In an interesting twist on the commonly held view that OSX is much more secure ZDNet has actually done some testing and dispelled a lot of the rumors and replaced them with some cold hard facts.

X Extremely critical
H Highly critical
M Moderately critical
L Less critical

I guess it goes to show that a lot of the superiority OSX was able to claim in the past came from it's very low marketshare making it a less popular target for exploits, but as that share and awareness has grown it's become a juicier target. Like Flash (which has also been exposed recently as a cause for concern) I hope Apple step up to the plate and make a difference early in 2008.

It's interesting to see how the testing also confirms that Microsoft have done a good job in improving the security of Vista over WinXP - hopefully Service Pack 1 will continue this trend in the right direction.

It's the sort of article that ThinkSecret would have had as front-page news... if Apple had not litigated them to the wall.

I've got a couple of machines at home that I protect using OneCare. It's convenient, reliable and, unlike some other products I could mention, isn't a resource hog.

I was quite excited this evening to see that the team has released a pretty major update that improves the protection and optimization for both individual machines as well as a home network.

The update will roll out to existing users over the next few weeks so keep an eye out for it!

For more information, check out OneCare. If you're interested in a more corporate solution the bow-tie wearing chap in the office across from me pointed out that Forefront is its more enterprise focused cousin.

Hot on the heels of the Windows Line OneCare 1.6 update comes the public beta of OneCare 2.0.

As well as beefing up the security features of the engine this new version offers a bunch of cool new features that make keeping your home PCs secure and performing well a little bit easier

• Multi PC management - designate a hub PC and then add additional PCs to your OneCare circle using a common Windows Live ID. You can then see the status of the other PCs within the group.
• Printer Sharing - share your printer with all the PCs in your OneCare circle
• OneCare Online Photo Backup - paid storage will be available online for photo backups (currently not in the beta)
• Securing wireless networks - if your router is supported OneCare 2.0 will allow you to secure your wireless network
• Startup tuneup
• x64 support

One thing that I really like about this version is that the backup feature is aware of Windows Home Server functionality so if you're using that as your network backup solution then it won't panic because your data isn't safe.

If you have an existing OneCare subscription then you won't be able to activate the beta using that existing account, but you can enable the multi-pc feature if you sign in (but not activate - you need a product key for that) with a Live ID.

You can sign up for the beta here, discuss it in the OneCare support forums, and follow the news on the OneCare blog.

Due to the unexpected illness of my Corporate Vaio SZ390P (the increasing blue screens of death and "hardware failure" messages were not just a plot to annoy me but it turns out the warning signs of impending doom - or in this case it seems symptoms of the death of my TPM chip) I've had to go back to my old trusty Vaio T27GP (which was used to build BigBrother 06 and v1 Mytalk sites).

It should hardly come as a surprise that the machine (which I've not really used since leaving Aus) was a little out of date but it was simply a case of running Windows Update a couple of times and all was good with WinXP.

SQL Server has proven to be a little more interesting... I can't get Service Pack 2 to install and the error message isn't that helpful. I'm going to play some more with that one (I suspect it may have been my fault... halfway through trying to install it the first time I pulled power forgetting the battery wasn't actually charged!)

Office turned into a bit of a saga though. When I last used this machine Office 2007 was at Beta 2 Technical Refresh... long since expired. So I needed to upgrade to the current RTM version. But in order to do that I needed to uninstall B2TR which proved to be rather difficult thanks to a variety of changes in registry (and probably other consequences of my install/uninstall approach to anything new and shiny).

Luckily on my searches it turned out I wasn't the only one to have hit the problem so thanks to UKSMBGirl I was able to find a handy step by step guide to getting B2TR uninstalled - which actually applies to pretty much any product you can't get rid of easily.

The star of the piece was C(rap)Cleaner - a very simple utility which does exactly what it says on the tin going through and de-crufting your machine. Along with my favorite hard-core tune up toolkit for PCs this is a worthy addition to any toolkit if you're trying to maintain a machine in tip-top condition (especially when it may have been without care and attention for a while).

Like CCleaner, Tune-up does a great job as an on-demand cleaner but it also does a good job of scheduled maintenance. Personally I use OneCare on the machines at home because of their security integration but if you have a different choice of firewall/antivirus package (eg NOD32) then Tune-up is worth adding to your machine.

If you want to make sure your machine is in tip-top shape then it's also worth sniffing out the many malware infections that could creep in unannounced. Spybot S&D is still my favorite for a deep scan as part of regular maintenance though again day-to-day OneCare does the job of keeping comfort factor high

I had to give up on my previous blog solution because the comment spam was getting out of control and it was hard to manage. That led me to Community Server which has a better approach to spam control.

That now means that with the basic out-of-the-box facilities and a couple of excellent add-ons [6 rules and Akismet] I've not had a single spam comment get published, and almost no collateral damage.

But, even though the spam comments are not getting published they keep on coming. Today alone I've had to make about 80 entries for one site go away. What's even stupider is that the site isn't currently promoting viagra, breast enlargements or unlimited free porn.... it's spruiking badly worded investment tips in (in some cases) companies who don't even match the claimed stock ticker!

Makes me wonder why they bother! They're getting no benefit from their efforts and I could certainly do without the time wasting while I hit delete on their quarantined rubbish.

They keep trying to fill my mailbox up as well. Luckily a combination of SpamCop.net and Outlooks junk filters means that it's very rare that I actually see anything that's too time wasting. And I feel good because I report almost every one of the spam emails I get via SpamCop. For good measure I also install the Project Honeypot spambot catcher on pretty much any site I work on.

Currently listening to: Driftkikker What

There's been a lot of talk about how virtualisation and portable apps are going to change the way that the world works recently. Everywhere I look there are new initiatives and technologies that are going to bring about a revolution in ease of use, safety and stability.

I agree that the wave is coming, but I'm not sure it's here just yet.

I set myself a little challenge. To build a totally portable environment that could live on my iPod and plug into a friends computer, a spare machine at home or an internet cafe and allow me to work as though I was at my desk.

That meant I needed:

• IIS: or similar webserver, capable of delivering ASP.NET 2.0 - so needed all the relevant frameworks etc
• SQL Server 2005: Pretty much any of the editions, as long as it had the management console and was 100% compatible with the features we're using in our live environment
• Development IDE: Visual Studio would be a major bonus, but EditPlus would have cut it.
• Browsers: IE (6 or preferably 7) and Firefox are a must for testing. ideally independent from the host OS so I know what plug-ins and add-ons are in place
• Drawing tool: Designers insist of making me look at graphics. Apparently the world looks prettier in technicolor and with curves. Don't they realise how much overhead that puts on the text! Luckily for y'all I'm in the minority and I bow to Cats wisdom when she tells me that a picture is worth a thousand words (and if I build websites that don't have pictures I won't get paid for those words either!). Luckily for me Paint.Net is simple enough for me to use and good enough to do what needs to be done
• MS Office: Or something 100% equivalent. OpenOffice and Evolution come close but I did say 100% didn't I! Specifically the 2007 B2TR version because I just don't want to go back to its predecessor
• Music player: Because I can't work in silence. Ideally able to access the music stored on the iPod without needing duplication. SongBird, iTunes or WMP are all acceptable for this
• Utilities: Windows Live Writer, Messenger, Skype, Anti virus/spyware to keep the device safe and the ability to connect to the office VPN are all a must for the environment to receive the final tick.

So... how did they do?

The first things to spring to mind where VirtualPC and Parallels. I've used VirtualPC on the Mac before to set up a Windows environment and it was okay. I've also used it for testing on the PC. But VirtualPC and Parallels don't give me a portable environment... I still need to lug the laptop around so they're not contenders for this little challenge. I would have included VMware in the write-off but for the Moka5 tool. But more of that in a moment.

So next I had a look a the mindset leader - U3. And wrote it off (along with PowerToGo and Ceedo) very quickly. Not because it was bad but because most of what I wanted to run wouldn't in that environment (though if you can use the portable versions of OpenOffice, Firefox, Evolution etc they are a perfect answer)

The Linux LiveCDs (and also the BartPE WinXP LiveCD) also didn't make it because the former is Linux and the latter requires a reboot of the host (and being CD based limits me in what I can do/run)

That left me with two contenders. MojoPac and Moka5.

MojoPac has a lot of promise. Works with any USB 2.0 device. Supports most Windows applications. MojoPac works as a new virtual user on the host PC so you use a lot of the underlying PCs functionality (browser, operating system, shared apps etc) but keep your settings and data totally separate. You can also install applications on the MojoPac so they are always available. While it did work fine on my iPod it was very limited. It doesn't support Vista (I know it wasn't a requirement but it's a worry nevertheless), IE7 on the host machine (in fact ever IE6 seemed temperamental) and anything that messes with the OS - including things that need specific services to be running, or to install new services (IIS and SQL have problems there), or that check to see if your copy of windows is valid - WGA won't run (in fact, the entire Windows Update function is unavailable).

After a lot of wasted time I got the .Net 2.0 frameworks, Paint.Net and Office installed. But I was still without a database or a webserver and I was bored of being right on the bleeding edge. Given their claims I thing for a US$30 product (and no early-adopter discounts, life-time licence's etc) it's rather limited. You don't need to buy a Windows licence to use it, but it doesn't offer much over the U3 / Portable Apps type setup for it's price. Maybe by release 2.0 it'll be what I need.

That left me with Moka5. A very interesting idea, and potentially pretty limitless. Moka5 is an extension on the VMware virtualisation player. They allow you to use shared streamed (pre-tested and configured) environments on your local device, storing updates/personal data locally but always having access (assuming you're online) to the latest build of the environment itself. If you're offline a lot you have the ability to cache the environment. You can also build and manage your own environments.

I set up a WinXP Pro environment within the player and fairly quickly was able to install pretty much everything from the list above (I stopped when I'd proved that the hard things worked!) Because it's a virtualisation engine it creates and manages a dedicated stand-alone environment. Just for fun I also created a Ubuntu 6.06 environment on the same iPod so that I could toggle between them. At the moment it still needs a Windows host machine, but as VMware player is cross platform it will be interesting to see if that evolves over time...

The downsides of Moka5 are cost - because it's a full WinXP environment you're into the world of licensing fees which may preclude this option for some. I also found the Windows environment to be very slow (part of the reason for the Ubuntu install was to compare the two) - In Ubuntu the mouse moved fairly smoothly and menus were responsive. With the WinXP virtual machine I often found myself  ducking back to the host to check my email while I waited for something to happen.

So sadly for the moment at least I'm still lugging my laptop. Both Moka5 and MojoPac show great promise for portable developer/testing environments.

MojoPac would also be great for students of people who are able to use Open Source portable apps (but then again they may be better off with a standard USB key and a free portable versions of those Open Source apps).

Moka5 is an awesomely flexible platform. I'll probably keep working on trying to get acceptable performance out of the WinXP install, and I'll certainly keep the Ubuntu installation there for testing.

Both Moka5 and MojoPac are early iterations of this technology and both show great promise. I'll be watching with a keen eye.

What I'd love to see however is something that lets me carry an ultra portable device (either one of the new UMPCs, or a more contemporary replacement for my Vaio C1MT Picturebook, or something the size of my K-Jam that can run WinXP Tablet Edition!) but plug into a network/USB connector/Docking Cradle at home/the office/client site/internet cafe and have the data immediately available on the more powerful machine and carry on working with the resources of both machines at my disposal...

The final irony. The Internet Cafe were I normally testing things like this for real portability have just 'upgraded' their kiosks... they no longer have customer accessible USB ports! Now that's a major crimp in my plans for world domination!

There's been a lot of talk about how virtualisation and portable apps are going to change the way that the world works recently. Everywhere I look there are new initiatives and technologies that are going to bring about a revolution in ease of use, safety and stability.

I agree that the wave is coming, but I'm not sure it's here just yet.

I set myself a little challenge. To build a totally portable environment that could live on my iPod and plug into a friends computer, a spare machine at home or an internet cafe and allow me to work as though I was at my desk.

That meant I needed:

• IIS: or similar webserver, capable of delivering ASP.NET 2.0 - so needed all the relevant frameworks etc
• SQL Server 2005: Pretty much any of the editions, as long as it had the management console and was 100% compatible with the features we're using in our live environment
• Development IDE: Visual Studio would be a major bonus, but EditPlus would have cut it.
• Browsers: IE (6 or preferably 7) and Firefox are a must for testing. ideally independent from the host OS so I know what plug-ins and add-ons are in place
• Drawing tool: Designers insist of making me look at graphics. Apparently the world looks prettier in technicolor and with curves. Don't they realise how much overhead that puts on the text! Luckily for y'all I'm in the minority and I bow to Cats wisdom when she tells me that a picture is worth a thousand words (and if I build websites that don't have pictures I won't get paid for those words either!). Luckily for me Paint.Net is simple enough for me to use and good enough to do what needs to be done
• MS Office: Or something 100% equivalent. OpenOffice and Evolution come close but I did say 100% didn't I! Specifically the 2007 B2TR version because I just don't want to go back to its predecessor
• Music player: Because I can't work in silence. Ideally able to access the music stored on the iPod without needing duplication. SongBird, iTunes or WMP are all acceptable for this
• Utilities: Windows Live Writer, Messenger, Skype, Anti virus/spyware to keep the device safe and the ability to connect to the office VPN are all a must for the environment to receive the final tick.

So... how did they do?

The first things to spring to mind where VirtualPC and Parallels. I've used VirtualPC on the Mac before to set up a Windows environment and it was okay. I've also used it for testing on the PC. But VirtualPC and Parallels don't give me a portable environment... I still need to lug the laptop around so they're not contenders for this little challenge. I would have included VMware in the write-off but for the Moka5 tool. But more of that in a moment.

So next I had a look a the mindset leader - U3. And wrote it off (along with PowerToGo and Ceedo) very quickly. Not because it was bad but because most of what I wanted to run wouldn't in that environment (though if you can use the portable versions of OpenOffice, Firefox, Evolution etc they are a perfect answer)

The Linux LiveCDs (and also the BartPE WinXP LiveCD) also didn't make it because the former is Linux and the latter requires a reboot of the host (and being CD based limits me in what I can do/run)

That left me with two contenders. MojoPac and Moka5.

MojoPac has a lot of promise. Works with any USB 2.0 device. Supports most Windows applications. MojoPac works as a new virtual user on the host PC so you use a lot of the underlying PCs functionality (browser, operating system, shared apps etc) but keep your settings and data totally separate. You can also install applications on the MojoPac so they are always available. While it did work fine on my iPod it was very limited. It doesn't support Vista (I know it wasn't a requirement but it's a worry nevertheless), IE7 on the host machine (in fact ever IE6 seemed temperamental) and anything that messes with the OS - including things that need specific services to be running, or to install new services (IIS and SQL have problems there), or that check to see if your copy of windows is valid - WGA won't run (in fact, the entire Windows Update function is unavailable).

After a lot of wasted time I got the .Net 2.0 frameworks, Paint.Net and Office installed. But I was still without a database or a webserver and I was bored of being right on the bleeding edge. Given their claims I thing for a US$30 product (and no early-adopter discounts, life-time licence's etc) it's rather limited. You don't need to buy a Windows licence to use it, but it doesn't offer much over the U3 / Portable Apps type setup for it's price. Maybe by release 2.0 it'll be what I need.

That left me with Moka5. A very interesting idea, and potentially pretty limitless. Moka5 is an extension on the VMware virtualisation player. They allow you to use shared streamed (pre-tested and configured) environments on your local device, storing updates/personal data locally but always having access (assuming you're online) to the latest build of the environment itself. If you're offline a lot you have the ability to cache the environment. You can also build and manage your own environments.

I set up a WinXP Pro environment within the player and fairly quickly was able to install pretty much everything from the list above (I stopped when I'd proved that the hard things worked!) Because it's a virtualisation engine it creates and manages a dedicated stand-alone environment. Just for fun I also created a Ubuntu 6.06 environment on the same iPod so that I could toggle between them. At the moment it still needs a Windows host machine, but as VMware player is cross platform it will be interesting to see if that evolves over time...

The downsides of Moka5 are cost - because it's a full WinXP environment you're into the world of licensing fees which may preclude this option for some. I also found the Windows environment to be very slow (part of the reason for the Ubuntu install was to compare the two) - In Ubuntu the mouse moved fairly smoothly and menus were responsive. With the WinXP virtual machine I often found myself  ducking back to the host to check my email while I waited for something to happen.

So sadly for the moment at least I'm still lugging my laptop. Both Moka5 and MojoPac show great promise for portable developer/testing environments.

MojoPac would also be great for students of people who are able to use Open Source portable apps (but then again they may be better off with a standard USB key and a free portable versions of those Open Source apps).

Moka5 is an awesomely flexible platform. I'll probably keep working on trying to get acceptable performance out of the WinXP install, and I'll certainly keep the Ubuntu installation there for testing.

Both Moka5 and MojoPac are early iterations of this technology and both show great promise. I'll be watching with a keen eye.

What I'd love to see however is something that lets me carry an ultra portable device (either one of the new UMPCs, or a more contemporary replacement for my Vaio C1MT Picturebook, or something the size of my K-Jam that can run WinXP Tablet Edition!) but plug into a network/USB connector/Docking Cradle at home/the office/client site/internet cafe and have the data immediately available on the more powerful machine and carry on working with the resources of both machines at my disposal...

The final irony. The Internet Cafe were I normally testing things like this for real portability have just 'upgraded' their kiosks... they no longer have customer accessible USB ports! Now that's a major crimp in my plans for world domination!

According to (now debunked) legend Bill Gates once said that 640K would be enough for anyone. Well, I for one am glad he didn't really mean that because now my laptop is running with 1GB of RAM.... but it's still not enough!

As RAM prices have dropped and processors have got faster it seems software has been pushing the envelope faster and further and hardware just can't keep up.

I got my current laptop about 18 months ago. It came with a standard 512MB RAM which I immediately doubled - I use my laptop for developing with IIS/ASP and SQL (and sometimes Apache and PHP).

Now I don't push my machine that much. I tend to have Outlook running, a music player, remote desktop connection to my development server, messenger, IE and Firefox, my editor/debugger (sometimes Visual Studio, sometimes Notepad), the usual services (including IIS and SQL) and anti-virus/anti-phishing stuff.

And 1GB is these days no-where near enough. SQL with one database active is using over 1.5GB of virtual storage. Outlook and the SQL Server 2005 Workbench uses almost half a gig each, with the MS Search Indexer (used by Outlook 2007) coming in with a further 300meg.

Couple the thrashing while paging applications in and out of memory with the wasted CPU cycles we have to spend keeping the machine safe my poor little laptop is getting stressed.... but talking to Sony and a number of 3rd party memory vendors the VGN-T27GP can't support more than a total of 1GB (the internal 512MB plus the same sized extension).

While it's easy to be down on the hardware vendors for not thinking ahead it didn't see critical a year and a half ago to be able to stuff in more than 1GB. 512MB had been okay for the preceding machine running a similar mix (SQL Server 2000 not 2005 being the biggest difference) but it's still pretty annoying. I want the horsepower now, but I don't want to splash out on a new machine until the expected crop of Vista optimised boxes appear.

One side effect is that I'm watching how greedy apps are with RAM these days and being quite harsh on the offenders. iTunes 7 required a huge jump in resources over version 6... for no apparent gain, so it's been relegated to loading my iPod while WMP11 Beta is now my day to day media player (no downsides there apart from the current playing song doesn't appear in my Messenger!) and I've started running MaxMem again to let me force apps to tidy their act up.

Makes me think all developers should have to test on really clogged up old machines before releasing their product just to make sure it does still work for us without rolling hardware budgets

According to (now debunked) legend Bill Gates once said that 640K would be enough for anyone. Well, I for one am glad he didn't really mean that because now my laptop is running with 1GB of RAM.... but it's still not enough!

As RAM prices have dropped and processors have got faster it seems software has been pushing the envelope faster and further and hardware just can't keep up.

I got my current laptop about 18 months ago. It came with a standard 512MB RAM which I immediately doubled - I use my laptop for developing with IIS/ASP and SQL (and sometimes Apache and PHP).

Now I don't push my machine that much. I tend to have Outlook running, a music player, remote desktop connection to my development server, messenger, IE and Firefox, my editor/debugger (sometimes Visual Studio, sometimes Notepad), the usual services (including IIS and SQL) and anti-virus/anti-phishing stuff.

And 1GB is these days no-where near enough. SQL with one database active is using over 1.5GB of virtual storage. Outlook and the SQL Server 2005 Workbench uses almost half a gig each, with the MS Search Indexer (used by Outlook 2007) coming in with a further 300meg.

Couple the thrashing while paging applications in and out of memory with the wasted CPU cycles we have to spend keeping the machine safe my poor little laptop is getting stressed.... but talking to Sony and a number of 3rd party memory vendors the VGN-T27GP can't support more than a total of 1GB (the internal 512MB plus the same sized extension).

While it's easy to be down on the hardware vendors for not thinking ahead it didn't see critical a year and a half ago to be able to stuff in more than 1GB. 512MB had been okay for the preceding machine running a similar mix (SQL Server 2000 not 2005 being the biggest difference) but it's still pretty annoying. I want the horsepower now, but I don't want to splash out on a new machine until the expected crop of Vista optimised boxes appear.

One side effect is that I'm watching how greedy apps are with RAM these days and being quite harsh on the offenders. iTunes 7 required a huge jump in resources over version 6... for no apparent gain, so it's been relegated to loading my iPod while WMP11 Beta is now my day to day media player (no downsides there apart from the current playing song doesn't appear in my Messenger!) and I've started running MaxMem again to let me force apps to tidy their act up.

Makes me think all developers should have to test on really clogged up old machines before releasing their product just to make sure it does still work for us without rolling hardware budgets

If my CPU is going to be wasting cycles on something I'd prefer that it was something vaguely useful. So I get a bit grumpy when I read that even something innocent like having the 'show icon when connected' option ticked on my WiFi link is costing me CPU cycles and other resources. It's only a little bit ... but when you consider that MSN Search, Google Desktop, Windows Defender and a whole bunch of MS and third party apps all exhibit this rather lazy behaviour (sometimes 10s, or even hundreds of times, a second) you have to wonder what it would take to make them do a bit of housekeeping!

Luckily SysInternals has now been bought by Microsoft and Mark Russinovich and Bryce Cogswell will hopefully be well positioned to make sure that silly things like this get weeded out of Vista and the other MS products...