Saturday, August 26, 2006

Gartner on the shape of Windows to come

Gartner analysts predict Vista will be the last "monolithic" release of Windows. Whether or not their arguments are correct, they do make a good case for a modular Windows that would (as a desired side effect) also make subscription to Software Assurance plans mandatory. This by it's ability to receive timely updates and even upgrades almost automatically.

Between the potential of virtualization technologies and the ever growing complexity of Windows (now said to be well over 50 million l ines of code in Vista) MS is forced to do something. Gartner makes a case for modularity, much like that present in Linux distributions to manage it.

Jack

SunbeltBLOG: The Consumer Reports testing scandal: It's far, far worse than we initially thought.

I'd heard about Consumer Reports creating viruses to test anti-virus software, well apparently they didn't properly test anti-spyware software, either, I've posted the first part of the president of Sunbelt Software article about it, but the whole thing has to be read to be believed. This is the first black eye that Consumer Reports has ever gotten (that I know of, anyway....), even though I don't always agree with their tech advice.
Over the past two weeks, Consumer Reports has been slammed by the bulk of professional researchers in the security community for testing antivirus programs using 5,500 “fake” viruses.

Consumer Reports fans and a minority group in the security community, however, fought back —– after all, Consumer Reports is seen by many as a competent, independent testing lab and antivirus companies are generally seen as lazy, self-serving, money-hungry companies who have been soaking users for years with crappy products and high subscription fees, etc, etc. So even though Consumer Reports was lambasted by professional security researchers with no ties to antivirus companies, it was seen by some as whining by money-hungry antivirus companies.

Well, ok, on to Chapter 2, which is more damning than the AV test. Because I have something which is so incredible, it boggles the mind

In addition to antivirus programs, Consumer Reports tested antispyware applications. And they have now confirmed that they did not test against any spyware for their antispyware testing. (Feel free to read that sentence again.)

Instead, their entire test of antispyware applications was based on running applications against Spycar, a set of applications written by Intelguardians that mimic spyware behavior — directly against the explicit instructions of the Spycar developers.

--MissM
The post link:SunbeltBLOG: The Consumer Reports testing scandal: It's far, far worse than we initially thought.

Thursday, August 24, 2006

15-inch PowerBook G4 Battery Exchange Program

From the apple site:
In cooperation with the U.S. Consumer Product Safety Commission (CPSC) and other international safety authorities, Apple is voluntarily recalling certain lithium ion rechargeable batteries that were sold worldwide from January 2004 through August 2004 for use with 15-inch PowerBook G4 (Aluminum) notebook computers. These batteries were manufactured by LG Chem, Ltd. of South Korea.

SunbeltBLOG: Remember to report your phishes to PIRT

I like the idea of PIRT, which is a group that works to eliminate phishing sites. I was reminded of it by Sunbelt Blog. The President of Sunbelt Software Alex Eckelberry writes:
Remember to send in phishing scams to PIRT, the Phishing Incident and Takedown squad for takedown.

Two ways:

1. Email them to pirt @ castlecops.com as an attachment.

or

2. Go to the web interface at castlecops.com/pirt, and enter at least the phishing URL.
Also, we still need more volunteers to help take these sites down. Nothing more satisfying than toasting a fresh phish. Join the crew by clicking here.

--MissM
SunbeltBLOG: Remember to report your phishes to PIRT

Sophos offers free rootkit detection tool

I have not tried this, yet. However, early reports are that this is a really decent tool and overdue.

If you download and run this, please let us know how it goes. I have a feeling this is just the first of many important security tools that will be made available in the near future.

Jack

Wednesday, August 23, 2006

Weird Al Says 'Don't Download This Song'

Weird Al proves once again that he can spell I-R-O-N-Y with his freely downloadable recording of "Don't Download This Song". Of course I did!

How much is Windows worth?

Ed Bott's blog on ZDNet is often informative and sometimes even truly entertaining. Here is an article about how consumers perceive the worth of the Windows operating system. It puts the subject in a light I have not seen before and for that is worth a read.

Jack

Tuesday, August 22, 2006

Microsoft Acknowleges Open Source Will Run on Vista

This is surely a policy shift for Microsoft, in it's own small way. I cannot see it as a revolutionary step, which is how some are depicting it. The company known for it's arrogance is bending a little bit. That's all. The world has not ended and you don't need to pack your snow shoes when you die.

That Microsoft is inviting in open source projects where previously only ISVs producing proprietary software got in is merely an acknowlegement of the fact that many open source projects have resulted in major products that have to be accomodated. Period. There is no more to say about it.

I expect we will hear similar news for some other projects, such as MySQL, Apache and perhaps some of the other open source databases.

Jack

OSI Seeks Open-Source License Reform

There have been recurring calls to simplify free and open source licensing over the last 3-4 years. There have been efforts to fix things so consumers of the software products won't be confused by the different licenses, some of which conflict, notably the General Public License (GPL). It conflicts with many, perhaps even most, of the other licenses.

There is reason to believe that this effort will do some genuine good, though no one believes it will fix the problem. The best result can be a gradual movement, fueled mostly by new projects, to more acceptable licenses. Progress, but not perfection, is the watchword here.

Jack

Schneier on Security; Educating Users

This was published earlier this year and now Mr. Schneier has re-posted it on his blog. In the interim, I have directed a lot of frustrated business managers to it. You all will be familiar with the content. It's just nice to see it all in one place and I recommend saving a copy for the next client who doesn't understand why her or his employees can't get it right.

Jack

Three workers depart AOL after privacy uproar | CNET News.com

Posted with no comment.

Why doesn't Linux need defragmenting?

We have had a question or two in the OCLUG newsgroup and our chats about the Linux file system and how to maintain it. Ext3, the usual default file system in Linux distributions, is representative. Others, like versions of the Reiser file system are also common and Linux can interact with many different file systems.

Here is a not terribly technicall explanation of why Linux file systems do not need the most common maintenance operation present in Windows.

I will qualify the title, slightly. Occasionally, I have used a defragmentation utility on ext3 and ext3 systems that have been hit unusually hard by continuous file writes. It is a risky operation, really, because the utilities available are not equal to the highly developed ones for defragmenting Windows. In any event, in Linux they are not often needed. Almost never, in fact. Which is why I am not making a big thing about the title of this.

Jack

Monday, August 21, 2006

Microsoft fixes faulty security patch | Tech News on ZDNet

"Microsoft on Thursday issued a 'hotfix' for a fault in a security patch designed to correct a flaw already being targeted by worms."
If you don't have auto update turned on remember to do your Windows/Microsoft Updates this week.
AlaskaJoe

How to make a universe

Obviously these folks don't have any trouble assembling a new barbecue grill.

There is more here.

Jack

Dell, Sony discussed battery problem 10 months ago

Automobile manufacturers learned a long time ago that waiting for problems to become public and then appearing to be dragged, kicking and screaming, to a remedial recall is bad form. So they changed their tack to proactive recalls with enough publicity given to alert any consumers other means of notification missed. Our government actually cooperates in this to great success.

Well, Sony and Dell and several other companies in the tech sector really need to take a lesson from the car companies. There is less of a black eye in proactive consumer protection than there is in getting caught out in this sort of snafu. And they need to learn it really, really fast, as the devices we carry store more and more energy and thus have ever greater potential for harm.

Can you imagine current tech sector attitudes doing us any good at all when portable fuel cells, with combustable fuel on board, come into wide use?

Jack

TechCrunch: Good stuff!

I just read about this at TechCrunch, and with GeekMeet 2007 up for discussion, I thought that everybody who reads this could use it. [hint, hint] AND! There's an RSS feed (for the non-luddites :P) for the cities you put in. On first glance this is very neat, I'll be interested to see how the trends go.

Airfare Predictions, Find Cheap Airline Tickets - Farecast

And in an homage to the BSers that read this blog, another interesting site from Techcrunch.

--MissM

Wired News: Privacy Debacle Hall of Fame

Wired has the Top 10 list! As additional info to the post below on lack of privacy in search:
The company claimed it was trying to help researchers by providing "anonymized" search information, but experts and the public were shocked at how easy it was to figure out who had been searching on what. Apparently, AOL's anonymizing process didn't include removing names, addresses and Social Security numbers. Although the company has since apologized and taken the data down, there are at least half-a-dozen mirrors still out there for all to browse.


10. ChoicePoint data spill:
9. VA laptop theft:
8. CardSystems hacked:
7. Discovery of data on used hard drives for sale:
6. Philip Agee's revenge:
5. Amy Boyer's murder:
4. Testing CAPPS II:
3. COINTELPRO:
2. AT&T lets the NSA listen to all phone calls:

You have to go to the article to see the Number 1 "privacy disaster," and the details of the above countdown. Have a great week! ;)

Wired News: Privacy Debacle Hall of Fame
--MissM


And in an "Ohhh pretty pictures" way check out some aurora pictures from August 7th.

Sunday, August 20, 2006

OnComputers Radio show Podcast 08-20-06

This is the On Computers Radio show podcast for 08-20-06. You can listen live every Sunday from 10AM to 1PM Pacific thats 1PM to 4PM Eastern. If you prefer, you can download the same file here via ftp.

What do Google, Yahoo, AOL and Microsoft's MSN know about you?

The Mercury News has a comprehensive article about search histories and what can be divined from them. It is scary how much can be told about you by them, even if you have a dynamic IP.

I think it is about time we get real protection of our private data from our legislatures and to hell with commercial interests.

Jack