Missed our TechNet webcast on January 22^nd? Not to worry, we’ve made the recording available through LiveMeeting.

View “Deploying Windows with Volume Activation” now.

Thanks!

- Jodi

What better way to prepare for Valentine’s Day with our extended Windows Home Server community than to help us help you show the love for WHS! We’ve got a fun Valentine’s Day promo to announce to kick off the celebrating – thru everyone’s favorite…some Windows Home Server Stickers!

2009 has been a great year and we’re sure 2010 will be even better with the incredible combination of Windows Home Server and Windows 7 protecting, connecting and organizing everything in your digital life. Show off your love for Windows Home Server by letting us send you some of our favorite Home Server stickers including the tattoo, “Mommy book” cover, the blue house and the status houses.

So how do you get your stickers? Usually were all about technology and  e-mail, but this time we're going OLD SCHOOL with snail mail to avoid keeping any information about you. Just send a self-addressed stamped envelope (SASE) to the address below. We’ll send you all four stickers pictured above and shred your original envelope.

Send me the WHS stickers!

15580 NE 31st St

Redmond, WA 98052

Make sure to include enough postage to return a sticker pack via U.S. mail. It's less than one ounce, so a standard First Class stamp will do if you're in the United States; enclose an envelope with International Reply Coupons (IRC) if you're outside of the U.S. And be sure to send your envelope in soon -- one per person please.
Microsoft will use your self-addressed stamped envelope to send you the offer materials.  We will not keep or maintain your contact information.

* We sadly don’t have an unlimited supply of these, so this offer is good only for the first 2,500 to respond. Limit one set of stickers per person. This offer is non-transferable and cannot be combined with any other offer.  This offer ends on Feb 28^th or while supplies last, and is not redeemable for cash.  Taxes, if any, are the sole responsibility of the recipient.  Any gift returned as non-deliverable will not be re-sent. Please allow 6 - 8 weeks for shipment of your stickers. Due to government gift and ethics laws, government employees (including military and employees of public education institutions) are not eligible to participate.

It is great to see the excitement for Windows 7 translating into customer satisfaction with Microsoft overall. Earlier this week, Bloomberg posted an article headlined “Microsoft Outpaces Apple in Customer Satisfaction” that examined data gathered by YouGov Plc showing that Windows 7 has contributed more than twice as much to Microsoft’s customer satisfaction than Snow Leopard has to Apple’s. The data shows that customer satisfaction for Microsoft was at 64% the day before Windows 7 launched on Oct. 22nd, rose to 67% in the following week, and grew to 73% by the end of 2009 for a total increase of 14%. After Apple’s August 28th release of Snow Leopard, customer satisfaction rose 1% to 65% in the first week and grew 6.9% by the end of the year.

Business buyers will also likely take note, according to InformationWeek who said, “For CIOs, this news is likely to inspire additional confidence that Windows 7 can be regarded as a viable upgrade strategy.”

Earlier today, AMD announced the ATI Radeon HD 5450 graphics card – the latest addition to the ATI Radeon HD 5000 Series of graphics cards.

The ATI Radeon HD 5450 will cost less than $60 (USD) for a 512MB memory configuration and supporting DirectX 11 making it one sweet deal if you’re looking for a DirectX 11 graphics card for your Windows 7 PC.

The Radeon HD 5450 offers entry level performance and ultra-low power consumption and also supports AMD’s multi-monitor technology called ATI Eyefinity and their ATI Stream technology. There will be variations of this card depending on partner offers including passive cooling models or whisper-quiet, single slot fan-cooled models.

This graphics card is perfect for someone putting together a home theater PC (HTPC) with Windows 7 as it comes with features like HDMI 1.3a with Dolby TrueHD and DTS-HD Master Audio.

For a complete list of specs on the ATI Radeon HD 5450, click here.

A review of the HP MediaSmart EX495 was posted yesterday on Maximum PC’s web site. Author Norman Chan reviews the new MediaSmart and compares it to last year’s EX487 model. Chan states that “The improvements HP made to its flagship Windows Home Server are a direct response to feature requests made by consumers – including us”.

One noted feature of the EX495 is the speed of the machine, which is now powered by a Pentium Dual Core CPU which runs at 2.5GHz. This clearly amplifies performance by increasing file transfer speed, and the ability to transcode and stream video in real time. To store all of this digital entertainment, the MediaSmart EX495 also comes with 1.5TB of storage and leaves 3 additional bays empty for further internal expansion.

Chan then goes on to tell us about the MediaSmart 3.0 software which is “equally impressive” as the device itself. The new key features mainly revolve around converting your video files to be used on multiple devices. Feature highlights include:

• A local webpage where you can perform manual backups.
• Advanced options in the console for Media Collect and Video Conversions.
• Custom video settings.

To top it off, all of these great new features come at a price that is $100 less expensive than the earlier version (EX487). Interested in buying one for yourself? Chan ends the article with some fairly good incentive: “No other solution on the market comes close to matching the EX495’s performance, feature set, and ease of use.”

-Nicole

Hi, my name is John Scarrow and, in conjunction with other product groups, I oversee service abuse and security issues for Windows Live and other Microsoft products such as Internet Explorer. Building from Dick Craddock’s previous post, I’m going to get into the nuts and bolts of how we fight phishing scams at Hotmail using SmartScreen® technology.

Phishing, as defined in Wikipedia, is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

Traditionally, the majority of phishing attacks target financial institutions and online retailers, and are aimed at acquiring log-in credentials that can be sold or used to fraudulently separate users from their money. There is a more recent trend now to phish for credentials for online services and social networking sites. Both use similar methods to phish for information. APWG (Anti-Phishing Working Group) reports that phishing numbers are not trending down.

The chart below shows the trends for phishing attempts identified using SmartScreen in Internet Explorer 8 last year.

A typical phishing attack

Here’s an example of a phishing attempt that was caught by Hotmail in an attempt to steal the user’s Windows Live ID credentials.

Notice in this example that the e-mail appears to come from a valid domain (WindowsSupportTeam@live.com), and includes text and images that look like e-mail sent from Microsoft. If you click the link in the e-mail, you get to the following (fake) Windows Live sign-in page:

This page, like the e-mail before it, uses a URL that may seem at first glance to be valid, and copies the images and text from the actual Windows Live sign-in page. Many customers, upon seeing this page, would simply type their credentials, which would be captured on the attacker’s website.

Once the perpetrator has the user’s credentials, they sign in to the victim’s account and send spam via Windows Live Hotmail to all the contacts in the victim’s address book. This form of social engineering spam is very effective as the spam appears to be coming from someone you know and trust.

To learn more about how to avoid phishing attacks, check out this article from Microsoft Online Safety.

In order to prevent these attacks from succeeding, Hotmail employs three key tactics to thwart phishing:

• E-mail authentication looks at the sender e-mail address to make sure it is has not been spoofed. This prevents senders from pretending to send mail from another domain, for example mybank.com or mysite.com, and instead the sender must prove that they are who they say they are.
• Content filtering looks at the content of the e-mail to detect likely phishing attacks.
• URL or IP reputation looks at the reputation of links contained in the message and their domains, and identifies sites that are likely to host phishing content.

Content filtering is not significantly different than what we do for spam, and Dick has done a nice job talking about that already in his last two posts. However, e-mail authentication and URL reputation have a specific impact on phishing, and need more explanation. In this post I’ll specifically focus on e-mail authentication, and then cover URL reputation in a follow-up post.

E-mail authentication

In the example above, the e-mail appeared to come from windowslivesupport.com, when in fact, it came from a completely different domain and service. This is a common tactic used by spammers and phishers known as domain spoofing. From a spam perspective, a higher perceived reputation of the sender can increase the percentage of people who open the message. From a phisher’s standpoint, it’s even more valuable, because recipients are also more likely to comply with the request to provide personal information such as a username and password.

There are two primary authentication technologies that are considered by most large scale e-mail providers to prevent domain spoofing: DomainKeys Identified Mail (DKIM) and Sender Policy Framework / SenderID (SPF). (There are notable differences and debates between SPF and SenderID, debates that go beyond the scope of this post. For the most part, Hotmail treats these two technologies the same way, so for simplicity, I’ll refer to both here simply as SenderID.) Hotmail currently supports only SenderID. However, we will be validating DKIM under certain circumstance in our next release.

SenderID is easier for legitimate commercial senders to adopt than DKIM, as it requires no new code deployment on the outbound mail servers. As noted by Online Trust Alliance, over 50% of e-mail sent by key sectors (those currently at the most risk of phishing attacks), use some form of SenderID. Although the adoption rate for DKIM has been slower to follow, many companies in these key sectors are now signing their e-mail with DKIM as well.

In the case of SenderID, commercial e-mail senders must identify all their outbound MTAs (Mail Transfer Agents or simply put - mail servers), collect and track the list of IP addresses they send e-mail from, and add all of this info to the TXT record in the DNS entry for their domain. For DKIM, they must deploy e-mail servers that support DKIM signing, and manage the key in the DNS server for access by e-mail receivers. Because of these requirements, it has taken e-mail senders time to fully support either DKIM or SenderID.

Using both DKIM and SenderID can work extremely well when all the pieces are in place. The requirements to support SenderID seem very simple, however, identifying all the mail servers in your organization can be challenging. Many IT departments are either decentralized, use multiple 3rd parties for outbound e-mail and marketing, or simply don’t have a good understanding of how to properly form their DNS TXT records. If the TXT record in DNS does not identify 100% of the servers that are authorized to send e-mail on behalf of the domain, many valid e-mail messages could inadvertently fail authentication and thus be incorrectly deleted by Hotmail and other mail providers. This creates an interesting challenge for Hotmail on the receiving end. When exactly can we delete mail that fails authentication, without accidentally deleting some good mail?

Which came first: the chicken or the egg?

Providers who are filtering incoming e-mail may stop short of deleting e-mail that fails authentication due to potentially incomplete records. But since strict enforcement of spoofed mail isn’t happening at most e-mail services, senders don’t have the motivation to adopt SenderID and DKIM standards. This creates a classic “chicken or egg” problem – not enough senders are authenticated properly so e-mail services can’t rely on authentication which means senders have no incentive to authenticate.

But this doesn’t have to be a chicken or egg problem, and Hotmail has come up with a unique solution. From the previous post you know that Hotmail has a reputation system in place that lets us evaluate e-mail coming from any specific IP address. We use this information to infer if a particular domain has a complete list of IP addresses of all their sending servers in their DNS TXT record. We do this by identifying messages from IP addresses that have a good reputation yet still fail authentication. In cases where very few good e-mail messages fail authentication, we know if a particular domain has done a good job identifying all their sending servers and have complete TXT records. This allows senders that do the right thing to get the benefits (the deletion of spoofed mail) without penalizing those that are still working their way up to 100% adoption.

Both DKIM and SenderID can generate false positives (mistakes) above and beyond failures in implementation as described above. For example we find that 1-3% of mail that fails SenderID fails due to mail forwarding services. Mail senders who are under heavy phishing attacks have repeatedly asked us to delete all these e-mail messages just to be sure, even though they know it could result in deleting good e-mail. We have always been concerned about this, as more and more folks are forwarding their other e-mail inboxes to Hotmail to take advantage of our filtering and user interface. We must insure that their valid e-mail makes the trip, forwarded or not.

At the last MAAWG (Messaging Anti-Abuse Working Group) and OTA (Online Trust Alliance) conferences in Philadelphia we announced our intention to verify DKIM authentication on inbound mail when SenderID authentication fails. This “Double Fail”, as it’s been termed, virtually eliminates the false positives that can result from either DKIM or SenderID alone. This allows Hotmail to confidently delete messages that fail both forms of authentication, when they come from senders who have complete records.

Finally, in the event that phishing mail does get into your inbox, we disable links by default for senders who are not  a) on your contact list, b) marked as safe, or c) proven reliable by participating in the Sender Score Certified program. This means that before we enable the links we ask if you trust the sender, and allow you to decide whether you think that sender is safe. More information on mail treatment can be found on the Windows Live postmaster site.

E-mail authentication can be a very powerful tool to combat phishing. However, with all the inherent challenges, it requires creative solutions to make it work. At Hotmail we use authentication in conjunction with URL reputation and content filtering, and as a result, we are able to have a huge impact on phishing scams. In my next post I’ll cover our SmartScreen URL reputation system and how we use it across multiple products such as Internet Explorer and others. I’m looking forward to your feedback on this post (did I include too much technical detail, or do you want more?), as your comments will influence how I take on the next subject.

Thanks -

John Scarrow
General Manager Safety Services

So far we covered the Windows 7 Sensor and Location Platform architecture (I Can Feel You – Using the Windows 7 Sensor Platform), and Using Sensors in Your Application – Native Part 1. This post introduces the managed API for using sensors. In future posts I’ll continue with the native API.

So far, you have seen C++ and COM examples of the Sensor and Location platform. Now let’s take a look at how managed code developers can use the platform, using the Windows API Code Pack for the .NET Framework, to discover and work with sensors.

Discovering Sensors Using Managed Code

Follow the same guidelines in managed code as you would in native code: first discover sensors, next check their state and request permissions if needed, and then read data from the sensor. Let’s start by discovering sensors.

The main namespace for sensors in the Windows API Code Pack is Microsoft.WindowsAPICodePack.Sensors as implemented in the Microsoft.WindowsAPICodePack.Sensors.dll assembly. This namespace contains the SensorManager class that manages the sensor devices that are connected to the PC. This class exposes a set of methods that are similar to those of the native ISensorManager interface. These methods include GetSensorsByCategoryId, GetSensorsByTypeId, and GetSensorsBySensorId, the last of which receives as an input parameter a GUID that either represents a sensor category, type, or single sensor ID. In addition, you can also find the GetAllSensors method, which returns all the sensors that are connected to the system regardless of type or category, as shown by the following code snippet.

private void PrintAllSensors()

{

    SensorList<Sensor> sensorList =  SensorManager.GetAllSensors();

    foreach (var sensor in sensorList)

    {

        StringBuilder sb = new  StringBuilder();

        sb.Append("Sensor Information:");

        sb.Append(Environment.NewLine);

        sb.Append(sensor.FriendlyName);

        sb.Append(Environment.NewLine);

        sb.Append(sensor.CategoryId);

        sb.Append(Environment.NewLine);

        sb.Append(sensor.State);

        sb.Append(Environment.NewLine);

        Console.WriteLine(sb.ToString());

    }

}

Running the above code snippet on my local dev machine yields the following output, showing the sensors installed on my local machine. Note that only the virtual light is Ready and the rest are showing AccessDenied indicating that they are not enabled.

Sensor Information:

Legacy GPS Driver

bfa794e4-f964-4fdb-90f6-51056bfe4b44

AccessDenied

Sensor Information:

Skyhook Wireless XPS Location Sensor

bfa794e4-f964-4fdb-90f6-51056bfe4b44

AccessDenied

Sensor Information:

Ambient Light Sensor

17a665c0-9063-4216-b202-5c7a255e18ce

Ready

Please note that the Microsoft.WindowsAPICodePack.Sensors namespace offers an extensibility model that allows you to create any strongly typed sensor. When this is combined with the extensibility offered by the native API, you can create any type of sensor you want with any data values. You can read more about the Sensor and Location platform extensibility module at the Sensor and Location Platform Web site: http://www.microsoft.com/whdc/device/sensors/.

With a strongly typed sensor class, the Windows API Code pack can define a .NET Generics version of the Get methods. For example, GetSensorsByTypeId<S>, where S is a type derived from the Sensor base class. The prototype looks like this:

public static SensorList<S> GetSensorsByTypeId<S>( ) where S: Sensor

When using this function, you need to predefine a specific SensorList<> of the desired sensor type, (AmbientLightSensor, in our example), and then call the method requesting the sensor’s manager to return only AmbientLightSensor sensors. The following code snippet illustrates this process:

// Strongly typed SensorList of type AmbientLightSensor

SensorList<AmbientLightSensor> alsList = null;

try

{

    alsList = SensorManager.GetSensorsByTypeId<AmbientLightSensor>();

}

catch (SensorPlatformException) 

{

    //handle error when no sensor device is accessible 

}

The SensorManager class contains one event called SensorChanged, which is equivalent to the native ISensorManager::OnSensorEnter event. The one main difference between the native and managed code implementations is that the managed code implementation, in addition to receiving an event when a new sensor device is connected to the PC, also generates an event when a sensor gets disconnected. Therefore, SensorsChangedEventArgs, the arguments passed to the SensorManager.SensorChanged event handler, includes a SensorAvailabilityChange member that defines the type of change for each sensor, which can be Addition for new sensor devices and Removal when sensors are disconnected from the PC.

SensorManager_SensorsChanged is the function that handles the SensorsChanged event in our application, and it looks like this:

void SensorManager_SensorsChanged( SensorsChangedEventArgs change )

{

    // The SensorsChanged event comes in on a non-UI thread. 

    // Whip up an anonymous delegate to handle the UI update.

    BeginInvoke( new MethodInvoker( delegate

    {

        PopulatePanel( );

    } ) );

}

This week, Net Applications released their January browser market share report. Their report shows that Internet Explorer 8 is not only the most popular browser on Windows with 27.9% usage share, but that it now has 25.6% of market share across all OS’s on a worldwide-weighted usage share basis (data provided by Net Applications). We launched just less than a year ago, so it’s both humbling and thrilling to see so many people choose our product so quickly – making it the most popular browser of choice worldwide.

There are many reasons people choose which browser to use. Most people want to know and trust the company behind their browser. And people are looking a browser that protects them – and their privacy online. In an August 13th, 2009 post on the IEBlog, we announced Internet Explorer 8’s SmartScreen Filter had hit over 80 million malware blocks. But that was back in August. As of today, Internet Explorer 8 has done over 350 million malware blocks. You can see Internet Explorer 8’s SmartScreen Filter in action in this blog post. Internet Explorer 8’s SmartScreen Filter blocks malware over 2 million times a day.

Phishing is a very serious threat to people browsing the Internet today – a criminal attempt to secure people’s personal information online, generally spread through email directing unsuspecting consumers to fake websites and asking them to enter sensitive information . With Internet Explorer 7, we introduced the Phishing Filter, and have continued to improve on it in Internet Explorer 8. Together, Internet Explorer 7 and 8 have blocked a total of over 125 million phishing sites.

You may have recently heard about organizations including Google recommending that people update their browsers and move off older versions, such as the nearly decade-old Internet Explorer 6.  Think about what technology and the Internet were like in the year 2000 – and consider how they’ve evolved since then. In 2000, “phishing” was something that happened at the lake, not online. There was no social networking, no RSS feeds, and no real blogs. It was a different time – and people’s browsing needs were different. Today’s Internet calls for more.

We support this recommendation to move off Internet Explorer 6. Modern browsers such as Internet Explorer 8 bring benefits for customers and developers alike. We realize there are some customers today who depend on Internet Explorer 6, and while we continue to support them through the lifecycle of the product, we are also investing in the tools and training to help them upgrade as well.

Unveiled at CES in early January, Dell today is launching the highly anticipated extremely portable gaming laptop: the Alienware M11x. At CES, the M11x won both CNET's Award for the Best Gaming Product at CES 2010 and IGN’s Award for Best Computer. The M11x is one of the smallest gaming laptops hitting the market with an 11” design. Dell literally went and packed in the power of a 15” laptop in an 11” design with this PC. And it weighs in at less than 4.5 pounds. Dell recently did a blog post called A Brief History of the Alienware M11x which gives some more perspective and back story to the PC.

The M11x can be configured with (and up to) the follow specs:

• Windows 7 Ultimate 64-bit
• Processor: Up to Intel Core2 Duo SU7300 (1.3GHz, 800 MHz, 3 MB)
• Graphics: NVIDIA GeForce GT 335M - 1GB GDDR3
• Memory: Up to 8GB - DDR3 1066MHz
• Hard Drive: a 500GB 7200RPM hard drive or a 256GB Solid State Drive (SSD)
• Network: 802.11 b/g/n & Optional Internal WWAN
• Ports: HDMI / VGA / 3 USB / Media Card Reader / FireWire

The keyboard integrates back lit keys which are fully customizable through the exclusive Alienware Command center, featuring AlienFX software. The Alienware M11x will be available in 2 color options: Cosmic Black or Lunar Shadow (Silver).

You can order the Alienware M11x today starting at $799. Dell is working to bring this PC to international markets, including South Asia. Look for Dell to announce more details when those plans are finalized.

If you’re a gamer and want a PC with some impressive specs yet retains a great deal of mobility – the Alienware M11x is the perfect PC to take a look at!

Today, Sony has announced a new series of VAIO Windows PCs – the VAIO E Series. This new 15.5” laptop will come in 5 high-gloss colors: Caribbean Green, Iridescent Blue, Coconut White, Hibiscus Pink and Lava Black. 3 matte colors can also be chosen: Maple Brown, Silver White and Gunmetal.

I don’t know about you but I’m sold on the Caribbean Green. I love this color.

The keyboard on the VAIO E Series is edge-to-edge with the numeric pad built-in. Sony did this to give users the experience of using a “full” keyboard but in a smaller space. The touch pad is dimpled and integrated into the palm rest.

The VAIO E Series will ship with the following specs:

• Windows 7 Home Premium 64-bit
• Processor: Intel Core i3 Processor (Select models ship with a Core i5 Processor)
• Memory: 4GB DDR3 (Up to 8GB max)
• Graphics: Intel Graphics Media Accelerator HD - HM55 Express Chipset (1366 x 768 screen resolution)
• Network: 10/100/1000 Mbps Ethernet, 802.11 b/g/n Wireless
• Optical: Blu-ray with DVD and CD read/write
• Storage: Up to 500GB

It comes with an eSATA/ USB port and 3 convenient USB ports and a HDMI port for connecting the PC up to an HDTV. It will also support Bluetooth as well.

The VAIO E Series notebook will retail for about $700 is currently available for pre-order today online via Sony’s website at www.sonystyle.com/pr/e.