Friday, December 28, 2007

To learn . . .



Teachers open the door.

You enter by yourself.




- Chinese Proverb



Sunday, December 23, 2007

OnStar and General Motors: Analog service ending Jan 1st 2008

For a full explanation of what's happening, see the Edmonds article:

Telematics Digital Transition Hits Speed Bump

All links pop . . .

Summary:

Thanks to an FCC ruling in 2002 made with their endorsement, cellular-communications carriers no longer will be required to support their old analog-technology cellular networks beginning in early 2008. Any analog subscriber who still wants their telematics service to work has to get with the program and obtain the new technology somehow.

OnStar was launched in 1996 using proven analog technology and mainly Verizon Wireless networks, which had the broadest geographic coverage of the cellular-network alternatives at the time. But because Verizon is disabling its analog networks on January 1, 2008, OnStar can't ensure coverage to its subscribers who have analog systems after that date.


If you own a 2002~2005 GM vehicle with analog OnStar, you may or may not be able to get an upgrade to continue OnStar service. Most vehicles older than 2002 cannot be upgraded! Most newer than 2006 are already equipped with digital OnStar service.

If you use analog Onstar your service will stop on January 1, 2008 - worse it will devalue your used vehicle even if you don't personally subscribe to OnStar.


Details, helpful links to determine if your vehicle can be upgraded, and the dirt on the fine print.

1) Analog OnStar service will stop January 1st, 2008.

2) If your GM vehicle is newer than 2002 and is not already fitted with Digital OnStar service you might be eligible for an upgrade. Some vehicles were made up through 2004 that are not upgradable. Go write down your VIN and enter it on this secured (https) site to find out if your car can be upgraded:

https://www.myonstar.com/adt.os

3) Onstar Upgrade Information:

- OnStar Analog to Digital Transition and Upgrade Offer Among other things, you may have to subscribe for one additional year at $199/year plus a $15 fee for the upgrade. If you did not subscribe to OnStar in the last year and you get this upgrade, you will also be charged a $100 activation fee in addition to the subscription and upgrade fee.

- GM and OnStar FAQ.

4) However -- GM may be requiring upgraders to subscribe to three more years! I can't find confirmation beyond this leaked internal article: HTML Version, PDF Original. They may also be refusing to upgrade some cars that OnStar states are eligible . . .

5) Your OnStar phone number WILL change when you upgrade from analog to digital service.

6) This is for US only, Canada is not yet switching.

7) The upgrade may only be done at a GM dealership. You must pay your dealership all related fee's at the time of service.

8) The new digital service has a shorter effective range from any given cell tower to your car than the older analog service. It also has a smaller overall service area. This means that if your car breaks down, or you have an accident, in urban or remote areas that your OnStar service might not work. Subscribers within most metro areas and along most interstates should be okay.

9) Owners of older GM OnStar equipped cars may be out of luck both in terms of receiving service and because their used vehicle will be further devalued. GM's offer to give OnStar subscribers with older cars small credits towards newer vehicles is laughable. There is a lawsuit that is attempting to achieve class-action status. No idea of what that might accomplish, if anything . . . time will tell. The GM offers may well be better than the individual rewards from the lawsuit. Trouble is, there is no set guideline from GM to it's dealers on what offer to make - it will depend largely on your dealer and perhaps on what new car you buy.


Friday, December 7, 2007

If you play Eve Online - an important announcement

If you don't play Eve Online . . .



News today says that a recent update for Eve Online, the so-called Trinity patch, contains a very serious mistake/bug . . . it deletes a system critical file named BOOT.INI in the root directory of your system drive IF your boot drive is NOT on the default drive C: . . . (this is not as uncommon as some might think.)

If you have not yet rebooted since applying the Eve Online patch - DON'T reboot until after you verify that you don't have the issue, or until after you fix the problem! If you reboot without the missing file, and you don't have an alternate boot disk handy, you may be well and truly - using the correct technical jargon - f*cked.

If you meet all three of these criteria:

1) You started downloading the Eve Online upgrade from Trinity Classic Graphics Content to Premium Graphics Content BEFORE 04:00 GMT on Dec 6 2007

2) You do NOT use Vista for Eve Online (only Windows XP, Windows 2000, etc are impacted)

3) You have at least 2 hard disks or logical partitions and the OS into which Eve Online is installed resides on the second drive, NOT on drive C:

. . . Then you might need to repair your system.

Check to see if the file BOOT.INI still exists on your system drive. This is typically Drive C:, and if you meet criteria 3 above I expect you to already understand the difference between the boot drive and the system drive.

If your BOOT.INI file is missing, here are Eve's support recommendations to restore your system. http://www.eve-online.com/updates/bootinifix.asp

Good luck!

Friday, November 30, 2007

"Master, I have a big head . . . and little arms."



I'm reading much drama and angst over the new flagging feature for LJ. The LJ powers posted an update with some clarifications, but the main problem I see with the system has not been addressed -- more on that in a moment after I rant about some of their other comments.

Some clarification of their clarifications.

  • LJ sez: "As additional measures to prevent abuse of the flags, only accounts registered for over a month may use the flagging feature, and use of the flags is limited to five per user every twenty-four hours. Misuse of this sytem [sic] will result in the user's flags not counting towards the threshold for review."
That's about the only good clarification within the update. Now someone tell them to fix their spelling. Moving on . . .

  • LJ sez: "Most importantly, logged in users over 18 will not see any of the changes made by the settings of this program unless they choose to. You won't see any of the lj-cuts related to this system and your friends page will appear exactly as it always has. We feel it's important that this doesn't impact adults using LiveJournal."
However -- in your user view settings located at http://www.livejournal.com/manage/settings/ you might notice that the default setting way at the bottom of the page is "Use Moderate Filtering." So if you don't like having your content censored, and you've entered in a birthdate indicating you are over the age of 18, you should go now and "fix" that setting to "Do not filter my results."

  • LJ sez: "This system will not accept flags on friends-only content. Although a flag icon may be present on the navigational strip, if you click it while viewing friends-only content it will only give you the option to flag the journal. Friends-only content is not affected by or included in any part of this system.
How does that actually make this feature useful to concerned parents? The kids that want to hide their emo thoughts from the adults have already marked their journals friends only, so the children are well educated about how that feature works. Meanwhile the predators here are likely marking their stuff friends only and adding their targets to their own friends list and luring the kids to view their stuff. Remember folks, you add people to your list so others can see your private entries. Not the other way around. This feature seems exactly backwards to me.

  • LJ sez: "The date of birth used when you create your account is the way that your age is calculated by LiveJournal. If you did not enter a date of birth when you registered, it will default to the date on your profile (which you can enter but hide on the Edit Profile page). If a user has not entered a date of birth, the first time they click on an lj-cut generated by these systems they will be prompted to enter a date of birth. That will then be the system-recorded age (so they shouldn't have to enter it again)."
This . . . this is my main concern. For this feature to be at all worth having, there must be a way to verify the age claimed by the user. For now, any person who is under 18 years old and wants to see "Adult Content" on LJ is simply going to lie about their age.

Worse, I cannot think of anyway to verify ages that isn't draconian in nature -- and even those methods are easily spoofed. There isn't a foolproof way for websites to gather proof of anyone's age without drastic and privacy threatening measures. Credit cards? Not even. Fax paper records? Steal Dad's or Mom's ID for a few minutes. There. Is. No. Good. Way.

Greater minds than LJ can afford have been struggling with this problem for years. We still don't have a good answer.

I'm just not sure how well this plan was thought through.

Master? Master?



Sunday, November 25, 2007

Have we really become

Biloxi's recovery shows post-Katrina divide

Two years later; Many Katrina victims still have no power, but they can see their wrecked homes and FEMA trailers at night by the glare of nearby -- newly rebuilt -- casino signs.

Yet in the wrecked and darkened working-class neighborhoods just blocks from the waterfront glitter, those lights cast their colorful glare over an apocalyptic vision of empty lots and scattered trailers that is as forlorn as anywhere in Katrina's strike zone.

"At night, you can see the casino lights up in the sky," Shirley Salik, 72, a former housekeeper at one of the casinos, said this month while standing outside her FEMA camper with her two dogs. "But that's another world."


It seems shocking, but the stark realist in me accepts this disparity in our societies priorities. And that saddens me deeply.

I need to rethink MY priorities.

Wednesday, October 31, 2007

More phishing - Equifax customers alerted

Dear Equifax Customer,

We’re sorry to inform you about a recent “phishing” attack on Equifax. Phishing" or "spoofing" is an e-mail threat where fraudulent e-mails appear to be from a well-known company and ask you to provide, update or confirm certain confidential information – such as User ID or password.


This week, we detected e-mail phishing activity by fraudsters attempting to solicit sensitive personal information, including user IDs and passwords, from Equifax customers and consumers. For your protection, please know that Equifax never sends out requests for personal information via e-mail or phone.

If you received an e-mail that appears to be from Equifax and requests personal information, please do not respond and delete the e-mail immediately. If you did respond to an e-mail that appears to have been from Equifax, and you provided personal information, such as your user ID and password, please let us know by following the “Contact Us” links from www.equifax.com so we can assist you further.

As a general rule, to help safeguard your identity – we recommend that you never click anywhere within a suspected “phishing” or “spoofing” e-mail, and never hit “reply”.
At Equifax, your privacy is extremely important to us and we wanted you to know about this unfortunate situation. Your continued trust and confidence in Equifax is greatly appreciated.

Sincerely,

Your Equifax Personal Solutions team.

Saturday, October 27, 2007

I have seen the future, or, why Microsoft needs to wake up

I hate to be a party pooper the weekend that Microsoft is finally seeing a rally for their share price. But some thoughts arise about the situation, and something new in the field has crept into view - silently in the night so to speak.

First the events that sparked this round:

Microsoft announced higher than expected earnings due mostly to Halo 3, Vista and Office 2007 -- with a dash of Windows Live and other server offerings in the mix.

Just prior to the market news, we heard that Microsoft decided not to continue any appeals to their loss in the European anti-trust cases and will settle for a cash payment (which in the broad view of things is a tiny payment indeed: only 357M!) They also settled the lawsuit against them in South Korea.

So what's really driving this rally, and will it last?

I believe that investor interest has increased because of both the above events. Either taken singly may not have spiked the rally. The trouble is, as soon as the next big lawsuit comes along we'll be back into fuzzy territory and investors will once again look elsewhere, which will drive MSFT back down at worst. At best it will hover at current prices for a long period of time until that uncertainty is resolved.

Meanwhile back at the farm:

While we've been focusing on the big news about Microsoft, their battle with the EU, the states desire to renew and extend oversight from the US anti-trust case and slipping dates for Longhorn and Dynamics NAV . . . Sun has been going open source with their operating system and file technologies. That in itself is perhaps not too remarkable. What's interesting is the way a legal fight between a patent troll company named "Network Appliance" and Sun is evolving over a file system called ZFS that Sun gives away for free.

It's my belief that Sun is in the clear in this matter. They have years and volumes of prior art for the technology. The patent troll, according to some rumors, may be a shill for Microsoft (shades of SCO vs IBM/Linux) but in the end this will not matter.

The reason this is significant may be due to the way that Sun is reacting to the lawsuit. It may change the market for us forever. And if Microsoft refuses to open their eyes it may well be the turning point and endanger their future market dominance.

Sun's CEO posted a blog entry explaining the position they will take in response to the situation at http://blogs.sun.com/jonathan/entry/harvesting_from_a_troll . . .

Notice the URL which I left unchanged instead of href'd.

Key points:

1) Sun indemnifies all its customers against IP claims like this.

2) Sun protects the communities using their technologies under free software licenses. Even Apple . . . who is using ZFS in the upcoming Leopard OS X.

Those two points are unprecedented, as far as I know. If Sun succeeds in their counter-suit and defense against Network Appliance and if they indeed make good their promises to protect their customers, the market may see a change in how business is done concerning enterprise class software and services.


Saturday, October 20, 2007

Permission to speak freely



"My freedom is more important than your faith."

- Pat Condell

Thanks to fiveforfun for the heads up!

Friday, October 19, 2007

Email spam gets noisy

Stock "pump and dump" spam is migrating to audio. (Link pops)

If you see email from an unexpected sender with an attachment purporting to be elvis.mp3, ljcooldj.mp3, or "nameyourartisthere.mp3" . . . you might want to mark it as spam and delete it unheard.

Thursday, October 11, 2007

Anger and dismay over the iPhone update

Seen today on the DailyTech site (link pops . . .) -- buried in the comments:

"To me, it's like GM breaking into my garage and slashing my tires and taking a baseball bat to my windshield because I put new headers on my Vette!

Voiding my warranty? Sure. Having the company purposely destroy my property that I legally purchased just because they don't like the way I use it?

No."


I don't have an iPhone. After observing Apple's treatment and attitude towards it's paying customers I am fairly sure the temptation to own one will never cross my mind again.

Monday, October 8, 2007

Upon observing traffic today while riding a motorcycle



Anger makes you smaller,
while forgiveness forces you to grow
beyond what you were.


- Cherie Carter-Scott


Sunday, September 30, 2007

Anti-Phishing training

The music needs some work; but the information you learn through this interactive tutorial about Internet Phishing scams could save you from ID theft.

http://cups.cs.cmu.edu/antiphishing_phil/

Anti-Phishing Phil is an interactive game that teaches users how to identify phishing URLs, where to look for cues in web browsers, and how to use search engines to find legitimate sites.

Our user studies have found that user education can help prevent people from falling for phishing attacks. However, it is hard to get users to read security tutorials, and many of the available online training materials make users aware of the phishing threat but do not provide them with enough information to protect themselves.

. . .

Anti-Phishing Phil was developed by members of the CMU Usable Privacy and Security Laboratory with funding from the US National Science Foundation (Cyber Trust initiative) and ARO/CyLab.


I managed to get every answer correct. Can you?

Friday, September 28, 2007

Microsoft Excel 2007 flunks Math 101 . . .

I bet someone somewhere got really excited when their financial spreadsheet showed $34,465 over their bank statement.

Try this in your spreadsheet program:

Enter the formula =77.1 * 850 into a cell.

What you should see is the result 65,535.

If you're running Excel 2007 (and if you're reading this before the upcoming patch is released) then you may see the incorrect result 100,000 . . . More "accurately," Microsoft says the calculation is correct behind the scenes, but Excel is failing to display the solution correctly.

It appears that any formula that results in one of about 12 solutions triggers this calculation bug.

The specifics for you spreadsheet guru's may be perused at http://blogs.msdn.com/excel/archive/2007/09/25/calculation-issue-update.aspx .

Patch is coming, although it's a guess whether it will make this months patch cycle.

Edit: In spite of the above claim that the error is limited to what's displayed, if you reference the cell that display's the incorrect value in another calculation (this IS a spreadsheet after all, so duh, yes we're likely to do that) the secondary calculation will use the incorrect value too.

Windows XP availability extended to June 2008

Behind the scenes: Business customers (and many home user customers) demanded that they be allowed to purchase Windows XP Professional into the next 2008 fiscal budget year instead of being forced to "upgrade" to Vista. Why? Vista has much higher hardware requirements, raising costs for companies that simply want to run office applications. It also has (still) some severe compatibility issues with many older printers -- including some commercial grade printers like large scale plotters.

One case in point: last year a client of mine purchased a $50,000 plotter to print out architectural plans. Vista does not support it, and the printer manufacturer has not released Vista drivers.

So this week Microsoft announced that it will extend the deadline for XP sales to June of 2008. Even that may not be enough to satisfy some customers. There's pressure on MS to extend even further than that . . .

User Friendly - Vista to XP Downgrade?


Monday, September 24, 2007

In my inbox today:



Integrity without knowledge
is weak and useless,
and knowledge without integrity
is dangerous and dreadful.


- Samuel Johnson


Thursday, September 6, 2007

The Death of Net Neutrality?



http://www.businessweek.com/ap/financialnews/D8RG2JAG0.htm

"The Justice Department on Thursday said Internet service providers should be allowed to charge a fee for priority Web traffic.

The agency told the Federal Communications Commission, which is reviewing high-speed Internet practices, that it is opposed to "Net neutrality," the principle that all Internet sites should be equally accessible to any Web user.

Several phone and cable companies, such as AT&T Inc., Verizon Communications Inc. and Comcast Corp., have previously said they want the option to charge some users more money for loading certain content or Web sites faster than others.
"

Not happy about this development. Not happy at all.

More info: http://www.savetheinternet.com/

Friday, August 24, 2007

Office usage hints for the regular user

I have to give a shout out to this column because it's so darn clear and well written that . . . well, I have to.

This is for you and for my clients that see my blog.

Hate reading manuals? Want some concise hints in plain English with a blunt attitude on how to use some of the more useful but hard to understand features in Microsoft Office? Then you need to check out Crabby Office Lady's help column. (Link pops.)

I have the understanding that she started this without approval from her upper management, (they were out of town that week) but the initial feedback from readers was so overwhelmingly positive that they decided to let her write more . . . and eventually they gave her space on the official Office site.

We so need more open and frank information like this from Microsoft on their other products.

Seriously, go check it out already, what are you still doing here? :)


Tuesday, August 7, 2007

Ethanol is the new "pork"

Ethanol is a false promise.

It's not sustainable in the US, and in fact ethanol likely won't decrease our dependency on foreign oil by any level that's meaningful. It doesn't appear that it will get better either, as recent energy reports from our leaders in the field concerning ethanol are confused, if not outright lies to placate the voting public.

"Interestingly, the RFA's page on industry statistics shows that ethanol production in 2006 was 4.86 billion gallons. This is 116 million barrels. Somehow using 116 million barrels of ethanol, with a per barrel BTU value of just over half that of a barrel of oil, displaced 170 million barrels of oil. To be precise, 116 million barrels of ethanol contain the BTU equivalent of 64 million barrels of oil."



(Links open in new tab or window.)

Saturday, August 4, 2007

Risk taking



If you don't risk anything
you risk even more.


- Erica Jong

Another MP3 eating worm strikes

It's not the first, but it's the latest spreading infection to go after your media files. When it strikes it deletes every MP3 file it can find on your hard and removable drives.

The W32.Deletemusic worm spreads via Autoplay, a function in Windows that starts up a designated program when you insert removable media such as a CDROM or USB drive.

The best prevention is to turn off Autoplay. I've often wished that the Autoplay feature was turned off by default in Windows, it would also be nice if there was an easy way to turn it off somewhere in the user settings . . . but it's a tad more complicated.

Autoplay is not really needed anyway, it's annoying when you insert a CD that you just want to browse, and it's been the vector for virii several times in the past. Just remember that if you turn it off, and you insert a CD from which you want to install something, you will need to browse to that CD and find the Setup program manually instead of waiting for the Autoplay setup to start automatically. I like having to start setup manually better anyway, gives me more control over my system.


To turn Autoplay off, find the heading for your operating system below.


Windows XP Home

1) Create a new TXT file and open it in Notepad.

2) Paste the code below into your new text file.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000B5


3) Save the file, close it in Notepad, and rename the file to end in the ".reg" extension.

4) Double click the REG file to import the setting into your registry. Click OK when it asks if this is something you want to do . . .

5) Reboot and done for Windows XP Home.


Windows XP Professional

1) Click Start, Run and enter GPEDIT.MSC

2) Go to Computer Configuration, Administrative Templates, System.

3) Locate the entry for "Turn Off Autoplay" and Enable it for All Drives.

4) Close the Policy Editor and reboot . . . done for Windows XP Professional!


Windows Vista

1) Create a new TXT file and open it in Notepad.

2) Paste the code below into your new text file.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000FF


3) Save the file, close it in Notepad, and rename the file to end in the ".reg" extension.

4) Double click the REG file to import the setting into your registry. Click OK when it asks if this is something you want to do . . .

5) Reboot and done for Windows Vista!

Wednesday, July 25, 2007

Got Alarm?

If you have an alarm system for your home or business, and it uses wireless analog to communicate with the dispatcher, you may want to contact your alarm vender soon.

AMPS (analog mobile phone system) has been around since the early 1980's. It forwards intrusion, fire or medical alerts to your monitoring company, who then dispatch an appropriate response. It may be the primary comm system for your alarm, or it could be the backup method - used if an intruder cuts the phone cable to your building.

There are over 26 million installations using AMPS in the US.

On Feb 18, 2008 AMPS will be cut off because our national phone providers think running the analog system is too expensive. They successfully lobbied the FCC to allow them to stop providing analog service.

There is a replacement system, based on modern digital systems. Most alarm systems should be upgradeable. But the timeline to get that upgrade is fairly short.

More info:
http://www.alarm.org/pressreleases/2007/pr072507_amps.htm

Tuesday, July 24, 2007

Note to self: it's the battery stupid!

Two weeks ago my Vulcan crapped out 320 miles from home on the return leg from a PGR mission in Utah. One moment I was cruising along at 75 mph, the next my engine went completely dead. No lights, no dash, no starter.

Yanked in the clutch and coasted to a stop on the shoulder.


Tried to start it again . . . no power. Nada. Wait for 20 minutes, turn the key, the dash lights up -- but when I press the starter a funny sound from deep inside goes "clunk" and everything dies. 45 seconds later the dash comes back to life all by itself. Repeat, rinse, same result.

Two bikers stopped to lend assistance. We mucked around with wires, connectors, checked the safety interlock switches (all three of them - clutch, stand and upright detector).

One of us had a small multimeter in the pack. Battery showed 12.8 volts - about optimal according to my manual. No shorts, no opens anywhere on the circuit.

End up waiting at a small town named Silt, CO for my partner to arrive with the trailer -- a 4.5 hour drive. We load it up and go home.

IN the garage I start tracing things out with my Fluke. Started at the alternator (thinking it had fried), checked the regulator/rectifiers, and ended up checking darn near every wire, cable, component, switch, relay and fuse on the system. Everything checked out.

Battery gets a fresh charge, try again - same symptom as above.

I finally decided to spring for a new battery . . . filled it up, charged it last night and . . . everything works! Charging circuit is fine, I am getting 12.8 volts on the new battery at rest, and it's charging fine at 14.1 volts @ 1800 rpm and up.

Funny thing, the old battery still shows 12.8 volts right now, but it's definitely gone bad. And on this Vulcan Classic Fi - it killed the bike even while running. Odd that.

Thursday, July 19, 2007

Firefox 2.0.0.5 released

Most Firefox users will see a prompt to auto-update sometime over the next few days, or you can get it now.

http://www.mozilla.com/en-US/firefox/2.0.0.5/releasenotes/

Among other fixes, this release patches the "Remote code execution by launching Firefox from Internet Explorer" bug that I wrote about last week.

Perhaps this is where I'm going wrong?



Dwell as near as possible
to the channel in which your life flows.


- Henry David Thoreau

Thursday, July 12, 2007

Adobe Flash Player critical vulnerabilities



For Mac, Windows and Linux users:

Adobe has announced the release of three critical patches for Flash Player, a plug-in used by your browser to display Flash content.

You can visit the Adobe Flash page to get updated. If you use more than one browser (IE, Firefox, Opera, Safari etc) you should repeat the process for each browser.

Details about the fixes at:
http://www.adobe.com/support/security/bulletins/apsb07-12.html

Patch or upgrade your browser at:
http://www.adobe.com/go/getflashplayer/

If you cannot upgrade to version 9.x (certain older systems), Adobe has also released these patches for version 7.x at:
http://kb.adobe.com/selfservice/viewContent.do?externalId=d9c2fe33&sliceId=1

"Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities. Users are recommended to update to the most current version of Flash Player available for their platform.

Adobe categorizes this as a critical issue and recommends affected users upgrade to version 9.0.47.0 (Win, Mac, Solaris) or 9.0.48.0 (Linux)."





Also - a reminder that Microsoft released several critical patches for their operating systems and Office last Tuesday. You know what to do if you don't use auto-updates.

Wednesday, July 11, 2007

Cross-Browser Command Injection Vulnerability

How many Firefox users disable, remove or entirely stop using IE once they install Firefox?

A new vulnerability has been discovered that allows IE to call Firefox and pass parameters that could compromise a users system and allow a remote attacker to take complete control over your computer. As of this writing, there is no official fix from either Microsoft nor the Mozilla group. After an initial flurry of finger pointing, this looks to be the fault of BOTH organizations: IE for not validating calls to external URI's, and Firefox for using a registered handler method that is outdated and known to be insecure.

If you have Firefox installed, then you are probably safe if you only use Firefox and if you set Firefox to be your default browser. You can also de-register the handler that IE uses to call Firefox.

If you don't have Firefox installed, you are immune to this particular attack.



Standard warnings and disclaimers apply if you edit your registry manually! Do so at your own risk. If you are not comfortable with the process, then wait for an official patch and browse cautiously.

Find and backup (export), then delete the FirefoxURL "command" reg key and it's default value at:
[HKEY_CLASSES_ROOT\FirefoxURL\shell\open\command]

The default value will look something like (depending on your Firefox install location):
@="C:\\PROGRA~1\\MOZILL~1\\FIREFOX.EXE -url \"%1\" -requestPending"

Reboot . . .

Note that if you update Firefox this reg key may be re-written - which is fine if that update includes a future as-yet-to-be-released patch for this problem.

Details about the vulnerability may be found at:

http://larholm.com/2007/07/10/internet-explorer-0day-exploit/
(Including a "safe" test to see if you are vulnerable - good to use after you implement the reg-key workaround above.)

http://secunia.com/advisories/25984/

http://news.com.com/8301-10784_3-9741435-7.html

Edit: Workaround no longer needed. Get patched instead with the new version of Firefox: http://www.mozilla.com/en-US/firefox/2.0.0.5/releasenotes/

Tuesday, July 10, 2007

Open Source cell phone arrives

Why I don't care about the iPhone . . .

A direct comparison between the iPhone and the OpenMoko Neo 1973.

Get one.

SDK and Developers Info.

(Links open in new tab or window)

This new device is first revision, and it's missing a few features, but the concept rocks. Look to the next version to fill in the missing pieces and enter the mass market.



Edit: Did I mention this is carrier agnostic? And Quad-Band?

Tuesday, July 3, 2007

You thought you were free . . .

The following is a slight rewrite of a small portion of the book "They Thought They Were Free, The Germans, 1933-45" by Milton Mayer.

My apologies to the original author and publisher for mangling Mr. Mayer's prose.



"What no one seemed to notice," said a colleague of mine, "was the ever widening gap, after 2007, between the government and the people. Just think how very wide this gap was to begin with, here in the United States. And it became always wider. You know, it doesn’t make people close to their government to be told that this is a people’s government, a true democracy, or to be enrolled in the National Guard, or even to vote.



"What happened here was the gradual habituation of the people, little by little, to being governed by surprise; to receiving decisions deliberated in secret; to believing that the situation was so complicated that the government had to act on information which the people could not understand, or so dangerous that, even if the people could not understand it, it could not be released because of national security. And their sense of identification with Bush and Cheney, their trust in them, made it easier to widen this gap and reassured those who would otherwise have worried about it.

"This separation of government from people, this widening of the gap, took place so gradually and so insensibly, each step disguised (perhaps not even intentionally) as a temporary emergency measure or associated with true patriotic allegiance or with real social purposes. And all the crises and reforms (real reforms, too) so occupied the people that they did not see the slow motion underneath, of the whole process of government growing remoter and remoter.

. . .

"But your friends are fewer now. Some have drifted off somewhere or submerged themselves in their work. You no longer see as many as you did at meetings or gatherings. Informal groups become smaller; attendance drops off in little organizations, and the organizations themselves wither. Now, in small gatherings of your oldest friends, you feel that you are talking to yourselves, that you are isolated from the reality of things. This weakens your confidence still further and serves as a further deterrent to — to what? It is clearer all the time that, if you are going to do anything, you must make an occasion to do it, and then you are obviously a troublemaker. So you wait, and you wait.

"But the one great shocking occasion, when tens or hundreds or thousands will join with you, never comes. That’s the difficulty. If the last and worst act of the whole regime had come immediately after the first and smallest, thousands, yes, millions would have been sufficiently shocked - if, let us say, the illegal suspension of presidential term limits in 2008 had come immediately after the Twin Towers attack in 2001. But of course this isn’t the way it happens. In between come all the hundreds of little steps, some of them imperceptible, each of them preparing you not to be shocked by the next. Step C is not so much worse than Step B, and, if you did not make a stand at Step B, why should you at Step C? And so on to Step D.

"And one day, too late, your principles, if you were ever sensible of them, all rush in upon you. The burden of self-deception has grown too heavy, and some minor incident, in my case my little boy, hardly more than a baby, saying ‘Muslim swine,’ collapses it all at once, and you see that everything, everything, has changed and changed completely under your nose. The world you live in — your nation, your people — is not the world you were born in at all. The forms are all there, all untouched, all reassuring, the houses, the shops, the jobs, the mealtimes, the visits, the concerts, the cinema, the holidays. But the spirit, which you never noticed because you made the lifelong mistake of identifying it with the forms, is changed. Now you live in a world of hate and fear, and the people who hate and fear do not even know it themselves; when everyone is transformed, no one is transformed. Now you live in a system which rules without responsibility even to God. The system itself could not have intended this in the beginning, but in order to sustain itself it was compelled to go all the way.

"You have gone almost all the way yourself. Life is a continuing process, a flow, not a succession of acts and events at all. It has flowed to a new level, carrying you with it, without any effort on your part. On this new level you live, you have been living more comfortably every day, with new morals, new principles. You have accepted things you would not have accepted five years ago, a year ago, things that your father could not have imagined.

"Suddenly it all comes down, all at once. You see what you are, what you have done, or, more accurately, what you haven’t done (for that was all that was required of most of us: that we do nothing). You remember those early meetings of your department in the university when, if one had stood, others would have stood, perhaps, but no one stood. A small matter, a matter of hiring this man or that, and you hired this one rather than that. You remember everything now, and your heart breaks. Too late.

"You are compromised beyond repair."


Friday, June 29, 2007

More spam

Be alert for email claiming to be an e-card or online card.

Three managed email servers that I run just got spiked with hundreds of these in the last hour.

Variants of the subject line include:

You've received a postcard from a family member!
You've received a postcard from a friend!
You've received a postcard from your wife [/husband /spouse]!

And as states in his post about the topic:

This is how "zombie" systems are created. With a solid zombie PC network under their control, professional spammers can send out those millions of canadian drugstore/viagra/penis enlargement e-mails you get daily.

There's always a temptation to open a suspected attachment when you've got good virus scanning software installed. DON'T!!!:

Perhaps the most dangerous part is that, when SANS ran it through 30 different anti-virus programs, only a quarter of them picked up ecard.exe as a suspect download.

The goal of the virus programmer is to come with stuff that commercial virus scanners aren't aware of.

Just. Don't. Open. It.

Phishing / spoofed emails purporting to be from Microsoft

According to several sources around the Internet we've seen a dramatic rise this month in phishing emails claiming to be from microsoft.com. The gist of the scam is that a critical update for Outlook, Windows or some other Microsoft application is available and should be installed immediately. Reports state that some of these emails contain an attachment - the supposed fix - while others state that the email contains links to downloadable content.

These links or attachments are not real fixes, but instead are (typically) trojans designed to turn your computer into a botnet slave.

Worse, these spoofed emails often address you by name, which makes them harder to distinguish from the real thing. That also means they may originate from an infected computer of someone you know, and that person has your contact information.

You might have heard that Microsoft never sends out email about current or upcoming critical hotfixes. This is not the case, which unfortunately makes the phishing attempts easier to conduct.

Here are the facts:

1) Microsoft does send out email alerts, but only for those people that opt-in to receive such reports via Security, Technet, MSDN or Partners at microsoft.com. Each security email that Microsoft sends is signed with a certificate or PGP key (although it's up to the user to verify the key.)

2) Such emails NEVER contain executable attachments of any kind. Nor do they contain links that directly download installable patches.

3) The emails usually contain links to online reports hosted on microsoft.com about the vulnerability or bug in question.

What you should do:

If you know you've never signed up for such email notifications, delete any such unexpected emails you receive -- don't click attachments or links within them. Even better zap them before opening or reading them.

Whether or not you remember signing up for these email updates from Microsoft you should treat any email with caution. It's my recommendation that you not click links in such emails, but instead visit the official update.microsoft.com site to see what updates are available. From there you may also visit the reports or knowledge base articles about the updates.

Administrators for multiple systems should already know where to go to read about patch details for various operating systems and application groups.

Links embedded in this entry open in a new window or tab.

Wednesday, June 27, 2007

Ms. T.

Cats have a language all their own. Ms. T. had several ways of telling us what was on her mind.

The following is a short list that she taught us:

Merroowwww: "It's dinner time, and I'm starving, get busy already!" (Even though there was generally still some food in her bowl from lunch.)

Merl?: "Can I come up onto your lap? I know you're busy with the shiny screen, but I want up."

Mew! with head butting: "I need to be pet, brushed and loved. NOW!"

Silent look with slitted eyes: "I like you. A lot. Keep up the petting." (Note: this works in reverse - most cats respond favorably and will come to you when you slit your eyes at them without blinking.)

Matph!: "There's a spider in the kitchen, come take it away. I"M not touching it."

MerROW?: "Where are you?" (Repeated until we went to her -- or until she found us.)

Chi-i-i-i-rrruppur-r-r-r-r: "Absolutely contented with life, ahh yes, right there below my chin."

M-e-e-a-a-p??: "Can I please have another kitty cookie?" Alternately: "More catnip please?" (Sounds like a broken meow with spaces.)



I met Ms. T. a little over 10 years ago. She came as part of a package deal along with my soul mate. As I understand events, Ms. T showed up on a certain doorstep the day my partner moved into a new apartment. She had been abandoned by the previous occupant. My partner took her to a vet, who informed her that she had a very healthy 1+ year old cat. A few shots and a spaying later she was taken back home and began a journey across 16 years of life with my partner - 10 of which were shared with me.

I got used to having her on my lap while at the computer. She was very polite about it, would keep off the keyboard (mostly) and was content to snuggle into me for hours while I worked.

Last Friday she began having problems walking up and down the stairs. Saturday saw some improvement in mobility but she stopped eating. Sunday evening she started to slide downhill fast. Monday morning at 2:30 she woke us up crying under the bed. She was unable to walk, and could not understand why her back legs would not support her weight. Her body was already cooler than normal. All morning we kept her warm, gave her water via bottle and tried to make her comfortable. We had planned to take her to a Vet later that morning, but she didn't make it that long. I am not sure it would have made any difference anyway.

It feels odd blogging without her on my lap. I never thought it would be this hard to lose her. I've lost several pets over the years, but this seems far harder than those previous losses.

She was special. She was dearly loved as a part of our family.

The last thing she said early Monday morning to us was "MerROW?" She died in my arms shortly after . . .

Monday, June 25, 2007

In memory



. . . of Ms. T. April 15, 1990 to June 25, 2007.






Thursday, June 21, 2007

The CPU war just escalated

The press release from NVidia reads NVIDIA® Tesla™ GPU Computing Processor Ushers In the Era of Personal Supercomputing. NVidia (so far) very carefully fails to mention any hint that their new Tesla branded GPU could possibly be a future competitor to AMD, Intel, or IBM's PowerPC CPU lines.

After all, it's a Graphics Processor Unit, right?

I don't think so. I think the CPU market just entered a revolutionary battle unlike any we have seen in the past. If the claims are true (and they seem to be verified by several leading research centers, see links from the press release) then this is more than an incremental improvement -- it's a major jump in processing technology available this coming August that surpasses anything Intel or AMD has announced into the next two years.

Here's a hint: MRI (Magnetic Resonance Imaging) processing speeds increased on Tesla from 245 to 415 times previous speeds over CPU or older GPU based computing solutions. There's more, but you can read the details yourself over on the NVidia site. (links pop) Performance increases are so good that in many cases scientific computing that took weeks and a cluster of machines can now be done in days or hours on a single machine.

My feeling is that this is NVidia's shot across the bow of the entrenched CPU market leaders. They may not remove the misleading "GPU" designation for a while yet, but make no mistake: this technology has the potential to completely change what we consider a "Desktop PC." And it's about time!

And they've done it right: the first generation of Tesla can be installed onto almost any existing PC with a modern PCI express bus. They've released a free API. There are several open source simulations that you can immediately download. The entry barriers (other than price, tba) are very low.

We moved from slide rules to programmable calculators and were amazed at the changes to our lives. Then we moved to the personal computer -- that box sitting under or near your desk today contains more power than most supercomputers built 12 years ago.

It's time for a jump in processing power to the next order of magnitude.

Saturday, June 2, 2007

Raccoon update

Mom-coon made it back twice last night and retrieved two of her young - both of the females. I sat near our kitchen window in the dark until 4 AM and saw her make the snatch both times. Her new nest must be some distance away, as it took her about 90 minutes round trip. I surmise that she spent the rest of the night foraging since the male baby was still there this morning.

Everything I found via Google indicated that if we could keep him warm, hydrated and fed for the day she may very well retrieve him tonight. According to the sources she won't try during daylight.

So my partner and I made the trip out to a local pet store and found something called Kitten Milk Replacement. Normal cows milk has lactose, which does not agree with young raccoon tummies. He's taken two feedings so far, and seems to like the stuff.

Nyum nyum

Tonight I will set him back by the tree and see if his mother will come get him. If not, we'll take a trip to Boulder on Sunday to deliver him to professionals.

If anyone is interested, here are the links I've been using as sources today:
http://www.nancycarolwillis.com/pages/faq.html#raccoons
http://www.mnsi.net/~remocoon/babies.htm

Edit - 12:30 AM June 3rd: I think we were successful at re-uniting him with his mother tonight. I missed the snatch, but he was gone as of 12:20 AM. Funny how one can become so attached to something for which one gave care - even as short a time as it was.

Fair hunting little brother. Perhaps someday you will cross my yard at night while I stand outside for air and you will -- for a moment -- gaze back and wonder. But I really hope you scoot your butt into the shadows and play it safe.

Abandoned coon babies

Nothing like a nice romantic fire to warm up an unseasonably cool spring evening. Arrange the tinder, get the match lit . . . and frantically put it out when one hears sudden cries of panic and mad scrabbling from the flu. A few minutes of dusty investigation revealed a family of raccoons living in the chimney. Mom grabbed one of the young ones and lit out for parts unknown . . . and never returned.

Called animal control -- in this town they don't deal with coons. Suggested we call a pest control company. Called two and they can't make it out until Monday. Asked them what would happen to the babes and were told they would be euthanized.

Bleah . . .

After some creative engineering, much sneezing and a twisted back I extracted three more young coons. They can't walk, much. So cute you want to pet them - but I know better. Two females and a male.

The male coon babe.

Went to the hardware store for wire mesh and blocked off the chimneys (both of them, just in case mom-coon got any ideas about an easy move.)

Placed the three baby coons into a bucket with a towel and set them at the base of the one and only tree close enough to the house where mom-coon would most likely access our roof and chimneys.

That was four hours ago and the poor things are still there. Hungry and cold.

So now what? Anyone know the best method of reuniting the kids with mom? Any suggestions would be welcome!



Leave me alone, I'm napping!

Three coons in a bucket, now what?

Tuesday, May 29, 2007

Critical Security Quicktime flaw in Mac OS X and Windows PC's



Apple released another critical patch this week for users of QuickTime. It fixes two serious vulnerabilities that could result in malicious code execution or private information disclosure to the attacker.

More info and the download on Apple's site at http://docs.info.apple.com/article.html?artnum=305531


Off topic backyard pics

Last fall I planted some bulbs and pruned the roses down to the ground in my garden along the back fence. I can't believe how much the greenery improved from all the abuse . . .

Here are some pics I shot of it early this morning.

Each thumbnail links to a medium resolution version around 350K give or take. Links pop a new tab or window. If you want large resolutions let me know . . . I might be talked into it. [grin]







Monday, May 21, 2007

Ouch, the irony of the aQuantive / MSFT deal



One of the dirty secrets of the malware industry is the identity of those that pay good money - BIG money - for all those pop-up ads. The delivery method for so many unwanted in-your-face targeted ads is via what we in the security industry refer to as "Adware" . . . or the more politically correct term "Malware."

180Solutions, WhenU, Gator, and several others play this game (or played - a couple claim to have gone mostly "clean" during this last year) by infecting computers with unwanted software that forces targeted ads on end-users based on a profile built by monitoring browsing habits. It's really sticky when someone gets infected with several competing malware applets and that nice high powered computer slows down to pre-i486 speeds.

It's so bad that a new industry focused on preventing and cleaning up malware has sprung into existence during the last few years, bringing us bandages like AdAware, Spybot, Spyware Doctor, Spysweeper, CounterSpy . . . and Windows Defender aka Windows Live protection services. Yeah, that Windows. From Microsoft. Remember that as I continue this rant.

Who orders those pop-up ads and funds malware companies?

Among several of the really big players that fund intrusive malware based advertising, aQuantive stands out in my mind after Fridays news that Microsoft is buying them for Six. Billion. Dollars. An overpriced desperate gesture on Ballmer's part in the face of Google's recent acquisition of DoubleClick (another source of funds for those malware applets.)

Want some eye popping proof? Check the hits from this Google search.

For an overview of money flow in malware based online advertising, check out Benjamin Edelman's article Intermediaries' Role in the Spyware Mess It's an older article, but still relevant today.

The links above will open in a new tab or window.

Saturday, May 19, 2007

Thursday, May 17, 2007

AMD versus Intel - some insight on the future




An excellent update by Tom Yager at InfoWorld: Intel FUD versus AMD fact

"In assessing these facts, three ancient axioms come to mind: Nice guys finish last, slow and steady wins the race, and haste makes waste. I’ll let you plug these in as the story unfolds.

[ . . . ]

At the CTO Summit, AMD laid out a fully finished 300mm wafer to touch and photograph, and we were shown specifics on the fab rollout schedule for AMD’s 45nm process. We got an advance look at new AMD/ATI chip-set technology as well, along with a completely new and radical AMD CPU, the nondisclosures on which lift this month. AMD is not running behind Intel. It is simply not practicing reactive engineering, and if you pay attention, you’ll see that AMD’s take on 45nm process, 300mm wafers, desktop chip sets, and dual-core mobile architecture are more than mere snapshots of the marketed leading edge, which is a coat of gloss on the present. AMD, through its partnership with IBM, defines the leading edge. Watch.
"

This makes me suspect AMD has a very pleasant surprise in store for consumers near the end of this year, if not sooner. If nothing else, I love the fact that close competition in the CPU market will continue - it's a win for us in both performance and price.

Watch for details by the end of May or early June.

Monday, May 14, 2007

Quicktime (Mac and PC) and WinZip (PC) flaws now being exploited



Vulnerabilities in two more popular programs were discovered a few months ago, but until now there wasn't much concern since no one was apparently exploiting them. That changed last week.

Apple has updates for QuickTime. "Available for: QuickTime 7.1.3 on Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.8, Mac OS X Server v10.4.8, Windows XP/2000."

WinZip for PC is more complex: If you use any version of WinZip prior to version 10, or you are already on version 11.1 - then you are safe from the current exploit. If you are using the first public release of version 10, there is a free (it had better be!) patch available now at their site.


Friday, May 11, 2007

FACTA may need to be updated



FACTA, or the US "Fair and Accurate Credit Transaction Act" aka the shredding law may need a major update soon.

Looks like shredding is no longer going to be a realistic method of destroying documents. May I suggest . . . an incinerator.

"It's been years in the making, but finally software designed to electronically piece together some 45 million shredded documents from the East German secret police went into service in Berlin on Wednesday. Now, a puzzle that would take 30 diligent Germans 600 to 800 years to finish by hand, according to one estimate, might be solved by computer in seven."


Orwell called it "DoubleThink"



In his novel, "1984" George Orwell coined the act of naming a negative law or rule with a positive sounding moniker "doublethink."

HBO Exec: Don't Call It DRM


Wednesday, May 9, 2007

Meme gone bad, very bad . . .



Thanks to for the tip, in a post today about the LJ Mojo meme.


"Remember that LJ Mojo meme that was going around the net like a bad plague? Well, some joker whose LJ name doesn't deserve the attention has cracked the site and replaced the pics with one that is extremely NSFW and rather gross at that, such that if somebody is reading back in your journal and runs across that, they get a very nasty surprise."

If any of you posted that meme, might want to go find it in your history and edit those entries.

Edit: has more info. Looks less like a hacking job and more like a deliberate switch by the meme's author - with the added bonus of making public the participants dating claims.


Google suggestions are misogynistic



Try this search (assuming Goggle has not yet fixed the issue.)

http://www.google.com/search?hl=en&q=she+invented

Credit to about a thousand other blogs and Digg for highlighting this issue in the last 24 hours.

Do our language usage patterns counter our mission to bring balance to our society?

Edit:

Compare the above with other Google searches, such as:


she creates
she built
she composed
she studied

They all elicit a prompt similar to "Did you mean: he studied

How many more can you find? :(


Early morning thoughts




Keep away from people
who try to belittle your ambitions.
Small people always do that,
but the really great make you feel
that you, too, can become great.


- Mark Twain


Friday, May 4, 2007

Creative Soundcards - rant

Creative may never see another dollar from me again. I own(ed) an Audigy Sound card.

From the beginning my experience with that card was mixed. Hardware acceleration was awesome, when the card didn't crash. And it wasn't only me . . . but it took more than a year after I bought the card before Creative finally released a driver update that fixed the random crash. X-Fi owners faced similar, if not worse, problems.

Now comes Vista. Which was released in usable (from a Developers point of view at least) Beta form darn near a year before it's release to all major hardware venders/manufacturers. Creative totally dropped the ball, they did not have Vista drivers available at release. Today they still don't - unless you have one of their X-Fi cards.

To be sure, it's not all Creative's fault. Microsoft pulled the rug out from under them with a totally new way to address sound card DSP chips. But Creative had a year to get ready.

So now the final nail in the coffin: Creative just announced that they have begun working on a Audigy series Vista driver. And hidden in the announcement is this key phase: " . . . hope to offer this product as a low-cost upgrade." So - is that a typo? An accident from someone that failed to get the right proof-reading from marketing?


Here is the complete announcement as it appeared originally:

"When we released the first beta of ALchemy for X-Fi, we hoped customers would appreciate our efforts. Within only a few months, the response from users and the press has been overwhelmingly positive. Many of our customers have asked if we could adapt ALchemy to Audigy series sound cards. The X-Fi and Audigy series sound cards are built on different hardware architectures, and therefore require separate development efforts. However, based on the requests to date, we are pleased to announce that we have begun development of an implementation of ALchemy for Audigy series sound cards, and hope to offer this product as a low-cost upgrade to interested Audigy owners later this year."

The Trojan that might get even the paranoid user's CC number



Symantec has the skinny on a new Trojan that is just now beginning to make the rounds in the wild. It's not yet widespread, but be prepared just in case you run into it.

"Recently we came across an interesting Trojan sample, detected by Symantec as Trojan.Kardphisher. The Trojan is not very technical - it's really just another classic social-engineering attack. What makes it interesting is that the author has obviously taken great pains to make it appear legitimate."




The Trojan presents screens on boot up that state you need to re-activate Windows. The twist is that during the process it asks the user for their CC information.


The screenshots in question look very much like the original Windows Activation screens, same theme, color, logos, etc. Even the "engrish" which is generally a dead giveaway is fairly polished. Worse, if you refuse to cooperate the Trojan shuts down your system immediately - a tactic that is also used by Microsoft when Windows Genuine Advantage thinks you stole their system. The next time you power-up, you are again given the fake option to re-activate your Windows installation - complete with the request for your CC info.

Fake Windows Activation Trojan


Arm yourselves and your computer-challenged family members with this simple reminder:

The real activation process from Microsoft will NOT ask for your Credit Card. Nor will their support staff.

I'm half expecting the next step from Trojan authors using this tactic to include an 800 number purporting to be for Microsoft Support but that will connect you to some mafia-run phone center. There they would -- in theory -- collect even more personal information with which they could steal your entire identity.

Wednesday, May 2, 2007

New phishing attack method - dial * 72



This simply amazes me. It's not the method (see below) but the fact that people actually fall for this. I guess I should not be surprised -- even after multiple warnings people still open junk email with attachments from unknown senders -- which exposes them to keylogging trojans or worse.

SecureWorks posted the details, partially copied below: (I changed the phone number.)

"The victim receives an email from the phisher telling them that their bank needs to verify their phone number immediately. If they do not confirm their phone number their account will be suspended. The instructions are as follows:




Step 1- Go to your phone and Dial *72
Step 2- Dial 7075551212 (XYZ Bank Secure Line)
Step 3- Your phone is confirmed.

You will receive a call from us in 1 h for final verification!

If you have confirmed your phone, you can continue the update process:





By calling these phone numbers, the bank customer is actually forwarding their calls to the phisher's number. The calls will continue to be forwarded until the victim notices they are not getting any calls.

After the victim confirms their phone number, they are asked to update their personal info, social security number, bank account number, credit card number, etc.

If the bank customer cooperates, then the phisher has all of the banking and personal information needed to begin making fraudulent transactions on the victim's bank account. If the customer's bank calls them to query an odd transaction during the period that their calls are being forwarded, the phisher will receive the calls and confirm that the fraudulent transaction is legitimate."



Tuesday, May 1, 2007

Critical exploitable bugs in Trillian and WinAmp

Two separate bugs, both being exploited.

Trillian has released an update to fix things up. Get it here:
http://www.ceruleanstudios.com/downloads/

No fix for WinAmp yet, best advice is don't open untrusted MP4 files. MP3's are safe.

More info about these bugs at

Trillian: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=522

WinAmp: http://secunia.com/advisories/25089/

Sunday, April 29, 2007

Don't break that Compact Fluorescent Light Bulb!



More grumbling about CFL's after my last mini-rant.

"Bridges had the misfortune of breaking a CFL during installation in her daughter's bedroom: It dropped and shattered on the carpeted floor.

[ . . . ]

The DEP sent a specialist to Bridges' house to test for mercury contamination. The specialist found mercury levels in the bedroom in excess of six times the state's "safe" level for mercury contamination of 300 billionths of a gram per cubic meter. The DEP specialist recommended that Bridges call an environmental cleanup firm, which reportedly gave her a "low-ball" estimate of US$2,000 to clean up the room."



Wednesday, April 25, 2007

Congress wants to pass a Spyware law that you don't want.



Spy Act Only Protects Vendors and Their DRM

"Last week a subcommittee of the House Committee on Energy and Commerce approved H.R. 964, the Spy Act.

[ . . . ]

If the Spy Act become law, hardware, software, and network vendors will be granted carte blanche to use spyware themselves to police their customers' use of their products and services. Incredibly broad exceptions will probably allow even the worst of the adware outfits to operate with legal cover. State attempts to deal with the spyware problem will be pre-empted and enforcement left up almost entirely to the FTC."



Sunday, April 22, 2007

Microsoft Office Compatibility Pack released

If you use Microsoft Office products (Word, Excel or PowerPoint) version 2000, 2002 (aka XP) or 2003 and would like to be compatible with the new file formats for the 2007 versions of those applications, Microsoft released a 'free' new compatibility pack that will enable you to view, edit and save your files to those new formats. This is pretty nice, as you will no longer have to tell co-workers/co-students/co-anybody using Office 2007 to save stuff in the old formats so you can use them.

Before you run off to install it, there are some caveats. You MUST upgrade your version of Office (or standalone Word, Excel or PowerPoint) to the very latest service packs available.

If you need direct links to the various required Service Packs:

Office 2000: SP3 - http://www.microsoft.com/downloads/details.aspx?FamilyID=5c011c70-47d0-4306-9fa4-8e92d36332fe&DisplayLang=en

Office 2002 (XP): SP3 - http://www.microsoft.com/downloads/details.aspx?FamilyID=85af7bfd-6f69-4289-8bd1-eb966bcdfb5e&DisplayLang=en

Office 2003: SP2 - http://www.microsoft.com/downloads/details.aspx?FamilyID=57e27a97-2db6-4654-9db6-ec7d5b4dd867&DisplayLang=en

Those Service Packs work for all full versions of Office, as well as the standalone versions of the three main applications included.

In turn you must also get the most recent critical fixes published as of April 10, 2007 using the Office or Microsoft Update site.

Once you have finished all the updates needed, go and install the Compatibility Pack from http://www.microsoft.com/downloads/details.aspx?familyid=941b3470-3ae9-4aee-8f43-c6bb74cd1466&displaylang=en&tm


Friday, April 20, 2007

Global warming???




Global warming?


"Local fishermen say the ice conditions are the worst they've seen in more than 20 years."


Thursday, April 19, 2007

The new frontier for hackers: your router



http://www.infoworld.com/article/07/04/19/HNroutercellattackrisk_1.html

"Jack's null pointer exploit is effective on the Arm and xScale processors that are widely used in embedded devices, but it does not work on Intel architecture processors used by PCs.

In his demonstration, Jack plans to show how his attack could be used to make changes to the firmware of a router so that it injects malicious code into any executable files downloaded from the Internet. This technique could be used to turn legitimate software updates -- Microsoft's monthly software patches, for example -- into an avenue of attack."


So what routers use these processors? Almost all of the home firewall/router boxes made by D-Link, Netgear, Linksys and other brands. Most modern PDA's and Pocket PC's also use one of these processors.

Nothing like this is in the wild -- yet. But now that the concept is out, you can be sure it will be used sometime in the future. I will be tracking this closely. Best case scenario is that simple firmware upgrades to your router can close off the attack vector. Worst case scenario is that millions of home routers will need to be replaced.

Scary stuff . . . :-/

A nod to sanity in the media

There is (some) hope . . . At least one of the media outlets picked up on this opinion:

Mental Health Expert Says Shooter Was Trying to Attempt Immortality; Showing Clips Validates His Delusions

http://abcnews.go.com/GMA/VATech/story?id=3056168

Welner believes that instead of offering insight, these videos merely offer validation of delusional behavior.

"I think that's very important for the viewing audience to understand. This is not him. These videos do not help us understand him. They distort him. He was meek. He was quiet. This is a PR tape of him trying to turn himself into a Quentin Tarantino character," Welner said. "This is precisely why this should not be released."

Let there be light!



Maybe I'm just old-fashioned and a bit of a power pig, but I really hate fluorescent lamps for indoor use. I especially hate so called compact fluorescent lamps (CFLs) designed to fit into incandescent sockets. Give me warm light from a "natural daylight" spectrum bulb to work and read by at night. Don't get me wrong, compact fluorescents have their place - outside my home on the lawn post, or in the garage. There are even some that come very close to producing pleasing light - but I remain a skeptic for now.

Recent moves by Wal-Mart to discontinue selling ALL incandescent bulbs, and rumors that a new bill will soon come before congress to outlaw them, concern me.

Seems that I am not the only one.

First and foremost, compact fluorescents contain mercury. People that toss CFLs into the garbage when they burn out are contributing to mercury contamination in our ground water. Everyone should recycle these types of lamps - even though it's hard to get rid of them in areas with poor recycling programs.

Secondly, it appears that the move to compact fluorescents will also impact the US job market - again.

Wednesday, April 18, 2007

Is your Microsoft Update service not working? Error 0x8DDD0009 ?



Two days ago I ran across a perplexing post by describing an odd problem with Microsoft's Update Service. Automatic Updates . . . weren't. Manual Updates via Microsoft's Update Site were failing with error code 0x8DDD0009 after a VERY long time watching the scan animation.

I totally fubared on my initial advice to her, which led me to do a bit of research.

Searching Microsoft for that error comes up with nothing. Searching the Internet provided hundreds of posts describing the same exact problem, with conflicting advice from others - some of which was close, but none that were complete or reliable solutions. I decided to try and reproduce the problem myself - then find a solution.





The problem is multi-part and started with a recent update (January I believe) from Microsoft that was supposed to reduce CPU overhead when Automatic Update ran. Unfortunately, it appears that there was a bug in that patch that corrupts the Windows Software Distribution folders. Once it gets into this state, all updates - Automatic or Manual - will fail.

Here is the fix. Be warned, parts of this process will take a while, so if you do this on a Laptop, make sure you're plugged in . . .

1) Right click My Computer >> Properties >> Automatic Updates and turn it OFF. Click OK back out.

2) Start button >> Run and type in CHKDSK C: /R then press enter. Answer Y when it asks you if you want to run it at the next reboot. But don't reboot just yet.

3) Go to http://support.microsoft.com/kb/927891/ and find the link for the version of Windows you are running under RESOLUTIONS, then download the hotfix.

4) Install the hotfix you just downloaded and reboot. Wait for that CHKDSK you did in step 2 to complete - go take a break as it will take a while.

5) Right click My Computer >> Manage >> Services and Applications >> Services. Find both the "Automatic Updates" and "Background Intelligent Transfer Service" and right click them >> Stop. Make sure that both services show a stopped status in the Management window.

6) Open My Computer (double left click) and browse into C:\Windows (click the warning about system files to clear it out if you get it) and find the folder named "SoftwareDistribution". Rename that folder to "$SoftwareDistributionOLD$".

7) Reboot again, and try using http://update.microsoft.com/ . . . it should work now.

8) If it succeeds, go ahead and turn Automatic Updates back on if you are so inclined. Reverse the directions in step 1.

Please comment below on your results if you try this.

Pluto!

Some of you may not know, but I am a step-grandchild (one of many) of the late Clyde Tombaugh, the guy that discovered Pluto many many moons ago.

So when I stumbled on this Userpic today, ganked from and , I could not help myself, I had to grab it . . .

Friday, April 13, 2007

ERA Status



Old news, but apparently still true.

- 96% of American adults believe male and female citizens of the United States should have equal rights

- 88% believe the Constitution should make it clear that male and female citizens are supposed to have equal rights

- 72% believe that the Constitution of the United States does make it clear that male and female citizens are supposed to have equal rights [even though it in fact does not].

The 15 currently - unratified - states are Alabama, Arizona, Arkansas, Florida, Georgia, Illinois, Louisiana, Mississippi, Missouri, Nevada, North Carolina, Oklahoma, South Carolina, Utah, and Virginia.

http://eracampaignweb.kis-hosting.com/why.php

http://www.equalrightsamendment.org/era.htm



And yes, posting this is my reaction to the whole Imus thing.

Sunday, April 8, 2007

Wi-Fi 128-bit WEP encryption - now with new and improved INsecurity



WEP is the old standard for wireless networking encryption. New standards include WPA and WPA-2, plus a few alternates that include server authentication (RADIUS) and other flavors.

Most new wireless routers will support WPA in some incarnation. All new wireless cards for clients also support WPA. Some older wireless cards either require new drivers, or cannot support WPA - an excellent argument to upgrade equipment ASAP.

Trouble is, far too many people still rely on WEP. A recent article and publicly released working code sample (plug-in) from the Technical University of Darmstadt as reported by Heise Security allows the bad guys to hack into 128-bit WEP protected wi-fi networks in about a minute using only a laptop and a popular hacking program available to anyone on the Internet.

"A wireless network secured with 128-bit WEP encryption can, according to the researchers, be cracked in less than a minute using their attack method."

Wednesday, April 4, 2007

ANI Vuln saga continues! ARRRRRRG

Just when we thought this was over . . .

Apparently poor testing procedures led to a serious issue for people that downloaded yesterdays ANI / GDI patch MS07-017 (mouse animated curser bug) that also use the RealTek HD Audio sound card, which is common for integrated sound cards on many popular and modern mainboards.

Microsoft at least placed a fix for the conflict early this morning.

Information about the problem:
http://support.microsoft.com/kb/935448/

"SYMPTOMS
When you start a computer that is running Microsoft Windows XP with Service Pack 2, the Realtek HD Audio Control Panel may not start. Additionally, you may receive the following error message:

Rthdcpl.exe - Illegal System DLL Relocation

The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:\Windows\System32\Hhctrl.ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.
This problem occurs when the Realtek HD Audio Control Panel (Rthdcpl.exe) by Realtek Semiconductor Corporation is installed.

CAUSE
This problem may occur after you install security update 925902 (MS07-017) and security update 928843 (MS07-008). The Hhctrl.ocx file that is included in security update 928843 and the User32.dll file that is included in security update 925902 have conflicting base addresses. This problem occurs if the program loads the Hhctrl.ocx file before it loads the User32.dll file.
"

Link to download the fix, but don't get it unless you get the error on boot up as described above:
http://www.microsoft.com/downloads/details.aspx?FamilyId=74AD4188-3131-429C-8FCB-F7B3B0FD3D86


Grrrrr . . .

Tuesday, April 3, 2007

ANI Vulnerability - MS07-017 official patch available now

Microsoft has released the official fix for the ANI mouse curser vulnerability. You can get it via Microsoft Updates at http://update.microsoft.com -- just look for the KB925902 critical update. If you have Automatic Updates turned on, you should get the fix at a random time during the next few days. Personally I would not wait for that - this is that serious an issue.

Information about the release schedule: http://blogs.technet.com/msrc/archive/2007/04/03/ms07-017-released.aspx

And the relevant Microsoft Security Bulletin with manual links to download the patch for network deployment for all platforms: http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx

If you installed the eEye 3rd party patch last week, see this post for details on what you should do before installing the MS patch.

Tuesday morning - various short updates

*yawn*

1) The ANI vuln fix is not yet online at Microsoft's Update site. Hoping to see it appear later today.

2) An excellent source of information and resources for scam victims including methods to determine some of the most prevalent scams can be found at this site:
http://scamvictimsunited.com/

3) Saturdays UserFriendly cartoon is awesome:
http://ars.userfriendly.org/cartoons/?id=20070331

Monday, April 2, 2007

ANI Vulnerability update: MS official patch tomorrow

Looks like Microsoft will be releasing a fix for the ANI (mouse animated cursor) vulnerability a week early. Tomorrow in fact . . . assuming the patch passes testing today.

"From our ongoing monitoring of the situation, we can say that over this weekend attacks against this vulnerability have increased somewhat. Additionally, we are aware of public disclosure of proof-of-concept code. In light of these points, and based on customer feedback, we have been working around the clock to test this update and are currently planning to release the security update that addresses this issue on Tuesday April 3, 2007.

I want to note that we are testing still and will be up until the release, to ensure the highest quality possible. So, it’s possible that we will find an issue that will force us to delay the release. If we do find an issue, though, we will let you know through the MSRC weblog as soon as we know."





If any of you installed the 3rd party patch released Friday by eEye to mitigate this exploit, and you choose to install the MS patch tomorrow ( I highly recommend using the supported MS patch when it becomes available to prevent future compatibility problems ) then there are extra steps you need to make before updating.

Tomorrow:

1) Close all programs, especially email programs and all browsers.

2) UN-install the "eEye Digital Security .ANI Zero-Day Patch" (Control Panel >> Add / Remove Programs)

3) Reboot

4) Use Windows Update Services (IE Browser, Tools >> Windows Update) and get the new patch.

5) Reboot.

IMPORTANT: It's advisable that users refrain from checking email or surfing the web between the time they uninstall the 3rd party patch and install the Microsoft patch.

Sunday, April 1, 2007

Saturday, March 31, 2007

ANI vulnerability 3rd party patch available

A 3rd party patch to mitigate exposure to the ANI vulnerability (mouse animated curser) is available free to the public.

I have been testing it this evening and it appears to be effective and safe.

If you run any browser or email client on the Windows 2000, XP, 2003 or Vista platform, you might consider this patch until Microsoft releases their official patch.

http://research.eeye.com/html/alerts/zeroday/20070328.html

The link to the patch is at the very bottom of that page.

FireFox also vulnerable to the ANI exploit

From BugTraq at http://seclists.org/bugtraq/2007/Mar/0461.html

"Determina also discovered that under certain circumstances Mozilla Firefox uses the same underlying Windows code for processing ANI files, and can be exploited similarly to Internet Explorer."

Best to be practicing ultra safe web habits until a patch is released. Also (as usual) keep your Spyware shields and AV updated.

ANI vulnerability: Windows Zero Day attack

The last few days saw the discovery of another very serious exploit that takes advantage of a bug in the way Windows XP, Vista and 2003 and Outlook handles animated mouse cursers. A longer list of all vulnerable products is available here. Microsoft has no fix available yet.

As of at least yesterday (and probably longer) researchers have found numerous web sites that are delivering malicious Trojans via this vector. Craig Schmugar at McAfee reports that this includes some fairly popular and supposedly trustworthy sites like the Dolphins Superbowl site, which is compromised and forwards visiters to non-trusted servers.

So far the best advice is to completely turn off email previewing in all versions of Outlook and Outlook Express, to help mitigate infection via spam. Don't open any spam, especially unexpected emails with attachments. And finally don't visit infected websites - which begs the question of how would we know it's infected?

Until a patch is available, be extra careful!

Friday, March 30, 2007

Microsoft's future

I know at least one of the people on my friends list is currently employed by MS. I suspect one or two others may be as well.

If you don't already follow the two bloggers linked below, their most recent articles really seem to nail some of the company's issues, and contain some excellent suggestions to improve things. Assuming of course that's even a remote possibility. (Doubt)

Long reads, but good.

http://msftextrememakeover.blogspot.com/2007/03/for-want-of-shoe-or-time-for-new-rider.html

http://minimsft.blogspot.com/2007/03/mini-devil-and-fine-whine.html

Enjoy . . .

Thursday, March 29, 2007

If you have a cat or dog . . .

Thought you might want to know about this:

http://www.sciam.com/article.cfm?articleID=9AA80BDC-E7F2-99DF-325B0C8F34C09E95

Turns out that the recalled pet food was contaminated by something called aminopterin, used in China (among other places) as a rat poison. Possibly came from gluten obtained from China, to be used as a thickener for the gravy in recalled wet pet foods.

"The Food and Drug Administration (FDA) reports that the lethal concentration of the chemical is three parts per million (ppm) for rats; the amount found in the contaminated [pet] food samples was 40 ppm. There is speculation that the poison got into the chow because Chinese farmers sprayed their crops, including wheat, with it to protect them from hungry rodents."

Two of my neighbors lost their cats last week during my absence to this poison. I am really grateful that we have fed our cat more healthy fare for her entire life than wet canned pet food.

Also there are reports around the Internet that canned pet food from outside the range of batches and dates specified by the manufacterer are also poisoning pets.

If somehow you did not see the news all last week about the recall, here is the main official page for you with links to the official brands, types and batches involved.

http://www.fda.gov/bbs/topics/NEWS/2007/NEW01590.html

.

Tuesday, March 13, 2007

Windows Server 2003 SP2 released today

I lied, one more update today before I go finish packing.

Microsoft quietly released Service Pack 2 for Windows Server 2003 - all editions. Their website calls it a release candidate, but given it's presence on the official update site, I suspect it's the final version.

You can get it via the update site, or if you prefer (as I do) to get it as one download and apply it offline, you can get the entire package here:

http://www.microsoft.com/technet/windowsserver/sp2.mspx

Along with a complete rollup of all critical updates released since SP1, it also includes some new features, which depend on whether you are running the standard, R2 or SMS versions.

See the FAQs for more information.
http://www.microsoft.com/technet/windowsserver/sp2/top-reasons.mspx
http://www.microsoft.com/technet/windowsserver/sp2/faq.mspx

And now I am outta here - see you in two weeks!