Short Takes: Week of June 10

Ballmer verifies Longhorn plans in note to Microsoft employees
Thanks to yet another leaked email message from Microsoft CEO Steve Ballmer to his employees, we now know a few crucial details about the company and its plans ("Linux is a threat" and so on). As far as I'm concerned, the only interesting parts of this message concern Longhorn, the next major version of Windows, currently due in 2005. "In addition to the Longhorn client, there will be a Longhorn version of Office, Longhorn server enhancements, Longhorn development tools, and a Longhorn version of MSN," Ballmer wrote. "We will do the work and take the time required to get it right, because it truly is the next quantum leap in computing, which will put us years ahead of any other product on the market." In other words, yep, you guessed it. Longhorn could be delayed, even beyond 2005. Unbelievable, isn't it?

Linux not as secure as Windows Server
Curiously, this news will come as a surprise to some people, but according to a report from the security experts at mi2g, open-source poster child Linux is losing the security fight--big time--to Windows Server. Yes, you read that right: In May 2003 alone, Linux-based corporate and government systems experienced 19,208 successful breaches worldwide, whereas similarly oriented Microsoft Windows Server systems suffered only 3801 breaches. During this time period, more than 75 percent of all server-based breaches occurred on Linux systems; Windows systems were responsible for just 15 percent of breaches. Furthermore, the reports says that Windows-based systems were far more resilient than Linux-based systems during the Iraq war months from March to May 2003, a time of increased hacking activity. mi2g, which has been tracking server attacks since 1995, now oversees a database that contains more than 220,000 individual attacks and more than 7000 hacker groups. So why are Linux servers more easily compromised? The security experts quote several primary reasons: First, most Linux servers are improperly configured and don't come with decent default security configurations. Second, the open-source community doesn't have a coherent "trustworthy computing" initiative. Third, Linux is a target because of its increasing popularity in the server world. And, fourth, Frank Stallone. In other words, everything I've been saying about Windows, Linux, and security not only is true but is evolving in a wonderfully predictable way. Shouldn't we stop all the bogus "Windows isn't secure" baloney when a far less secure competitor is just waiting to be compromised?

Giga: Linux desktops not viable until 2005
And speaking of suddenly diminishing Linux expectations, let's take a look at the Linux desktop, which, as you've been reading for years, is on the cusp of taking over the desktop OS market from Windows XP. Not so fast, say the suddenly aware researchers at Giga Information Group. "It's a high risk strategy to make any decisions based on being upset with Microsoft or wanting to give Linux a chance," said one of the analysts. "This is no time for platform religion. One thing you do not want to be is an early mover. You need to learn from other people's mistakes." The only amazing part of this story is that anyone listens to analysts, given that their constantly evolving opinions usually change dramatically from year to year.

Intel: Linux servers now viable

On the flipside of the Linux coin, we present Intel, the microprocessor giant that recently embraced Linux faster than a turbo-diesel VW Van hurtling down the autobahn. According to Intel, a 32-way Itanium-based Linux server rivals Windows Server and UNIX for performance, racking up more than 600,000 transactions per minute (tpm) on an industry-standard Transaction Processing Performance Council (TPC) TPC-C benchmark. That score still isn't as good as the 707,000 tpm record that a Hewlett-Packard (HP) server running Windows Server 2003 recently obtained, but given Linux's relative age and immaturity, it's nothing to sneeze at. UNIX fans, it's time to sit up and smell the coffee. Despite its troubles in the desktop world, Linux is doing just fine in the server realm. Currently, Linux is the most popular OS for low-end, small-sized servers, although you could attribute this fact largely to its enthusiast community. But if Linux can prove it has the muscle to run with the big boys, Microsoft and UNIX have some work to do.

Pocket PC 2003: about as exciting as a new dishwasher
Well, it's official: The Pocket PC is a mature product. I know this because the next major revision of the PDA product, which is due next week, contains absolutely nothing exciting. Pocket PC 2003 (code-named Ozone) will include no-configuration wireless-networking support, native Bluetooth support, an improved Microsoft Internet Explorer (IE), Short Message Service (SMS) and Multimedia Messaging (MMS) Instant Messaging (IM) capabilities, Windows Media Player (WMP) 9, barely improved versions of the bundled Pocket applications, and native support for the XScale processors that all modern Pocket PCs now use. Thanks to its underlying Windows CE .NET 4.2 OS, the new Pocket PC will also support multithreading, which will add even more to the performance picture. If you're scanning through that list looking for a killer feature, don't bother--it isn't there. As Keith Furman remarked to me the other day when I complained about how boring this release is, "What did you want Microsoft to add?" Hmm. I guess I can't think of anything.

AD "lite" on tap

Microsoft shipped the first beta of its Active Directory Application Mode (AD/AM) release this week, giving testers their first look at the company's lightweight Active Directory (AD) version that's designed to host single-application data separately from a corporation's core AD infrastructure. AD/AM is based on the Lightweight Directory Access Protocol (LDAP) and will be packaged as an alternative installation of AD in companies that want to maintain higher security by separating application data from the core directory service. Data stored in AD/AM isn't replicated throughout an enterprise, making it easier to change that data without affecting the entire AD infrastructure. "This is just a new mode of [AD]," Kannan Iyer, a Microsoft program manager, said about AD/AM this week at TechEd 2003. "It has the same store technology, the same tools, and the same storage management infrastructure as [AD]. But it gives you local control, autonomous schema, and naming flexibility." Sorry, I nodded off there for a second.

The letdown that was TechEd 2003
And speaking of TechEd 2003: What happens when Microsoft plans one of the biggest launch parties in its history but none of the products show up? Well, after wiping that "deer in the headlights" look out of their eyes, the company's PR people started talking "vision" instead. Boring? Oh yeah. This year's TechEd was originally going to be a coming-out party for the new Microsoft Office System and Microsoft Exchange Server 2003. Instead, TechEd 2003 began as a giant apology and ended with a whimper: No new products are ready, Microsoft has no definitive release dates for those products, and the show had little real meat for its 10,000 attendees. Exchange and Office will ship at some indeterminate date later this summer, and even the promised Office 2003 Beta 2 Refresh won't ship until late June. Virtually every product touted at the show is destined for a late 2003 or 2004 launch. In one painful example, Paul Flessner, senior vice president of Microsoft's Server Platform Division, presented one of the most exciting products--Microsoft SQL Server 2000 Reporting Services--during his keynote address, leading many people to believe the

juneofshortsoftwaretakesweek