News Blog

Well, Microsoft has finally come clean about the real motivation behind Vista's User Account Control feature. As Tom Espiner's reports from the recent RSA Conference in San Francisco, Microsoft UAC Program Manager David Cross admits that UAC was designed to annoy users.

Espiner quotes Cross telling the security-conference audience that negative user reaction was the only way to coax independent software vendors to update their applications for Vista. As fewer programs violated Vista's rules, users would have to click through fewer UAC prompts.

I'd feel worse about being manipulated by the biggest corporation in the world if UAC weren't such a good idea, though less-than-perfectly implemented. It's true that disabling the feature may allow a balky application or process to work, but too many important Vista features rely on UAC.

To change your UAC setting, press the Windows key, type user accounts, and press Enter. Click "Turn User Account Control on or off," and check or uncheck Use User Account Control (UAC) to help protect your computer."

Alter Vista's User Account Control setting via the User Accounts Control Panel applet.

(Credit: Microsoft)

You get more granular control over UAC's behavior via the Local Security Settings. To access these options, you must be logged in as an administrator, and the PC must not be on a domain. Press the Windows key, type secpol.msc, and press Enter. (Note that the Local Security Settings aren't available on all Vista PCs.)

The eight UAC settings are found under Local Policies > Security Options. You can find more about these settings on Microsoft's Windows Vista TechCenter, but I'll save you the time and trouble: you're better off leaving the settings as they are. UAC is far from perfect, but it's better than computing with no UAC at all.

If you're experiencing a UAC-related problem, Microsoft offers a list of potential solutions on its Help and Support site. For everyday computing, you're better off with UAC than without it.

Tomorrow: low-tech Office alternatives.

(Credit: Project SHAD)

Thousands of people who may have been exposed to chemical or biological agents during military tests remain unaccounted for, and the Defense Department and Department of Veterans Affairs have given up on tracking them down, according to a new report.

Some of the tests were conducted as part of a weapons testing program known as "Project 112." In others (click here for PDF), individuals were intentionally exposed to hazardous substances such as blister, nerve, and biological agents as well as LSD and PCP, according to a Government Accounting Office report (PDF).

Any veterans who believe they have sustained a disability from exposure during testing may file a claim (PDF) for compensation with the VA.

The DOD stopped actively searching for test subjects in 2003 "but did not provide a sound and documented basis for that decision," the GAO reported. At the time, it had identified 5,842 service members and about 350 civilians as having been potentially exposed during Project 112 alone (PDF). It is estimated that tens of thousands of military and personnel and civilians may have been exposed over the last 60 years.

(Credit: VFW)

However, in 2004 the GAO reported that there was still a chance that additional test subjects could be located, and it recommended that the DOD determine the feasibility of continuing the search. Instead, the Pentagon determined that it had reached "a point of diminishing returns" and called it off; a decision not supported by an "objective analysis of the potential costs and benefits of continuing the effort," the congressional agency charged.

Further, the GAO found that the Pentagon's efforts lacked oversight, clear and consistent objectives, and most of all transparency, because it had not kept Congress or veterans organizations fully informed of its progress, or lack thereof.

The DOD was pretty much an equal-opportunity employer when it came to its human test subjects--healthy adults, psychiatric patients, and prison inmates were all used. In some instances, service members who consented to serve as test subjects found themselves participating in experiments quite different from the one they had been pitched when they volunteered, according to the report.

Also known as "Project SHAD" ("Shipboard Hazard and Defense"), the highly classified Project 112 was started in 1962 to determine the vulnerability of U.S. warships to chemical and biological attacks. In this case, service members and civilians were not the test subjects, but rather conducted the tests on animals, in some cases with foreign observers present, according to the DOD. Veterans of the tests tell another story.

The same week this GAO report came out, a federal judge ruled, in dismissing a lawsuit brought by individual members of the military, that there is no reason for troops to second-guess the Food and Drug Administration when it comes to the safety of anthrax vaccinations. DOD says the shots are now mandatory. If this means you, make sure you leave a forwarding address.

You probably know about the "hidden" administrator account in Windows XP. It's the only account on XP systems on which no other accounts have been created.

Until you add a new account, you zip right to the desktop when you boot the OS, with no stop at the Welcome screen. Once you set up one or more new accounts, the default administrator disappears, though you can bring it back in both XP Home and Pro. (More on this below.)

Vista ships with this account disabled, which is not such a bad thing because every user on the PC should have his or her own custom account, even if "every" translates to "one."

Still, this back-up administrator account can come in handy if you encounter some problems logging into or otherwise using Vista. To enable it, right-click the Command Prompt on the Start menu (it is likely listed under Accessories), choose Run as administrator, type net user administrator /active:yes, and press Enter. You should see a message stating that the command completed successfully. Type exit and press Enter again to close the Command Prompt window.

Enable Windows Vista's backup administrator account from the Command Prompt.

When you restart Windows, you'll see a new account labeled simply "Administrator." The first time you log into this account, Windows will tell you that it's preparing the desktop before the system's default desktop appears. Click Start > Control Panel > User Accounts and Family Controls > Change your Windows password > Create a password for your account, enter your password twice, add a hint (if you wish), and click Create password. (If you use Control Panel's classic view, the settings to create a password are in the User Accounts applet.)

To disable this administrator account, follow the steps above to return to the Command Prompt in administrator mode, type net user administrator /active:no, press Enter, type exit, and press Enter again.

Give XP's hidden administrator account a password
This administrator account is a well-documented security risk in Windows XP because by default it doesn't have a password, which means anyone can log into your system via this account, change the passwords for all the other accounts, and perform other mischief. To give the account a password in XP Home, restart the PC, press F8 before Windows loads, select Safe Mode, and press Enter.

The only selection will likely be Microsoft Windows XP. With this option highlighted, press Enter again. You'll see a Welcome screen with an account labeled Administrator. Click this account, choose Yes at the warning, open the User Accounts applet in Control Panel, click the Administrator account again, choose Create a password, enter the new password twice, enter a hint (if you wish), and click Create Password. You may also be asked if you wish to make this account's files private. Make your selection and click Finish.

There's a much simpler way to make this administrator account visible on the Welcome screen in XP Pro: Open the Tweak UI Powertoy, click Logon in the left pane, check Show "Administrator" on Welcome screen in the Settings window on the right, and click OK. Note that you'll still have to log into this account and follow the steps above to add a password for it.

Select the Logon option and check this option to add the hidden Administrator account to the Welcome screen in XP Pro.

Tomorrow: Your options for moving Excel data to a Word document.

(Credit: Sage Software)

Here's a good business decision: pay $139.99 for Peachtree Pro Accounting 2008 now, and get a $140 rebate in 4 to 6 weeks. Thank Staples for this eventual freebie, but don't wait to take advantage: the rebate deal expires January 12.

Designed for small businesses, Peachtree Pro Accounting helps with payroll, invoices, inventory, reporting, and stuff like that. CNET hasn't yet reviewed the 2008 edition, but the 2007 version earned a respectable 7.3/10. And, hey, even if it turns out to be a lemon, you're only out the cost of shipping and/or sales tax (depending on whether you buy it online or in the store). That should make the accounts payable department happy.

A new report by the U.S. Government Accountability Office charges that the Department of Homeland Security used biased methods to enhance performance results in tests on a new generation of radiation detectors meant to protect U.S. ports.

At stake are $1.2 billion in contracts to produce advanced spectroscopic portal (ASP) monitors and thousands of lives should they fail to work.

Experts from four national laboratories were consulted prior to publication of the report (PDF) by the GAO, the nonpartisan audit and investigative arm of Congress, which was released yesterday.

(Credit: Domestic Nuclear Detection Office)

The agency found that the DHS' Domestic Nuclear Detection Office "used biased test methods that enhanced the performance of ASPs." Specifically, it conducted preliminary tests and then allowed contractors access to the results, which they then used to adjust systems accordingly.

It is "highly unlikely that such favorable conditions" would be found in a real-world situation, the GAO report deadpanned.

Portals in use today detect radiation but cannot distinguish between different types. This leads to expensive and time-consuming delays at ports of entry when customs officers respond to false alarms, according to the Domestic Nuclear Detection Office. To remedy this, DHS sponsored research on new technology to enhance detection capabilities at the nation's ports. In 2006, it awarded contracts to three companies based on performance tests in Nevada the previous year: Raytheon, Thermo Electron and Canberra Industries.

The GAO, however, was not convinced that any "additional detection capability provided by the ASPs was worth the considerable additional costs." The accounting agency found that the DHS had no sound basis for spending taxpayer money and "relied on assumptions of anticipated performance instead of actual test data." It recommended further testing and a rigorous cost-benefit analysis.

It wasn't the first time that problems had been found in the procurement process. In a March 2007 report (PDF), the GAO concluded that DHS' decision to procure and deploy the new equipment was not supported by the cost and suggested that the department come up with some "objective" assessments of ASP capability.

The question was whether the new equipment, at six times the cost of current models, was better able to detect radiation through different masking materials, such as a lead. The GAO charged that the Domestic Nuclear Detection Office did not test portal limitations or make any effort to replicate the material that would be used to mask a radiation source from detection, a "critical oversight in DNDO's original test plan." Instead, the detection office is attempting to get off the hook by substituting what are essentially computer simulations that are not comparable with "actual testing with nuclear and masking materials," according to the GAO.

The GAO recommended that production of the new portal monitors be delayed until the DHS provides a "sound analytical basis for its decision to purchase and deploy the new technology."

I'm at the Conversational Marketing Summit, listening to a chat between organizer John Battelle and Intuit founder Scott Cook. Batelle is asking about Intuit's online presence. Cook says he'd move all his business online in a heartbeat if he could, but that many QuickBooks business customers don't want to run their accounts online. And not for reliability or accessibility reasons.

Rather, Cook says, his customers want to know where their data is at all times, since in many cases, they're keeping somewhat fictional accounts for their tax reports. Should the IRS come knocking, Cook says, "Format C:..."

You can't do that on a Web drive. Something to keep in mind if you're building a Web service for business.

For the first time since Dell admitted that some of its accountants had been cooking the books to meet quarterly numbers, company founder Michael Dell spoke publicly about the scandal.

At the Citigroup Technology Conference in New York City on Wednesday, Dell said he had no part in the fudged numbers and no idea what the accounting department was up to between 2003 and 2006.

"I was not involved in or aware of any of the accounting irregularities. And certainly I'm not proud of what occurred at our company, but I'm proud of the company overall," he said.

That's despite the company's acknowledgment that senior executives knew about the financial misdeeds and even encouraged them. But he said he has assumed responsibility for making sure it doesn't happen again.

"I think our company has undertaken a set of extraordinary processes to discover and root this out of our company, whether it's people, resources, systems. What you have now at Dell is really a new team that is addressing all the issues raised in the investigation and moving on and thinking about the future growth of the company," he continued.

In reality, they can't move on quite yet because though Dell's internal audit may be over, the SEC's investigation into the matter is still ongoing.

Next up were Dell's recent woes in the consumer PC market. He said consumer sales accounted for 15 percent of Dell's revenue, which makes the company's presence in consumer markets "massively underrepresented," he said. He said they're completely rethinking how to approach the consumer market, and pointed to products like the new (and very backlogged) XPS M1330 notebook. He hinted that we'd see "several other products" that fall into that category soon.

Speaking of backlogged product, he also addressed the delays plaguing new XPS and Inspiron notebooks, but curiously there was no mention of paint-related problems. Turns out the company just didn't plan properly, and when Dell projected demand for their new notebooks six months ago, they miscalculated. "I don't like it, and it's frustrating, but it's a problem we know how to solve," he said.

This article was updated at 2:45 p.m. PDT.

Dell concluded an internal investigation into its accounting procedures Thursday and found that three years' worth of quarterly earnings statements were improperly adjusted, and senior executives knew about it.

Which executives knew isn't clear yet. A Dell representative said the company is "taking responsibility as a team" and isn't naming names.

According to a statement released by the company, the investigation yielded evidence that "certain adjustments appear to have been motivated by the objective of attaining financial targets," and usually took place at the end of a fiscal quarter. Adjusted account balances were "reviewed, sometime at the request or with the knowledge of senior executives," according to a company statement.

Dell says it will restate earnings filed between 2003 and 2006, and plans to refile with the SEC the first week of November. The cumulative change to Dell's bottom line for the entire period will be between $50 million and $150 million, and earnings per share will be reduced by 2 to 7 cents per share.

The earnings statement from the first fiscal quarter of 2003 and the second fiscal quarter of 2004 will require the most restatement, requiring reductions of between 10 and 13 percent in net income. Earnings from the fourth quarter of fiscal year 2005 will be reduced by 7 percent. But net income for the second quarter of fiscal 2005, and the third and fourth quarters of 2006 will actually be bumped up by 5 to 7 percent.

The company's internal audit committee first announced its preliminary findings in March and said it found "evidence of misconduct." Dell first revealed that it had come under the scrutiny of the SEC last August.

An accounting scandal is another blow to Dell, which has been steadily losing market share to Hewlett-Packard and has seen an exodus of its top executives in the last year, which may or may not be directly related to the outcome of Dell's or the SEC's probe of its accounting practices. CEO Kevin Rollins left in January and was replaced by former CEO and founder Michael Dell. Rollins' departure was preceded by the exit of Jim Schneider, Dell's chief financial officer, who also left in January.

Dell is holding a call with investors regarding the news, so stay tuned for more this afternoon.

Dell's failure to file a timely earnings report has again earned it notification of possible delisting from the Nasdaq.

It's the fourth such deadline Dell has missed while in the midst of SEC and internal investigations into its accounting practices, including three quarterly reports and its 2006 annual report. The latest deadline passed on May 4, at which time Dell says it notified the Nasdaq Listing and Hearing Review Council of the finding of its own audit committee. In March, Dell announced that its internal investigation yielded what it termed "evidence of misconduct," which could result in the company having to restate past earnings.

Dell said the notice was "expected" and the company has already asked the Nasdaq to extend its conditional listing until it is able to file. The council's decision is still pending.