Windows Live Mail - An accident waiting to happen?

Email clients and choice of programs is a very personal choice based on preference.

Whether you choose to use Outlook Express, Windows Mail, Thunderbird, Outlook, Eudora or any other email applications available, depends primarily on what you like and how you use an email program.

All users should make their own choices as to what applications they use. Each of us has different likes and dislikes and certain features we need and don't need.

But, choices should be based on more than just likes and dislikes. We need to make informed decisions. We need to choose wisely.

Windows Live Mail is not a choice we chose to make for a lot of reasons. Its clumsy interface, its bloated feel, its lack of features, ads inserted when using an MSN or Hotmail address, are a few of them. But more than this, we just don't see the need for Windows Live Mail. Further, we do like so much personal information stored anywhere else but on our own hard drives, under our own control.

It is clear to us that Windows Live Mail is an accident waiting to happen. Microsoft continues to push its Web agenda. We cannot know what Microsoft's motivations are, but it is easy to see that they are pushing very hard to move applications off our desktops and on to the Web. Recently, there has been a subtle effort underway to wean users off desktop applications.

Just a brief explanation in needed here before we proceed. Web applications are applications which run from Web sites. Web apps use databases and scripts to perform the same functions as the desktop applications we have used on our desktops and laptops for years. A Web application differs from the applications most of us are familiar with only in the way they are accessed. You access Windows Mail (the "Outlook Express" of Windows Vista) from your own hard drive; you send mail from your own hard drive; you store your address book on your own hard drive; your passwords and user account information remains on your hard drive. Not so with Windows Live Mail. Everything is done on the Web via Windows Live Mail desktop interface.

When you use a Web application, all of the above are stored on the server on which the Web application runs. Hotmail, Gmail, Yahoo Mail, MySpace, Facebook, etc. are all Web applications. And so is Windows Live Mail.

Hotmail, Gmail, Yahoo Mail, MySpace, Facebook and others do not replace an application on your computer. Windows Live Mail does. And therein lies the crux of the problem.

Windows Live Mail is designed to replace your desktop email program with a Web application. This means that potentially all of your mail accounts, passwords for those accounts, mail messages and address book are stored on a server. This is different than having a Gmail account or a Yahoo account and using it as an additional mail account. Windows Live Mail becomes your primary mail program and that's exactly what it is designed to be. In fact, in the next version of Widnows (currently going by the name of Windows 7), if Microsoft has its way, there will be no Outlook Express / Windows Mail - you'll use Windows Live Mail or you'll have to buy MS Outlook or Microsoft Office to get Outlook. Most of us don't want or won't do that. That means the majority of people who upgrade to Windows 7 (or whatever it will be called when it's released tentatively in 2009) will be stuck with Windows Live Mail and all our personal data, passwords, mail messages, contacts, etc. will be stored on the Web.

It seems to us that if the wave of the future is Web applications then desktop applications are a dying breed. This seems to fly in the face of the current outcry from numerous organizations and computer users for more privacy. Moving from desktop applications to Web applications certainly isn't a move to more privacy - it's a move to less privacy and more vulnerability.

At least with desktop applications, the individual has control over their own computer - they can install anti-virus, anti-spyware, anti-phishing, anti-trojan and other security software to keep their own computer safe from hackers, password-stealing trojans, worms, spyware and the like. If the world were to move in the direction that Microsoft seems to want to take it, we'd have to trust Microsoft that their servers would never be hacked and our information would never be stolen.

But history teaches us lessons. Microsoft servers have been hacked in the past.

You have all read where millions of people have had their private information fall into the hands of criminals because some company or other's server security was breached. Why on earth would Microsoft want to move us away from trusted desktop applications to Web applications?

It seems to us that there can be only one motivation. It's the same motivation that drives every economy's engine: Money. We just don't know how how Microsoft plans to make money from Windows Live Mail yet, but you can bet it has something to do with advertising.

Microsoft's recent bid of $44.6 billion for Yahoo would create a monstrous marketing machine which could lure billions of advertising dollars very easily. How does Windows Live and Windows Live Mail fit in? We don't know, but you can bet it is a piece of the big puzzle.

As we were writing this, a news article appeared that reported that Windows Live Mail's CAPTCHA (that's the little image of squiggly lines, numbers and letters you have to type in to verify you're a real human before you can proceed with account setup) had been defeated and thousands of automated spambot Windows Live Mail accounts were being created. These spambots then use their automatically created Windows Live Mail accounts to send out millions of spam emails. (You can read the entire article about how spammers defeated - rather easily - Microsoft's Windows Live Mail "CAPTCHA" here.)

While this does not constitute a "hack" of Windows Live servers, it does show you the potential for abuse that exists when applications that have been used for years as desktop applications move to the Web. These spambot accounts would have never existed if Windows Live Mail didn't exist. Spammers cannot create spam accounts in your Outlook Express or Windows Mail program. They would have never even tried. But now, thanks to Microsoft and the users who welcomed Windows Live Mail, we're dealing with yet another problem and even more spam.

How long will it take before we all read about Windows Live Mail servers being hacked and hundreds of thousands, maybe even millions of account passwords stolen and worse, millions of people's address books and contact lists were breached, addresses gleaned and sold to hackers?

Whenever a web application is designed to replace a common desktop application, particularly important desktop applications we rely upon and use everyday - for instance email applications - it is an accident waiting to happen.

So, besides the rather clumsy, slow interface of Windows Live Mail and its limited features, Windows Live Mail is itself an accident waiting to happen. And, it appears the first just did.

We think Web apps are great as long as they don't attempt to replace the desktops apps we rely on and use every day. We believe that security and privacy will suffer if Microsoft continues its paradigm of replacing desktop applications with Web applications.

©2008 Cloudeight Internet