Ask Paul: May 7 (Premium) (Updated)

UPDATE: Microsoft has released a preview version of Project Moca (Outlook Spaces) on the web, which someone had asked about below. –Paul

Happy Friday! Here’s another great set of reader questions to kick off the weekend a bit early.

Movie time

bschnatt asks:

Movie time! Believe it or not, I’ve never seen Casablanca or The Godfather. I’m actually a noire fan, so the former might be a surprise to y’all – it’s just never popped up on Prime or Netflix or over-the-air (but to be fair, I rarely look for it). As to the latter, I’ve already seen Goodfellas and, while it’s well done, I’ve kinda had my fill of dark, crime-oriented epics. I’ve seen (and own) the Lethal Weapons and Die Hards (among others), and I’ve moved on to lighter fair, but I’m still open-minded about this. Is Casablanca all it’s cracked up to be? Is The Godfather worth watching, or is it just another shock-fest glorification of violence? I’d also like to know if you like those Fred Astaire / Ginger Rogers movies. I own tons of ’em… 😉

I’m not a huge fan of Casablanca, personally, and it’s not because it’s black and white. It just feels like one of those old movies that were made on a sound stage instead of being on location, which would have made it a lot more interesting to me.

But the Godfather series is another thing entirely. The first two movies are among the greatest movies ever made, and while most people dump on Godfather Part III, I actually liked it. That movie was just re-released as The Godfather Coda: The Death of Michael Corleone that we’ll be watching soon.

When I had my second ACL surgery in the very early 1990s, I had to stay home from work for a week or so, and one day I had rented all three Godfather movies so I could watch them back to back. When my wife came home from work, she asked me how my day was, and I told her it was the most depressing day I’d ever had. I was mostly joking, but the movies are a bit dark. But, absolutely classics and worth the time.

Microsoft + Linux

bschnatt also asks:

We’ve all had our chuckles about Microsoft’s sudden love of Linux (ahem), but what do you think would happen if Microsoft actually officially endorsed Ubuntu as the be-all, end-all and announced that they would be releasing all their “big name” apps for it? Do you think there are people that use Linux not because they hate Microsoft, but just because they hate Windows?

Sure, but Linux desktop usage has never really amounted to much, and Microsoft embracing any one Linux distribution—or some number of them—from a desktop app perspective probably won’t change anything at this point. I understand putting Microsoft Edge and Visual Studio Code on Linux, but I feel like Microsoft’s core software suite for end users—Office, of course, Teams—is covered adequately on Linux by web apps. And I doubt Microsoft would make a bigger investment in such a small market. All it would do is further chip away at Windows if it was at all successful.

The Outlook for Spaces

jchampeau asks:

This is a longshot, but have you heard anything about Project Moca/Outlook Spaces lately? I tweeted Mary Jo Foley about it a few days ago and she pointed me to the Microsoft 365 Roadmap which shows the preview launched back in October, but I don’t see anything anywhere about it exiting preview status and becoming generally available.

No, but if you’ve not heard of this, Petri maintains a site called the Unofficial M365 Changelog that seeks to address a huge problem with Microsoft 365 features, in that Microsoft announces them and then rarely, if ever, provides updates about what’s going on with those features. In many cases, months go by with no news. And there’s no new information about Outlook Spaces, sorry.

UPDATE: Microsoft has released a preview version of Project Moca (Outlook Spaces) on the web. –Paul

The next iPad mini

justme asks:

Given the recent refreshes by Apple of the IPad Air and IPad Pro – do you think the IPad Mini will follow suit, or are we at the end of the line for the Mini?

I don’t usually do this, but I had been following the rumors about coming iPads ahead of my iPad Air purchase, and one of the things I was considering was going back to the iPad mini if Apple was planning to give it an Air-like makeover with that iconic design, a bigger display, and smaller bezels. But the rumors all claimed that the next iPad mini, which is expected soon, will be physically identical/similar to the previous versions. And I’m not going back to that, so I ended up with the Air instead.

Given how minor an upgrade the new iPad mini will be—presumably just a newer A-series chipset, but maybe a slightly bigger display, as we saw when the normal iPad when from 9.7-inches to 10.2—it’s possible it will just appear on the Apple website someday rather than be part of a big announcement.

Outlook.com secure login

olditpro2000 asks:

Hey Paul, I’ve noticed this now in both Office 365 and consumer Outlook/Hotmail accounts. In Outlook Settings under General there is now a Security area. There is one option: “Require secure sign-in to mail.” I’ve only seen this defaulted to Off and when toggling it to On, there is no option to save. The “Learn More” hyperlink takes you right back to your Inbox.

I’ve asked around and other people have seen this in their own mailboxes, yet no one seems to know what it is. Searching around also turned up no answers. Do you have any insight into what this might be? I don’t recall seeing it on any 365 roadmaps.

No, and I’m confused by this.

I suspect the Learn More link is a mistake and that it should point to some Microsoft Docs-based documentation or whatever. So I checked with my Microsoft 365 commercial account and, sure enough, same thing. Weird.

All it says is, “Turn on this setting to protect against password attacks that could compromise your account.” So why wouldn’t this just be enabled all the time? I can only guess since there’s no information. Perhaps it’s related to secure sign-in types like 2FA with your Microsoft/ADD account. As you note, it appears to toggle off when you enable it, too. Classic.

I will try to find the right person to ask about this at Microsoft.

More site updates

crunchyfrog asks:

I have been adjusting to the new commenting system this week and I can see that overall it is a step in the right direction. My question for you is what other updates and changes to the Thurrott.com website do you have planned in the coming months?

Site notifications are next, and could be coming soon. Ditto for the AMP-based version of the mobile website.

Beyond that, Thurrott.com is still behind Petri.com in the queue for getting major changes. But I’m hoping to see some big changes by late this year.

Related to this, hrlngrv asks:

Given this site’s new commenting system, what’s the timeline for providing features which were available with the old commenting system but not yet in the new one.

1. Editing one’s own comments.
2. Inserting hyperlinks with different text appearing in the comment.
3. Embedded images.
4. Optionally quoting comments to which one is replying. Granted this opens up the possibility of the uninformed quoting entire comments uselessly, a problem which bedeviled USENET back in the day, so problematic.
5. Why is the type size larger for this numbered list than in the surrounding regular paragraphs? I won’t know whether this will be permanent until I post the comment, but it’s rather annoying why typing the comment. Will this be fixed?

For me, #1 is certainly most important.

Editing comments should be there right now. I didn’t design or work on the new comments section, but I’ve forwarded this to Nick and the team so we can figure it all out. Job One was just getting it going, and Nick has been scrambling to fix the issues. For example, he added the formatting controls (bold, etc.) after the fact.

What the Tech

anderb asks:

Is What The Tech coming back?

Yes.

Andrew just addressed this on Twitter:

We had to put What the Tech on pause due to my insane schedule with trying to reopen 4 hospitality venues in NYC.  It’s been really brutal.

Good news. We’re coming back soon with a tweaked format that I think everyone will enjoy.

See u in a few weeks.

Sun Valley

madthinus asks:

Are we over thinking Sun Valley. Tom Warren had a good point yesterday on Twitter. The new Icons is just new Icons, it does not address the ancient diaglogs of asking you to insert the A: drive to install a driver. That level of rethinking is a much bigger job. Is Sun Valley just more thorough Lipstick on a Pig?

Of course. Tom is simply repeating things the rest of us have been saying for months, that anyone expecting Sun Valley to be anything more than surface-level gloss isn’t paying attention. It’s just a visual refresh. I still think that’s important: After all, that’s what macOS Big Sur is, as well. And it’s really nice looking. But we have to put this in perspective: Microsoft will never really update all the aging legacy UIs in Windows. There’s just no reason to bother.

Rinse and repeat

Shane asks:

With modern tech, phones, tablets and computers (laptops, desktops) do you think like in the old days you should factory reset them every now and then? With all the updates that we get nowadays would one benefit more from doing it.

This is one of those weird areas where my day-to-day experience isn’t particularly helpful for most people because, when it comes to smartphones and PCs, especially, I tend to move from machine to machine regularly because I’m often reviewing new hardware. That said, I have PCs that have never been refreshed over a span of years, and work fine. And I have an iPad that was refreshed so often to no effect that I replaced it this year with the aforementioned iPad Air.

I will say this: If you’re handling your data correctly—backing up phone photos to multiple clouds, for example, or using OneDrive (or whatever) to make sure that all of your data is replicated to the cloud and perhaps to multiple PCs—then the process of refreshing a device, whether it’s a phone, tablet, or PC—is much easier these days than used to be the case. And this procedure, which sort of think of as “nuke it from orbit” seems like the type of thing that should be part of routine maintenance, maybe once or twice a year depending on the day-to-day performance/reliability experience. Of course, explaining that to a non-technical spouse or whatever can be challenging.

Secure Core PCs

anoldamigauser asks:

The forum post on secure core PCs got me thinking about security, which always comes back to the largest security issue being the carbon based component between the chair and keyboard.

Yep. We’re always the weakest link.

The Microsoft OOBE for a new PC pretty much demands a Microsoft Account, and, of course, that account is made an admin account, violating the principle of least privilege. For people reading this site, it is no issue to create a local account, make it the admin account and demote the initial MSA to a standard user. For the vast majority of people in the world, however, that last sentence would just make their eyes glaze over, or in the case of my children, the eyes would roll first and then glaze over. The point is that users least capable of thinking in terms of computer administration and security, are now computer administrators and any exploit aimed at them will have administrative privilege.

Why doesn’t the OOBE simply prompt users for an administrative password or PIN, and then add their MSA as a standard account. This does not seem to fall into the category of hard computer science problem.

For the same reason that so few technical people do this manually: It’s extra work and is inconvenient. This is the problem with digital security: Platform makers need to strike a balance that’s acceptable to users.

The best way most individuals can secure a PC for personal use is to sign in with a Microsoft account that is protected with two-step verification. I’d love to see this be required before you can use a PC, but Microsoft will never do that either, it would just alienate too many users. (Google is pretty much moving to this requirement, if I understand its recent announcement about passwords.) And of course, commercial customers can require this kind of thing via policy. Perhaps not surprisingly, all of the Secure-Core PCs out in the world appear to be business-class machines.