500 for the most recent office-productivity suite. But many people, including--alarmingly--some tech reporters, still don't understand this simple fact. Recent stories have claimed that Microsoft is abandoning consumers with Office 2003 to suddenly concentrate on businesses instead. Hogwash. Yes, Microsoft InfoPath is included only in the volume-licensed versions of Office 2003. But the average home user doesn't typically need to design forms-based applications to interact with server-based data back ends by using XML. And yes, Office works better when combined with Windows 2003, Windows SharePoint Services, and Exchange 2003. But these products are installed together in the enterprise. Sure, people will continue to get Office with new PCs, and most people I know are comfortable with standalone Office applications such as Microsoft Word and Excel. But the Office money machine has always relied on businesses upgrading to new versions, and it always will.

Windows Digital Media-Based Terminator 2 DVD Hits the Streets: Yikes
Microsoft sent me a copy of "T2: Extreme DVD" this week and ... yikes. In addition to the standard DVD version of the movie, the package includes a separate disk with a High Definition (HD) version of the film encoded in 1440 x 816, CBR 6.8Mbs WMV 9 format. And doesn't that just make the typical DVD version look silly? You need a wonking PC--3GHz with a 128MB video card--to properly view the WMV 9 HD version, but if you have such a beast, crank up the surround sound and hang on to your seat.

Microsoft Executive Share Selling Questioned
Earlier this month, Microsoft CEO Steve Ballmer sold more than $1 billion worth of Microsoft shares, a transaction that would have generated a bit of press regardless of the circumstances. But now the US Securities and Exchange Commission (SEC) is investigating because Ballmer hadn't sold shares in more than 12 years, then he suddenly sold almost 50 million shares just days before his company announced a blockbuster $750 million settlement with AOL Time Warner, ending the bitter antitrust battle between the two companies. The SEC wants to know whether Ballmer made the sale by using insider knowledge of the pending settlement, an illegal act and one that regulators are increasingly sensitive to (witness "Martha Stewart Living ... Behind Bars" as a recent example). Microsoft says the sale was a personal decision.

EU Extends Microsoft Investigation
And if you thought the US case against Microsoft was never ending, check out the most recent developments in the European Union (EU) investigation of the company. This week, the antitrust arm of the EU, the European Commission (EC), said that it's seeking more evidence in the case related to Microsoft's alleged practice of stifling competition with WMP. "We had some outstanding issues \[in the case\] and decided to investigate these issues further," an EC spokesperson said. The EC originally planned to conclude its Microsoft antitrust case by the middle of 2003, but this extension will delay a decision indefinitely. Is anyone else bored with this investigation yet?