There are bad ideas, then there are really bad ideas, and here's one: allowing Microsoft to automatically update your computer if you are a Windows 2000 and beyond user (I guess). Little rich-guy Billy wants to be able to do that to stay on top of security "issues" like the recent worms unleashed on the us all.

Q. Have you considered enabling the Windows XP Firewall by default?

A. The fact is there has been a fire wall inside of Windows that would have blocked MSblast [the worm]. We're doing a better job of getting information out to people of how to turn that on and when they should turn that on. The idea that it would be on by default is something that we have to push the technology to make that work for people. It looks like we've got a solution to do that.

Q. Some people are concerned about the automatic distribution of patches because of the possibility of doing widespread damage.

A. These patches will be signed by us, and things that are put into the critical security path that we have to pass through we have to be very careful that there is no regression in those things. It's a channel that has to be used not for features, but just for very critical things. We have some other ideas such as something called behavior blocking that will obviate the need in many cases to use patches.

As to the "firewall" component of XP being turned on by default, thanks, but no thanks. Nothing like slowing the whole machine down by having their bloatware do stateful packet inspection, redraw your screen at the same time, and perform all of its other functions.

I am sure that like all other MS products that are "bundled", it will eventually cost $$$ to use it as soon as they get enough users "addicted" to it by giving it away, the tactic they used with NT workstation and NT server, both inferior products, but with great market penetration, because there were so many "pirated" versions installed from "evals" that folks could not afford to get rid of them once the evaluation expired.

FYI: we did a test of installing Win2003 server and Netware 6 on two identical Dell servers, with LSI raid cards, external RAID arrays using raid 1 + 0 (don't ask) and Broadcom Gigabit over Copper cards time to install (not including finding drivers if available/required):

Win2003 server: about 3 hours 45 minutes, including multiple reboots and F6's (hey, Microsoft when's that going away?) and it still does not support the tape drives for backup...no drivers are out there yet that have been "logo tested". So bad luck if your server crashes.

Netware 6: about 25 minutes to up and running from CD insertion/boot to being on the network. No reboots required and all the drivers were there/usable, we did one reboot after all the setup was done, to watch the NLM loads.

But CIO's the world over swear by Microsoft. I think that the Command Line Interface scares the shit out of them and always has. I also think that they all wanted to believe in Larry Ellison's "thin client/network computer" fantasy...which has never come to pass, and now they can't leave the Microsoft Server world without looking like fools...when a friends company transitioned from Netware to MS servers, they went from 20 to over 100 servers to do the same things...how is that reducing TCO?

Bill wins, security stinks and we are all poorer for it. Don't even get me started on how badly "Active Directory" sucks.