JD @ myITforum.com

This is why I love slashdot

http://science.slashdot.org/comments.pl?sid=178413&threshold=-1&commentsort=0&mode=thread&pid=14793405

World's smallest Windows XP computer

I need this. If you were thinking about getting me a birthday present this year, consider getting me one of these. The only thing it is missing is cell phone functionality.

http://www.oqo.com/hardware/basics/

Virus.org file scanner

Virus.org launched a file scanning service located at http://scanner.virus.org/ . It is very much like virustotal.com. These websites are a great way to check a file for a virus, but keep in mind that it is not always appropriate to scan files with these services, as you are giving them a copy of the file and the information that is contained in the file.

Looking for "some reason"

Im looking for "some reason" not to lose my mind. I am fed up with technicians, that do not understand something and give up on trying to solve a problem. Where is that "some reason" anyway? Let me shed some light on my rant. Have you ever overheard a technician say, "That system gets stuck at the bios when booting for some reason." It turns out that the "some reason" is a great excuse for never resolving the error and just living with the fact that you must be physically present to reboot the machine or worse the unresoved error is causing other problems. Along the same lines of that thinking, maybe its not "some reason", but instead you hear a technician say "that the computer doesnt like it" when I open powerpoint and word at the same time. OK, the computer "doesnt like it" is a cute way of saying there is a problem, but where I take issue is when the involved parties are left with only a cute expression. I have a suggestion, how about looking at the detailed error report information. I dunno, maybe try looking at the application logs, and at a minimum search Microsoft's Knowlege base or cross reference the error with eventid.net. Ooohhh, here's my favorite.... "I was getting an error message so I disabled the antivirus software". It apparently never occured to the technician that the error could be a result of having malware on the system in the first place. It may just turn out that I am moody, like my server. Maybe Im wrong, and the other technician is right. After all, the other technician did determine that disabling the antivirus software helps for some reason.

UK Gov wants a backdoor in Windows Vista

 

http://news.bbc.co.uk/1/hi/uk_politics/4713018.stm

“Windows Vista is due to be rolled out later this year. Cambridge academic Ross Anderson told MPs it would mean more computer files being encrypted.“

“Professor Anderson said people were discussing the idea of making computer vendors ensure "back door keys" to encrypted material were made available.“

 

 

Microsoft Security Updates 14JAN06

Feb 14, 2006	Vulnerability in PowerPoint 2000 Could Allow Information Disclosure (889167): MS06-010 Affected Software: Office 2000, PowerPoint 2000	Office 2000 Service Pack 3, PowerPoint 2000 SP3	Important
Feb 14, 2006	Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190): MS06-009 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition, Office 2003, Visio 2003, OneNote 2003, Project 2003	Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold, Office 2003 SP1, Office 2003 SP2, Visio 2003 Gold, Visio 2003 SP1, OneNote 2003 Gold, OneNote 2003 SP1, Project 2003 Gold, Project 2003 SP1	Important
Feb 14, 2006	Vulnerability in Web Client Service Could Allow Remote Code Execution (911927): MS06-008 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition	Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold	Important
Feb 14, 2006	Vulnerability in TCP/IP Could Allow Denial of Service (913446): MS06-007 Affected Software: Windows XP Home Edition, Windows XP Professional, Windows XP Professional 64-Bit Edition, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows Server 2003 Datacenter Edition for Itanium-based Systems, Windows Server 2003 Enterprise Edition for Itanium-based Systems, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition	Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP 64-Bit Gold, Windows Server 2003 Gold, Windows SharePoint Services Gold, Windows Server 2003 SP1, Windows XP 64-Bit SP1, Windows Server 2003 for Itanium-based Systems Gold, Windows Server 2003 for Itanium-based Systems SP 1, Windows Server 2003 x64 Gold	Important
Feb 14, 2006	Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564): MS06-006 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows XP Professional 64-Bit Edition, Windows Server 2003 Datacenter x64 Edition, Windows Server 2003 Enterprise x64 Edition, Windows Server 2003 Standard x64 Edition	Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1, Windows XP 64-Bit SP1, Windows XP 64-Bit Gold, Windows Server 2003 x64 Gold	Important
Feb 14, 2006	Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565): MS06-005 Affected Software: Windows XP Professional, Windows Media Player for Windows XP, Windows Media Player 9 for Windows XP, Windows Media Player 9 for Windows Server 2003, Windows 98, Windows 98 SE, Windows Me, Windows Media Player 7.1, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows Media Player 9.0, Windows Media Player 10, Windows Server 2003 for Small Business Server, Windows XP Home Edition	Windows XP Service Pack 1, Windows Media Player for Windows XP Gold, Windows XP Service Pack 2, Windows Media Player 9.0 Gold, Windows 98 Gold, Windows 98 SP1, Windows 98 SE Gold, Windows Me Gold, Windows Media Player 7.1 Gold, Windows 2000 Service Pack 4, Windows Media Player 10 Gold, Windows Server 2003 Gold, Windows Server 2003 SP1	Critical
Feb 14, 2006	Cumulative Security Update for Internet Explorer (910620): MS06-004 Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Internet Explorer 5.01	Windows 2000 Service Pack 4, Internet Explorer 5.01 SP4	Critical

Google Desktop - Is it a trojan horse?

http://www.eff.org/news/archives/2006_02.php#004400

"Coming on the heels of serious consumer concern about government snooping into Google's search logs, it's shocking that Google expects its users to now trust it with the contents of their personal computers," said EFF Staff Attorney Kevin Bankston. "Unless you configure Google Desktop very carefully, and few people will, Google will have copies of your tax returns, love letters, business records, financial and medical files, and whatever other text-based documents the Desktop software can index. The government could then demand these personal files with only a subpoena rather than the search warrant it would need to seize the same things from your home or business, and in many cases you wouldn't even be notified in time to challenge it. Other litigants—your spouse, your business partners or rivals, whoever—could also try to cut out the middleman (you) and subpoena Google for your files."

I also have to wonder what the many ramifications will be for companies, if employee's install this on their workstations.

Detecting malware by monitoring DNS MX queries

I was checking out worm blog, and saw a post on detecting systems infected with mass mailing worms by monitoring systems doing DNS MX queries. I always enjoy finding new methods to protect your network without spending a ton of $$$. This was a pretty interesting paper.