Saturday, May 27, 2006

Symantec Says Its Own AV Product Has Zero-Day Vulnerability

They are not giving all the details in order to keep the exploit out of the wild until updates are available. Symantec says tht none of its consumer grade titles are at risk including Norton AV and Norton Internet Security.

Friday, May 26, 2006

The 25 Worst Tech Products of All Time

I've just linked to the page that lists the worst 5. I'm either proud or ashamed to admit that I have used 3 of the 5. Which 3 I will leave to your imagination.

Setting Up a Server - Linux Forums

I found this on digg.com and remembered mopguy's post and somebody in the chat talking about setting up linux.
This article teaches you, the reader, how to configure a GNU/Linux based server with three of the most important services that must be provided in a company, at home, a lab or anywhere else, both for clients and internal usage: web, database, mail. So it will be assumed that the idea is to host websites that use certain technologies such as a scripting language and a database (for dynamic sites), and also to act as a mailing tool, for sending and receiving email.


It is deemed worthy of mention because the first command given is "apt-get,"
which is critical, in my opinion, to really, really make installing things in linux easy. It does take typing, and the command line intimidates a lot of people (though I wager, not many of our listeners/readers), but apt-get takes care of all dependencies and makes installing programs in linux as easy as windows. I won't say OS X, because of a guess that it does it even easier, but I have no personal knowledge of installing programs on a Mac. Though I understand you just drag an app to the trash can (if that's the right icon/term) to uninstall. Which always gives me a *ClunK* How easy can it be? moment, when I consider the simplicity of it.... :)
--MissM
P.S. the url in the title, and below, goes to a site that mirror servers shut down, because of the digg effect, analagous to the /. effect. I was able to get to linuxforums.org, but it was slow.
Setting Up a Server - Linux Forums

Office Depot Advertised Specials

HP Pavilion a1400e Desktop Computer
SAVE $430 this is $199.99 after rebates, with an
AMD Sempron Processor 3200+ with 15" LCD and All-In-One Printer
• 256MB Memory
• 80GB Hard Drive
• Burn & Play CDs
• FREE HP 1410 All-In-One Printer
Some nice Upgrade also,
512MB of RAM add $50
CR-RW & DVD-RW Combo Drive add $25
9-in-1 Memory Card Reader add $15
160GB Hard Drive add $50
This offer is not yet available
May 28 - Jun 3

It looks like there are some killer deals out there this weekend.

$129 19-inch LCD and a whole mess o' other pre-Memorial Day deals

"Cheap Geek: $129 19-inch LCD and a whole mess o' other pre-Memorial Day deals" IF you are thinking about getting a new 19" LCD monitor or some other goodies check this out.

Incredibly funny video

This is a test, to see if it woiks. :)



Its a 6 minute video of a guy doing his ode to modern dance. He goes from Elvis to Saturday Night Fever to Michael Jackson, and beyond. I found it... well... incredibly funny. Check it out. Enjoy YouTube too, if you've never run across it.
--MissM
P.S. looks like it does woik! [typo intentional]

Microsoft shows off JPEG rival

I think this is a case of Microsoft suffering from the NIH (Not Invented Here) syndrome. As far as I can see, this is just another proprietary format to confuse things, albeit a particularly good one. Portable Network Graphics (PNG) format already does everything MS' new one does.

PNG is open source and free for all, which of course sticks in Microsoft's craw and they give it only the most grudging support.

Jack

MSRC Blog : Incorrect reports of a new Windows 2000 SMB vulnerability

MSRC is the Microsoft Security Response Center. I wanted to reassure everybody this is an already patched item. Though a different type of exploit, the patch still protects the server.

Hey everyone. Stephen Toulouse here. There has been a bit of a flurry of activity here in Redmond this morning when we noticed a couple of people releasing information about an SMB vulnerability in Windows 2000.

We just want to let everyone know that we've investigated this claim and found the vulnerability being discussed is fixed by MS05-011, a security update released almost 16 months ago. We contacted our partners on this and made sure they understood this is not new. What *is* new is that someone reportedly has found a different way to exploit the vulnerability. But if you have the update, you're protected.

Just as a long U.S. holiday reminder, we watch the secure@microsoft.com email 365 days a year, so we'll have an eye out this weekend. In addition, teams are still working on the Office Word update.

Here's wishing everyone a safe Memorial Day weekend in the U.S., and a safe weekend in general to our international customers as well.

S.

*This posting is provided "AS IS" with no warranties, and confers no rights.*

--MissM
edit: [consider this the caveat, aka "according to Microsoft"]
MSRC Blog : Incorrect reports of a new Windows 2000 SMB vulnerability

Microsoft wants users to actually use Office 2007

It's a truism that users of office productivity suites use 20% or even less of the available features. This doesn't just apply to Microsoft Office, either. It applies across the board, to Open Office, Star Office and all others, as well.

Microsoft realizes this and is (finally?) taking steps to get users more informed about what is available to them. Don't worry. Clippy is still dead. Instead, they're taking the approach of minimizing the interface options and directing users to whichever features they might wish to use.

If they can succeed in this, it will definitely change the way people work.

Jack

CNN.com - Company: Hackers can crack top antivirus program - May 25, 2006

I don't think I need to give most of our readers any more than one guess as to which company is being referred to in this article. The one surprise to me is that its their corporate edition that is affected, not the home version.

Thursday, May 25, 2006

Microsoft: Windows Vista is on target, unless it isn't

I noticed these two opposing statements by Ballmer and Allchin earlier today. Here they are in one neat package. I'm still betting that Gartner was right a while back. I predict that we will not see Vista until 2nd Quarter 2007. And that means on computers in the stores or available for immediate shipment online, no less in the boxes on the shelves.

Wednesday, May 24, 2006

DefectiveByDesign.org

Evidently protesters wearing yellow Hazmat suits showed up at WinHEC to protest DRM and publicize their new DRM fighting Web site. It got my attention.

Which reminds me, if you haven't written your Senate critters to protest the lastest assault on home recording by the RIAA with a convoluted acronym, check out this. The PERFORM Act would require DRM where none is currently required. My Senate critter Feinstein is a sponsor of this ugly, ugly thing that is something that only RIAA money can buy. I wrote asking her to reconsider (fat chance). I also wrote Senator Boxer from whom I received a polite, non-committal, boiler-plate reply.

Oh, be sure to tell all your friends.

The Curious Incident of Sun in the Night-Time

RMS writes about Sun's making Java Open Source, or not. Forgive the pun but you always have to consider the source. Even though RMS is hard line when it comes to free or open source (and he clearly acknowledges open source) he doesn't think that this step by Sun comes close to open sourcing Java. He mentions that the Java source code is only available under an NDA. That's too bad. Open under NDA does not really equal open in my opinion and certainly not in Stallman's. Let's hope that this is a baby step towards true open source Java by Sun.

Windows in view

I'm starting to feel like today is all Vista all the time. So here is a list of articles on News.com. They have conveniently put them all in one place. The big thing I really want to know at this point is price and that still seems to be a big secret.

Tuesday, May 23, 2006

Samsung to launch PCs based on flash memory

We knew it was going to happen. Of course, the price is higher than that of a comparable laptop with a hard drive, but that was expected. I did not expect it to be as high as it is, but it's early days and before too long, there will be enough price competition to bring things down to a more realistic premium.

Jack

Schools block MySpace access; kids fight back

Schools are cracking down on access to social networking sites like MySpace in an attempt to make time spent in a computer lab profitable


That seems like a no-brainer. After all, schools have always had the ability to keep materials that the school or teacher thought were distracting away from students. In my case, I can remember a novel I was sneaking a peak at being taken away, as was a crossword puzzle. You can only imagine what a snorer the class was! I only wish that I had a computer when I was in school even with MySpace blocked from my inquiring mind.

What is a little more interesting is the Libertyville school where students in extracurricular programs can be disciplined for what they post on their own time that is considered illegal or inappropriate. "Illegal" should be pretty easy to define. "Inappropriate" is more of a judgment call. I hope that the guidelines are publicized and very clear or that the students get a warning and a chance to remove "inappropriate" before they are disciplined. I'm afraid, given recent history in schools, that is will be an extension of zero tolerance. The good news is that the schools won't be patrolling the Web.

Also, will any measures be taken to assure that the student named really posted the material that is in question? This seems like it would be a very easy way to "frame" someone you didn't like by posting Web content in their name. After all the Web is such a secure place (not). I'm not sure that school administrators will be perusing ISP logs to determine the truth or who posted what when and where. It will be up to students (and parents footing legal fees) to prove themselves innocent in some cases. It could be a lot of time lost and reputations ruined falsely for some students. Enough of that goes on in high school low tech -- like writing on the bathroom wall. I can imagine this rule resulting in some high-tech sabotage.

I can see both sides and there are no good answers, but with school rules just like the criminal justice system, I'd rather see the guilty go free than see one innocent person harmed.

MS Share Point Server 2007 and "Knowledge Network"

Microsoft's Share Point Server 2007 is winding it's way toward users. It's a really hard product for anyone to get excited about, but it is more and more widely used in enterprises. The most interesting thing about SPS'07 might be a freebie add-on called "Knowledge Network" which will be offered to licensed users.

It's a bit hard for me to think of Microsoft as innovative, no matter how much they trumpet their opinion that they are. But in Knowledge Network, they have hit upon an innovation that I think of as truly revolutionary; able to change the way companies and their staffs search out the knowledge held within the company itself.

It's a bit hard to explain, but I'll take a stab at it. It all seems very logical, to the point of "why didn't I think of that?" when you get into it.

Estimates vary wildly, but it is a truism that much of any enterprise's knowledge resides in the heads of their employees and is not recorded anywhere else. I've read figures from 30% to 80% with very good arguments for whatever numbers the writer chooses to espouse. I imagine it varies from situation to situation anyway. The only thing we have to know is that a lot of this knowledge can be unavailable to those who need it, unless you know the right person to ask. Knowledge Network is intended to point you toward the person who has the knowledge you require. Making it part of a collaboration suite is simply logical.

Using keywords and like that, combined with a bit of clever artificial intelligence software, Knowledge Network collects facts that can help others find the person with the knowledge they need, when they need it. The knowledge base is built up over time, from documents generated and records of projects an employee has taken part in.

The database thus constructed and manipulated could be a privacy nightmare and Microsoft recognizes this up front. They talk of "appropriate privacy policies" needing to be in place and most accounts I have seen also speak of allowing the workers to edit their own profiles to avoid privacy problems. With such measures in place, there is no reason for this to be a problem. (Although I have to wonder how many employers will take the problem seriously enough to go to the trouble.) It is expected MS will ship KN with rather restrictive defaults.

Frankly, just the promise of Knowledge Network is enough to make me a fan of Share Point Server '07! Used wisely, it could and probably will be a lifesaver at times and a useful tool the rest of the time.


The link above will take you to the blog of the team developing this at Microsoft. Here's a link to Microsoft Watch's "rah-rah" take on it. And if you're interested, here's a link to Bill Gates' latest missive on knowledge work and handling.

Jack

My intoduction to Linux

I finally decided once and for all to try Linux. Here goes:

So far I’ve tried 3 distributions. Ubuntu, Ark Linux, and White box Linux. In all cases I was dual booting with windows XP pro.

Ubuntu is probably the best all around but, it refused to let me run above 640X480 Screen resolution with an onboard Nvida Gforce
video chip. I even tried to install a driver. Didn’t work. I think because it’s Debian based? I do have it installed on a Mother board with an S3 video chip and it runs fine.

Ark Linux, red hat based did let me do 800 X 600 with the same Nvida chip however, One day it hosed my “C” drive and I had to restore from an image. Still not sure what exactly what went wrong all I Did was plug in a USB “thumb” drive. Next boot entire “C” drive was hosed.

White box Linux, also red hat based, so far so good. However, it is 4 CD’s to down load and takes about 12 attempts to get it to update correctly, if you are lucky.

So, to sum up, all things considered, not bad for free operating systems. I’d have to recommend Ubuntu if you decide to take the plunge. It didn’t hose my system. The only problem was the driver for the Nvida chip. Even then it did run OK at 640 X 480. Comments please, Jack or anybody.

Dell does retail

Apparently, Dell says they were inspired by the Apple stores. That's a little hard to take, as it seems as if the plan is for nothing more than kiosks to allow prospective buyers to see products.

There will be one in Dallas, which is near me, and I'll be over there as soon as it opens. I'll let you know what I find.

Jack

New Yahoo IM Worm Poses as 'Safety' Browser

First discovered by anti-malware researchers at FaceTime Communications, the worm, labeled as yhoo32.explr, is forwarding itself throughout Yahoo's IM system via the contact lists of people whose computers it has already been infected. Once loaded onto a PC, the malicious program automatically hijacks the computer's existing browser home page and encourages users to visit a fraudulent Web site that attempts to load spyware programs onto their devices.


More fun and games from the bad guys.

Introducing AMD's AM2 Platform

It is official, tomorrow is the day AMD will finally announce the AM2 platform for desktop processors. AMD originally had plans to launch the chipset on June 6, 2006, but shortly after the announcement that Intel's Core 2 Duo processor would launch at the same time, AMD bumped the launch date up to May 23, 2006.


I'm sure there will be more news and information tomorrow, but this will do for now.

Tales From Packaging Hell

From Psyclone electronics cables encased in impenetrable layers of thick plastic to DigiPower camera batteries coated with packaging several times the size of the item itself, the hardest part of buying electronics these days is opening the products when you get them home. In many cases, it makes solving Halo 2 seem like a kindergarten project.


This is an all too common problem. This article describes the difficulties encountered with theft resistant packaging and some steps taken to make packaging more user friendly. In the end this is one more case where honest people are inconvenienced and even injured in the attempt to thwart dishonest people.

Microsoft Doesn't Expect Suit To Block Vista Launch

Asked whether the case would have any impact on the Vista roll-out, Chief Executive Steve Ballmer told Reuters: 'I wouldn't anticipate any, but that will go to the courts now.'

Ballmer, speaking in Beijing after a news conference, did not elaborate.

Symantec is also seeking an injunction that would block the further development, sale or distribution of Vista and other products until all Symantec intellectual property is removed.


Juts a little update for those of you who are concerned about this.

Monday, May 22, 2006

Thieves Steal Personal Data of 26.5M Vets - Yahoo! News

Do you trust Uncle Sam?

Wired News: Why We Published the AT&T Docs

As part of the EFF suit against AT&T wiretapping, Wired.com has released the statement from the whistleblower. Good for Them!! I say.
A file detailing aspects of AT&T's alleged participation in the National Security Agency's warrantless domestic wiretap operation is sitting in a San Francisco courthouse. But the public cannot see it because, at AT&T's insistence, it remains under seal in court records.
[snip]
AT&T claims information in the file is proprietary and that it would suffer severe harm if it were released.

Based on what we've seen, Wired News disagrees. In addition, we believe the public's right to know the full facts in this case outweighs AT&T's claims to secrecy.

They also use words like "anonymous source" and a motion to release the documents along with "other news and civil rights organizations that have already done so, including the EFF, the San Francisco Chronicle, the Los Angeles Times, the San Jose Mercury News, the Associated Press and Bloomberg.

Before publishing these documents we showed them to independent security experts, who agreed they pose no danger to AT&T. For example, they do not reveal sensitive information that hackers might use to attack the company's systems."
--MissM

Wired News: Why We Published the AT&T Docs

Regarding what I said about Apple closing Darwin for x86 code

I said on the show that Apple was closing the source of the Darwin kernel for x86. Apparently I have mistaken rampant speculation for fact. Here is a post on an Apple mailing list from someone high up at Apple which seems to indicate that no decision has been made.

Jack

Sunday, May 21, 2006

OnComputers Radio show Podcast 05-21-06

This is the On Computers Radio show podcast for 05-21-06. If you prefer, you can download the same file here via ftp.
Listen to this show to find out how you can win a copy of Diskeeper Pro 10.0!

The fight against V1@gra (and other spam)

The author of this CNet News.com article seems to think the flood of spam is stabilizing at about 70% of all email traffic. That may or may not be correct. It certainly doesn't hold true here. This morning, I downloaded 802 pieces of mail, 18 of which were legitimate. (And, yes; I DID count.) Oh; and that is AFTER passing through my filters.

That ratio seems to hold pretty constantly, here. Spam to my 10 accounts seems to be growing at the rate of about 10% every 3 weeks. That doesn't sound like stabilization to me. And it sure doesn't seem like stabilization.

The article may or may not be worth reading, depending on how agitated you get when all this stuff is brought to your attention. I thought it was, but I kept two bottles of antacid tablets at hand throughout.

Jack