World Gone Mad: Microsoft Security Praised Again? MS Researchers Embracing GIMP?

If you aren't sitting, you might want to since Microsoft security continues to be praised. Microsoft Research used open source GIMP as the image tool of choice for a study. Roundup of MSFT news from Windows 8 blog, to the three behavioral types of people using email: "Filers, Pilers, and Deleters."

If you aren't sitting, you might do so, since hackers are praising Microsoft security, Kapersky Labs likes Microsoft's security, and now IE9 has been crowned with offering the best protection against drive-by-downloads. If that didn't shock you, how about Microsoft Research using the open-source graphic editor Gimp to build a prototype for tracking changes to binary files like images in a revision control system? Here's a roundup of Microsoft news that either shocked or amused me.

Security research firm NSS Labs tested the security of web browsers including Opera 11, Safari 5, Firefox 4, Chrome 12 and Internet Explorer 9. According to the Web Browser Security, Socially Engineered Malware Protection report [PDF],"IE9 caught an exceptional 99.2% of live threats: 96% with the SmartScreen URL reputation and an additional 3.2% with Application Reputation. URL Reputation, which is included in IE8, and Application Reputation, which is new to IE9, are the two components that make up IE9's SmartScreen Filter. IE9 with SmartScreen offers the best protection of any browser against socially engineered malware."

Chrome 12 caught 13.2% of "live threats," Firefox 4 and Apple Safari 5 both caught only 7.6%.

Microsoft is off the security vulnerabilities list according to Kapersky Labs quarterly malware report. "For the very first time in its history, the top 10 rating of vulnerabilities includes products from just two companies: Adobe and Oracle (Java), with seven of those 10 vulnerabilities being found in Adobe Flash Player alone. Microsoft products have disappeared from this ranking due to improvements in the automatic Windows update mechanism and the growing proportion of users who have Windows 7 installed on their PCs."

Would you believe "Vista was a giant leap in the right direction" for security? No, I've not been drinking, that's an actual quote. Although some people's view on Microsoft security might be like the door on the left, other people are suggesting it's more like the door on the right. At the Black Hat security conference, hackers praised Microsoft's security as "spectacular". According to Chris Paget from the security consulting firm Recursion Ventures, "Microsoft's security process is spectacular. Security is a process, not a product. It evolves. The question is, 'Was Vista secure?'' Microsoft has a very bad reputation for security and it is very much undeserved."

Meanwhile, Microsoft has launched Building Windows 8 blog and Twitter account @BuildWindows8 to have a "two-way dialog" and share the "unique adventure" about Windows 8 "design choices, real-world data and usage, and new opportunities."

Also interesting is a Windows Live post that said there are three behavioral types of people using email: "Filers, Pilers, and Deleters." Of the people studied, 53% are Deleters whose rapid-fire delete finger trashes 80% of email after reading. Deleters also "delete three out of ten emails" (31%) without ever reading it. Filers place "nearly half of their email (44%) into folders immediately after it arrives." Of those, 32% use vacation replies and 44% use keyboard shortcuts. Pilers keep 57% of the average 9,048 emails per year in their inbox and use email for storage. I wonder if surveillance-happy feds particularly love Pilers?

A Microsoft Research group chose to use GIMP, an open-source image editor, as their tool of choice for building a prototype revision control system. The team tracked individual editing changes to image binary files within a DAG (directed acyclic graph) which could be converted to RevG (revision graph) format. The researchers developed a plugin for GIMP to track operations on-the-fly so that the system "creates RevG from DAG interactive by applying a list of 'filters'."

The Microsoft Research paper, Nonlinear Revision Control for Images [PDF] states, "In our system, the problem of extracting differences between two revisions can be posed as a graph difference problem of the underlying DAGs." The research concluded, "Our current prototype system is implemented primarily for a single user as it is the predominant usage scenario for current artistic workflows. . . . In this paper we focused mainly on images, but we believe similar principles are applicable to other binary graphics assets, such as videos, meshes, or animation data."

If you are waiting for the bad news about Microsoft, I was trying for a world-gone-mad good news post, but here you go: PaidContent reported that in the ongoing patent battles for Android, Google accused Microsoft of revealing "highly confidential source code" via a subpoena before handing it over to an expert witness "who has done consulting work for Microsoft and Hewlett-Packard" which are "both direct competitors of Google." Google says that was not part of the agreement and wants the judge to stop the expert from testifying. Last week, Google claimed that Microsoft and Apple jumped "into bed together" to wage a patent war against Android. Feel better MSFT haters? ;-)

Like this? Here's more posts:

Follow me on Twitter @PrivacyFanatic

Copyright © 2011 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)