Microsoft today released the findings of an independent report claiming that the Windows platform is "more consistent, predictable and easier to manage than Linux".

The study, commissioned by the software giant from Security Innovation, a provider of application security services, claimed that Linux administrators took 68 per cent longer to implement new business requirements than their Windows counterparts.

"This study shows that IT administrators are better able to maintain the system while delivering new capabilities predictably and consistently on the Windows platform."

RetroCoder, developers of the SpyMon remote monitoring program, is brandishing copyright law in a bid to protect its software from being detected by anti-spyware or anti-virus products.

SpyMon is marketed as a means for the paranoid to surreptitiously monitor the activities of their partners or kids online - behaviour that has brought it to the attention of security vendors.

"If you do produce a program that will affect this softwares ability to perform its function then you may have to prove in criminal court that you have not infringed this warning. Infringement of a copyright licence is a criminal offence," RetroCoder's End User Licensing Agreement (EULA) states.

It's questionable whether this agreement would withstand legal challenge but RetroCoder is making good on its threat to take security vendors to task for detecting its product. Anti-spyware maker Sunbelt Software has been sent a nastygram threatening legal action against it for labelling SpyMon as spyware.

A patent may allow Sony to ensure that no game would be playable from any console other than the one in which it was first read.

The technology would allow an authentication code to be read and then rendered unreadable, making the software unplayable on any machine but the one which first read it.

But this has caused considerable backlash from the gaming community. While many are aware of the double profit companies make on pre-owned games, this would ensure the death of trading games between friends and even going to a friend's house to play a little multiplayer.

While the PS3 hasn't been expressly mentioned in the patent in English or Japanese it would be the obvious place to employ this new technology, regardless of how little gamers will appreciate it. Between this and the DRM scandal, Sony could be looking at a serious drop in interest in the PS3.

Despite a chorus of criticism over Sony not delivering an uninstaller with their DRM software, Sony refuses to admit blame and to make an uninstaller readily available. The uninstall question on Sony's FAQ page directs you to another page that asks you to fill out a form requesting for uninstall directions to be emailed to you.

There's no way to access the uninstaller without providing this information, and clicking on the Sony privacy policy link at the bottom of the page takes you to a notice that your email address can be added to various Sony marketing lists.

However, Sony's uncloaking patch puts users systems at risk of a blue-screen crash and the associated chance of data loss. The risk is small, but I made the point in my last post that the type of cloaking performed by the Aries driver prohibits safely unloading the driver while Windows is running.

The EULA also makes no reference to any "phone home" behavior, and Sony executives are claiming that the software never contacts Sony and that no information is communicated that could track user behavior. However, a user asserted in a comment on the previous post that they monitored the Sony CD Player network interactions and that it establishes a connection with Sony’s site and sends the site an ID associated with the CD.

I dug a little deeper and it appears the Player is automatically checking to see if there are updates for the album art and lyrics for the album it's displaying. This behavior would be welcome under most circumstances, but is not mentioned in the EULA, is refuted by Sony, and is not configurable in any way. I doubt Sony is doing anything with the data, but with this type of connection their servers could record each time a copy-protected CD is played and the IP address of the computer playing it.

Want to cheat in your online game and not get caught? Just buy a Sony BMG copy protected CD.

World of Warcraft hackers have confirmed that the hiding capabilities of Sony BMG's content protection software can make tools made for cheating in the online world impossible to detect. The software - deemed a "rootkit" by many security experts - is shipped with tens of thousands of the record company's music titles.

Blizzard Entertainment, the maker of World of Warcraft, has created a controversial program that detects cheaters by scanning the processes that are running at the time the game is played. Called the Warden, the anti-cheating program cannot detect any files that are hidden with Sony BMG's content protection, which only requires that the hacker add the prefix "$sys$" to file names.

Sony BMG said today it will offer a patch for one of its own exploits - one that comes bundled with its music CDs.

The code cloaks itself and by intercepting and redirecting low level windows system calls, forces the audio through a custom player, and restricts the number of CD burns that can be made.

Russinovich also pointed out that because the cloaking technique it used to hide itself was so crude, malware authors could hide their own nefarious programs on users hard disks using Sony's DRM software.

However, the patch that Sony will offer doesn't remove the 'rootkit' DRM: it only makes the hidden files visible.

Incredibly, the Sony DRM malware has been out on the market for eight months and is bundled on 20 CD titles. Sony said it hadn't received a single complaint until this week. So, disturbingly, most people either haven't run into serious problems yet, or even more disturbingly, don't find the Sony DRM particularly onerous. We pray it's not the latter.

Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit. Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden.

To my surprise, the majority did have identifying product, file and company strings. I had already recognized Dbghelp.dll and Unicows.dll as Microsoft Windows DLLs by their names. The other files claimed to be part of the "Essential System Tools" product from a company called "First 4 Internet".

I Googled the company name and came across this article, confirming the fact that they have deals with several record companies, including Sony, to implement Digital Rights Management (DRM) software for CDs.

The DRM reference made me recall having purchased a CD recently that can only be played using the media player that ships on the CD itself and that limits you to at most 3 copies. I scrounged through my CD's and found it, Sony BMG's Get Right with the Man (the name is ironic under the circumstances) CD by the Van Zant brothers.

Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall. Worse, most users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files.

In the real world, users prefer the notion of the perpetual licence, which works in exactly the same way as when a consumer buys a book, a CD or a DVD. You pay a one-time fee, and you can replay the contents for your own private use as often as you like. Of course, music publishers are starting to devise fiendish tricks to thwart that basic principle. The first step was discovering that consumers can be persuaded to adopt a new playback medium every few years or so, necessitating the repurchase of their entire back catalog on the new format. As David Berlind has been explaining in several recent blog posts, the latest wheeze is the use of digital restrictions management (DRM) technology to erect artificial barriers between different format generations (or even contemporaneous implementations by different vendors). Heaven forbid that home networking should thwart the music and movie industries' strategy of forcing consumers to rebuy exactly the same content with the emergence of each new format generation.

But the software industry is greedy enough to want to go even further. Ignoring the subtleties of DRM - which snares users by glossing over the unseen ties between content and format - vendors from BEA to Microsoft are eager to take up the blunt cudgel of subscription licensing, which merely asserts that, if you don't pay up again at the end of the year, your software stops working. The best way to deploy the mechanism of subscription licensing, of course, is as a hosted service, because it gives the software vendor the ability to instantly turn off the software-on-tap if the renewal is not forthcoming. Perhaps this explains Microsoft's new-found attraction to 'hosted everything' (whether or not it can work).

A Microsoft patch meant to fix critical security flaws in Windows 2000, Windows XP and Windows Server 2003 is causing trouble for some users, the company said Friday.

The patch was released Tuesday to fix four Windows flaws, including one that experts predict will be exploited by a worm in the coming days. The flaw, tagged "critical" by Microsoft, lies in a Windows component for transaction processing called the Microsoft Distributed Transaction Coordinator, or MSDTC.

Installing the patch can cause serious problems, Microsoft said in an advisory posted to its Web site Friday. The patch could lock users out of their PC, prevent the Windows Firewall from starting, block certain applications from running or installing, and empty the network connections folder, among other things, the software maker said.

Even if users experience PC trouble after installing the patch, they will still be protected against any attack exploiting the Windows flaw, a Microsoft representative said. The patch was delivered with Microsoft security bulletin MS05-051.

Tim Bray, the director of Web technologies at Sun, said at the OpenOffice.org conference in Slovenia late last week that the file format developed by standards body OASIS has the potential to transform the world as much as the World Wide Web did.

The OpenDocument format has already been embraced by the commonwealth of Massachusetts and is being considered by some European governments, including Denmark and Norway; by Japan; and by other U.S. state governments. Microsoft has said it will not support the OpenDocument format.

"For many years before the Web there were many different ways of publishing information. There were many different ways of doing hypertext. There were many different ways of doing online information retrieval and search, and navigation," said Bray.

"But then in the early '90s everyone agreed on one data format--HTML. HTML is not the world's greatest data format, but the power that came when everybody agreed to standardize on one data format--it changed the world. The whole world of online information exploded. It turned the world inside out," he said.