Saturday, June 24, 2006

MSRC Blog : Exploit code posted on the recent vulnerability addressed by MS06-025

Hi everyone, Stephen Toulouse here. We've see that detailed exploit code has been published on the Internet for the vulnerability addressed by Microsoft security bulletin MS06-025. So per the usual when something like this happens so quickly after release we wanted to highlight that fact, and let you know that we're not currently aware of any active attacks utilizing this exploit code at this time. But the MSRC is monitoring this situation to keep customers informed and to provide customer guidance as necessary.

We have confirmed that the exploit code does not affect users who have installed the update detailed in MS06-025 on their computers. So we continue to recommend that customers apply the that update. In addition, We've posted a security advisory regarding this issue to provide additional guidance. The security advisory can be found at the following location:

* http://www.microsoft.com/technet/security/advisory/921923.mspx
We'll certainly keep an eye out on this issue and keep you posted if we see anything further.

S.
*This posting is provided "AS IS" with no warranties, and confers no rights.*

Published Saturday, June 24, 2006 1:57 AM by MSRCTEAM

--MissM
MSRC Blog! : Exploit code posted on the recent vulnerability addressed by MS06-025

Friday, June 23, 2006

Geek Meet in Alaska or.....

What I would be doing if I was there.

The site that gives me all my geocaches:
Geocaching - The Official Global GPS Cache Hunt Site
I found this while looking at Alaska caches
GSA EarthCaching
"The most exciting way to learn about the Earth and its processes is to get into the outdoors and experience it first-hand. Visiting an Earthcache is a great outdoor activity the whole family can enjoy."

This is my new favorite thing to do, for all the reasons the reporter states in the video at Youtube. She gets some of the words wrong, but I thought it was informative. One specifically, Cache in, Trash Out, CITO is the cleaning up the area acronym. And to include the Texas contingent, GeoWoodstock4 was in Dallas, a couple weeks ago. The link to geowoodstocking4.com has expired, so don't click on it.



And there's a podcast, which is fantastic! and vidcast on geocaching. :)

This is the last update! ;) I had to find Joe's house in Google earth, and there's (a, no 2, no 3, wait! there's a 4th two blocks east from the third!) 3 caches in the woods, in the park, just down the street, if you're there, you know which park I mean ;) Oh man! I'm so jealous! There's 30+ caches within 3 miles, as the satellite measures, of Joe's house!


Have a great Geek Meet!!
--MissM
(P.S. I'm having trouble connecting to blogger, hope this only posts once.)

The amorality of Web 2.0

The link will take you to "Rough Type", Nicholas Carr's blog.

While I'm not one to point out philosophy or philosophical observation I think this particular piece should be required reading for anyone who mouths the phrase "web 2.0". I must warn you it is somewhat long, but it's packed with things to think about; important things.

Jack

BTX Now has 24% Adoption Rate

It's mostly OEMs using BTX components, but some hobbiest builders do, as well. There are enough variations on the theme that one can build a very attractive small machine for nearly any need.

I am presently considering having several picoBTX systems built for a client. They will use significantly less real estate in the cubicles without sacrificing anything in terms of performance. The one thing the really small machines lack is a way to quietly cool them. They end up being among the noisier PCs because with so little internal air space, one has to blow the cooling air a bit harder than in a larger case.

Jack

Thursday, June 22, 2006

How to disable WGA notification ..

In a follow up to Jack's post below, another way to disable WGA phoning home.
From Suzi Turner at ZDNet blogs:
Microsoft's Windows Genuine Advantage (WGA) anti-piracy tool has angered a lot of people and rightfully so in my opinion. Fellow ZDNet bloggers have explained the details of the software along their concerns. Ed Bott wrote Microsoft presses the Stupid button and lists the stupid mistakes, starting with "it should never have been included with Critical Updates". I agree with that and all his points.


There are many more excellent links, I'll give you a hint and say that the process is called WGAtray.exe, but there are many good links, in the article, including one from My Digital Life "15 ways to disable and remove the WGA notifications." Go check it out, but first my caveat and a recommendation...
Like Jack, I've not tried it, but I have downloaded Autoruns from Sysinternals that it recommends, and I also have installed Process Analyzer from Sysinternals, which is excellent, and I have high hopes for Autoruns.
--MissM

� How to disable WGA notification

Firewall Leak Tester

Here's an interesting site for those who want to test their firewalls. It's free and very comprehensive. Yes, I know about Steve Gibson's firewall test and I use it. But I went ahead at this site because I thought there might be some difference in the returned results. Indeed, there was and I swiftly fixed it.

In addition; they offer download of a tool which prevents Windows Genuine Advantage from calling home to MS at every boot. Check it out. Hopefully, I will be able to report on the tool's efficacy by Sunday's show. Time is tight, though and I'm struggling hard to clear the decks enough to allow testing it.

Jack

Encryption project has teen feeling pretty secure

Here's a fun story. A change from the alarmist tripe I usually post.

It seems a young man has devised a reasonably impressive hardware encryption device for computer use. It has it's own processor and RAM so encryption is as transparent to the user as possible, which would take the pain out of encrypting every bit of data on the hard drive. Combine that with strong passwords and some other authentication factor (such as biometrics) and one needn't worry about a laptop being stolen or even a desktop in place where the attacker has physical access to the machine.

This makes real sense. Encryption software can produce strong output, but the software itself may be a vector of attack for a cracker or spy. It also loads the cpu to a degree many users might find unacceptable. A hardware device equipped with it's own specially configured processor and a bit of RAM could handle a lot of data without the user ever noticing. I am told a custom ARM derivative running at 400 MHz could do 1024 bit encryption invisibly until the file size reaches some (high) threshold, at which point you might have to wait a second or two more to read your file or email. That level of encryption is effectively unbreakable on today's machines and will remain so for quite a while. In fact; when I recommend an encryption level to a client, I almost never recommend over 256 bit.

The young man is receiving some well deserved attention and summer job offers. He deserves it.

Jack

Understanding HDCP

It's High definition Digital Content Protection, if you didn't already know. If you didn't, don't feel bad. It hasn't gotten near the press it needs. It's hardware protection for content and it means things like no matter what software you use, there is NO WAY to play a DVD on a machine equipped with it. And, should you manage, the system can phone a central keyholding authority and revoke ALL certificates on the machine, meaning no more playback of any protected content - ever!

The content owners are winning. And not only are they protecting their own rights (as they should) they are removing all your fair use rights. Ain't life grand?

The system is quite vulnerable, owing to 56 bit keys and the fact that the handshaking between devices is unencrypted and can be snooped upon to the degree where the system can be spoofed to see an HDCP compliant device where none exists. But doing so would definitely make a felon of you, even if you are simply implementing your fair use to back up content, because circumvention of such systems violates our beloved DMCA.

The article linked to above, by Jake Carroll, is must read for anyone who cares about fair use of digital content. It's a bit long and fairly dense, but everything is stated in such a way that you needn't be an uber geek to understand.

Jack

Wednesday, June 21, 2006

'Critical' Microsoft fix breaks some Net connections | CNET News.com

"Problems occur only with dial-up connections that use a terminal window, or dial-up scripting, Microsoft said. This type of connection may stop responding after applying the patch, the software maker said."
I guess if your using this type of dial up connection you can't read this. :( Microsoft is working on a fix!

Tuesday, June 20, 2006

IBM overclocks chip to 500GHz

I will be the first to admit this is just a curiosity. After all; they did have to cool the thing to just a few degrees above absolute zero, so it's not useful at home. At least not until I learn to type with my mittens on.

Still, it ran at 350 GHz at room temperature, so there is hope for higher chip speeds yet with the technology we have in hand.

Jack

Opera 9 is OUT!!!

The latest version of the excellent Opera web browser is out. I've been using it for about an hour on an XP Home machine and it seems fine. There are a few puzzling changes from the beta, but they seem to be all for the better and I'm a happy camper.

The link is to an Opera blog, which is a good place to find out what Opera offers and what you can expect. Remember; there are no ads in the free download any more. It's a safe and very serviceable alternative and just different enough that you may find it suits you better than Firefox.

Jack

Microsoft offers guidance on Excel bug

It's definitely a critical bug, though one does either have to visit a malicious web site or open a malicious attachment. MS will probably patch it in the next patch cycle, or even sooner. If you're an Excel user, read the Microsoft guidance linked to through this article. There are several offered to mitigate your risk.

Jack

Monday, June 19, 2006

Rumor: Microsoft Developing iPod Killer

In the last two months at least 6 of our listeners have told me this was going to happen and I pretty much let it slide as Microsoft had quit talking to the content providers (record labels). I guess I was wrong.

There is enough fact floating about to make this more than a rumor. Microsoft IS talking to content providers and there have indeed been secret demonstrations of the devices and the service. It's just a matter of time, now, and we will get to see how the MS device and service stack up to Apple's offerings in the arena of public opinion and sales.

Jack

Hackers use Google Pages to host Trojan horse

Apparently this has been fixed. Google is not saying much. Still, if someone like Google, who devote a significant percentage of resources to security, can get hacked in this manner, you can get some sort of feel for just how perilous the security environment is.

Jack

Linux Update again

Thanks to MissM. Link to original post is in title. Somehow I managed to get Zinf installed on Ubuntu. I'm still not sure exactly how, LOL. I followed the instructions on the site she posted. Somehow it worked. Thanks again MissM.

Corsair set to make Power Supply Units

This is news, though it doesn't seem like it at first glance. As the article points out, Zalman has been doing this for a while now.

We need more high quality, high peformance power supplies. As our systems become ever more sophisticated and require larger capacity power supplies and a power stream that adheres more closely to the necessary standards, the "toss in one of these" mentality by which many of us have been working is outmoded. Small variations in the power stream that your Pentium III would never have noticed will destabilize any of the current dual-core systems. For this reason alone, it is entirely within the scope of probability that the day of the serviceable yet inexpensive power supply is fast going away. We will have to pay a bit more - not a lot - to ensure the stability of our systems.

Jack

Langa Letter: XP's No-Reformat, Nondestructive Total-Rebuild Option | June 19, 2006

I've been subscribed as a plus user to Fred Langa's newsletter, for over a year. He uses the subscriptions to sponsor children all over the world and posts frequent updates of the children. But, his job is a columnist for Information Week, and this weeks column includes a non-destructive reinstall of XP!! I had to post this, because I've never heard of this trick before, its excellent, and the full article includes screen shots, and caveats about the messages on the screen from Microsoft. Reading the article, I can see several places where I'd go "OH NO! its erasing everything!!" We've all been there, when we hit enter just before we think about it. :) Anyway, back to the article that will hopefully save you several hair pulling (IF you have any ;) ) episodes. To quote the introduction to the article:
It's one of those software design decisions that makes you scratch your head and wonder, "What were they thinking?"

The "it" in this case is XP's most powerful rebuild/repair option, and yet Microsoft chose to hide it behind seeming dead ends, red herrings, and a recycled interface that makes it hard to find and (at first) somewhat confusing to use.

But it's worth exploring because this option lets you completely and nondestructively rebuild, repair, or refresh an existing XP installation while leaving already-installed software alone (no reinstallation needed!). It also leaves user accounts, names, and passwords untouched and takes only a fraction of the time a full, from-scratch reinstall does. And unlike a traditional full reinstall, this option doesn't leave you with two copies of XP on your hard drive. Instead, you end up with just the original installation, but repaired, refreshed, and ready to go.

We've saved this technique for last in our discussion of the various XP repair/rebuild options because the fixes we've previously discussed are like first aid--the things you try first. For instance, see this discussion on removing limitations on XP's Recovery Console, turning it into a more complete repair tool; or this discussion on the Recovery Console's little-known "Rebuild" command that can cure many boot-related problems. (There's also lots more on the Recovery Console here.

But when the Recovery Console techniques don't work, and you're facing the prospects of a total reformat/reinstall, stop! Try the no-reformat reinstall technique we're about to illustrate, and you just may get your XP setup running again in a fraction of the time and with a fraction of the hassle of a grand mal wipe-and-restore.

Go read the rest of the article with screenshots.
--MissM
InformationWeek | Windows XP Management | Langa Letter: XP's No-Reformat, Nondestructive Total-Rebuild Option | June 19, 2006

Sunday, June 18, 2006

OnComputers Radio show Podcast 06-18-06

This is the On Computers Radio show podcast for 06-18-06. If you prefer, you can download the same file here via ftp.
Remember we will have a live Digital Video camera running for next weeks Geek Meet 2006. Join us live to see some of the people you listen to every Sunday.
If your going to be in the Anchorage Alaska area please join us.
Where should we have Geek Meet 2007?

Ever Wonder what liquid nitrogen does when poured into a pool?

CollegeHumor Movie: Ever wonder what happens when you dump a bucket of liquid nitrogen into a swimming pool?

--MissM