This "self guided tour" of Windows Vista is intended for someone who has a copy of it running at hand. However; even a quick reading will give you a pretty good idea of what Microsoft wants the product to be and what it actually consists of.
Jack
Sunday, September 04, 2005
Saturday, September 03, 2005
WinFixer Popup Problem
This article in the LangaList Std Edition 2005-09-01 outlines the WinFixer spyware problem and gives some links about fixing it.
Just an aside, I've subscribed to the pay version of Langalist for several years, but the free version is also very useful and well, it's free. If you never have, now is a good time to check it out.
Just an aside, I've subscribed to the pay version of Langalist for several years, but the free version is also very useful and well, it's free. If you never have, now is a good time to check it out.
Firefox 1.5 Beta Expected Soon-PC World
Firefox 1.5 Beta 1 will be available September 8, according to a posting in the section of the Mozilla Foundation's Web site devoted to developer news.
Theft You Don't Even See
From the article:
"How's this for a one-two punch -- software that secretly alters your Google search results, then tries to drop nasty programs on your computer by luring you to a bogus eBay link?"
I've got to give these malcreants a "C" for clever. Just be aware.
"How's this for a one-two punch -- software that secretly alters your Google search results, then tries to drop nasty programs on your computer by luring you to a bogus eBay link?"
I've got to give these malcreants a "C" for clever. Just be aware.
Friday, September 02, 2005
Yahoo IM users get more than they bargained for
From the article:
"By accepting Yahoo's 'typical' installation of YIM with Voice, it will also download Yahoo's Search Toolbar with anti-spyware and anti-pop-up software, desktop and system tray shortcuts, as well as Yahoo Extras, which will insert Yahoo links into the Internet Explorer browser. The IM client also contains 'live words,' which will automatically show an icon when the user highlights words online and then hyperlink to Yahoo search results, definitions or translation tools. Finally, the installation will alter the users' home page and auto-search functions to point to Yahoo by default.
To avoid these changes, users must actively choose the 'custom' installation and uncheck five boxes."
I thought "we" (the collective computer using community) had made it crystal clear to companies that these kinds of tactics would cause us to abandon using their services and software. Since they need us to use their services and software in order to advertise to us, this is very counterproductive.
"By accepting Yahoo's 'typical' installation of YIM with Voice, it will also download Yahoo's Search Toolbar with anti-spyware and anti-pop-up software, desktop and system tray shortcuts, as well as Yahoo Extras, which will insert Yahoo links into the Internet Explorer browser. The IM client also contains 'live words,' which will automatically show an icon when the user highlights words online and then hyperlink to Yahoo search results, definitions or translation tools. Finally, the installation will alter the users' home page and auto-search functions to point to Yahoo by default.
To avoid these changes, users must actively choose the 'custom' installation and uncheck five boxes."
I thought "we" (the collective computer using community) had made it crystal clear to companies that these kinds of tactics would cause us to abandon using their services and software. Since they need us to use their services and software in order to advertise to us, this is very counterproductive.
Trusted Computing Best Practices
Further info on a topic Jack and Peter have discussed on the show, by Bruce Schneier, with some informative links, in my opinion.
--MissM
--MissM
Thursday, September 01, 2005
GM drives Hummer-branded laptop
In my opinion a rugged computer is a useful thing. Hummer branding and styling? Ho-hum.
Computer saves drowning girl
I saw this story yesterday but didn't blog it until I read it today. This is truly amazing. After reading this story, I have little doubt that the computerized alert system really did help save this girl's life.
Creative MP3 players ship with virus
This seems like a rather amazing story. I would think that their production computers would be isolated from this sort of thing. Since this virus surfaced in 2003, it's not like definitions weren't out there.
I've heard of official releases of software containing viruses before, but that was a long time ago and I would have thought that security awareness was a bit higher now. I guess not. All I can do on this one is to sit here and scratch my head.
Yet another reason to continuosly run a high quality, up-to-date anti-virus scanner.
I've heard of official releases of software containing viruses before, but that was a long time ago and I would have thought that security awareness was a bit higher now. I guess not. All I can do on this one is to sit here and scratch my head.
Yet another reason to continuosly run a high quality, up-to-date anti-virus scanner.
Free Ubuntu CDs!
Courtesy of http://www.spyndle.com/, which I found from listening to this podcast.. Since Jack is so enthusiastic about this linux distro, I thought I'd pass on this link. FYI.
Sorry for the long history, but I want to give credit where credit is due. ;)
--MissM
OT: the blogger button is working great now! Not sure what the issue was, but I'm giddy!
Please don't forget the people on the gulf coast need our help, for info and ways to donate, go here.
Sorry for the long history, but I want to give credit where credit is due. ;)
--MissM
OT: the blogger button is working great now! Not sure what the issue was, but I'm giddy!
Please don't forget the people on the gulf coast need our help, for info and ways to donate, go here.
Hollywood, Microsoft align on new Windows
Here's what we have to look forward to:
"Although ordinary MP3 files and DVDs will play without any difference, the deep changes in the way the operating system handles some entertainment content will come with costs. The most obvious of these may be the risk of compatibility problems between some older monitors or TVs and Vista computers, particularly when trying to play high-quality video. Vista may also make it harder to do some casual copying, such as recording Internet audio"
Arrgh!
"Although ordinary MP3 files and DVDs will play without any difference, the deep changes in the way the operating system handles some entertainment content will come with costs. The most obvious of these may be the risk of compatibility problems between some older monitors or TVs and Vista computers, particularly when trying to play high-quality video. Vista may also make it harder to do some casual copying, such as recording Internet audio"
Arrgh!
Linux 40 percent cheaper than Windows, exclaims IBM
Are you as tired of all the TCO "studies" between operating systems as I am? I hardly ever read them, any more. As far as I'm concerned, none of them, including this one, are worth the paper they're written on.
While the cost of software and operating systems is certainly important, the only way to know what fits is to study your own needs and operations and see what meets your requirements, then put out for that. On such a basis, winners will emerge from all over the spectrum of offerings. There is no one clear winner, across the board.
Jack
While the cost of software and operating systems is certainly important, the only way to know what fits is to study your own needs and operations and see what meets your requirements, then put out for that. On such a basis, winners will emerge from all over the spectrum of offerings. There is no one clear winner, across the board.
Jack
Massachusetts Plumps for Open Document Standards
We reported last January that Massachusets proposed to move all documents produced by the State and any local governments within it to formats conforming to open standards. At the time there was a lot of thought that Microsoft and other vendors would oppose this.
While opposition did arise, Massachusetts stuck to their guns and after repeated rounds of public comment, has implemented their plan. Conversion is to be complete by 1 January, 2007. This specification is open for a last round of public comment now and is expected to be implemented in it's current form, with the planned timing.
Application vendors who do not currently support the required formats are expected to offer plug-ins or other revisions to their products to comply. Microsoft is rumored to already have the required changes made in recent versions of Office ready to go.
Jack
While opposition did arise, Massachusetts stuck to their guns and after repeated rounds of public comment, has implemented their plan. Conversion is to be complete by 1 January, 2007. This specification is open for a last round of public comment now and is expected to be implemented in it's current form, with the planned timing.
Application vendors who do not currently support the required formats are expected to offer plug-ins or other revisions to their products to comply. Microsoft is rumored to already have the required changes made in recent versions of Office ready to go.
Jack
Wednesday, August 31, 2005
Hidden-code flaw in Windows renews worries over stealthy malware
I mentioned the over-length registry key as a way of hiding malicious code from various system protection utilities on Sunday. The link above is to a story in The Register which contains a bit more information, along with links and pointers to more information.
This is a serious problem, though Microsoft does not see it as an operating system vulnerability (and they may well be correct in this). It can and does mean such things as keystroke loggers are invisible to some security and system health monitoring software. The Internet Storm Center has a partial list of such software. Undoubtedly patches will be issued and at least most of the affected programs updated to handle this. Until that happy day, this story warrants your following it and taking whatever steps are necessary if you are depending on the affected applications for your security.
Jack
This is a serious problem, though Microsoft does not see it as an operating system vulnerability (and they may well be correct in this). It can and does mean such things as keystroke loggers are invisible to some security and system health monitoring software. The Internet Storm Center has a partial list of such software. Undoubtedly patches will be issued and at least most of the affected programs updated to handle this. Until that happy day, this story warrants your following it and taking whatever steps are necessary if you are depending on the affected applications for your security.
Jack
Outsourcing warning on Indian law changes
This report in the Australian paper, The Age, says that India is thinking of weakening it's cybercrime laws, as recommended by an expert committee.
India already has serious privacy and data theft problems in the sector of business out-sourced from the US and Europe. Now they intend to further weaken the laws against unauthorized intrusions to a network. They have a real problem.
It is obvious India is not after anything but the money and really doesn't care about the people their businesses serve. They get the technologies and get paidto learn how to use them, then do as they will, allowing profiteers of all sorts to take advantage.
It is time to start telling businesses that you will not deal with them if they outsource to India - period. No exceptions.
Jack
India already has serious privacy and data theft problems in the sector of business out-sourced from the US and Europe. Now they intend to further weaken the laws against unauthorized intrusions to a network. They have a real problem.
It is obvious India is not after anything but the money and really doesn't care about the people their businesses serve. They get the technologies and get paidto learn how to use them, then do as they will, allowing profiteers of all sorts to take advantage.
It is time to start telling businesses that you will not deal with them if they outsource to India - period. No exceptions.
Jack
Katrina Disaster
I probaby don't have to blog this because our little On Computers family has a lot of heart and I'm sure most of you have already done something to help out. This is a disaster of epic proportions and has wiped out much of 3 Southern states. The destruction of New Orleans is being compared to the San Francisco earthquake and fire of 1906. I'm pleased to report that when I tried to access a disaster relief agency the secure server was so busy that the Web site couldn't respond. I had to phone it in, which is a good thing.
If you want to help out and haven't yet here are some links to get you started:
American Red Cross
Salvation Army USA
Our best wishes and prayers go out to everyone who has been affected, as well as to their concerned friends and family.
If you want to help out and haven't yet here are some links to get you started:
American Red Cross
Salvation Army USA
Our best wishes and prayers go out to everyone who has been affected, as well as to their concerned friends and family.
BBC: Apple iTunes phone due to launch
Made by Motorola the handset will have Apple iTunes onboard and will be available via the US Cingular phone service.
The Great Firewall of China
I found this article by Scott Granneman particularly interesting because I remember checking my router/firewall logs several times recently and noticed that it was dropping a rather large number of unsolicited packets from Chinese IP numbers. I recall thinking "What the heck is going on in China, and why?" This may give a little further insight, check it out if you're interested. John B.
WinFS Beta Released. Questions Immediately Arise
After pulling WinFS, a new relational file system, out of the Longhorn/Vista beta, Microsoft has released it as a beta in it's own right. Immediately, analysts and pundits question where it fits in the scheme of things. Fair questions, I should think, though perhaps a bit premature.
The link above is to an article at Technewsworld.com and I recommend you read it, but withhold your judgements until we see where things are heading.
Jack
The link above is to an article at Technewsworld.com and I recommend you read it, but withhold your judgements until we see where things are heading.
Jack
Monday, August 29, 2005
Zotob worm writer caught by FBI
And more news on the Zotob front this morning...
It is good to see that causing real havoc is resulting in real arrests. Microsoft did have a hand in helping investigators track down the culprits.
Furthermore:
"Microsoft's Smith attributed the fact that relatively little damage was caused by the worms to two things: consumers are becoming more savvy to threats and taking more precautions to shield their software from viruses, and Microsoft is making good on its commitment to create more secure products."
It is good to see that causing real havoc is resulting in real arrests. Microsoft did have a hand in helping investigators track down the culprits.
Furthermore:
"Microsoft's Smith attributed the fact that relatively little damage was caused by the worms to two things: consumers are becoming more savvy to threats and taking more precautions to shield their software from viruses, and Microsoft is making good on its commitment to create more secure products."
Some XP Users at Risk From Zotob Worm
"Users running certain configurations of Windows XP Service Pack (SP) 1 beware: That pesky Zotob worm that hit Windows 2000 users last week could affect your systems, too. This week, Microsoft issued a new advisory on the expanded Zotob threat. Windows XP SP2 users are not vulnerable to the Zotob attacks, Microsoft said."
I hope you have SP2 installed!
Joe
I hope you have SP2 installed!
Joe
Sunday, August 28, 2005
OnComputers Radio show Podcast 08-28-05
This is the On Computers Radio show podcast for 08-28-2005. If you prefer, you can download the same file here via ftp.
If you the FTP link doesn't work because of the server problems, please right click on the podcast link above and save as. We will be moving to the new server in the next few weeks.
If you the FTP link doesn't work because of the server problems, please right click on the podcast link above and save as. We will be moving to the new server in the next few weeks.
Boy Was I Dumb | this WEEK in TECH
Leo has an issue with feedburner, and I believe its an interesting discussion...
OT: When did the blogger button in the google toolbar quit putting the url in the url box???? Boy that irritates me
:)
--MissM
OT: When did the blogger button in the google toolbar quit putting the url in the url box???? Boy that irritates me
:)
--MissM
Big Bait Sinks Alleged Phisher - Los Angeles Times
"The 22-year-old Iowa man pleaded not guilty Wednesday to charges of scamming computer users with fake e-mail notices from Microsoft Corp. Authorities said his scheme backfired when the software powerhouse contributed the legal legwork that led to his arrest." Score another one for Microsoft!
Joe
Joe
Sirius Satellite to Sell Portable Player - Los Angeles Times
Sirius Satellite Radio Inc., the No. 2 U.S. pay-radio company, will begin selling its first portable device to compete with larger rival XM Satellite Radio Holdings Inc. and products such as the iPod.
I have4 XM Radio what do you have?
Joe
I have4 XM Radio what do you have?
Joe
Alleged Spyware Mastermind, Buyers of the Program Indicted - Los Angeles Times
Alleged Spyware Mastermind, Buyers of the Program Indicted - Los Angeles Times: "Loverspy allowed its users to learn about the e-mails, website visits and passwords used on other people's computers by sending an innocuous-looking electronic greeting card. Every keystroke on the victims' computers was recorded." the Loverspy phenomenon caused a buzz among those in computer security. Companies have cited Loverspy as the reason computer users need anti-spyware and anti-virus software.
The on computers show recommends NOD32 The Anti Virus that works!
Joe
The on computers show recommends NOD32 The Anti Virus that works!
Joe
Saturday, August 27, 2005
Public largely ignorant of Web threats, but women less so
Girls RULE! ;)
"StreamShield measured online fraud, viruses, spam, unwanted pop-up ads, spyware, phishing and keyloggers. The firm said, in fact, that in all categories women experienced fewer difficulties than men, even though a higher percentage of men are aware of computer viruses, spyware, adware, et al."
I'm soooo proud of us!
--MissM
"StreamShield measured online fraud, viruses, spam, unwanted pop-up ads, spyware, phishing and keyloggers. The firm said, in fact, that in all categories women experienced fewer difficulties than men, even though a higher percentage of men are aware of computer viruses, spyware, adware, et al."
I'm soooo proud of us!
--MissM
Tom's Hardware Guide PCs & HowTo: Windows Spyware Survival Tools - Winsock XP
"A very common problem that exists is the loss of Internet connectivity after being infected with or removing spyware. A free utility exists that will completely rebuild your WinSock and restore your Internet connectivity. "
This have a free tool to fix your network connections if spyware breaks it.
Thanks Curtis for this link!
This have a free tool to fix your network connections if spyware breaks it.
Thanks Curtis for this link!
PC World-FCC Extends VoIP E911 Deadline
The FCC announcement Friday acknowledges "significant efforts" made by VoIP providers to gain customer responses. The FCC also asked VoIP providers to detail any plans to use so-called "soft" disconnect options for customers who have not responded to the advisories by September 28. Under a soft disconnect, all non-911 calls would go instead to the VoIP provider's customer service line, while 911 calls would continue to be routed to emergency dispatch centers.
Friday, August 26, 2005
Arrests made in probe of worm that hit ABC, others | Tech News on ZDNet
"Microsoft hails the arrests as an example of a successful partnership between the private sector and law enforcement. 'Our entire industry, especially in partnership with law enforcement, is able to move much more quickly and in a more sophisticated way today than was the case, say, two years ago, and that is certainly part of what made it possible to get to this point within two weeks,' ".
Good job Microsoft and the FBI!
Joe
Good job Microsoft and the FBI!
Joe
Cell Processor Details Released
Don't worry. I'm not pointing you to hundreds of pages of technical documents. They are available, should you want to read them, though.
Instead; this is a two page overview of the Cell architecture and it's capabilities, written by Dr H. Peter S. Hofstee. I found it readable enough to inform, without being overly dense.
It is obvious that the Cell is every bit as exciting a development as is appeared early on. Peter and I were right, I guess. This is likely the future of much of our computing.
Jack
Instead; this is a two page overview of the Cell architecture and it's capabilities, written by Dr H. Peter S. Hofstee. I found it readable enough to inform, without being overly dense.
It is obvious that the Cell is every bit as exciting a development as is appeared early on. Peter and I were right, I guess. This is likely the future of much of our computing.
Jack
Thursday, August 25, 2005
Some Net phone customers may be cut off
Do you have VOIP and have you registered with 911?
"NEW YORK - Providers of Internet-based phone services may be forced next week to cut off tens of thousands of customers who haven't formally acknowledged that they understand the problems they may encounter dialing 911 in an emergency."
"NEW YORK - Providers of Internet-based phone services may be forced next week to cut off tens of thousands of customers who haven't formally acknowledged that they understand the problems they may encounter dialing 911 in an emergency."
Spitzer: AOL to reform customer service, pay penalties - Aug. 24, 2005
AOL to reform customer service, pay penalties - Aug. 24, 2005: "America Online, the world's largest Internet service provider, has agreed to reform the way it handles customers who want to cancel service, New York State Attorney General Eliot Spitzer said Wednesday."
Thanks to John_B
Thanks to John_B
Wednesday, August 24, 2005
Another Good Reason to Dump Bluetooth
Bluetooth could be a very useful technology. I don't dispute that. But the link above will take you to an article about plans to "bluecast" ads to mobile devices, particularly phones. Yes, when your device is queried, you have the opportunity to say "no" by not accepting the advert, but who wants to be queried right and left as they walk, drive or what have you?
My wife's laptop is equipped with bluetooth capabilities. We have disabled them because we really don't need it, but also because it is a huge security risk. The best rule is to disable anything you don't use, regardless of risk level. You can always re-enable it when needed.
There have been unconfirmed reports of bluetooth hacks against laptops recently. It is my intention to check this out in detail and try to inform you of what I find, either on the show, our site, or here.
If a device will not let me disable bluetooth, I don't want it.
Jack
My wife's laptop is equipped with bluetooth capabilities. We have disabled them because we really don't need it, but also because it is a huge security risk. The best rule is to disable anything you don't use, regardless of risk level. You can always re-enable it when needed.
There have been unconfirmed reports of bluetooth hacks against laptops recently. It is my intention to check this out in detail and try to inform you of what I find, either on the show, our site, or here.
If a device will not let me disable bluetooth, I don't want it.
Jack
Server Upgrade
We are in the process of migrating the media server over to a new box.
This has become somewhat of an urgent issue as there appears to be a hardware issue that may or may not cause us to go down while we are in the process of the migration.
If this happens prematurely, please know that we will be doing our best to get mission critical services back up and running quickly, but there may be some lag and some pieces, ie websites and the newsgroups, may take longer to get up.
We are attempting to back everything up as of TODAY, August 23, 2005, but we aren't sure if we will have everything. This migration should be complete by mid September.
Again, we are hoping to make it through the migration without any issues, but we aren't sure if we will make it. Please take this as notice if there is any unexpected downtime.
This has become somewhat of an urgent issue as there appears to be a hardware issue that may or may not cause us to go down while we are in the process of the migration.
If this happens prematurely, please know that we will be doing our best to get mission critical services back up and running quickly, but there may be some lag and some pieces, ie websites and the newsgroups, may take longer to get up.
We are attempting to back everything up as of TODAY, August 23, 2005, but we aren't sure if we will have everything. This migration should be complete by mid September.
Again, we are hoping to make it through the migration without any issues, but we aren't sure if we will make it. Please take this as notice if there is any unexpected downtime.
Tuesday, August 23, 2005
Works for Me: First, do no harm - CNET reviews
This is a good way to try to fix a small problem on your computer. It doesn't fix a Harddrive going south on ya. But it might be a way for you to fix your own computer without having to pay someone to do it for you.
Joe
Joe
Google planning IM service, report says | Tech News on ZDNet
Are you ready for another IM? Google Talk!
I'm not sure I am.
Joe
I'm not sure I am.
Joe
Google set to release new toolbar
The link above is to a short article in The Inquirer. You can, of course, also get details at Google, though it is much more of a sales pitch.
There is also an article at The Register "http://www.theregister.com/2005/08/22/google_sidebar/">here.
My wife and I just discussed installing the new desktop on one computer and decided against it, despite being attracted by the functionality it offered. So why did we decide against it? Well, we decided we did not want Google, or anyone else, for that matter, so closely supervising our surfing habits and collecting data about us.
No, I'm not especially paranoid. You know that, if you've listened to me on the show. But I do wonder at all the information that has been collected on me through the use of the Internet and worry both about it's accuracy and what uses it could be put to. In a purely personal decision, I'm drawing the line.
Jack
There is also an article at The Register "http://www.theregister.com/2005/08/22/google_sidebar/">here.
My wife and I just discussed installing the new desktop on one computer and decided against it, despite being attracted by the functionality it offered. So why did we decide against it? Well, we decided we did not want Google, or anyone else, for that matter, so closely supervising our surfing habits and collecting data about us.
No, I'm not especially paranoid. You know that, if you've listened to me on the show. But I do wonder at all the information that has been collected on me through the use of the Internet and worry both about it's accuracy and what uses it could be put to. In a purely personal decision, I'm drawing the line.
Jack
Moog dies - NY Times
Robert Moog, the creator of the electronic music synthesizer that bears his name and that became ubiquitous among experimental composers as well as rock musicians in the 1960's and 70's, died on Sunday at his home in Asheville, N.C. He was 71.
Monday, August 22, 2005
PCWorld.com - Power-Line Networking: The Next Generation
I used a Power-Line network at a motel in Canada on my drive down the Alcan. It was slick!
Joe
Joe
Some great info about the new Zone Alarm
From the Fred Langa newsletter, some warnings about installing the new "full of features" (aka bloat) ZA. The bottom line as I see it:
"I suggest waiting a bit when the new ZoneAlarm is offered (some users are getting the update notices right now...). The pre-update version is fine, and works well -- there's no urgent need to upgrade. Let other braver or risk-loving souls take the plunge, and watch for feedback." The article also includes examples of experiences with the new Zone Alarm.
--MissM
"I suggest waiting a bit when the new ZoneAlarm is offered (some users are getting the update notices right now...). The pre-update version is fine, and works well -- there's no urgent need to upgrade. Let other braver or risk-loving souls take the plunge, and watch for feedback." The article also includes examples of experiences with the new Zone Alarm.
--MissM
Sunday, August 21, 2005
OnComputers Radio show Podcast 08-21-05
This is the On Computers Radio show podcast for 08-21-2005. If you prefer, you can download the same file here via ftp.
Saturday, August 20, 2005
0 Day Exploit for IE "Imminent" - SANS
There is a new exploit, supposedly already in the wild (though that isn't crystal clear, yet) which SANS warns about, as does US CERT. The link above is to the SANS site.
Best check this one out.
Jack
Best check this one out.
Jack
Thursday, August 18, 2005
Legal Ramifications of Trojan/Virii Infections
Here's one I'll bet you never thought of. I surely didn't.
What are the legal ramifications of a company's network becoming infected with one or another sort of malware? We have Sarbanes/Oxley and HIPPA and various state notification requirements when personal data is compromised. What are the responsibilities of these companies under such circumstances?
In fact; one could argue that storing such data on machines which can possibly be infected might violate one or more of these laws. This article does just that. There isn't any legal action taking place on this front right now, but the article makes the point that it is almost inevitable there will be.
Check it out.
Jack
What are the legal ramifications of a company's network becoming infected with one or another sort of malware? We have Sarbanes/Oxley and HIPPA and various state notification requirements when personal data is compromised. What are the responsibilities of these companies under such circumstances?
In fact; one could argue that storing such data on machines which can possibly be infected might violate one or more of these laws. This article does just that. There isn't any legal action taking place on this front right now, but the article makes the point that it is almost inevitable there will be.
Check it out.
Jack
Computer virus writers at war, security firm says
'....... "The latest variants of Bozori even remove competing viruses like Zotob from the infected machines," Hypponen said in a statement on the company's Web site.
The worms were blamed for major system trouble at some media outlets and companies in the United States on Tuesday, causing personal computers to restart repeatedly and potentially making them vulnerable to attack.'
New worms hit U.S. media outlets, companies
" The worms, including two called "IRCBOT.WORM" and "RBOT.CBQ", exploit a recently discovered flaw in Microsoft Corp.'s (MSFT) Windows 2000 operating system and were causing personal computers at more than 100 U.S. companies to restart repeatedly and potentially exposed them to attackers who could take control of a system."
MY opinion: w0w, another "service" performed by the worm writers, finding unpatched systems" Does this show up in Performance Reviews? Is IT/MIS an unnecessary expense, in this profit driven market? so many questions, so few good answers OR practices, it seems...
"This is the most significant threat we've seen in at least 12 months," said Vincent Gullotto, vice president of the anti-virus emergency response team at McAfee Inc. (MFE)
But Symantec Corp. (SYMC) and McAfee, the top two computer security companies, as well as Microsoft, said that damage to computer systems on Tuesday was limited and was not likely to cause widespread havoc like other malicious software programs such as SQL Slammer and MyDoom."
Ok, why the dramatic difference in opinion? The Symantec response seems to mirror Microsoft's statement. I wonder what your opinion is if your servers kept rebooting? Perspective is everything ;)
--MissM
The worms were blamed for major system trouble at some media outlets and companies in the United States on Tuesday, causing personal computers to restart repeatedly and potentially making them vulnerable to attack.'
New worms hit U.S. media outlets, companies
" The worms, including two called "IRCBOT.WORM" and "RBOT.CBQ", exploit a recently discovered flaw in Microsoft Corp.'s (MSFT) Windows 2000 operating system and were causing personal computers at more than 100 U.S. companies to restart repeatedly and potentially exposed them to attackers who could take control of a system."
MY opinion: w0w, another "service" performed by the worm writers, finding unpatched systems" Does this show up in Performance Reviews? Is IT/MIS an unnecessary expense, in this profit driven market? so many questions, so few good answers OR practices, it seems...
"This is the most significant threat we've seen in at least 12 months," said Vincent Gullotto, vice president of the anti-virus emergency response team at McAfee Inc. (MFE)
But Symantec Corp. (SYMC) and McAfee, the top two computer security companies, as well as Microsoft, said that damage to computer systems on Tuesday was limited and was not likely to cause widespread havoc like other malicious software programs such as SQL Slammer and MyDoom."
Ok, why the dramatic difference in opinion? The Symantec response seems to mirror Microsoft's statement. I wonder what your opinion is if your servers kept rebooting? Perspective is everything ;)
--MissM
VMware takes dual-core licensing plunge
Microsoft has already done it. So have some others. They've decided to charge by the cpu socket, rather than by processor core count. With modern cpus, you can have more than one core running on a socket.
This is really only a common sense move. There are some notable holdouts, Oracle being chief among them, who are charging by the core. For a number of technical reasons, doubling the number of cores on a chip does not double the available computing power. It's not even close. Gains run from 55% to 80%, depending on a huge number of factors. Everyone's mileage will vary, and probably wildly so.
Eventually, there will have to be some further adjustments, as more and more cores are connected to a single socket. But for now, VMware, MS and others are doing what is only fair. The rest are looking more and more like price gougers and if they don't come around, they're likely to suffer in the image department or the bottom line or both. The market will enforce realism on pricing models, eventually. Until then, the best advice is to watch the fine print in those license agreements.
Jack
This is really only a common sense move. There are some notable holdouts, Oracle being chief among them, who are charging by the core. For a number of technical reasons, doubling the number of cores on a chip does not double the available computing power. It's not even close. Gains run from 55% to 80%, depending on a huge number of factors. Everyone's mileage will vary, and probably wildly so.
Eventually, there will have to be some further adjustments, as more and more cores are connected to a single socket. But for now, VMware, MS and others are doing what is only fair. The rest are looking more and more like price gougers and if they don't come around, they're likely to suffer in the image department or the bottom line or both. The market will enforce realism on pricing models, eventually. Until then, the best advice is to watch the fine print in those license agreements.
Jack
Adobe Acrobat and Acrobat Reader Security Flaws Fixed
This short article at Techworld.com gives all the details about which versions need patching. Basically, you're going to have to upgrade, which you can do via the facility on the Acrobat or Acrobat Reader toolbar or by downloading manually. This affects virtually ALL PLATFORMS so you Mac and Linux users can't feel smug about this one.
As it's not taking the bad guys any time at all to produce exploits once the existence of a vulnerability is made public, I advise you to go patch right now. Don't wait around. I've patched all our machines, Window and Linux, and many versions of the reader with nary a hitch, so I don't think there is anything to be wary of with this one.
Jack
As it's not taking the bad guys any time at all to produce exploits once the existence of a vulnerability is made public, I advise you to go patch right now. Don't wait around. I've patched all our machines, Window and Linux, and many versions of the reader with nary a hitch, so I don't think there is anything to be wary of with this one.
Jack
Wednesday, August 17, 2005
Welcome to the Microsoft Security Response Center Blog!
They've activated the Situation Room, because of the MS05-039 exploit on Windows2000 boxes. Here is MS' Statement
Here is the entry in Microsoft's Software Encyclopedia.
All entries courtesy of the weblog in the headline.
-MissM
Stay ASAP (As Secure As Possible) <--CreativeCommons License ;)
just kidding
Here is the entry in Microsoft's Software Encyclopedia.
All entries courtesy of the weblog in the headline.
-MissM
Stay ASAP (As Secure As Possible) <--CreativeCommons License ;)
just kidding
Things to do with RSS URL update
URL changed.
15 things you can do with RSS - Tim Yang's Geek Blog
Thanks to Javabeans for this.
15 things you can do with RSS - Tim Yang's Geek Blog
Thanks to Javabeans for this.
Symantec Acquires Endpoint-Security Company Sygate
Many thanks to JohnB for passing this on to us.
From the ariticle:
"The deal will combine Sygate's software for enforcing network security policies and securing so-called 'endpoints,' such as servers, laptops and mobile devices, with Symantec's stable of security wares, according to Symantec."
This appears to be a no-brainer for Symantec, but the question remains will Symantec take the Sygate code and build a better product, or not? Inquiring minds want to know, but only time will tell.
From the ariticle:
"The deal will combine Sygate's software for enforcing network security policies and securing so-called 'endpoints,' such as servers, laptops and mobile devices, with Symantec's stable of security wares, according to Symantec."
This appears to be a no-brainer for Symantec, but the question remains will Symantec take the Sygate code and build a better product, or not? Inquiring minds want to know, but only time will tell.
Sun's Linux killer shows promise
The Register has a pretty comprehensive first look at Open Solaris/Solaris 10. It's 4 long pages and pretty much packed tightly. Very much worth the read, though.
Jack
Jack
Using your neighbor's WIFI
This article is a follow up from a previous article that CNN posted, and was posted here by Alaskajoe thanks to JonathanM.
Its interesting to see what others people's response is. The replies range from, its open, so its free to use, to its stealing, to other replies.
The moral of the story: if you have a wireless network and don't want the rest of the neighborhood sharing it, secure it.
Its interesting to see what others people's response is. The replies range from, its open, so its free to use, to its stealing, to other replies.
The moral of the story: if you have a wireless network and don't want the rest of the neighborhood sharing it, secure it.
Monday, August 15, 2005
BBC: Total recall boosts PDA writing
The idea of remembering word patterns and connecting the dots might not sound like an easy way to write an e-mail.
But IBM researchers are betting that tracing letters on a touch screen will become the way to write on a handheld device like a PDA or mobile phone.
In tests, people have reached speeds of around 60 to 70 words per minute. While this is slower than touch-typing, it is much faster than tapping out words with a stylus.
Looks interesting.
But IBM researchers are betting that tracing letters on a touch screen will become the way to write on a handheld device like a PDA or mobile phone.
In tests, people have reached speeds of around 60 to 70 words per minute. While this is slower than touch-typing, it is much faster than tapping out words with a stylus.
Looks interesting.
Sunday, August 14, 2005
OnComputers Radio show Podcast 08-14-05
This is the On Computers Radio show podcast for 08-14-2005. If you prefer, you can download the same file here via ftp.
SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System
'MS05-039 Worm in the wild
MS05-039 Worm
Starting around 11:30 UTC, we've received several reports on a new worm variant that makes use of MS05-039 to spread. If you're not patched yet, this is your last call.
F-Secure named the critter "Zotob.A",http://www.f-secure.com/weblog/ '
Make SURE you get the latest updates!
--MissM
MS05-039 Worm
Starting around 11:30 UTC, we've received several reports on a new worm variant that makes use of MS05-039 to spread. If you're not patched yet, this is your last call.
F-Secure named the critter "Zotob.A",http://www.f-secure.com/weblog/ '
Make SURE you get the latest updates!
--MissM
Google Advanced Operators (Cheat Sheet)
Courtesy of the NY Times I put this in my firefox toolbar, I can tell its gonna come in handy :)
and in the "its my luck" department.... A Brilliant New Memory Card a hinged SD card! The computer sees it as an external card, and makes life easier!! "Why, my luck?" you ask... I just got a 1GB SD card for my palm to allow more podcasts and geocaching files but the hotsync works well, after removing the previous install of PalmOS cause of the change in categories, that I never could get around. Another example of how not using Outlook for email , makes life more difficult. But, that's another subject :)
--MissM
and in the "its my luck" department.... A Brilliant New Memory Card a hinged SD card! The computer sees it as an external card, and makes life easier!! "Why, my luck?" you ask... I just got a 1GB SD card for my palm to allow more podcasts and geocaching files but the hotsync works well, after removing the previous install of PalmOS cause of the change in categories, that I never could get around. Another example of how not using Outlook for email , makes life more difficult. But, that's another subject :)
--MissM
Attacks reported for critical Veritas Backup Exec flaw
From Infoworld:
Symantec, which acquired Veritas in July of this year, says it is "not aware of any vendor-supplied patches for this issue," according to its alert. The company recommends that users block access to the TCP (Transmission Control Protocol) port that uses the service in question, port 10000.
The flaw affects versions 8.x, 9.0, 9.1, and 10.0 of Backup Exec for Windows Servers, Fr-SIRT said.
Just thought I pass this along.
mopguy.
Symantec, which acquired Veritas in July of this year, says it is "not aware of any vendor-supplied patches for this issue," according to its alert. The company recommends that users block access to the TCP (Transmission Control Protocol) port that uses the service in question, port 10000.
The flaw affects versions 8.x, 9.0, 9.1, and 10.0 of Backup Exec for Windows Servers, Fr-SIRT said.
Just thought I pass this along.
mopguy.
Saturday, August 13, 2005
Software helps you stop being a jerk
I don't know. Somtimes being a jerk is useful. I think I'd like one of these to help my "I'm not interested in whatever your selling voice" for those few calls that slip under the Do Not Call List radar.
Man Convicted in Huge Computer-Theft Case
"Prosecutors said Levine and his company stole 1.6 billion customer records — the equivalent of 550 telephone books filled with names, e-mail and postal addresses. The government did not charge anyone with identity theft."
... smiling and humming "Another One Bites the Dust".
... smiling and humming "Another One Bites the Dust".
Sunbeltblog: CoolWebSearch issues statement
The Response to threatened legal action by CWS, by the company that discovered it. "Sunbelt has never said this keylogger was coming from CWS. We said exactly the following: 'This keylogger is not CoolWebSearch. It was discovered during a CoolWebSearch (CWS) infestation, but it actually is its own sophisticated criminal little trojan that’s independent of CWS.'
Alex Eckelberry"
I am APPALLED that CoolWebSearch threatened legal action when allegedly accused of a "new spyware identity theft ring". What part did they object to? Does this mean every OTHER thing ever put on the internet, about cool web search, is true?
--MissM
{caveat} the opinions expressed here are my own. ;)
Alex Eckelberry"
I am APPALLED that CoolWebSearch threatened legal action when allegedly accused of a "new spyware identity theft ring". What part did they object to? Does this mean every OTHER thing ever put on the internet, about cool web search, is true?
--MissM
{caveat} the opinions expressed here are my own. ;)
Security Advisory: Srv.SSA-KeyLogger
Here's some more about the "latest" key logger and there's a download to check your system for it. It seems to just exploit IE, so far....
" The spyware keylogger, named Srv.SSA-KeyLogger is a backdoor program that injects a process into Internet Explorer that opens various ports through which it monitors for certain values typed using your keyboard (i.e.; specific characters, numbers, etc.). When it encounters any of the values for which it is searching, it saves the keystrokes into a text file. When the file reaches a certain size, Srv.SSA-KeyLogger, sends a notification packet with the key stroke information to a Web site so the information can be easily accessed by the person(s) stealing the information. After which, it repeats the process."
--MissM
" The spyware keylogger, named Srv.SSA-KeyLogger is a backdoor program that injects a process into Internet Explorer that opens various ports through which it monitors for certain values typed using your keyboard (i.e.; specific characters, numbers, etc.). When it encounters any of the values for which it is searching, it saves the keystrokes into a text file. When the file reaches a certain size, Srv.SSA-KeyLogger, sends a notification packet with the key stroke information to a Web site so the information can be easily accessed by the person(s) stealing the information. After which, it repeats the process."
--MissM
A Short Take on Grid Computing
I get asked about grid computing surprisingly often, considering that I really only deal with smaller businesses. This Techworld.com article explains it quite well, along with the benefits and pitfalls of depending on a grid. It also explains just why grids haven't lept to the fore. (Hint; it has to do with money.)
It's a short read and an easy one. Well worth the time.
Jack
It's a short read and an easy one. Well worth the time.
Jack
Friday, August 12, 2005
Its a two fer Friday :)
E-mail wiretap case can proceed, court says
"In a closely watched case governing Internet privacy, a federal appeals court has reinstated a criminal case against an e-mail provider accused of violating wiretap laws......
The case deals with an indictment of Bradford Councilman, formerly vice president of online bookseller Interloc, which is now part of Alibris.
Interloc provided some of its customers, typically dealers of rare or used books, with e-mail addresses ending in "@interloc.com." Councilman allegedly ordered the creation of a Procmail script, which saved copies of inbound messages from Amazon.com sent to those specialty book dealers, in hopes of gaining commercial intelligence. (Procmail is a popular Unix utility used for sorting and delivering incoming e-mail.) "
As an admin, what do you think of this? And from the opposite side, in my opinion,on this issue specifically to further commatize *grin*, what's the effect on privacy?
And the second item, as promised in the Title:
Mac Hacks Allow OS X on PCs
"Imagine if your next Mac cost you only $300, and ran faster than any G4 or G5 you've ever used.
That future may already be unfolding: Hackers have found a way to bypass a chip designed to prevent the Mac OS from running on non-Apple PCs, which are often cheaper than Macs. "
So, who's gonna do a geek speak on this? ;)
--MissM
"In a closely watched case governing Internet privacy, a federal appeals court has reinstated a criminal case against an e-mail provider accused of violating wiretap laws.
The case deals with an indictment of Bradford Councilman, formerly vice president of online bookseller Interloc, which is now part of Alibris.
Interloc provided some of its customers, typically dealers of rare or used books, with e-mail addresses ending in "@interloc.com." Councilman allegedly ordered the creation of a Procmail script, which saved copies of inbound messages from Amazon.com sent to those specialty book dealers, in hopes of gaining commercial intelligence. (Procmail is a popular Unix utility used for sorting and delivering incoming e-mail.) "
As an admin, what do you think of this? And from the opposite side, in my opinion,on this issue specifically to further commatize *grin*, what's the effect on privacy?
And the second item, as promised in the Title:
Mac Hacks Allow OS X on PCs
"Imagine if your next Mac cost you only $300, and ran faster than any G4 or G5 you've ever used.
That future may already be unfolding: Hackers have found a way to bypass a chip designed to prevent the Mac OS from running on non-Apple PCs, which are often cheaper than Macs. "
So, who's gonna do a geek speak on this?
--MissM
A look at Vista and MS vs. Google, who won?
Desktop Pipeline | A New Vista: Microsoft Releases Vista Beta 1
I am encouraged by the security improvements and RSS, and it is a beta, so there's still room for improvement. I'm amazed at the VRAM required (128MB and supposedly it gracefully degrades the display with less VideoRAM, and wonder what this is gonna do for prices on Video cards/VideoRAM.....
Techies face off at Golden Penguin Bowl
--MissM
I am encouraged by the security improvements and RSS, and it is a beta, so there's still room for improvement. I'm amazed at the VRAM required (128MB and supposedly it gracefully degrades the display with less VideoRAM, and wonder what this is gonna do for prices on Video cards/VideoRAM.....
Techies face off at Golden Penguin Bowl
--MissM
Thursday, August 11, 2005
DDR2 Shipments Now Outpaces DDR
Samsung, the largest DDR memory producer, says the crossover occurred last month. That suggests the price of DDR2 memory will decline at an accelerating rate.
U.S. Copyright Office poll: IE-only OK?
Browser incompatibility rears its ugly head once again. Wouldn't it be nice if all browsers adhered to the same standards. There is no one entity to blame for this situation.
Even when the copyright office upgrades, Safari will be left out. However, I don't think Siebel truly has thousands of browsers to deal with. How about the top 10? How about making sure the major Apple browser, Safari, is included?
Even when the copyright office upgrades, Safari will be left out. However, I don't think Siebel truly has thousands of browsers to deal with. How about the top 10? How about making sure the major Apple browser, Safari, is included?
New scam asks people to fax away data
Just when you thought you knew how they were doing it. It is not uncommon for banks, etc. to ask you to fax them a signed form. The difference is that you have initiated that transaction.
While those who succumb to advance fee fraud, do so out of greed -- something for nothing, those who succumb to this do so from fear and from a willingness to help. In some ways this is a "your mother is sick and you need to go with me" scam. The scam itself is not new, but the implementation is.
The good news is that people have become very aware of e-mail phishing. So much so that the bad guys are trying a new tactic.
The bad new is that surreptitious trojans and worms seem to be the most effective. They are also more difficult to detect and to guard against.
While those who succumb to advance fee fraud, do so out of greed -- something for nothing, those who succumb to this do so from fear and from a willingness to help. In some ways this is a "your mother is sick and you need to go with me" scam. The scam itself is not new, but the implementation is.
The good news is that people have become very aware of e-mail phishing. So much so that the bad guys are trying a new tactic.
The bad new is that surreptitious trojans and worms seem to be the most effective. They are also more difficult to detect and to guard against.
Background: Multi-Core Processors Need Multi-Threaded Applications
OK, I will concede that there are enough processes doing things in a modern computing environment that a dual-processor will benefit most online users. However, the real benefit comes when applications are re-written to expect multiple processors -- while still working on uni-processors. By 2010, 16-way multi-processors will be approaching mainstream volumes. With so many processor cores, the need to spread work over multiple processors will probably swing back away from modular, thread-based computing.
Developers face two challenges in renewing today's code:
Developers face two challenges in renewing today's code:
- Microsoft Windows Vista uses a new programming model and almost mandataes a complete rewrite of code for GUI and communications code -- and later, the file system when Win FS arrives.
- Commercial applications including games will be under competitive pressure to take advantage of the soon-to-be free extra processors from the likes of AMD and Intel.
The article blogged here is a good technical backgrounder on the issues programmers face in rewriting code for a multi-processor environment.
IBM Blade Servers are Pressuring Competition
IBM licensed Intel's blade technology a couple of years ago and married it with IBM's own BladeCenter. This combination is now taking market share on an accelerating basis. The reasons to assume ongoing success include a double-digit cost advantage over traditional 1U and 2U rack-mounted servers, up to 4 processors on a blade, and well-conceived power management that reduces HVAC costs and infrastructure requirements.
My preferred architecture for most applications going forward is simple:
My preferred architecture for most applications going forward is simple:
- A blade-based server farm. IBM is the leader in blade technology.
- A storage-area network (SAN) that eliminates direct-connect server disks. Low-costs SANs now start at $5,000. Here I lean towards EMC/Dell.
Copyright Office poll: IE-only OK?
This CNet News.com article details how the US Copyright office wants to set up a service through a web site accessible only with Internet Explorer 5.01 and above, until some indeterminate time when they upgrade their back-end software to a version which can handle other browsers.
So much for web standards, eh?
I would think our government would set themselves up to where they were not in an exclusionary position toward anyone who might need to avail themselves of it's services. Guess I was wrong.
Jack
So much for web standards, eh?
I would think our government would set themselves up to where they were not in an exclusionary position toward anyone who might need to avail themselves of it's services. Guess I was wrong.
Jack
Wednesday, August 10, 2005
PC card promises end to crash nightmare
While this does not look like the be-all and end-all of data protection, it's intriguing and seems an economical insurance. Have a look.
Thanks to JohnB for the link.
Jack
Thanks to JohnB for the link.
Jack
Anti-MS Group Aims to Block Vista
Here's another one from JohnB.
I'm going to pass on commenting except to say this is the sort of thing some folks get up to when they find out the earth isn't flat.
Jack
I'm going to pass on commenting except to say this is the sort of thing some folks get up to when they find out the earth isn't flat.
Jack
MS Gives Up on Anti-Piracy Moves
This one is from JohnB.
Microsoft has given up on their "Windows Genuine Advantage" now, which was supposed to restrict updates to less than legal copies of their operating systems. Almost immediately, several schemes for bypassing the controls appeared on the web. Evidently, it was a rather easy hack and approachable from several directions. One has to wonder why Microsoft bothered.
Jack
Microsoft has given up on their "Windows Genuine Advantage" now, which was supposed to restrict updates to less than legal copies of their operating systems. Almost immediately, several schemes for bypassing the controls appeared on the web. Evidently, it was a rather easy hack and approachable from several directions. One has to wonder why Microsoft bothered.
Jack
Tips: PC Magazine Solves 10 Common PC Problems
The Ten Biggest Problems in Computing and How We'll Solve Them
Check this page daily for additions:
Check this page daily for additions:
- It's Too Easy to Get Hacked, Infected, and Spammed
- Software Is Too Buggy and Unreliable
- Identity Theft Is Out of Control
- It's Impossible to Find Stuff
- My Downloads Won't Fit on My Hard Drive
- Notebook Battery Life Is Too Short
- Surfing the Web Is Too Slow
- My PC Isn't Fast Enough
- Wireless Web Connections are Spotty and Unreliable
- I'm Drowning in Cables
Sunbelt blog posts about the keylogger
A bit of additional information about Joe's post on the keylogger, from the blog of the company that publicized it. In my opinion, this just reinforces how important firewalls, and updating your Windows OS are to keep you as secure as possible. Perhaps a new meaning to ASAP? :)
--MissM
--MissM
The NYC take on WAP's
From WCBS AM NYC. Also some audio of the same story there. Are you secure? Hope so.
Tuesday, August 09, 2005
Microsoft Settles Spam-King Suit
Scotty Richter was a major spam king. Hopefully Microsoft will put some of his ill gotten gains to good use. I hope that this really has caused Richter to go straight, but it is hard to trust someone who has spammed so many for so long.
Remember to do your Windows Updates todat 8/9/05
There are 8 new updates for WindowsXP Pro out today.
Joe
Joe
Stealing your neighbor's Internet? Experts urge caution - Aug. 9, 2005
Is your wireless network secure? Or are you supplying you neighbor's with free internet access?
This thanks to JonathanM
This thanks to JonathanM
There IS Such a Thing as Jinxed Computer Users, Honest!
We techs have been saying this for years and now we have some University research to back us up.
Every one of us knows at least one user who can screw up a machine just by being in the same room. I serve several of these folks, myself. I know one guy to whom "drag and drop" equates "drag and crash", even on a Mac or a well set up XP box!
It's a short article at The Inquirer with a link to more info.
Jack
Every one of us knows at least one user who can screw up a machine just by being in the same room. I serve several of these folks, myself. I know one guy to whom "drag and drop" equates "drag and crash", even on a Mac or a well set up XP box!
It's a short article at The Inquirer with a link to more info.
Jack
Monday, August 08, 2005
Extra daylight savings may confuse the gadgets
From the "why can't we just pick a time and use it department" comes this article about the possible consequences of messing with daylight savings time.
Of course, we'd all like an extra hour of night or weekend minutes, he he.
Of course, we'd all like an extra hour of night or weekend minutes, he he.
Darl speaks, er writes and we listen, er read
"'Is SCO a company that is really focused on innovating products and technology or are you just hoping to win a lawsuit against IBM and then ride off into the sunset?' 'Isn't SCO just all about defeating Linux?' Of course we are innovating and we absolutely want to defeat Linux, just as we want to defeat any other competitor."
And so forth...
And so forth...
ID theft ring hits 50 banks, firm says | Tech News on ZDNet
ID theft ring hits 50 banks, firm says | Tech News on ZDNet: "A major identity theft ring has been discovered that affects up to 50 banks, according to Sunbelt Software, the security company that says it uncovered the operation. "
Are you protected from spyware?
Joe
Are you protected from spyware?
Joe
An XP Boot CD from BartPE
Courtesy of the LangaList. Which is a superb newsletter in my opinion.
To quote Fred: "In all, I think the latest BartPE is one of the best, if not *the* best, foundation for a CD-based repair/recovery toolkit I've seen to date. With native NTFS support, plus support for networking, file sharing, and Remote Desktop Connections, it's powerful and flexible, and yet the XP-derived interface makes it familiar and easy to use."
--MissM
To quote Fred: "In all, I think the latest BartPE is one of the best, if not *the* best, foundation for a CD-based repair/recovery toolkit I've seen to date. With native NTFS support, plus support for networking, file sharing, and Remote Desktop Connections, it's powerful and flexible, and yet the XP-derived interface makes it familiar and easy to use."
--MissM
When Pigs Wi-Fi NY times
From NY Times.
Thought this was interesting. Perhaps even a little frightening. Instant fingerprint checks.
Thought this was interesting. Perhaps even a little frightening. Instant fingerprint checks.
Microsoft Security Bulletin Advance Notification
6 Security bulletins, requires a restart, also.
Plus virii(?) coming for Vista
That didn't take long did it.....
--MissM
[Update:] MS Security has a blog, courtesy of Scoble, I found this correction of a virus for Vista.
Welcome to the Microsoft Security Response Center Blog! : A virus for Windows Vista? Wrong.
Plus virii(?) coming for Vista
That didn't take long did it.....
--MissM
[Update:] MS Security has a blog, courtesy of Scoble, I found this correction of a virus for Vista.
Welcome to the Microsoft Security Response Center Blog! : A virus for Windows Vista? Wrong.
Sunday, August 07, 2005
OnComputers Radio show Podcast 08-07-05
This is the On Computers Radio show podcast for 08-07-2005. If you prefer, you can download the same file here via ftp.
FCC Rule Allows FBI to Design Wiretap Friendly Internet Services
According to the article:
"CALEA, a law passed in the early 1990s, mandated that all telephone providers build tappability into their networks, but expressly ruled out information services like broadband. Under the new ruling from the FCC, this tappability now extends to Internet broadband providers as well.
Practically, what this means is that the government will be asking broadband providers - as well as companies that manufacture devices used for broadband communications – to build insecure backdoors into their networks, imperiling the privacy and security of citizens on the Internet. It also hobbles technical innovation by forcing companies involved in broadband to redesign their products to meet government requirements."
Read the rest of this and be appalled.
"CALEA, a law passed in the early 1990s, mandated that all telephone providers build tappability into their networks, but expressly ruled out information services like broadband. Under the new ruling from the FCC, this tappability now extends to Internet broadband providers as well.
Practically, what this means is that the government will be asking broadband providers - as well as companies that manufacture devices used for broadband communications – to build insecure backdoors into their networks, imperiling the privacy and security of citizens on the Internet. It also hobbles technical innovation by forcing companies involved in broadband to redesign their products to meet government requirements."
Read the rest of this and be appalled.
Thursday, August 04, 2005
HelpCity.com ��Coupons - Savings�����
Mr. Linguini asked me to get votes for his fanTABulous car!! Not sure how it will be listed, will repost when the survey becomes available, on Wed, 8/3/05.
Thanks!!
[UPDATE] Tony's VERY nice car!!! go vote, now!
Then, come back and click on the ads ;)
Thank you for your support,
MissM
Thanks!!
[UPDATE] Tony's VERY nice car!!! go vote, now!
Then, come back and click on the ads ;)
Thank you for your support,
MissM
Windows 64 Gains AV, Management
Microsoft Operations Manager (MOM) now runs on and can manage X64 editions of Windows Server 2003.
ESET's NOD32 version 2.5, introduces malware protection for X64 versions of Windows XP and Windows Server 2003. You can assist the On Computers Radio show by making your NOD32 X64 purchase through us by clicking here (32 bit versions also available). Proceeds help defray the considerable costs of producing the Internet radio show. (Who said the Internet is free!)
ESET's NOD32 version 2.5, introduces malware protection for X64 versions of Windows XP and Windows Server 2003. You can assist the On Computers Radio show by making your NOD32 X64 purchase through us by clicking here (32 bit versions also available). Proceeds help defray the considerable costs of producing the Internet radio show. (Who said the Internet is free!)
Tuesday, August 02, 2005
IE 7 Won't Pass Acid Test
Acid2 is a test designed and posted by the World Wide Web Consortium (W3C) to test the standards compliance of web browsers. You can see it and view details about it at their site, here.
This article at Silicon.com has a development manager at Microsoft calling the Acid2 test a "wish list" and admitting that the upcoming version 7 of IE will not pass it.
I am disappointed, to say the least.
Jack
This article at Silicon.com has a development manager at Microsoft calling the Acid2 test a "wish list" and admitting that the upcoming version 7 of IE will not pass it.
I am disappointed, to say the least.
Jack
High-tech border pass raises alarm
Courtesy of Endgadget (that makes it legal for here, I think :))
3 U.S. border crossings "will employ high-tech radio frequency technology to monitor visitors from other countries who want to enter the States from Canada – a move that alarms both a Kingston privacy expert and an immigration specialist.*snip*..... Border guards will be able to access the information electronically from 12 metres away to enable those carrying the devices to be processed more quickly.
What was it Jefferson said? Oh I found it.
"Those who desire to give up freedom in order to gain security will not have, nor do they deserve, either one."
Does this concern anybody just from a privacy perspective, not to mention other illegal activities?
--MissM
[UPDATE] Bruce Schneier weighs in on the RFID border issue here. I swear I blogged my posts before I went to Bruce's blog. (Noticing that we blogged about the same issues, though more depth in the other blog :P)
3 U.S. border crossings "will employ high-tech radio frequency technology to monitor visitors from other countries who want to enter the States from Canada – a move that alarms both a Kingston privacy expert and an immigration specialist.*snip*..... Border guards will be able to access the information electronically from 12 metres away to enable those carrying the devices to be processed more quickly.
What was it Jefferson said? Oh I found it.
"Those who desire to give up freedom in order to gain security will not have, nor do they deserve, either one."
Does this concern anybody just from a privacy perspective, not to mention other illegal activities?
--MissM
[UPDATE] Bruce Schneier weighs in on the RFID border issue here. I swear I blogged my posts before I went to Bruce's blog. (Noticing that we blogged about the same issues, though more depth in the other blog :P)
Wired News: A Hacker Games the Hotel
Courtesy of WinXPNews which is a newsletter I enjoy, is a story about DefCon in Vegas. Which is full of interesting concepts, and as I heard Leo Laporte say "do NOT have an unsecured laptop in Vegas!" . Of course, before it was over would've been a better time to post... Timing IS everything :)
So, some news from
Technorati 2409 posts
IceRocket 12 posts
Digg.com (No number that I see, but I'm caffeine deprived)
-MissM
So, some news from
Technorati 2409 posts
IceRocket 12 posts
Digg.com (No number that I see, but I'm caffeine deprived)
-MissM
Monday, August 01, 2005
Hacking the hotel through the TV | Tech News on ZDNet
Ran across this article on a travel forum I read.
Very interesting to say the least.
I hope we don't have any problems finding hotels in the future to accomodate Geek Meet after this :)
Aaron
Very interesting to say the least.
I hope we don't have any problems finding hotels in the future to accomodate Geek Meet after this :)
Aaron
The world's most powerful women
According To Forbes anyway or should I say "Yes Dear"! Sorry Missm :-). Seriously, #5 is head of eBay. Xerox is in there too. Check it out. It's from MSN so, lots of annoying ads.
Mopguy.
Mopguy.
OnComputers Podcast 07-31-05
Due to some technical problems the 2nd hour has some skips in the feed.
This is the On Computers podcast for 07-31-2005. If you prefer, you can download the same file here via ftp.
This is the On Computers podcast for 07-31-2005. If you prefer, you can download the same file here via ftp.
Wintasks 5 Pro. Overview & Review
Essentially, what WinTasks does is monitor and give the user control over all
the processes running in Windows, most of which are invisible and in the
background. In Windows XP, there's normally a minimum of 20-30 of these
processes, known as "system processes" that are essential to the normal
operation of Windows. However, some processes can "hog" system resources,
making the computer appear sluggish. But worse than that, other
unnecessary/unwanted processes can contain spyware or trojans, which is a big
reason you'd want to have the ability to monitor and control processes.
System Requirements: Windows 98, ME, 2000, or XP
10 MB free hard drive space
at least 32 MB RAM
CPU: Pentium 400 MHZ. or better
Pricing: Standard: $29.95-download, $39.95-boxed
Professional: $49.95-download, $59.95-boxed
Network Admin.: $295.95-download or boxed
(as of the time this review was written, 27 July 05)
OK, that's the basics. Now... what's a process? A process is the execution
(or operation) of a program. A process is a form of activity, while a program
is the actual machine code that the processor executes, which consists of an executable file and maybe one or more DLL files, DLL being defined as a "Dynamically Linked Library"... program code that is pulled into memory only when required by the main executable (or another DLL) and then effectively "dumped out of memory" when it's no longer needed. A process can allocate any number of resources, such as system memory, disk access, etc. The operating system is responsible for different resource allocations and therefore has the overall responsibility for the proper
operation of the computer. In otherwords, Windows supervises and controls all processes in the system.
Process Modes, Priority and Threads:
A process is in the RUNNING MODE if it is actually using the CPU. Only one process
at any given moment can be in the Running Mode (except for multi-processor machines,
which is beyond our scope of discussion here).
A process is in the READY MODE if the process is "ready" to use the CPU (actually in cache memory and ready to begin or resume execution).
A process is in BLOCKED MODE if it is anticipating any form of external action, such as waiting for user input or for a file operation to be completed, and it is of course BLOCKED from doing anything else until that external action occurs.
The operating system (Windows in this case) controls each and every process that is given access to the CPU within a reasonable time frame (about 20 ms.). In this manner, each process can be run during a short time interval before the next process is given CPU access. This actually gives the appearance of "multitasking", although technically, the CPU doesn't multitask, it just executes lots of code incredibly fast, while constantly switching from one task to the next. The CPU can "queue up" the next instruction while the current one is executing to further speed things up and save the bit of time required to fetch the next instruction. This may not seem like a really big deal, but it actually is, especially when there are are lots of processes running. In otherwords, the processor is only executing one machine instruction at a time but it also pre-fetches the next one and holds it ready so as to reduce the amount of "wait time" until that next instruction is executed. It just does this over and over and does it very very fast.
Anyway... the distribution of accessibility to the CPU is controlled by the PRIORITY of the process. A process with a higher priority would naturally gain access to the CPU before one with lower priority. In Windows 2000 and XP, there are six different priority levels: low, below normal, normal, above normal, high, and real-time. Operating system processes are the highest of priorities while application processes are lower priority.
A process can be divided into a number of sub-activities, called THREADS. Each process has at least one thread, known as the MAIN THREAD. Additional threads can be used, for examnple, to perform complex operations in the background without interfering with the program's user interface.
The Wintasks User Interface, and things you can do with WinTasks:
This is explained very well in the user manual but is really pretty straightforward and intuitive; it's really easy to use. By the way, the manual deserves a big compliment; it's well-written and is certainly more than adequate for the user to get a basic understanding of what he/she needs to know. In the main window are listed all the processes running on the computer and there is the ability to start/stop or increase/decrease priority, block (which adds it to the BLOCKED list), refresh, print, and search. There's also an UPDATE function which will go online and check for a program update as well as the latest process library updates. I definitely think that's a cool feature because as more and more software is released, and even as Microsoft issues more Windows updates, more and more processes are possible and Uniblue keeps a pretty darn good, up-to-date database of Windows and application processes.
With the PRESETS feature, you can easily save different configurations of active
programs and their relavent priority levels. You can actually change the priority level of, or completely disable an application or system process. At this point, I need to strongly emphasize that YOU NEED TO KNOW EXACTLY WHAT YOU'RE DOING AND WHY, otherwise, you can easily bring your system to a grinding halt, and possibly, under the right circumstances, trash some system files. As a general rule of thumb, any time you mess around "under the hood" of Windows (or any O.S.), there's always a chance of rendering it inoperable. Basic rule: know what you're doing and why you're doing it.
I mentioned DLL's previously, and With WinTasks, it's also possible to discover
which DLL's are used by a specific process.
With all the aforementioned features, it becomes apparent that with WinTasks, the user can determine which, if any, processes are running that shouldn't be, such as a process that may have been started by a trojan, virus, or spyware. Obviously, this is an extremely useful tool. I consider it one more tool in my arsenal to fight against this sort of thing.(There's unfortunately no one tool that can do everything and do it well.) There's definitely a learning curve that goes along with using a utility like WinTasks; the more you know about what's SUPPOSED TO HAPPEN in the normal running of Windows, the more easily you can determine any abnormalities.
WinTasks can also give you a rather detailed description of each process that it finds, thanks to Uniblue's process library.
In the Pro. version, you can view system statistics, such as real-time and average CPU and memory usage. It can also keep a log of all programs that are started and stopped on the system. This is obviously great for analysis purposes. By the way, keep in mind that there are some features available in the Pro. and Admin. versions that are not available in the Standard version, although the Standard version would be adequate for some. For details about which features are available in which version, check the website at www.liutilities.com.
(But wait... there's more.) The built-in Script Language:
With WinTasks Scripting capabilities, you can create new functions and automate the handling of processes and resources. For example, you could automatically increase the priority level of the disk defragmentation program, or stop all processes that use more than a certain percentage of memory, or stop the web browser when visiting a particular web site. Another disclaimer: The script language is a powerful feature but can be dangerous if used improperly. As with *ANY* programming language, the programmer must be sure that the logic is correct before enabling the script.
The scripting language is a high-level language (translated to: fairly easy to learn). The script language is constantly under development and will likely contain additional commands and symbols as its development progresses. The manual gives a few examples of script programming and of course, a complete list of all commands and symbols.
Now... one might ask the question "How is WinTasks better than simply pressing CTRL-ALT-DELETE and using Windows Task Manager? Task Manager will indeed allow you see what processes are running as well start/stop and set the priority for a process, and check your CPU and memory usage. But WinTasks does a lot more. I'mcertainly not belittling Task Manager; it's quite adequate for what it is. WinTasks can give you a detailed description of each task and its database of processes is periodically updated by Uniblue. And, you certainly can't do in Task Manager what you can with WinTask's Script Language; with WinTasks you can automate how Windows deals with any number of processes. I think you might consider it as "Task Manager on steroids".
My impression of WinTasks:
It's DEFINITELY a worthwhile addition to any geek's arsenal of computer tools. For an average user that only checks email, occasionally browses, plays Solitare and doesn't really know or care anything about how the computer operates, it's obviously useless, but for a computer technician or service person, or anyone who likes learning more about Windows computing, I'd absolutely recommend it.For a network administrator / I.T. person, I'd say it's not even an option, but a must-have. After hearing the interview on this show with the Uniblue rep, I was ready to purchase it but thanks to your contest, I didn't have to. However, if I hadn't won it in the contest, I'd have still spent the money for the Pro version; I really think it's that useful.
Random thoughts and shameless plugs:
(I sometimes like to share information about useful tools and utilities that
I've found...)
Another couple of utilities I've found that are rather useful are PC Magazine's FILE SNOOP and PORT SNOOP. FILE SNOOP has a Windows Explorer type of interface and allows you to view any file on your system in one of several ways and gives information about the file, what Windows resources it uses, what DLL's it depends on, etc.
PORT SNOOP is really interesting; it monitors and tracks any application using a network connection and can alert the user when there's any "unauthorized" network traffic into or out of the system. An immediate use comes to mind in that this would be a good tool to aid in tracking down spyware on a system. PC Magazine does require registration plus a small fee to download programs and utilities. If you're interested, check www.pcmag.com and look for the Utilities" link.
One other utility I recently found that I liked was the AntiLost CD Ejector. There is a free "Lite" version and a paid version (with more features)available at http://nesoft.org/antilost.shtml. This little utility sits in the system tray and upon clicking on it, will open or close your CD tray. It's useful if your CD eject button is somewhat out of reach. I'd rather rely on the CD drive's motor and gear train to retract the tray rather than physically pushing the tray inbecause it's all too easy to get in a hurry and push with a little too much force.
And that's all for now. Thanks for allowing me to share my thoughts and opinions
in this review.
John-B
the processes running in Windows, most of which are invisible and in the
background. In Windows XP, there's normally a minimum of 20-30 of these
processes, known as "system processes" that are essential to the normal
operation of Windows. However, some processes can "hog" system resources,
making the computer appear sluggish. But worse than that, other
unnecessary/unwanted processes can contain spyware or trojans, which is a big
reason you'd want to have the ability to monitor and control processes.
System Requirements: Windows 98, ME, 2000, or XP
10 MB free hard drive space
at least 32 MB RAM
CPU: Pentium 400 MHZ. or better
Pricing: Standard: $29.95-download, $39.95-boxed
Professional: $49.95-download, $59.95-boxed
Network Admin.: $295.95-download or boxed
(as of the time this review was written, 27 July 05)
OK, that's the basics. Now... what's a process? A process is the execution
(or operation) of a program. A process is a form of activity, while a program
is the actual machine code that the processor executes, which consists of an executable file and maybe one or more DLL files, DLL being defined as a "Dynamically Linked Library"... program code that is pulled into memory only when required by the main executable (or another DLL) and then effectively "dumped out of memory" when it's no longer needed. A process can allocate any number of resources, such as system memory, disk access, etc. The operating system is responsible for different resource allocations and therefore has the overall responsibility for the proper
operation of the computer. In otherwords, Windows supervises and controls all processes in the system.
Process Modes, Priority and Threads:
A process is in the RUNNING MODE if it is actually using the CPU. Only one process
at any given moment can be in the Running Mode (except for multi-processor machines,
which is beyond our scope of discussion here).
A process is in the READY MODE if the process is "ready" to use the CPU (actually in cache memory and ready to begin or resume execution).
A process is in BLOCKED MODE if it is anticipating any form of external action, such as waiting for user input or for a file operation to be completed, and it is of course BLOCKED from doing anything else until that external action occurs.
The operating system (Windows in this case) controls each and every process that is given access to the CPU within a reasonable time frame (about 20 ms.). In this manner, each process can be run during a short time interval before the next process is given CPU access. This actually gives the appearance of "multitasking", although technically, the CPU doesn't multitask, it just executes lots of code incredibly fast, while constantly switching from one task to the next. The CPU can "queue up" the next instruction while the current one is executing to further speed things up and save the bit of time required to fetch the next instruction. This may not seem like a really big deal, but it actually is, especially when there are are lots of processes running. In otherwords, the processor is only executing one machine instruction at a time but it also pre-fetches the next one and holds it ready so as to reduce the amount of "wait time" until that next instruction is executed. It just does this over and over and does it very very fast.
Anyway... the distribution of accessibility to the CPU is controlled by the PRIORITY of the process. A process with a higher priority would naturally gain access to the CPU before one with lower priority. In Windows 2000 and XP, there are six different priority levels: low, below normal, normal, above normal, high, and real-time. Operating system processes are the highest of priorities while application processes are lower priority.
A process can be divided into a number of sub-activities, called THREADS. Each process has at least one thread, known as the MAIN THREAD. Additional threads can be used, for examnple, to perform complex operations in the background without interfering with the program's user interface.
The Wintasks User Interface, and things you can do with WinTasks:
This is explained very well in the user manual but is really pretty straightforward and intuitive; it's really easy to use. By the way, the manual deserves a big compliment; it's well-written and is certainly more than adequate for the user to get a basic understanding of what he/she needs to know. In the main window are listed all the processes running on the computer and there is the ability to start/stop or increase/decrease priority, block (which adds it to the BLOCKED list), refresh, print, and search. There's also an UPDATE function which will go online and check for a program update as well as the latest process library updates. I definitely think that's a cool feature because as more and more software is released, and even as Microsoft issues more Windows updates, more and more processes are possible and Uniblue keeps a pretty darn good, up-to-date database of Windows and application processes.
With the PRESETS feature, you can easily save different configurations of active
programs and their relavent priority levels. You can actually change the priority level of, or completely disable an application or system process. At this point, I need to strongly emphasize that YOU NEED TO KNOW EXACTLY WHAT YOU'RE DOING AND WHY, otherwise, you can easily bring your system to a grinding halt, and possibly, under the right circumstances, trash some system files. As a general rule of thumb, any time you mess around "under the hood" of Windows (or any O.S.), there's always a chance of rendering it inoperable. Basic rule: know what you're doing and why you're doing it.
I mentioned DLL's previously, and With WinTasks, it's also possible to discover
which DLL's are used by a specific process.
With all the aforementioned features, it becomes apparent that with WinTasks, the user can determine which, if any, processes are running that shouldn't be, such as a process that may have been started by a trojan, virus, or spyware. Obviously, this is an extremely useful tool. I consider it one more tool in my arsenal to fight against this sort of thing.(There's unfortunately no one tool that can do everything and do it well.) There's definitely a learning curve that goes along with using a utility like WinTasks; the more you know about what's SUPPOSED TO HAPPEN in the normal running of Windows, the more easily you can determine any abnormalities.
WinTasks can also give you a rather detailed description of each process that it finds, thanks to Uniblue's process library.
In the Pro. version, you can view system statistics, such as real-time and average CPU and memory usage. It can also keep a log of all programs that are started and stopped on the system. This is obviously great for analysis purposes. By the way, keep in mind that there are some features available in the Pro. and Admin. versions that are not available in the Standard version, although the Standard version would be adequate for some. For details about which features are available in which version, check the website at www.liutilities.com.
(But wait... there's more.) The built-in Script Language:
With WinTasks Scripting capabilities, you can create new functions and automate the handling of processes and resources. For example, you could automatically increase the priority level of the disk defragmentation program, or stop all processes that use more than a certain percentage of memory, or stop the web browser when visiting a particular web site. Another disclaimer: The script language is a powerful feature but can be dangerous if used improperly. As with *ANY* programming language, the programmer must be sure that the logic is correct before enabling the script.
The scripting language is a high-level language (translated to: fairly easy to learn). The script language is constantly under development and will likely contain additional commands and symbols as its development progresses. The manual gives a few examples of script programming and of course, a complete list of all commands and symbols.
Now... one might ask the question "How is WinTasks better than simply pressing CTRL-ALT-DELETE and using Windows Task Manager? Task Manager will indeed allow you see what processes are running as well start/stop and set the priority for a process, and check your CPU and memory usage. But WinTasks does a lot more. I'mcertainly not belittling Task Manager; it's quite adequate for what it is. WinTasks can give you a detailed description of each task and its database of processes is periodically updated by Uniblue. And, you certainly can't do in Task Manager what you can with WinTask's Script Language; with WinTasks you can automate how Windows deals with any number of processes. I think you might consider it as "Task Manager on steroids".
My impression of WinTasks:
It's DEFINITELY a worthwhile addition to any geek's arsenal of computer tools. For an average user that only checks email, occasionally browses, plays Solitare and doesn't really know or care anything about how the computer operates, it's obviously useless, but for a computer technician or service person, or anyone who likes learning more about Windows computing, I'd absolutely recommend it.For a network administrator / I.T. person, I'd say it's not even an option, but a must-have. After hearing the interview on this show with the Uniblue rep, I was ready to purchase it but thanks to your contest, I didn't have to. However, if I hadn't won it in the contest, I'd have still spent the money for the Pro version; I really think it's that useful.
Random thoughts and shameless plugs:
(I sometimes like to share information about useful tools and utilities that
I've found...)
Another couple of utilities I've found that are rather useful are PC Magazine's FILE SNOOP and PORT SNOOP. FILE SNOOP has a Windows Explorer type of interface and allows you to view any file on your system in one of several ways and gives information about the file, what Windows resources it uses, what DLL's it depends on, etc.
PORT SNOOP is really interesting; it monitors and tracks any application using a network connection and can alert the user when there's any "unauthorized" network traffic into or out of the system. An immediate use comes to mind in that this would be a good tool to aid in tracking down spyware on a system. PC Magazine does require registration plus a small fee to download programs and utilities. If you're interested, check www.pcmag.com and look for the Utilities" link.
One other utility I recently found that I liked was the AntiLost CD Ejector. There is a free "Lite" version and a paid version (with more features)available at http://nesoft.org/antilost.shtml. This little utility sits in the system tray and upon clicking on it, will open or close your CD tray. It's useful if your CD eject button is somewhat out of reach. I'd rather rely on the CD drive's motor and gear train to retract the tray rather than physically pushing the tray inbecause it's all too easy to get in a hurry and push with a little too much force.
And that's all for now. Thanks for allowing me to share my thoughts and opinions
in this review.
John-B
Subscribe to:
Posts (Atom)