Re: XP SP3 Update, Outlook 2002

From: PatGav (anonymous_at_discussions.microsoft.com)
Date: 03/20/04

• Next message: George Hester: "Re: What does "you dont have permission to delete these items" of junk mail mean?"
• Previous message: Scott: "Installing Business Contact Manager"
• In reply to: Pat: "Re: XP SP3 Update, Outlook 2002"
• Messages sorted by: [ date ] [ thread ]

Date: Fri, 19 Mar 2004 17:06:06 -0800

i completely agree. The Beta testing for this release was severely flawed. In addition to the anti-spam software issue, the release also resurrects the Palm HotSync address book access issue. Given that Microsoft and Palm are competitors, it is reckless for them to have made this change without providing adequate notice to developers and users. Has this company learned nothing?

  
     ----- Pat wrote: -----
     
     I agree that would have been better, however, I believe
     that MS tries too hard to protect people from
     themselves. Just because a software vendor "might or
     might not cause a problem" does not mean that a program
     should prevent a knowledgeable user or software vendor
     from adding the value they seek to add. The warning is
     at execution, not installation, so that comment is
     irrelevant to my point.
     
     The goal *should* be to minimize risk while maximizing
     flexibility. The only way to elminate risk altogether is
     to turn the computers off. It's about managing risk
     appropriately. Ample notice to vendors would have
     certainly been 'appropriate' and would also have fit into
     MS current business paradigm. I will give you that it
     was probably the only option at this point in the
     product's evolution.
     
     My beef is really a much larger conceptual one. If these
     types of issues were considered at the inception of
     product design - they most certainly *could* have been
     allowed for. My opinions regarding the fundamental
     values of sofware design are simply contrary to MS
     culture in some ways. As a software engineer for over 20
     years, I'm certain of the feasibility of this concept.
     No software is perfect for all situations at all times.
     Outlook is a great product, as is Windows. I sympathize
     with the need to respond to security threats quickly. All
     software must make compromises around different competing
     requirements. I'm simply expressing one customer's
     opinion that MS did not choose well with it's design
     philosophy surrounding this issue - or it would not have
     been an issue.
     
     Additionally... since you say this issue was not
     discovered during beta testing then I would suggest
     another fundamental flaw exists - in the testing
     methodology. There is really no excuse for this kind of
     broadly impacting surprise in an organization the size of
     MS. If avoiding this type of client impact were an
     appropriate cultural value in the organization... then it
     would not happen.
       
      
     
     
>-----Original Message-----
>Probably not - there are just too many that might or
     might not cause
>problems and not all affected programs are installed as
     plugins. The warning
>also doesn't give the name of the dll or application
     requesting access
>because that information isn't passed to outlook.
>>It would have been better to have the information about
     the increased
>security in release notes and links to the KB articles
     on the download page
>(not released 3 days after the SP). They had a small
     beta test group and
>apparently none of the testers used anti-spam software
     (the most common
>software that triggers the warning) and the testers were
     not told of the
>security changes, so it caught everyone, including MVPs,
     by surprise.
>>>--
>Diane Poremsky [MVP - Outlook]
>Author, Teach Yourself Outlook 2003 in 24 Hours
>Coauthor, OneNote 2003 for Windows (Visual QuickStart
     Guide)
>>Outlook Tips: http://www.outlook-tips.net/
>Outlook & Exchange Solutions Center:
     http://www.slipstick.com
>>>"Pat" <pkeller8@comcast.net> wrote in message
>news:cb6d01c409d7$6c25ed20$a301280a@phx.gbl...
>>I understand that identifying a calling program at
>> execution would be 'restricted' for security reasons.
     As
>> it should be. Would it not have been possible during
>> *installation*, however, to inspect registered
>> plugins/dlls to at least warn the user that this
     problem
>> might occur if installation continues. I would suggest
>> that if motivated to do so, well-designed software
     could
>> still include a way to allow specific and known
>> exceptions without compromising security. As it
     exists,
>> the warning message is worthless. How can anyone make
     a
>> decision to 'Allow' or not, when there is no
     information
>> on which to base that decision.
>>>.
>

• Next message: George Hester: "Re: What does "you dont have permission to delete these items" of junk mail mean?"
• Previous message: Scott: "Installing Business Contact Manager"
• In reply to: Pat: "Re: XP SP3 Update, Outlook 2002"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint