Who needs COFEE!?

Talk about timing! This is the perfect follow-up to my previous article about Microsoft's Computer Online Forensic Evidence Extractor (COFEE).

Remember I said:

Actually, my outrage is dramatized for purposes of this article. Most of us know this game of security we play only stops the casual passer-by. If someone has physical access, it's only a matter of time before they get in. If not through back doors created by Microsoft then through bugs or unknown technical trickery.

Despite Microsoft's claim that Vista is their most secure OS ever (Vista is 'more secure' says Gates), I just found a demo of the easiest hack ever! It uses the exact same trick I used on XP years ago - but much more dramatically.

On XP I used a Linux boot CD to mount my disk volume. This allowed me to bypass Windows security and do such things as hack the passwords file to gain access to the administrator account. This got me what I wanted but was hardly stealthy - it would be quite clear to anyone wanting to log into the laptop afterward that someone had really messed things up since the old passwords would no longer work.

If I was into true esponiage, I would want something much more subtle. Something that would give me access over the long term without being discovered. The Vista hack demonstrated above basically gives a spy that ability! By temporarily modifying the Ease of Access button (Utilman.exe) to gain access to Vista as the elevated system account, I would be able to do anything I wanted on the system. I could setup scheduled tasks or services (keyloggers, etc.) or examine user data. But there would be no evidence that I had been there! The existing accounts would not be damaged by me and system logs would show no evidence of me even accessing the computer. This is key to me getting something into the system and allowing it to remain for an extended period of time (very bad).

I've really been enjoying showing the video to people this week. Those in the know give a good belly laugh and those who believe the hype get this empty, sick look on their face -- try it! BTW, there is more discussion about the video on Microsoft's own Channel9 blog. There are some additional perspectives there, but they kind of miss the point.

Want to protect yourself from this threat? There is no fool-proof way - but you can at least make it more difficult:

• Using Bitlocker to encrypt the harddrive is the most obvious approach because the Linux boot CD will be unable to even find the System32 folder. But Bitlocker isn't practical for everyone since it requires all sorts of key management.
  
• The easiest approach is to prevent someone from booting with Linux by turning off the system BIOS options that allow booting from USB thumb drives or CD/DVD devices. But this also means you must password protect the BIOS. It would also be a good idea to lock the case so that the BIOS override jumper can't be used to reset the BIOS. A lock would also prevent the harddrive from being temporarily removed from the system and placed in some other computer that does allow booting (maybe the spy has an external USB chasis on his laptop). But now you are managing real keys and your IT staff have a bit more work to do before they can boot from a recovery CD or something.
• I found another novel approach was to disable the Ease of Access Button as described on the How-To Geek site. But don't be fooled. It turns out that someone just replaced Utilman.exe with an executable of their own :-) But it is a nice demo of how the hack can be done using a Windows install program without a Linux boot CD being needed at all.
  

I wish you all the best in securing your Vista environment. If you think you have a secure approach, share it with others here.

COFEE

If you haven't heard about Microsoft's Computer Online Forensic Evidence Extractor (COFEE), it's high time you did. Here's a little intro from the Seattle Times.


I'm all for eliminating any excuse for law enforcement to take away my computer hardware, but this goes too far! This is basically a USB key that lets anyone into my computer and past any encryption that may be protecting me. I know the article says it's for law enforcement only - but how long before an officer leaves one in a donut shop and it finds its way onto the Pirate Bay? -- hold on, I better see if it's already there -- phew, not yet.

Actually, my outrage is dramatized for purposes of this article. Most of us know this game of security we play only stops the casual passer-by. If someone has physical access, it's only a matter of time before they get in. If not through back doors created by Microsoft then through bugs or unknown technical trickery.

I myself hacked a system once in my past. I was helping a director from another department with his laptop. XP was locked down by his IT folks but he really needed to get a program installed while at this conference. I had no prior hacking experience or skills to help me. I did a quick Google search and in 10 minutes burned a bootable Linux CD. It knew how to mount the NTFS volume, find the passwords file and examine its contents. Within 15 minutes I had this director in his laptop as administrator working with his critical application. Scary.

Actually, physical access isn't even needed either. I'm not talking about a generic virus or trojan. It is possible for someone to target your PC and run a program on it that can extract whatever they need remotely - without ever touching it. This past March this very thing was done to a Mac and a Vista machine at the CanSecWest conference as part of a contest.

But if you still care about the COFEE application and the dangers of making user-friendly hacking tools available...

• Benjamin J. Romano from the Seattle Times wrote a follow-up to his article.
• Here's the Microsoft press release that got it all started:

COFEE, a preconfigured, automated tool fits on a USB thumb drive. Prior to COFEE the equivalent work would require a computer forensics expert to enter 150 complex commands manually through a process that could take three to four hours. With COFEE, you simply plug into a running computer to extract the data with the click of one button --completing the work in about 20 minutes.

• I like this article at C|Net news where Microsoft claims the tool is just in beta but that it has 2,000 users already. This obviously won't stay secure for long.
  

That darn desktop cleanup wizard

This screen cap made me chuckle :o)

Windows Doesn't Know When to Shutup

I just had to share.

Has anyone ever found that wizard to be helpful in any way? I wonder how you turn that bugger off. I never thought it was a big deal but I guess it would be to some :-)

Better Desktop.ini support please!

I swear that 60% of the traffic coming to my blog comes in on a Google search for Desktop.ini information. I've written numerous articles on the subject and have often wished that Vista and Windows Explorer did a better job of supporting the new Desktop.ini behaviors (read Vista's support for multiple languages & Folder Redirection: Not to the user's home directory).

Well, I just saw this Windows 7 Explorer demo on Youtube. I'm shocked to see a demo of that OS so soon (if it's genuine). But it got me thinking that I need to be more vocal and clear about my desire to have Vista and Windows Explorer fixed.

Windows Explorer needs an option where we can turn off its interpretation of the Desktop.ini and just show folders as they really are. Currently, many of us are resorting to a CMD prompt to do this. Let's face it, it just makes sense. The whole reason the Desktop.ini exists is to handhold (read "fool") users by showing them a folder name the OS thinks they want to see rather than the real underlying one. Anything that prevents you from seeing the truth is going to be problematic. Microsoft knew this when they allowed us to see hidden files or see hidden extensions - so why not now that they are hiding whole folder names?

I've also come to realize that more than just Windows Explorer needs to be fixed. In my article Vista's support for multiple languages I mentioned how the Start Menu didn't do a very good job - now I've found more problems. Microsoft seems to have thought the Desktop.ini would be a clever way of dealing with their multilingual problems. They thought they could now give users the Windows experience in their mother tongue while letting the OS play behind the scenes in English. The Desktop.ini would just hide everything - but it doesn't.

Take the example of a French OS. Users expect to find their programs under a folder called C:\Programmes. In the Windows XP days the users saw that folder and the programs were actually stored in a folder by that name. With Vista, the user still sees the expected folder but the system is actually storing them in C:\Program Files instead. Vista figures that since it is able to show the users one thing and the programs another, it's job is done and it can go back to sleep. But they forgot one little problem. Vista never tells the programs what folder name the user is expecting to see.

I was running a version of Visual Studio's MSDN Library on a French Vista OS. It encountered an error:

I liked my French message , but did'nt expect the English folder path. I can't use that path. When I browsed using the Dossiers (folders) pane on the left I couldn't find the path specified (the Desktop.ini hides it from me). The only way I could get to the folder was to manually type it in the address bar at the top of the Windows Explorer.

I realized that the application had no way of giving me the path I need because Vista never tells it what I am expecting to see. Programs are used to asking the OS where directors are located by using variables like %ProgramFiles% - and Vista is happy to tell them. But I think we now need variables like %DesktopProgramFiles% or something which tells the program what path to show users in messages. The two paths could be very different. Perhaps an API where you feed it a real path and it goes looking for Desktop.ini files and returns a path with all the relevant substitutions.

You might think this wouldn't be such a big requirement if I could tell Windows Explorer to ignore the Desktop.ini and allow me to navigate to the real folders. Although I tend to agree, it probably is still a requirement. I'm sure Germans or Egyptians don't want to find the programs under a C:\Program Files folder.

Do you know someone at Microsoft? Care to pass on the message?

More DRM woes for Vista users

My article, I don't like DRM, linked to a user who was having difficulty with DRM. He was being blocked from playing movies he paid for because his computer system was too high-res. Well, Vista users are suffering again.

This week Windows Vista Media Center users were being blocked from time-shifting some NBC shows. It's unclear if the broadcaster set the flags in error or whether Vista Media Center responded to them improperly. What is clear is that only Vista users were affected. TiVo and DirecTV who also respond to copy protection flags did not prevent their users from recording.

Have any of you seen this message?


[EDIT 19/5/2008] There is a good update regarding this issue here: Microsoft confirms Windows adheres to broadcast flag. Apparently Microsoft is implementing an FCC rule that was struck down in 2005. [/EDIT]

Microsoft's Springboard series

It appears that Mark Russinovich is presenting a Springboard area on Microsoft's web site to ease Windows Vista implementation pain by providing some much-needed guidance.

He kicked things off last month with a Springboard Live! Virtual Roundtable. He assembled a panel of experts (including Mark Minasi) and three Vista early adopter clients. They spent an hour discussing topics related to adopting Windows Vista. You know me, I'm a sucker for learning what Microsoft is thinking when it comes to Vista so I dove right in.

I found the roundtable to be a good use of my time - you likely will too - very informative. They pointed to some interesting resources that might help those of you considering a Vista deployment:

• Microsoft Assessment and Planning Accelerator (MAP) - is supposed to be an enterprise inventory, assessment and reporting tool that can assess your readiness to move to numerous Microsoft products such as Vista.
• Windows Vista Hardware Compatibility List - is basically a comprehensive listing of PC systems and peripherals known to be compatible with Vista (very comprehensive). Despite this simple list being incompatible with Firefox, I'm sure this information will be more reliable than the failed "Vista Capable" program.
• Windows Vista AppReadiness - another comprehensive list - but this time of legacy software applications and their Vista compatibility.
  

I'm not so sure about that last one though... If I hadn't heard a Microsoft talking head send me to the site, I would have been suspicious of the strange URL, complete lack of Microsoft branding and poor resolution of the logo certificates. I'm also not sure I trust what it is telling me. I took a look at Visual Basic 6 which I am having trouble packaging for BDD at the moment. The site claims it "Works with Windows Vista". It doesn't qualify that or provide any additional guidance. However, when I attempt to run the silent install, I am only greeted with the following Vista AppCompat message and am unable to proceed:


The roundtable goes on to remind us about new features of Vista SP1 such as:

• Bitlocker can now support multiple partitions (not just the first one).
• Improved file copying (see Vista copies files like a duck).
• Microsoft Deployment Toolkit replacing BDD.
• Volume Licensing has Vista and SP1 integrated in one package (recommended for new installs).

However the three clients who were Vista early adopters were a major disappointment. Despite them being friends of Microsoft that presumably got lots of support, I was expecting them to give me hope that great Vista implementations were possible - that my own failures were somehow my own fault. They tried their best. They nodded their heads at the right places and smiled while describing how great their deployments went. But if you actually listen to the things they said during their discussions, you quickly realize the reality was very different:

• one client admitted to turning off UAC! Not something we want to do - and certainly not what I would consider a feature of a successful Vista install.
• while talking about hardware demands of Vista, another client admitted to only deploying to new PCs. That means he is maintaining a heavily mixed environment and can hardly be considered a successful implementation of Vista (too limited for my taste).
• although that same client claimed to have installed Vista to laptops, you quickly realize that his "traveling nurses" probably have received a stand-alone treatment without the need for features like Offline Files.
• another client who claimed to have rolled out to the majority of his organization, admitted to have avoided laptops. They were planning to wait for SP1 before tackling those - he had Offline Files problems no doubt.
• that same client also admitted to having to install XP virtual machines to support some older legacy apps! That's two windows licenses and double the support per PC! Hardly what I would consider a successful Vista deployment.
  

But these guys were smiling and nodding their heads! Are these the BEST examples Microsoft could find? Am I the only one that doesn't know what a successful deployment means anymore? I'm so depressed.

Vista copies files like a duck

Odd title - but let me explain... I think everyone in the industry has complained about Vista's seeming inability to copy files quickly. Like a duck, it just seems to float along in no particular rush to get to the 100% mark. Maybe it looks like it is progressing quickly at one point - only to suddenly get distracted by something shiny and slow things down again. We can't believe the glacial pace of these copies and keep telling ourselves that Vista MUST be doing something remarkable in the background to justify these results.

Well, it turns out that just like a duck, Vista has indeed been paddling mightily below the surface the whole time. Mark Russinovich does a great job of describing what has been happening in his blog article: Inside Vista SP1 File Copy Improvements. This is a must read article. It really helped me to understand what has been going on and to realize that despite appearances to the contrary, technology is moving forward.

This article is going to kick off a new topic in my blog called "Windows Explorer". This is probably the last time I will have anything positive to say about that product. I have observed many other Windows Explorer behaviors that I will be discussing.

Topic: Windows Explorer

(Vista Vitals articles organized by topic)
These articles cover anything related to Windows Explorer. This includes File Copying, launching programs, UAC, navigation, etc. :

UAC: Microsoft Programs act weird - a little warning about Windows Explorer, Internet Explorer & Outlook.

Vista copies files like a duck - Mark Russinovich provides excellent details regarding the file copy process and how it has changed for Vista and again for Vista SP1. A must read.

UAC: Elevate Windows Explorer - Ever tried to launch Windows Explorer with Run as Administrator and fail? Find out why.

Quick Command Prompt - talks about a shortcut for opening CMD windows directly in any folder using Windows Explorer shift-context-menu.

Windows Explorer: Magic file deletions - a warning about Windows Explorer's surprising handling of attempted deletions of open files. Scary behavior you should be aware of.

Wrapup and retool - This is my wrapup to my Vista articles. I finally get around to delivering my punch line about Windows Explorer.

Windows XP SP3 deployment not going so well

Microsoft seems to be meeting the same success rolling out Windows XP SP3 as they did rolling out Vista SP1 (remember SP1 Hiccup: don't install KB937287! ?). These products must be getting too complex to anticipate all behaviors under all scenarios.

There are reports all over the web of people experiencing reboot issues once XP SP3 is installed. The best article I've seen is from the Register. It makes reference to Jesper Johansson's blog where you can find some solutions to the various problems.

Arm yourself with the solutions before your attempt a rollout of SP3 in your organization.

UAC: Microsoft Programs act weird

(This article uses a lot of technical UAC terms. If you have trouble understanding it, check out my UAC glossary: Let's Talk UAC for the Enterprise)

I thought I'd warn you about some Microsoft programs that behave rather weirdly under Vista. When I say "weird", I mean they don't act at all like generic Vista documentation says they should. This was a big problem for me in the beginning when I was trying to learn about Vista and UAC.

The programs I am talking about are Windows Explorer, Internet Explorer and Outlook. Whenever I look at my task bar, these are programs that are always running - no matter what else I might be doing. So naturally when I wanted to learn about UAC and elevation, I started playing with the ones staring me in the face. Big mistake. Confused the hell out of me.

When learning UAC, avoid Windows Explorer, Internet Explorer and Outlook. Microsoft has built extra barriers and behaviours that cause these programs to act differently. If you want to learn how programs generally behave, pick something safe like Notepad to test with.

Internet Explorer and Outlook are problematic because Microsoft has given them special attention. Historically Windows has been exploited by trojans and viruses coming from the web via web pages or e-mail. These two applications had a bad habit of letting these badies into the system to have a good time. Microsoft has introduced barriers to minimize the opportunity for these badies to get into Vista. Some good examples are Protected Mode and Low Integrity levels. I haven't done much work with these technologies, but here's an article that gives you an idea how confusing it can get when trying to understand what's going on:

http://xato.net/bl/2007/03/12/why-doesnt-ie7-protected-mode-mark-downloaded-files-as-low-integrity/

Windows Explorer's behavior is difficult to understand for different reasons. You have likely wanted to elevate Windows Explorer to an administrative token in order to perform
some work on files in a sensitive area like System32 - but failed. Explorer just wouldn't elevate for you. In this case the problem is more technical in nature resulting from Vista's design.

Vista's UAC can only elevate applications to use different tokens when the application is being launched - when a new process is being initiated. You may think this problem doesn't apply to you because you were right-clicking on Windows Explorer and choosing "Run as Administrator" when launching the program - but you'd be wrong. It turns out you weren't launching a new instance of Windows Explorer at all.

Windows Explorer does more than just show you a file management window when you demand it - it is also used to present the user interface (desktop, etc.). You are actually using Windows Explorer just by logging in and looking at the screen or navigating the Start Menu. This means the Windows Explorer is always running. When you think you are launching Windows Explorer fresh with the "Run as Administrator" option, you are actually just asking for a new file management window in an application that is already in progress. As a result, Vista is unable to elevate Windows Explorer to an Administrative Token.

I will be talking more about the problems Windows Explorer has and tricks for overcoming them in future articles. I just wanted to warn you to watch out for these three apps - they won't behave in ways you are expecting for generic applications.

Topic: Folders & Folder Redirection

(Vista Vitals articles organized by topic)
These articles cover anything related to folders. This includes Folder Redirection, Offline Files, Client Side Cache (CSC), Desktop.ini, etc. :

Introducing the User Files Folders! - introductions are needed - they have changed a lot since the XP days. You really need to get you head wrapped around this.

User Files Folders and the Desktop.INI - describes changes in folder behavior because of new Desktop.ini features - it even affects XP!

User Files Folders are Bilingual - describes how the new Desktop.ini makes it possible to support multiple languages with only one folder. (There are some problems you should know about though.)

Folder Redirection: Specifying a target share - a very important article on configuring Folder Redirection. You must use a GPO and can no longer redirect to a drive letter!

Folder Redirection of database files causes corruption - this is an outdated article so long as you are using SP1.

Folder Redirection: Duplicate User Files Folders - Vista has a nasty habit of creating duplicate folders for users. This article talks a bit about that.

Folder Redirection: Not to the user's home directory - Vista leaves a number of traps lying around. This one is a doozy! Make sure you never redirect user folders to the root of their network drive like you did in the XP days.

Folder Redirection: Amateur Magician - Vista really isn't good at working with redirect folders. You need to understand its limitations.

Folder Redirection: A case study - details a critical problem Vista has redirecting folders like the AppData folder for legacy applications. Unfortunately the work-around I describe breaks with Vista SP1 - so no solution is currently available.

User Files Folders: What's with all these extra folders - this article details more Vista problems caused by the new User Files Folder design.

Duplicate Folder Problems? Talk to me! - This is a roll-up of my articles that have anything to do with folder duplication because so many readers have been experiencing these problems.

Folder Redirection: Back to talk about Settings - this article is a lead-in to two other articles I wrote talking about the Move Data feature of the Folder Redirection GPOs - another Vista design flaw.

Folder Redirection: Duplicate User Files Folders II - this article describes how the Move Data option causes folder duplication and how to avoid it.

Folder Redirection: Misbehaves after target move - this is one of my most important articles! I provide a script for preventing a major Vista design flaw from wreaking havoc on your network.

Offline Files: Doesn't sync files modified while offline - this is an outdated article so long as Vista SP1 is being used.

Vista's support for multiple languages - this article demonstrates Vista's new approach to multilingual support and the problems it causes.

Better Desktop.ini support please! - another example of how the Desktop.ini doesn't go far enough to provide a user experience in their mother tongue. A request for Microsoft to make some improvements.

Folder Redirection: Problems with the Well-known Folders Cache - a KB article describing a problem with missing User Files Folders after a reboot.

Folder Redirection: IE7 Favorites Bugs - a description of a bug IE7 has. Protected Mode prevents access to Folder Redirection UNC paths that reference the local machine (think non-dedicated servers).

Topic: User Account Control (UAC)

(Vista Vitals articles organized by topic)
These articles are primarily focused on Windows Vista's new User Account Control (UAC) feature. But many other topics are covered because UAC affects so many different areas of the Windows system:

UAC: An introduction to User Account Control - Everything the web has to teach about UAC. I introduce 10 detailed information sources about UAC. A great starting point for users, administrators and developers!

UAC: Is Windows Vista secure? - my opinions and those of experts regarding Vista security. You need to know the limitations of what Vista and UAC have to offer.

UAC: Vista UAC vulnerabilities - many more discussions on the web about Vista security for those who care.

UAC: Local Admin vs. Domain Admin - one of my more important UAC articles. If you can follow it, your life as an enterprise administrator will be greatly simplified.

Disabling UAC - despite linking to instructions on disabling UAC, I actually discourage you from doing it!

Let's Talk UAC for the Enterprise - this is a must read article. This is a glossary covering many UAC terms - it summarizes them and puts them into some context. Most of the remaining articles in this topic are written with the expectation that you understand these terms.

Logon Scripts: A Token Effort - read this if you want to make your login scripts work in Vista. I discuss in detail how to overcome the barriers that UAC tokens create.

Become a Token Geek - links to articles that will teach you more than you ever wanted to know about tokens.

UAC: Avoid elevation like the plague! - a rather important article. I wish more developers knew about this.

UAC: How many tokens did I get? - describes how to figure out how many tokens a user has.

UAC: How to elevate anything - you probably have realized that you need to be able to elevate things other than .exe and .bat files (scripts, registry files, etc.). I don't think Microsoft realized that when developing UAC though. Here are some way to get around the limitation.

Welcome back Command Prompt! - the command prompt is one of the ways to get around UAC limitations. CMD has more valuable uses now under Vista than ever before! Learn about it here.

UAC: "Run As" like XP from the GUI - a review of SysInternal's ShellRunAs command. A valuable tool for your arsenal, but you need to know when to avoid using it.

UAC: This explains a few things - did you know Microsoft introduced UAC to annoy users? Read the article here.

UAC: Microsoft Programs act weird - a little warning about Windows Explorer, Internet Explorer & Outlook.

UAC: Elevate Windows Explorer - Ever tried to launch Windows Explorer with Run as Administrator and fail? Find out why.

Wrapup and retool - This is my wrapup to my Vista articles. I finally get around to delivering my punch line about Windows Explorer.

Topic: Windows Vista Service Pack 1 (SP1)

(Vista Vitals articles organized by topic)
These articles all discuss Windows Vista Service Pack 1 (SP1). There is some good technical information here that will let you know what to expect from SP1:

Service Pack 1 (SP1) for Vista is coming - well, it's now here (kinda out of date). But I discussed some spectacular ways that it broke previous functionality.

SP1 and a new kernel! - discusses SP1 changing the OS version to 6001 - the same as Windows Server 2008!

SP1 Hiccup: don't install KB937287! - don't bother with this one - out of date.

Vista SP1 Technical Information - get all your Microsoft SP1 guides here.

Vista Service Pack 1 is here! - a link to Microsoft's download site - get SP1 from here.

Vista SP1 unavailable from Windows Update? - can't get SP1 through Windows Update? Here's your answer.

Reclaim disk space from Vista's SP1 - introduces Microsoft's VSP1CLN tool which can shrink the size of OS images (deletes files that are no longer useful).

New deployment tools for Vista SP1 - these are must have tools for administrators of a Vista environment. Includes replacements for ADUC, GPMC, etc.

Vista SP1 makes some undocumented changes - good information about how the Terminal Services Client has changed.

Topic: Miscellaneous

(Vista Vitals articles organized by topic)
These articles cover a range of unique topics:

Vista's GPMC: Don't trust it - this is an outdated article covering the GPMC that was bundled with Vista. This tool was removed if you upgraded Vista to SP1.

Let's talk Roaming User Profiles - introduction to Roaming User Profiles as they pertain to Vista. Mentions some cohab issues with XP and identifies some reliability issues.

Vista deleting user profiles and data! - this outdated article describes how a buggy GPO caused the deletion of user profiles and data. The bug has been fixed as part of Vista SP1.

I don't like DRM - leads to an interesting article by Davis Freeburg describing his suffering at the hands of Vista's DRM.

Local Administrator Trumps GPO - think your GPOs have ultimate control of your enterprise workstations? Think again. - or - how to override your GPOs locally when you wish to test some alternate configurations.

GPAnswers: Group Policy Preference Extensions - an introduction to Group Policy Preference Extensions (GPPE). You will want to learn about this if you manage GPOs for your organization.

Microsoft's Springboard series - a 1 hour video discussing Vista deployment. I outline the highlights and provide a commentary.

More DRM woes for Vista users - leads to an article about Windows Vista Media Center users who were prevented from time-shifting their TV shows.

Who needs COFEE!? - a follow-up to a previous article about Microsoft's Computer Online Forensic Evidence Extractor (COFEE). Points to a demonstration of how to completely circumvent Vista security using a Linux live boot CD.

Microsoft not branding web sites - Points to some Microsoft sites that have absolutely no branding on them - weird. But useful sites nonetheless - particularly the Sysinternals executables that are ready to run.

Want your Windows Vista bug fixed? - An interesting plea to click on that Send Information button when you experience a Windows crash.

Roll your own MS Windows OS! - There is a movement out there that is hacking Windows 2008 Server to create a Windows 2008 Workstation that is one lean, mean Vista machine.

Topic: In Other News

(Vista Vitals articles organized by topic)
These articles predominantly link to other news services that provide information about or criticism of Windows Vista:

Need to Virtualize Vista Home Versions? - news that Microsoft eased license restrictions for Vista Home on virtual machines.

Microsoft Windows Releases - Windows 7 rumors.

"Vista Capable" lawsuit is now a class action

Has Vista lost all credibility? - links to more class action details.

Vista criticism in the news

News tidbits clearance! - good stuff here from free MS support for Vista to NVidia & Creative Labs naughtiness.

More news of interest - some linux stats, better installs of upgrade licenses and extended support for some versions of XP.

A petition to save Windows XP - details why people want XP to stick around and what they're doing about it.

Windows XP Service Pack 3 is here!

XP available after the June 30th deadline - but maybe not for home users.

Windows XP SP3 deployment not going so well - oops - some endless reboot problems for some people who installed SP3 - arm yourself with the solutions to the problems before proceeding.

COFEE - information about Microsoft's latest forensic tools for law enforcement.

Need to install XP on Vista hardware? - Find out how to create a custom XP install disk that incorporates SATA drivers from alternate sources.

XP Support for 6 more years - Microsoft announced support for Windows XP until 2014. Some links and comments about the viability of skipping Vista entirely - go for it!

XP: How to continue getting it after the June cutoff - PC World actually jumped through the hoops with 9 different PC manufacturers to see what it would take to get hardware preloaded with Windows XP!

Topic: Vista Humor

(Vista Vitals articles organized by topic)
Some Vista humor to lighten the mood:

Happy Halloween!

Vista: Even the packaging needs instructions

Some humor at Vista's expense

That darn desktop cleanup wizard