Saturday, March 31, 2007

ANI vulnerability 3rd party patch available

A 3rd party patch to mitigate exposure to the ANI vulnerability (mouse animated curser) is available free to the public.

I have been testing it this evening and it appears to be effective and safe.

If you run any browser or email client on the Windows 2000, XP, 2003 or Vista platform, you might consider this patch until Microsoft releases their official patch.

http://research.eeye.com/html/alerts/zeroday/20070328.html

The link to the patch is at the very bottom of that page.

FireFox also vulnerable to the ANI exploit

From BugTraq at http://seclists.org/bugtraq/2007/Mar/0461.html

"Determina also discovered that under certain circumstances Mozilla Firefox uses the same underlying Windows code for processing ANI files, and can be exploited similarly to Internet Explorer."

Best to be practicing ultra safe web habits until a patch is released. Also (as usual) keep your Spyware shields and AV updated.

ANI vulnerability: Windows Zero Day attack

The last few days saw the discovery of another very serious exploit that takes advantage of a bug in the way Windows XP, Vista and 2003 and Outlook handles animated mouse cursers. A longer list of all vulnerable products is available here. Microsoft has no fix available yet.

As of at least yesterday (and probably longer) researchers have found numerous web sites that are delivering malicious Trojans via this vector. Craig Schmugar at McAfee reports that this includes some fairly popular and supposedly trustworthy sites like the Dolphins Superbowl site, which is compromised and forwards visiters to non-trusted servers.

So far the best advice is to completely turn off email previewing in all versions of Outlook and Outlook Express, to help mitigate infection via spam. Don't open any spam, especially unexpected emails with attachments. And finally don't visit infected websites - which begs the question of how would we know it's infected?

Until a patch is available, be extra careful!

Friday, March 30, 2007

Microsoft's future

I know at least one of the people on my friends list is currently employed by MS. I suspect one or two others may be as well.

If you don't already follow the two bloggers linked below, their most recent articles really seem to nail some of the company's issues, and contain some excellent suggestions to improve things. Assuming of course that's even a remote possibility. (Doubt)

Long reads, but good.

http://msftextrememakeover.blogspot.com/2007/03/for-want-of-shoe-or-time-for-new-rider.html

http://minimsft.blogspot.com/2007/03/mini-devil-and-fine-whine.html

Enjoy . . .

Thursday, March 29, 2007

If you have a cat or dog . . .

Thought you might want to know about this:

http://www.sciam.com/article.cfm?articleID=9AA80BDC-E7F2-99DF-325B0C8F34C09E95

Turns out that the recalled pet food was contaminated by something called aminopterin, used in China (among other places) as a rat poison. Possibly came from gluten obtained from China, to be used as a thickener for the gravy in recalled wet pet foods.

"The Food and Drug Administration (FDA) reports that the lethal concentration of the chemical is three parts per million (ppm) for rats; the amount found in the contaminated [pet] food samples was 40 ppm. There is speculation that the poison got into the chow because Chinese farmers sprayed their crops, including wheat, with it to protect them from hungry rodents."

Two of my neighbors lost their cats last week during my absence to this poison. I am really grateful that we have fed our cat more healthy fare for her entire life than wet canned pet food.

Also there are reports around the Internet that canned pet food from outside the range of batches and dates specified by the manufacterer are also poisoning pets.

If somehow you did not see the news all last week about the recall, here is the main official page for you with links to the official brands, types and batches involved.

http://www.fda.gov/bbs/topics/NEWS/2007/NEW01590.html

.

Tuesday, March 13, 2007

Windows Server 2003 SP2 released today

I lied, one more update today before I go finish packing.

Microsoft quietly released Service Pack 2 for Windows Server 2003 - all editions. Their website calls it a release candidate, but given it's presence on the official update site, I suspect it's the final version.

You can get it via the update site, or if you prefer (as I do) to get it as one download and apply it offline, you can get the entire package here:

http://www.microsoft.com/technet/windowsserver/sp2.mspx

Along with a complete rollup of all critical updates released since SP1, it also includes some new features, which depend on whether you are running the standard, R2 or SMS versions.

See the FAQs for more information.
http://www.microsoft.com/technet/windowsserver/sp2/top-reasons.mspx
http://www.microsoft.com/technet/windowsserver/sp2/faq.mspx

And now I am outta here - see you in two weeks!

Taking a break

I will be offline for two weeks and spending some quality time underwater. See you all after the break!

Monday, March 12, 2007

This is NOT a Meme, it's a quiz

1. Can you cook?
I've been told I can. Never destroy a perfectly good hobby by turning it into a job.

2. What was your dream growing up?
To be an astronaut. No, really. It was not until I applied for the program that I discovered that mild color blindness grounds you. For life.


3. What talent do you wish you had?
I wish I could . . . predict the stock market! Yeah, that's it. Complete failure of the world economy to follow shortly after.

4. Favorite place?
There are no single favorites of anything in my life, I am way more complex than that . . . but a few of the top preferences that come to my mind at this moment in space and time are: underwater reefs, on a winding less traveled road with my cycle, between her legs never mind that question now, NEXT!

5. Favorite vegetable?
I like em all. No, really.

6. What was the last book you read?
Just finished "Forty Signs Of Rain" by Kim Stanley Robinson. Started it's sequel last night: "Fifty Degrees Below."

7. What zodiac sign are you?
Aquarius. And I have to say that most horrorscope writers hate Aquarians - likely because they totally misunderstand us. But that's okay, cause we definitely understand them. [evil grin]

8. Any tattoos and/or piercings?
I keep showing up at the parlor, but then I wimp out. So no, not yet.

9. Worst habit?
Smoking. Bleah.

10. Do we know each other outside of LJ?
Of course we do, but we may never realize the connection in this lifetime. See question seven. :)

11. What is your favorite sport?
I don't think any of the activities I prefer could really be called sport. Instead, I indulge in a rather large selection of hobbies. Scuba, motorcycles, singing, stunt kites, the occasional online role-playing game, plus about a dozen more odd things.

12. Negative or optimistic attitude?
Yes.

13. What would you do if you were stuck in an elevator with me?
The real question is, what would YOU want me to do if you were stuck in that elevator with me?

14. Worst thing to ever happen to you?
Not going to tell that story here, sorry.

15. Tell me one weird fact about you:
I was killed in WW-I and was reborn without completing the normal memory flush. I still wake up from flashbacks to the trenches in Europe. Evidence also suggests this might not be the first time I failed to survive a war in the last two millennium . . . which is why so many people that meet me in real life suggest I have a very old spirit.

16. Do you have any pets?
Cat, one, cute, very old, very loving.

17. Do you know how to do the Macarena?
I know how, but I hope to never willingly repeat that offense again in the foreseeable future.

18. What time is it where you are now?
Mountain Time.

19. Do you think clowns are cute or scary?
Yes.

20. If you could change one thing about how you look, what would it be?
Nothing at all my friend, nothing at all. No, really.

21. Would you be my crime partner or my conscience?
Conscience. A rather brutal one at that according to my friends.

22. What color eyes do you have?
Brown.

23. Ever been arrested?
Many times every day. At red lights, stop signs, whenever pedestrians cross. Ah. Wait. Sorry, I thought you meant the other definition of that word.

Nope.

24. Bottle or Draft?
I like a wee bit of the dram, preferably well aged, single malt, decent pedigree. Isle of Sky being near the top-o-that list.

25. If you won $10,000 dollars today, what would you do with it?
Loan it to someone that needed money.

26. What kind of bubble gum do you prefer to chew?
Yuck! Bad question, NEXT!

27. What's your favorite bar to hang at?
My home bar. Especially now that the pool table is setup. Saves on DUI concerns too.

28. Do you believe in ghosts?
Of course! It would be rather silly for someone in my position *not* to believe.

29. Favorite thing to do in your spare time?
I have no spare time, at least not intentionally. I am either busy with work, or friends, or hobbies, or resting. I can and will spare none of that.

30. Do you swear a lot?
Hell no. Why the fuck you asking?

31. Biggest pet peeve?
People that swear inappropriately. Swear words are very effective as punctuation, not so much as filler.

32. In one word, how would you describe yourself?
Eclectic

33. Will you repost this so I can fill it out and do the same for you?
You do what you want with this, I am just glad the quiz is done!

.

Friday, March 9, 2007

Thinking about buying a car from eBay?

http://securitywatch.eweek.com/trojan_targeting_ebay_motor_buyers.html

One of the more advanced trojans to hit is in the wild now. If you click slideshow attachments in infected emails, it drops a program that sets up a man in the middle attack between you and ebay motors. You send money, the crook gets it, the seller never knows you exist.


"How to avoid being victimized? As always, never click on e-mail attachments from sources you don't trust."

Thursday, March 8, 2007

Palm PDA DST Update info

Thanks to for the Palm PDA DST update link at http://www.palm.com/us/support/downloads/dst_palmos.html

DST updates for Apple and Linux

A big thank you to for DST info on Apple and Linux systems.

For most Linux distributions, you can find background info and links to update your system for the upcoming Daylight Saving Time changes at http://www.linux-watch.com/news/NS6300294422.html. For those of you with Gentoo, just an "emerge sys-libs/timezone-data" should do the trick.

Apple users should refer to http://docs.info.apple.com/article.html?artnum=305056 to find patches or instructions to fix the DST changes manually, depending on your OS version. You will also find links on that page containing special instructions to update your Java and WebObjects environments.

For everyone, Sun has posted DST instructions for Java at http://java.com/en/download/faq/dst.xml. In certain cases (but not all) you may wish to remove older versions of Java if you update to the latest and greatest. Directions for that process may be found at http://www.java.com/en/download/faq/5000070400.xml.

For those just joining in, the original post concerning DST updates for Windows, Windows Mobile, Outlook etc may be found at http://netdef.livejournal.com/20027.html.

Deadline for doing these updates is this coming Saturday, March 10th. If you miss the deadline, don't panic. You can still do the updates at any time, but your calendars and clocks may not show the correct time until you complete the task.

.

Wednesday, March 7, 2007

Windows Live One Care is destroying entire local email storage files

It appears that a very serious bug in Microsoft Live One Care Anti Virus is causing much grief among users. If it detects a virus on an incoming email, the next time it does a system scan it may in fact delete the entire PST file for Outlook (all versions) or the entire folder store where that accounts email is cached in Outlook Express. And we are talking hard delete, not recycle bin. The only way to recover all your email is via a file recovery utility that scans the hard drive for deleted files, and that assumes that you have not overwritten the file with cached browser files while searching for a solution . . .

Live One Care has not yet fixed this problem - and in fact it may not get fixed until they go to the beta for version 2.x.

AppScout has a full summary of the problem as well as a work around posted. Look near the bottom of that page to find the workaround.

To add insult to injury, Microsofts Live One Care recently came in dead last in a third party comparison test conducted by AV Comparatives.org.

(All links open in a new tab or window.)


Edit: It appears that some, but not all, users were able to retrieve their lost PST file from Live One Care's quarantine. Not clear on details on why the difference, your mileage may vary.
.

Tuesday, March 6, 2007

Windows Mobile also (finally) gets a DST patch

If you need it, get it . . .

http://www.microsoft.com/windowsmobile/daylightsaving/default.mspx

.

Final countdown to DST change

See my previous article at http://netdef.livejournal.com/20027.html . . .

Updated to include Windows 2000 Professional and Server.

Sunday, March 4, 2007

Programmers personality quiz


Your programmer personality type is:

   
DLSC



You're a Doer.

You are very quick at getting tasks done. You believe the outcome is the most
important part of a task and the faster you can reach that outcome the better.
After all, time is money.



You like coding at a Low level.

You're from the old school of programming and believe that you should have an
intimate relationship with the computer. You don't mind juggling registers
around and spending hours getting a 5% performance increase in an algorithm.



You work best in a Solo situation.

The best way to program is by yourself. There's no communication problems, you
know every part of the code allowing you to write the best programs possible.



You are a Conservative programmer.

The less code you write, the less chance there is of it containing a bug. You
write short and to the point code that gets the job done efficiently.



Take the test.

Urgent for WordPress blog users!

WordPress 2.1.1 compromised, upgrade to 2.1.2 ASAP

If any of you administer a blog based on WordPress and you recently upgraded to version 2.1.1 then you should immediately upgrade to 2.1.2 before your site is 0wn3d. Earlier versions of the 2.x release series are safer, although 2.1.x has numerous bug fixes and minor security fixes.

(Links open in a new tab or window.)



"It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution."




If you are a shared WordPress blog user - you might want to ping your site admin about this today.

.

Friday, March 2, 2007

Meme ganked from <lj user="altamira16">

Thanks to for sharing this meme today.



Search YouTube with the year of your birth and post one of the results.



Ring of Fire




RFID questions

I'm researching for a soon to appear article about RFID. One interesting sidebar is about disabling RFID tags in passports or credit cards. Devices for such exist, but I can't find any information about the legalities of such an action. Has anyone spotted some good sources online?

BTW, whatever you do, don't use a microwave to kill embedded RFID tags. Yes - it will destroy the tag - along with the material in which it's installed. It may also damage your microwave.