You’ll remember, from my previous posts (Zune HD – but not mine, Finally got my Zune HD, Messing around with audio files, Woot got my Zune, Zune can’t get my woot!, All Zune posts) on the subject, that I had some specific complaints about the Zune and its attendant software that I was hoping Microsoft would one day get around to fixing.
Zoom (Zume?)to this past week, and we saw Microsoft release a new version of the Zune software, so let’s see if there’s been any advance:
Images in MP3 files marked as Podcast and dumped into Podcast folder are not displayed in Zune Software or on Zune.
MP3 files in Podcast folder are not played in order by track number.
MP3 files in Podcast folder lose their Genre, and can’t be sorted by Genre.
MP3 files in Podcast folder can’t be rapidly navigated by alphabet.
Impossible to list Podcasts in the same order on the Zune and the PC, so as to compare visually, one by one, which ones you’ve heard. [No, this isn’t ideal, but even this would be better than current]
Zune Internet browser can’t access SSL sites like woot.com, with unexpected SSL root certificates.
No Flash in the Internet browser
Can’t tell on the PC which Podcasts you’ve listened to on the Zune (and in general, managing the relationship is sucky)
Now, the PC greys out individual podcasts you’ve listened to, but not the podcast series, so you have to click on each podcast series to see if it’s been listened to.
And if you use this to delete podcasts or a podcast series that you’ve listened to… it doesn’t actually delete them from your hard drive. This is infuriating, because it makes it fundamentally impossible to manage local podcasts.
And all this despite the Zune software warning you that it’s going to delete the series and its episodes PERMANENTLY:
OK, so there are some more apps. Still want more. But that’s probably not going to happen, because in what appears to be a bout of sheer bloody-mindedness, although XNA Game Studio 3.1 (for Zune HD) is a subset of the functionality of XNA Game Studio 4.0 (for Windows Phone 7), XNA Game Studio 3.1 only works in Visual Studio 2008, and XNA Game Studio 4.0 only works in Visual Studio 2010.
What this means is that a developer can’t build the same project, in one development environment, for Zune HD and Windows Phone 7, even though it would be possible to make the same game work on both platforms with the same source code.
If this isn’t a temporary problem, it’s going to make me and the other five Zune HD users really feel disenfranchised.
Put simply, the memo gives a timetable for moving the US Federal government to using native IPv6 for all public-facing web and Internet sites. The end of Financial Year 2012 is the deadline for that. There’s also a deadline of end of FY 2014 for all internal client apps to support IPv6.
Here at Texas Imperial Software, we’ve provided basic support for IPv6 in WFTPD and WFTPD Pro for some time.
Because of a lack of significant expressed customer interest, we’ve basically kept the IPv6 support out of the interface, despite a personal interest on my part in supporting IPv6. Now it’s time to change that and bring IPv6 in as an equal platform, rather than hiding it in the background.
We’re looking for beta testers for this IPv6 support. Drop me a line at email@example.com if you are able to test out an IPv6-capable FTP server. Priority is given to registered users, but if you can test out WFTPD or WFTPD Pro, on a native IPv6 network, we’d love to hear from you.
You don’t have to be associated with a government, or even enterprise, just interested, capable, and ready to give your feedback.
Although the new Zune software doesn’t start up the moment I plug in my Zune (maybe I’m missing a setting), the Marketplace Apps listing has come back, along with three new games, “Castles and Cannons”, “Dr. Optics Light Lab”, and “WordMonger”:
and one new, very welcome, app, “Windows Live Messenger”:
No update for the Zune HD itself, yet – I was hoping that maybe they’d fixed the web browser issues I was facing with Woot.
I kind of expected that the arrival of the Windows Phone 7 would cause an update to the Zune software interface. Sure enough, as soon as I tried to download a new episode of “The Guild”, an update was forced on me, along with a new licence agreement.
What I didn’t expect was this…
Yes, that’s right, select one of the Genres, either “Games” or “Other”, and this is what you get – “There are no apps for this selection”. I can only presume this is a foul-up by Microsoft, and not an example of “new product comes out, old product goes straight into the bin”.
At least, that’s what I hope.
National Cyber Security Awareness Month is October, and after a brief interruption, I’m continuing my series of posts that dump out some of the basic parts of security that make all the advanced stuff worthwhile.
Passwords are quite a challenge for many people, because they embody a number of things that people are bad at.
A password is a proof of identity. It confirms, or validates, who you have already claimed to be. It’s a secret quantity, and the operating system and applications you use spend significant effort to keep that password secret.
Your username, by contrast, is a claim of identity – it’s who you are claiming to be. Your username is not a secret part of your security, just as your name isn’t a secret. It’s all over the place, in public places, and even if you spend the effort to go “off grid”, or to hide your name from the phone books, nobody else is geared up to help you with that process. Similarly, the operating system and applications will not try to hide your username.
This is why renaming the Administrator account, or generating usernames from random sequences of letters and numbers, will not increase security as significantly as the simple act of extending the minimum length of passwords.
There are many other concepts that are like a password, such as private keys on a certificate, or the combination to a safe, the key to a drawer or a door.
Other things that you’d think are like a password, but aren’t, include:
There are numerous password protection and storage programs, for users and for enterprises. The words used to describe these programs are generally things like “safe” or “vault”. Using these programs will allow you to have large numbers of different passwords, which is only a good thing.
Imagine that one of your web sites gets a vulnerability, or has an administrator go bad. They could steal your password – but only for that site. Do you use that password for any other site? It’s very tempting now that most sites use email addresses as identifiers to use the same password as you use for your email account itself, but then that would mean that anyone who stole your password from one web site would be able to have access to all your other web sites, and your email as well.
Next, and I know this goes against what many people will tell you, you need to write some passwords down on a piece of paper.
First, we all carry around a device whose job is to protect small pieces of paper from falling into other people’s hands – it’s called a wallet, or a purse, and we’re all well-used to protecting those small pieces of paper in this fashion. Put a value on each of your passwords, and use this to decide whether to carry it in your wallet, or leave it in the safe, or put it in a safe deposit box.
Second, there will come a time when you have forgotten a password. In a work situation, there are generally easy ways to get your password reset, and you probably won’t lose a whole lot of data as a result. But for your home life, there’s rarely a good recovery store or process, and it will save you time if there’s a lock-box you can go to in order to recover your precious secret.
True story – a friend of mine had an accident that gave him a fractured skull and left him in a dubious state of consciousness for many weeks. He never remembered the passwords he had before the accident, and as a result, had to wipe out several machines rather than log on to them and recover them. He hadn’t written the passwords down or stored them in a safe deposit box, so his family and friends could not maintain his systems for him while he was ‘out’. He even lost his domain name to some domain squatters (though his friends very nicely bought it back for him).
Think about what access you would lose in a similar situation – or what access your family would lose.
Don’t share your passwords, or at the very least, make sure that there’s no easy way for someone to have your passwords and access to use them.
A safe-deposit box, or some other device that can only be retrieved if you are killed, or incapacitated in some way, is really the only place to make your high-value passwords accessible to others.
If you share your passwords with other people, you immediately move any investigation into your computing behaviour from the realms of “innocent until proven guilty” (it couldn’t be you, because your account wasn’t being used) to “guilty until proven innocent” (not only were you disobeying rules by sharing your password, but the activity was traced to your account, making it incredibly difficult for you to prove it wasn’t you that controlled the account at the time).
Finally, and this is especially true if you are writing down passwords, you need to have a plan for changing your passwords in an emergency, and you need to exercise this plan regularly. This means you need to know how to change passwords, write down details of how to change passwords (except in the most obvious cases), and you need to make sure that your understanding of how to change passwords is still accurate.
I personally think that this is the biggest reason that you need to change your passwords regularly – although, if you are the sort of person who wantonly shares passwords, the fact of sharing passwords with another person is reason enough to frequently change them.