Wednesday, February 28, 2007

Julie Amero Case - Witch Hunt in Connecticut

Wednesday, January 10, 2007
Is this a miscarriage of justice?

A substitute school teacher in Connecticut has been found guilty of exposing children to porn.

She could face up to 40 years in prison.

However, there are some interesting aspects to this case:

* The defense contends this was a case of spyware on the school machine — a barrage of popups.

* The school did have content filtering but the license was expired.

* According to another article, “Computer expert W. Herbert Horner, who performed a forensic examination of the computer for the defense, said Amero may have been redirected to the sexually-oriented sites through a hairstyling site accessed from the computer. He said the site allowed spyware to be downloaded onto the computer which allowed the pop-ups.”

* And, according to one source, the Trial Judge, Hillary Strackbein, “was seen falling asleep during proceedings and made comments to the jury that she wanted the case over by the end of the week. It was also reported that Judge Strackbein attempted to pressure the defense into an unwanted plea deal, in place of a trial. The defense attorney for Amero, moved for a mistrial shortly before closing arguments Friday, based on reports that jurors had discussed the case at a local restaurant.” (I believe that the judge questioned the jurors subsequently and they denied having discussed the case.)

* And, the detective in the investigation "admitted there was no search made for adware, which can generate pop-up advertisements".

Was justice done here? A bad spyware infestation can splatter a machine full of porn popups and it’s a bit unnerving to think that a teacher could get hard prison time for something that was likely to have been completely innocent.

Alex Eckelberry

More Details Emerge in the Julie Amero Case

by Andy Carvin, 3:51PM

Ever since substitute teacher Julie Amero was convicted last month of exposing her students to pornography on her classroom computer, bloggers have been debating who’s to blame, with most siding with her. Now, a published interview with a tech consultant who analyzed the Internet user logs for the day of the incident raises some difficult questions about potential failures of the school’s IT department.

The blog Network Performance Daily, which has been following the Amero case closely, published an interview with Internet consultant Herb Horner. Horner analyzed the user logs of the PC accessed by Amero, but was not allowed to present all of his findings to the jury.

Note: I’ve removed the URLs of websites referencing porn.

On October 19, 2004, around 8:00 A.M., Mr. Napp, the class’ regular teacher logged on to the PC because Julie Amero being a substitute teacher did not have her own id and password. It makes sense that Mr. Napp told Julie not to logoff or shut the computer off, for if she did she and the students would not have access to the computer. The initial user continued use of the PC and accessed Tickle.com, cookie.monster.com, addynamics.com, and adrevolver.com all between 8:06:14 - 8:08:03 AM. During the next few moments Julie retrieved her email through AOL.

[Link] was accessed at 8:14:24 A.M., based upon the hair style images uploaded to the PC we were led to believe that there were students using the computer to search out hair styles. The user went to http://www.crayola.com at 8:35:27 A.M. The user continued accessing the original hair site and was directed to [link]. This site had pornographic links, pop-ups were then initiated by [link]. There were additional pop-ups by realmedia.com, cnentrport.net, and by 9:20:00 A.M., several java, aspx’s and html scripts were uploaded. A click on the [link] icon on the [link] site led to the execution of the [link] script along with others that contained pornographic links and pop-ups. Once the aforementioned started, it would be very difficult even for an experienced user to extricate themselves from this situation of porn pop-ups and loops.
All of the jpg’s that we looked at in the internet cache folders were of the 5, 6 and 15 kB size, very small images indeed. Normally, when a person goes to a pornographic website they are interested in the larger pictures of greater resolution and those jpgs would be at least 35 kB and larger. We found no evidence of where this kind of surfing was exercised on October 19, 2004.

According to this interview, it would seem that Horner believes that the chain of events leading to the appearance of pornographic images began with accidental access to a porn site bearing a similar name to a legitimate site. His remarks regarding the size of the images also suggest that the offending images were pop-up images rather than the full-size images one would expect to find when purposefully visiting a particular site.

Horner goes on to comment on his inability to present all of these findings to the jury, and its impact:

We asked the prosecution to arrange for the defense to have unfettered access to the internet so that we could reenact the events of October 19, 2004. It was not granted. I went to court with two laptops and a box full of reference material prepared to very clearly illustrate what happened to Julie Amero. But, the prosecution objected because they were not given “full disclosure” of my examination. I was allowed to illustrate two screens, that of the [link], and [link] sites.

This was one of the most frustrating experiences of my career, knowing full well that the person is innocent and not being allowed to provide logical proof.

If there is an appeal and the defense is allowed to show the entire results of the forensic examination in front of experienced computer people, including a computer literate judge and prosecutor, Julie Amero will walk out the court room as a free person.
Let this experience stand as a warning to all that use computers in an environment where minors are present. The aforementioned situation can happen to anyone without fail and without notice if there is not adequate firewall, antispyware, antiadware and antivirus protection. That was not provided by the school administration where Julie Amero taught.

Brian Boyko, blogger at Network Performance Daily, considers the implications of these events and wonders what it means to IT managers:

There’s tons of commentary on the web railing about the outcome of the Julie Amero case itself, but what I think we need to talk about is, what does it mean for IT?

This case hints at a possible “worst case scenario” for IT departments and network managers in particular: will IT ultimately be held responsible, just as Julie Amero was, for the material that gets distributed over their network?
Today, IT isn’t just responsible for uptime - they’re also, in many ways, responsible for the experience of end-users of the network. In the Amero case, this appears to have been taken a bit too far. In this case, there was no record of network activity during and before the event. If the computer could have been shown to access some of the offending Web sites before Ms. Amero entered the classroom that morning, for example, it would have been powerful evidence for the defense. If the pornography sites were only being loaded after Ms. Amero walked in, it would seem powerful evidence for the prosecution. Either way, this case would have been better served if there was an existing record of what packets were downloaded when.

While Boyko’s post doesn’t specifically address school technology directors, it easily could have done so. I haven’t seen a huge amount of discussion from the IT management perspective, but that may change, particularly if she is given a prison sentence. Whether you blame Amero or not for what happened, there’s no denying that the network in place that day allowed pornographic images to appear on the computer screen. If incidents like this happen again - and they will, no doubt - will schools’ IT departments find themselves guilty of negligence? -andy

Filed under : Internet Safety, People, Policy
Responses

Thank you for your coverage; if you plan to do any follow-up, I’ll be happy to share any information we’ve uncovered.

— Brian Boyko
— Editor, Network Performance Daily.

By Brian Boyko 12:11PM on 06 Feb 07

I really feel I need to comment. This trial has all the earmarks of a kangaroo court, or justice fitting of some uncivilized nation. That the defense was barred from presenting the most obvious and logical of arguments is infuriating. I write because the same thing happened in our household. Whenever we would access the MSN home page, disgusting porn pop-ups would appear and there was no getting rid of them. We have young kids in the house that frequently open my wife’s computer. Fortunately, we saw the problem and addressed it before any “damage” was done. The solution? Remove and re-install MSN software. Apparently, the adware was attached somehow to the MSN program from some point forward until we took the link away. I pray that someone in the legal system will listen, open the case again and conduct a fair, civilized trial. Not knowing all espects of the case, I can’t go so far as to declare innocence for Ms. Amero, but two things are clear - 1)it CAN happen to anyone and 2) the trial should be declared invalid.

Respectfully submitted - Larry Christianson, Oregon

By Larry Christianson 6:19PM on 13 Feb 07

Again, a travesty, a witch hunt, successful.

Mr. Napp logged on, told Julie Amero to NOT log off or turn off, and, Julie Amero left the room for a restroom break, Then, Mr. Napp, the regular teacher, left for the day, prior to her return!

7th grade students, unsupervised, roamed the web, on an old Gateway, running Microsoft’s Windows 98 on a school network that had let their firewall/AV program licenses lapse.

Julie returned, pop-ups were happening, she blocked the view, went for help, was promised by a teacher in the lounge that the Principle, Mr. Fain, would respond, which he never did, and he, plus the IT department, gets off scot free?

Now, the Detective had two hours training, via telephone, and a simple $19 program, but is suddenly proclaimed by the prosecutor to be their ‘expert’, who admits he never searched for malware on the system.

What a perfect case for judicicial and Prosecutorial
misconduct, being that the Judge Hillary Steinberg is alleged to have slept through some of the case, had instructed the jury that she wanted a quick verdict, and had attempted to coerce Julie Amero into a guilty plea bargain! It smacks of bias!

Oh, the jury was alleged to have discussed the case over lunch in the nearby diner, but, without being sworn in, stated to the Judge they had not.

This case cries for Appelate reversal. All you folks running Microsoft, should simply run a LiveCDrom, which would have got her class on the Internet, without any pop-ups, and no history!

By Old Techy 8:48PM on 13 Feb 07

A brief scan of the news of the day led me to the story of Julie Amero. My initial reaction was “How great a tragedy that someone’s life has been turned upside-down by an act not within her control.” Moreover, facing the idea of up to 40 years in prison for it — even if this were a true crime, is this a legitimate punishment?

I thought that before I go out and start my own crusade to “Free Julie Amero,” it would be appropriate for me to get a few more facts about the case. A quick Googling and that’s just what I got when I read your piece. I’m truly baffled by the lack of knowledge, understanding, and the willingness to accept the truth about the Internet: it PREYS on people like Mrs. Amero — constantly entering into our personal space (i.e. � our computer hard drives) carrying out tasks without showing itself, loading unwanted, harmful software and “toolbars” that do nothing but collect more data to use for commercial purposes, steal personal information, and slow your computer down to a snail’s pace. And for this, we get the first American teacher to face up to 40 years in prison � yes, prison — for something where from the facts the readers of “Windows for Dummies” could derive “reasonable doubt.”

This country needs to do something about the high-jacking of John and Jane Doe’s privacy. Companies and individuals alike are force-feeding us more junk mail, circulars, pop-up ads and unwanted email then EVER. If porn, print advertising, spam and the software programs that generate it all didn’t pump BILLIONS of the Almighty Dollar into the economy, we’d all be standing at the steps of Capitol Hill demanding that our elected officials — who supposedly represent our best interests — put an end to it all. No, REALLY, put an end to it all!

And lo, the proponents stand behind the cloaks of �free enterprise� and my personal favorite, “free speech.” Ah, the good �ol Constitution….

But what if no one wants to hear it?

Julie Amero is a sacrificial lamb to the Gods of Ignorance and Enterprise, while the greater good of the Internet continues to bear a world-wide-bad-rapp.

And Johnny Cochran is furiously tossing in his grave.

By Christopher 2:42AM on 14 Feb 07

Hmm.. Why is it that people are so willing to accept the story that students accesses a malware-laden website?

Was it not Ms. Amero’s statement that she didn’t know which students were at the computer? Did the investigating officer not indicate that he was unable to locate any student who could corraborate Ms. Amero’s version of the events (except to say that they saw porn on the computer while she was sitting in front of it)?

Is it not true that Ms. Amero purposely went to dating websites and her personal email accounts - in violation of district policy which forbid using school computers for personal entertainment? Is it not true that these accounts were accessed while Ms. Amero was to be teaching a class?

Does Ms. Amero not have a computer in her home with many of the same “cookies” from these porno sites logged in? Is it not true that Ms. Amero, when interviewed by police, responded that she, “couldn’t remember” why she went to cookiemonster.com, eharmony.com, or tickle.com? Is it not true that there was less than 1 minute between Ms. Amero’s accessing of her personal AOL account and the offending “hairstyle” website?

C’mon people, malicious spyware wasn’t even part of her defense! Her statements to police (and her own attorney’s opening arguments) were that she didn’t expose children to pornography.

Note too, that Ms. Amero didn’t notify anyone (not even the teacher that was logged in) of the incident? It came to light only after 12yr old students complained to other school officials that she had been “watching naked people on the school computer.” Even by the defense’s own expert, no pornographic sites were ever logged in prior to Ms Amero’s day in front of the computer… Nor were any pornographic sites logged after her day of “teaching.” (Incidently, the computer in question was not removed from the classroom until several days later.) Why is it that the malware only became active when Ms. Amero was sitting at the computer?

Why didn’t she turn off the monitor? Throw a coat over it? Why did her students report that she simply sat at her computer for the entire period?

Finally, why hasn’t anyone actually published the transcripts of the case to reveal the details? The lead detective says:

“No one’s called or written me to ask for the facts. I have received a deluge of hate email and phone threats. I’ve returned the emails, offering the facts. I’ve returned calls to those who would leave their number, offering the facts. They just call me names and hang up. I offer the facts (in the form of recovered source code et all) to anyone who would request it. I’m not hard to find.
You have based your opinion on the disinformation fed to you by the media and by defense. As a result, the real victims have been forgotten and I have been the target of ridicule and death threats.
The verdict reached by a jury of the accused’s peers was just. The evidence presented in court was factual and forensically sound. The “clicked link” story has been turned into something other than what it is.
Once sentencing is done I intend on presenting the evidence to anyone who wants to know the truth, though I doubt the conspiracy mongers want the truth. I have explained the process of investigating these types of crimes to Network Performance Daily.
You may also read the tale spun by the Expert on the same site. I have the evidence to prove this charlatan is being less than truthful and I would appreciate someone demanding from him the source code containing the malicious active content of which he speaks. As for the trojans, viruses, worms, and adware he spoke of: what were they? when were they created locally? what do they do?? He didn’t say.
To all those of little faith who believe the Government (aka: BIG Brother) and its minions would conspire to persecute innocent, GOD fearing individuals for entertainment I say GET A GRIP.
Again, once sentencing is completed I would be very happy to share with you the evidence so that you are better able to form an educated opinion. Your missing 990 pieces of this 1000 piece puzzle.” - Mark Lounsbury

By Robert 2:57AM on 14 Feb 07

I am absolutely appalled in this day and age of technology that the answer isn’t obvious to everyone with the slightest experience with computers. I, too, shed tears for Ms. Amero and am outraged that “innocent until proven guilty” didn’t prevail.

Unfortunately, I know that she is telling the truth because almost the exact thing happened to me about 10 days ago. My husband googled “spyware” and shortly after that we had an ad for an antivirus program with pictures of graphic pornography become our homepage!!! Thank God that we discovered this and not our daughters. One of the pictures was a very young naked woman with a dog in a sexual position!! Very repulsive. I literally cried and had to leave the room and ask that my husband get rid of it. I wanted to throw the computer out the window. It can happen to anyone, uninvited. The whole thing is a tragedy.

By Susan 10:19AM on 14 Feb 07

‘Robert’ (above) asks, “Why is it that people are so willing to accept the story that students accesses [sic] a malware-laden website?”

It really doesn’t matter who accessed the malware-laden site. Even the Pope himself would have run into the same trouble considering that there is no way to definitively predict which sites contain malware before they are accessed, and on an unprotected PC, malware basically gets free reign to do what it wants anyways, despite what a user might do to attempt to curtail it.

Does Ms. Amero not have a computer in her home with many of the same “cookies” from these porno sites logged in?

What in the world does this have to do with anything? Her home PC was not on trial here.

Is it not true that Ms. Amero purposely went to dating websites…
not proven
… and her personal email accounts - in violation of district policy which forbid using school computers for personal entertainment? Is it not true that these accounts were accessed while Ms. Amero was to be teaching a class?

Let’s see - Substitute teachers tend to get called into a class at the last moment, usually due to some unforeseen circumstance (such as illness). Is it unreasonable (for example) to allow a teacher (who may not have been able to communicate with her spouse via other means) the chance to send a notification to her spouse that she’s been called out and will not be at home that day? As a husband, I’d sure like to know if my wife was unexpectedly going to be away from home for the day. And such notice could hardly be characterized as ‘personal entertainment’.

Is it not true that Ms. Amero, when interviewed by police, responded that she, “couldn’t remember” why she went to cookiemonster.com, eharmony.com, or tickle.com? Is it not true that there was less than 1 minute between Ms. Amero’s accessing of her personal AOL account and the offending “hairstyle” website?

These other sites could easily have been accessed automatically (without human intervention) by a compromised browser caught up in a popup storm. The timing of it all suggests that that is, in fact, just as likely.

Note too, that Ms. Amero didn’t notify anyone (not even the teacher that was logged in) of the incident?

Not true. There was testimony from at least one other teacher that Julie asked for assistance at the time it happened, and that she reported the incident to the vice principal of the school at the end of that day.

Why is it that the malware only became active when Ms. Amero was sitting at the computer?

An individual user has zero control over when and where malware will rear its ugly head on a compromised PC.

And concerning the quote attributed to Mark Lounsbury regarding some investigative work by “Network Performance Daily”, “I have the evidence to prove this charlatan is being less than truthful…” , I (and I’m certain many others) can’t wait to see this evidence.

Bring it on.

I predict it will simply be more evidence of shoddy police work, more shirking of responsibility by the school administration, and more evidence of inexcusable ignorance of technical matters within the legal system.

I hope this issue becomes the catalyst for an overhaul in the justice and education systems.

By Rob 3:54PM on 19 Feb 07

To anyone who yet blames Ms. Amero for this incident, I say hogwash. I spent five minutes researching this case, and I can tell you that I’ve heard enough.

I am willing to lay my livelihood on the line right now. A scan run on the computer in question absolutely will find multiple instances of various sorts of malware. This computer was a mess. It sounds exactly like something a client would bring me to fix. Once, and once only, because after that I would insist that it was time to get a new PC (Windows 98 is over, time to move on), and I would kit it out with all the anti-nonsense security software they’d need.

This is a travesty and a stupid, stupid disaster. I do hope that it does not stand.

By Derrill 4:52PM on 19 Feb 07
Post your response

Ground rules for posting comments:

1. No profanity or personal attacks.
2. Please comment on the subject of the blog post itself.
3. If you do not follow these rules, we will remove your post. Keep it civil, folks!

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)
Your name (required
Your email address (required)
Your web address
Remember personal info?

Comments: (you may use HTML tags for style)
Learning.Now via Email

What's this?
Subscribe Unsubscribe
RSS: Get a News Feed
Archives
Search Learning.Now

Friday, February 02, 2007

Follow Up Vista

I got an E-mail asking for recommendations, I don't specifically recommend brands or models. Although I do give some opinions about companies.

I thought a shoppers guide might be helpful.

Please feel free to share this with anyone you think it would help or even entertain.

Dear Someone,

This is probably longer and more than you expected, I'll be using it with others. And I'm working on my writing skills.
One thing to know as far as Brand: HP and Compaq are one Company, other than that, choices are Dell (mail or Web only), Gateway (slipping), IBM (more expensive), Acer (limited sources) and eMachines (designed to be cheaper). For laptops add Toshiba as a big player.


--------------------------------------------------------------------------------

Where do you normally go for computer software or supplies? Most likely Staples, Office Max or Depot, or Best Buy, Circuit City, CompUSA. I'll bet. Don't forget Costco, BJ Shopper or Sam's clubs. If one of these is the case, or maybe at different times you go to all of them, Wait until you are absolutely ready, on the Sunday before get the ads from the paper for all of these places.

DO NOT BUY WITHOUT COMPARING AS MUCH / MANY AS POSSIBLE.
Plan on at least two days for shopping, (probably means your weekend or day off. Be aware most of these places start new sales on Sunday so everything changes from Saturday's prices/models etc. First Day may actually take all week but start on Sunday, buy on Friday or Saturday unless you arrive at a decision sooner. Also like many businesses, quotas are important and they are usually Month ending so the later in month might be better deals.

First Day or Two, Go to Stores-Get Information from all.
Overnight, Decide on what you want to buy
Second Day, Go to store with PC YOU WANT-work out a deal including Upgrades/Software/Accessories and Warranty (if you need/want Extended.)

Now you have to ask yourself the big question: "What can I spend?" Set a 'mental' Price Range, you have to know what kind of computer user YOU are first.
Are you someone who needs:

BASIC, E-mail, simple Web services (Googling, News and Weather, Free online games), not much else.

Next up is the ENTERTAINMENT USER, the above plus one or more of these; Music Downloading;Online or Downloaded Videos (TV episodes or movies), Games but not overly competitive (see GAMER), Heavy Porn Surfing (XXX Pictures and Videos).

GAMER, what is that you ask, Someone obsessed with Games; Must have the latest and all of them, Hours playing especially online competition, Needs every edge to beat the other guy (Hardware boosts), Like: NASCAR Racing, HALO, Warcraft, Command and Conquer, Everquest, Halflife, and more. Key point here: Video Cards Rule!

BUSINESS Probably not you, but BASIC Plus Strong Need for Spreadsheet and Database and compatibility with corporate standard, possibly Web Publishing and Graphic tools too. Simple answer, BASIC plus MS Office and a Memory and Hard Disk Upgrade on top of the out of the box BASIC.

Finally there is one more category, it has several names:
GEEK, (Spoiled Brat, Power User, Tech Crazy, More Money than Sense, in a very short word ME, darn it) Must have Latest Hardware, Fastest, Biggest, etc.

Remember we're talking PCs here not Apples that's a whole different story, in another language.
Only you can say whether you need/want a laptop (Pluses: Portable Duh!, less space, FRAGILITY - Minuses: Less Power/Speed, smaller screens)

So, lets kind of set Price Ranges: for Laptop Add
BASIC $400-700 $200
ENTERTAINMENT $600-1000 $200-300
GAMER $900-5000 $600-2000
BUSINESS $700-1200 $200
GEEK $1200-unlimited (networks, printers, multiple computers and laptops) you know who you are.

Shopping Criterion:
Processor; BRAND (Intel or AMD), TYPE (Intel should be Pentium D/Duo Core, AMD 64) AMD $ave$, Speed (close to 2.0 minimum, 3.0 Plus best)
Hard Disk; Size (including multiples, portable storage counts as add-on) 100 GB Minimum, 200 Plus Best
Memory; Size, Upgrade or not? 1GB minimum, 2 best
Optical Disk: Type, (CD/DVD, RW? DL?) CD/DVD RW unless you can't ever believe you'd make a movie for your DVD player, (you're probably wrong)
Video: Size equals speed (also dedicated or shared video memory{low end and laptop}) 256MB Minimum
Display: Type, LCD/CRT (CRTs are dead) Size, 17" minimum, at time of Purchase ask about Upgrade, often cheap then.

Assumptions -- Any new PC will have both Modem and Network connections, Sound on Motherboard, Multiple USB 2.0 Ports along with Standard Parallel, Serial (Game Port?) Floppy drive (becoming irrelevant), Media slots for Flashcards/Memory sticks etc., Vista OS and Security Software

Attached is a page to use to WRITE DOWN what each Store tells you. Print a bunch of copies and take a pencil when shopping.



--------------------------------------------------------------------------------
From: someone@aol.com [mailto:someone@aol.com]
Sent: Friday, February 02, 2007 7:13 AM
To: mike1mb@comcast.net
Subject: Re: FYI: Microsoft Vista


Mike, I am going to purchase a new computer in the next 60 days or so .. something fast and easy with a lot of memory. Do you have any suggestions I would like to stay with HP ???

Someone

Microsoft Vista

Hey maybe this will interest you and prove to be helpful too. Upgrade Season/Fever arrives.
Here's an excerpt from a fairly reliable report on Microsoft Windows Vista, (Full report) Interesting that the "tech savvy" readers at ZD.Net slammed this review. Problem with that audience base is its like trolling for trout in the ocean, too many barracuda and sharks. Meaning Unix and Apple lovers, both of whom would bash Microsoft no matter what was written by whom. I haven't personally tried Vista, I prefer to wait about 6 months until others have finished the testing and MS issues most of the patches. Anyhow for those looking for something about Vista in a lighter vein, I've also attached a PDF file, of a Vista upgrade Decision Tree Flowchart. While not X-rated or even Scatological, there are some things that might be offensive in some way, so please understand, THIS IS A GAG, I AM NOT THE CREATOR, BUT I LOVED IT. Also on a serious note, some of the final stage decisions are accurate.

Despite some world-class efforts to gin up controversy over Vista, there's nothing scandalous to report. No devastating security breaches, no data-destroying bugs. A few pieces are still missing, including Windows Mobile Device Center, the software that replaces ActiveSync to connect Smartphones and PDAs to Windows Vista. As of this morning, it's still in beta, with no announced date for the final release. Likewise, the hardware to connect digital CableCARD devices to Vista Media Center has been announced and demonstrated but still isn't available for sale.

You've probably already got a pretty good idea of whether you're interested in Windows Vista or whether you want to steer clear. In lieu of a review, I'll share some of my experiences and answer a few questions that I've been asked repeatedly in recent months.

If you're buying a new PC, do you want Windows Vista?

Of course you do. When you purchase a new PC, the price for Windows Vista is essentially the same as the equivalent XP edition, but you get a more robust, attractive, usable, and secure operating system with some very compelling extras. About the only reason to deliberately avoid Vista is if you use a critical software program or a hardware device that isn't supported.

So where are the killer features?

If you go through the mainstream media and read reviews of Windows Vista, the absence of a "killer feature" is the criticism you'll find the most often. Fair enough. Most of the features in Vista are improvements, not completely new. I'm not sure exactly what would qualify as a killer feature for a computer operating system in 2007, but if I had to pick three features to highlight these would be at the top of the list:

  • Windows Photo Gallery. Ho-hum, right? Just another lightweight program to import photos from a digital camera? What most reviewers miss is Photo Gallery's support for the Extensible Metadata Platform (XMP), developed by Adobe and used in a variety of professional-strength photo-editing applications. When you tag a JPEG or TIFF photo with keywords in Windows Vista, those tags are stored directly in the file as metadata, which you can use to search, sort, and filter images in Photo Gallery. That's a great leap forward from Apple's iPhoto and Google's Picasa, both of which store metadata in sidecar files rather than in the image itself.
  • Windows Speech Recognition. You probably haven't heard much about speech recognition in Windows Vista. If you did, it was probably thanks to a demo that went awry last summer and was widely reported. That's a shame, because the built-in speech-to -text conversion software in the final release works exceptionally well for controlling the Windows interface and dictating text.
  • Windows Desktop Search. Yes, you have lots of third-party desktop search options for Windows XP. I've tried them all and never found one that was reliable enough for daily use. What makes Vista's search so useful is the fact that it's integrated directly into the operating system, so you can search in the Start menu, in Control Panel, in Explorer windows, and in common dialog boxes. I miss this capability most when I sit down at a Windows XP machine and try to find a specific Control Panel option. It also just works. I haven't had to rebuild indexes or mess with search settings on any Vista PCs in my office.

What all these features have in common is that they're legitimately part of the operating system. Metadata and search are tied directly into the file system, which is a core feature of an operating system, and speech is just another form of input replacing or augmenting the keyboard and mouse.

How much hardware do you need?

The myth is that Vista requires a hefty, expensive new PC to work properly. The reality is any edition of Windows Vista will work very well indeed on relatively inexpensive hardware. In the week leading up to the official consumer launch of Vista, I've seen name-brand notebook PCs with dual-core Intel CPUs, 1GB of RAM, and Aero-capable graphics hardware selling for $599 or less with Vista Home Premium edition.