Sunday, September 22, 2019
  • Home
  •             

We’re back — kind of ;)

January 15th, 2006 by Patrick Elliott

After some minor issues on the prior server, I have a “msblog-backup” machine running over a tunneled external VPN connection from my house’s internet connection — so please excuse the super-slow speeds for this week — we’re sending data at a massive 384kb/sec 😛

New server set up plans should be in place by the end of the week.   In the meantime, keep posting — backups will be happening on the content as it normally did 🙂

PatrickE

Posted in Computing, Daily Life | 7 Comments »

Vista’s Sence Of Security.

January 14th, 2006 by Patrick S

It may not match translucent frames for sexiness, but security is vital if Windows Vista is to Succeed
Microsoft is starting to claim that Vista has been designed from the ground up with security at its core.  Vista has to be industrial-strength secure, both in its home and professional versions, and to be so from day one.

UPDATES AND BACKUP

In fairness to Microsoft, corralling users to stay patched and up to date has been a long and hard battle, but the tide started to turn with Service Pack 2. With Vista, expect to see a much more aggressive stance on updating. Microsoft might even manage an equally aggressive position on backup and data recovery-the new backup application is a starting point, and it’s one area that’s been notably absent from SP 2’s security centre.
SafeDocs is the current name for the all-new backup app, and it’s far more user-friendly than XP’s token backup facility. It offers fully automatic notifications. This is one of many positive steps, but a lot will depend on weather users turn on the new feature or weather Microsoft is brave enough to impose them. For example, it’s clear that the new user-management features in Vista will ensure no user uses applications with administrator privileges. Currently, many applications, including a whole raft of games, assume they have admin rights, so they could just wipe the contents of your hard disk. Vista will be able to elevate the privs of specific applications to enable them to run, but in a way that doesn’t compromise the overall system security. Well, that’s the claim. And it will apply to IE7 too-Microsoft want to run IE7 in the most limited, and as a result secure, fashion possible.


ENCRYPTION AND BEYOND

For network security, there are many changes lined up. First the firewall is going to be much stronger offering filtering for both inbound and outbound traffic, and will also provide much better management in a managed network environment.  And some of the technology on a server side will allow a machine to boot in a limited, secure fashion: so before it gets full access to the network, it can be scanned for security fixes, anti-spam and other security features. Although Windows has supported alternative and authentication engines right back to the NT days, Vista will push this to the forefront. I am guessing a big push in biometric security.
We’ll also likely see a version of the AntiSpyware program Microsoft launched in beta earlier this year bundled in the box, maybe alongside and anti-virus package too.
Finally, there’ll be a significant attempt to make Vista a smaller ‘target’ for intrusion, whether it by keyboard or the network. Gar too many services are exposed on XP and run by default. It doesn’t take much effort to shut down unnecessary services and harden the new firewall to prevent unauthorized incoming and outgoing traffic. Much work was done on this in Windows Server 2003, but has yet to spill over onto the client side.

Was thinking…yes I will -2 more posts on their way regarding vista…expect to see them in the next coming days.
That’s all for now.

Posted in Windows Vista | 4 Comments »

From Longhorn to Vista-New features review Megapost!

January 13th, 2006 by Patrick S

Windows XP is almost 4 years old, and in that time the average size of a hard disk has risen tenfold. The MP3 revolution has taken the world by storm with many people now having more albums on their hard disk than in their shelves. Digital camera sales have raised so much that now it’s even hard to find 35 mm compacts. 

The general uses of PC’s have changed too. Most people, when asked what they want their new machine to do, have moved from ‘Oh, you know, word processing and stuff’ to ‘Oh, just email and web surfing’ in other word the PC is no longer seen as the utilitarian tool, but as a connected communications and media portal. 

Then there are the concerns that go with connection to the outside world. Newspapers really go a week without reporting the latest threat to your PC, while utilities like anti-virus and Internet security now account for half of all software sales. It’s quite obvious then that the main tasks of a new operating system, as far as the end user are concerned, should be to help you organise an ever-expanding collection of data, and keep that data secure. This huge change in focus is perhaps the main reason behind the painful, drawn out process that’s finally culminated into the beta releaces of Windows Vista, formally codenamed Longhorn. Microsoft has been following a moving target, and it’s notoriously sluggish in reacting to the winds of change. Preferring to dictate rather than follow, it failed to predict the Internet was going to take off in the way it has and then struggled to catch up. 

But now things have settled down enough for the big guns of Redmond to finally get the current market in their sights. However, the chopping and changing has meant that Vista isn’t the beast that Longhorn once slated to be. Windows XP’s NTFS filing system remains, the revolutionary WinFS having been summarily ejected due to its complexity slowing the project down. It’s set to be retrofitted after Vista’s release. 

Contrary to most other betas, the Vista Beta 2 release is pretty stable but there are a few gaps. What it does provide is the first true insight into what Microsoft’s next OS will deliver-not just in terms of its flash new graphics, but the power that lies underneath. Its new searching power will have a dramatic effect on the way we handle information, its hard-line approach to security could finally deliver the killer blow to hackers, while it emphasis on web services will inevitably have far-reaching effects on how we do business. 


DESKTOP

 

Pre-beta Longhorn builds all featured one obvious UI enhancement; the Desktop sidebar, which housed a pretty analogue clock. In beta 1 this was dropped, but makes a return in Beta 2. This is perhaps one of the significant changes to the Windows desktop that has evolved almost linearly since “START” first graced our Pc’s in Windows 95 all those years ago. Indeed the desktop looks functionally identical to Windows XP, with the START Button, System Tray and Recycle bun all in their familiar positions. The difference is in the presentation: the recycle bin is a more 24-bit colour affair and the start bar is again more attractive. Microsoft has done well to update Vista’s look without making it too unfamiliar. 

This default look is known as the Windows Aero Glass theme, and it’s most obvious when u open a window, The Windows frames and borders are now translucent showing the contents of windows underneath, and all windows now have a pronounced drop shadow effect on the desktop below. Fade effects are everywhere, and window Minimise/Maximise and Close icons have a pleasing ‘activated’ glow when the mouse is hovered over them. Its all part of the DirectX 9.0-based Avalon display engine and, if Microsoft personnel are to be believed the effects present in Beta 2 are just the beginning. Later builds promise even further enhancements that can take full advantage of the hardware acceleration in current generation graphics cards to create truly beautiful desktops. Even giving Apple a run for its money. 

 

DIGGING DEEPER

 

Click on the Start button, and again you will see something similar to what you see in Windows XP. However, the behaviour of the Start menu is no much saner: Click on All Programs and, instead of a list of programs popping up to the right and obstructing everything else on the screen, it appears within the confines of the left-hand side of the list. Click another sub-menu (for instance Accessories) and that list opens up in the same place. A back button at the bottom lets you retrace your steps. It’s a little unexpected at first, but much better than the old system of displaying lists and sub lists of programs halfway across the desktop. In addition, as soon as you click the start button, you’ll see a search box that automatically gains keyboard focus. Type the name of a program and Windows will show any matching Programs as you type (I.E. type ‘calc’, press Enter and Calculator appears right before your eyes) It’s a huge blessing for people with dozens of programs installed. And that search box is the first of many instances within an OS that, from a UI point of view, is almost entirely focused on searching and automatic data organisation. Open up the documents folder and you will find that Microsoft has removed the unbearably dainty ‘My Computer’ and ‘My Documents’ affectation-and you default view is not of your hard disk but of what Microsoft calls a ‘Virtual Folder’. These are clearly distinguished in the Explorer window by their blue colour, whereas ‘real’ folders on the hard disk are yellow. Virtual Folders build themselves around the mainstay service in Windows Vista-the Windows Search Engine. This is based on the indexing service that has been present since Windows 2000. Virtual folders present data on your hard disk based on content or metadata gained by the Windows Search Engine as it trawls your system, and not by location on your hard disk(s). There are several standard virtual folders predefined including Keywords, Rating and Type. The really powerful part is that you can create your own virtual folders based on custom searches built up within the new and powerful search box. This allows for searching not just by a simple match, such as a word in a file, but also multiple level searches. You could for instance search for all files with the keyword ‘computer’ excluding those with the word ‘Apple’ in their title. Or you could search for photos with a certain star rating but not those containing Jabez within the keywords. Once you have made the search, you can then save it as a virtual folder. This isn’t static” wherever a file matching the search criteria is added or removed, the virtual folder is updated to reflect this. 

 

CONFUSION REIGNS-FOR NOW

 

 

But the interface as it stands is initially confusing, If you’ve ever used Media Player 10 and found its excess of drop-down menus-indicated only by small arrows-difficult to understand, you’ll understand what I mean. The interface is typically Microsoft in the sense that it gives you as many possible ways to reach the exact same end result. This can lead you round in circles. For example the appearance and function of Explorer windows changes subtly, depending on weather you’ve got to them via the Computer icon, you’re in the Pictures folder looking at virtual folders. The standard Explorer view onto the All Documents virtual folder contains 13 small arrows leading to drop-down menus that change the view in some way. None of them are labelled with text-you just have to click on them and see what they do. 

The second snag is that Microsoft is saddling us with more work: if our data isn’t tagged with star rating, keywords and author information (and whose is?) the standard virtual folder gets in the way. 

 

Vista is the beginning of a new era in data organisation, and if it’s going to work we need to be more careful with our drive contents. To get the most of our interface, we’re all going to have to put in some extra work and start tagging docs appropriately so the Search Engine stands a chance of organising things. At the very least, we’re going to have to set the date and time on our digital cameras. 

 

Phew what a post…I’ll take a break and write about Vista’s security later on. 

Posted in Windows Vista | 2 Comments »

2 New Security Bulletins have released

January 10th, 2006 by Jabez Gan [MVP]

Today Microsoft released the following Security Bulletin(s).

Bulletin Summary:

http://www.microsoft.com/technet/security/Bulletin/ms06-Jan.mspx

Critical Bulletins:

Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution
(908519)
http://www.microsoft.com/technet/security/Bulletin/ms06-002.mspx

Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange
Could Allow Remote Code Execution (902412)
http://www.microsoft.com/technet/security/Bulletin/ms06-003.mspx

This represents our regularly scheduled monthly bulletin release (second
Tuesday of each month). Please note that Microsoft may release bulletins out
side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after
reading the above listed bulletin you should contact Product Support
Services in the United States at 1-866-PCSafety (1-866-727-2338).
International customers should contact their local subsidiary.

Posted in Security | Comments Off on 2 New Security Bulletins have released

The Million Dollar Homepage

January 9th, 2006 by Zack Whittaker

This is really really cool. A lad named Alex Tew from Wiltshire, UK came up with a really inventive, very intelligent and quick way to make money, very quickly. His idea, the “Million Dollar Homepage” was this – get a single standard HTML page and sell pixels as advertisements on this page.

There are 1,000,000 (1 million) pixels on this particular page, and every single pixel is $1 each. So if you wanted an advertisement that was 10×10 in pixels, it would be $100 (about £70). The larger the space, the larger the amount of money it is to buy. Now the thing is with this, is website is more than just a great money maker and a great source of advertising, it’s Internet artwork.

Many big companies have joined up and bought pixels on this webpage – The Times newspaper, UK Government Speed Cameras website, but also plenty of online casinos and “free things”. I don’t know what’ll happen when this webpage gets full up – maybe he’ll have multiple pages… which means multiple million dollars? Who knows…

He may be a millionaire in the United States, but he’s only about half way there in British currency 😉

Updated: I forgot to change the link to the actual website. It’s changed below, sorry about that!

Useful links:
The Million Dollar Homepage
BBC News – "The million dollar student"

Posted in Daily Life, Humour | 6 Comments »

Vista to include new filesystem optimized for flash media

January 8th, 2006 by Patrick Elliott

It’s called EXFAT, or Extended FAT (no, not something you become after eating too many McDonald’s hamburgers…) and its included in December 2005 CTP (5270) build of Windows Vista.

So what is the new EXFAT filesystem?

According to Microsoft sources:

"EXFAT is a new filesystem optimised for flash-style removable devices. FAT has traditionally been adopted for these devices, but was never really an optimal solution. EXFAT is designed to overcome many of the problems/limitations of FAT on such media."

I did a google search for EXFAT and wasn’t met with any luck — not sure why this has flown under the radar screen but if anyone knows some more information on the EXFAT implementation in Windows Vista, or it’s support in any other flash-based consumer devices please let us know!!

Patrick Elliott, MVP – Windows Server System – Storage

Posted in MS News, Windows Vista | 4 Comments »

Office Live?

January 7th, 2006 by Patrick S

Well apparently there is going to be an office live.
I just got an email regarding this new program and it seems that another “LIVE” aplication is in the works…

Microsoft Office Live is coming.
Today, an online presence is almost a requirement for small business success. That’s why Microsoft is introducing Microsoft® Office Live—a set of affordable business productivity services designed to help you grow your business more easily by establishing a professional presence online.

Microsoft Office Live will provide your company with its own domain name, Web site, and e-mail accounts for free.

Additionally, Microsoft Office Live will offer you and your employees expert business management applications, such as customer, project, and document management tools, and a security-enhanced private Web site—affordably managed and maintained by Microsoft—where you can work together and share information with your employees, customers, suppliers, and contractors.

A beta version of Microsoft Office Live will launch in early 2006

Sign up today and be one of the first to try it for free…

http://www.microsoft.com/office/officelive/default.mspx

Posted in MS News, Office 2007, Windows Live | 2 Comments »

Microsoft updates Windows Vista website

January 5th, 2006 by Patrick S

Microsoft has redone the Windows Vista home page, I must say very nice indeed.

See for yourself:

http://www.microsoft.com/windowsvista/default.aspx

Posted in MS News, Windows Vista | Comments Off on Microsoft updates Windows Vista website

Which platforms can really get hit by WMF?

January 5th, 2006 by Patrick S

Larry Seltzer from eWeek has been doing lots of additional testing against older versions of Windows and bad WMF files.

He has just blogged his interesting findings:

…in a practical sense, only Windows XP and Windows Server 2003 (in all their service pack levels) are vulnerable to the WMF flaw.
…all versions of Windows back to 3.0 have the vulnerability in GDI32. Except for Windows XP and Windows Server 2003, no Windows versions, in their default configuration, have a default association for WMF files, and none of their Paint programs or any other standard programs installed with them can read WMF files…

So the vulnerability is there on all platforms but it seems that only Windows XP and 2003 are easily exploitable. Unfortunately this still means that majority of Windows computers out there are vulnerable right now. And at least Windows 2000 becomes vulnerable if you’re using many of the available third party image handling programs to open image files.

Posted in MS News, Security | Comments Off on Which platforms can really get hit by WMF?

Microsoft releases patch for WMF flaw

January 5th, 2006 by Jabez Gan [MVP]

Microsoft has released a patch to fix the flaw in the security bug on Windows Meta File. Microsoft reported that they will release it on January 10th but it seems that they have released it much earlier.

This update resolves a newly-discovered, public vulnerability. The vulnerability is documented in the “Vulnerability Details” section of this bulletin.

Note This vulnerability is currently being exploited and was previously discussed by Microsoft in Microsoft Security Advisory 912840.

If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

We recommend that customers apply the update immediately.

Download the patch from:
Windows XP SP1 or SP2
Windows XP 64bit
Windows 2000 SP4
Windows Server RTM or SP1
Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Windows Server 64bit

View Security Bulletin

Posted in MS News, Security | Comments Off on Microsoft releases patch for WMF flaw

Tell us what you think about this pre-release version of Microsoft Windows

January 4th, 2006 by Jabez Gan [MVP]

I’d like to call attention to a link that is provided in the desktop feedback icon, http://www.microsoft.com/windowsvista/sentiments/default.mspx. Many of you probably didn’t even open that feedback document if you’ve been on the beta very long so I wanted to make sure everyone knows it’s there.

Please make use of this link to tell us what you think about Vista. It’s quick and easy to use and we’re looking at all the data we get there. It’s not a substitute for a bug report – we want to know what you like and what you dislike about Vista. What works well and what works not so well.

Bookmark the link and use it as often as you like when you find something you like or don’t like. Tell your friends, your fellow beta testers and anyone you know to give us their feedback there. Blog about it so everyone else knows about it – it’s on Microsoft.com and it’s open to everyone who has an opinion about Vista.

We’re using some very very cool technology on the backend to summarize the data that arrives there. Technology that should give us a view into this free text type of data that we’ve never had before. The more data we get, the better it works so as I said, feel free to come back over and over as you find things you like or dislike.

Posted in MS News, Windows Vista | 3 Comments »

New High Quality Temporary WMF Exploit Patch Available!

January 3rd, 2006 by Zack Whittaker

Quick Background:
The active exploitation of a very serious vulnerability in all versions of Windows was discovered in late December. Word of this spread rapidly through the hacker community — many of whom where presumably on holiday vacation from school, bored, and looking for something to do.

So several days later nearly one hundred different instances of exploitation of this newly discovered vulnerability had been found. Note that this is not a “new vulnerability” — it (and perhaps other similar bugs) have been lying unknown in Windows since 1991. What’s “new” is the discovery of this long-present vulnerability in Windows’ metafile processing.

Almost immediately there were reports of an MSN Messenger worm, and now F-Secure is reporting that “Happy New Year” SPAM eMail is carrying an exploit. Anti-Virus vendors quickly updated and began pushing out their A-V signature files. These have been effective, but a new very flexible exploit generation tool has appeared that’s able to create so many different variations of the exploit that A-V signatures are having trouble keeping up.

Microsoft responded with an acknowledgement of the problem which included a very weak workaround (the shimgvw.dll unregistration) that provides very little protection. There’s is not a cure, and it is not known how long the Windows user community will now be waiting for a true patch from Microsoft.

Ilfak Guilfanov produced a highly-effective true patch which successfully suppresses all known exploitable vulnerabilities for anyone using Windows 2000, XP, server 2003, or 64-bit XP. No patch is available for Windows 95, 98, ME or NT, and none is expected to be forthcoming. But anyone using Windows 2000, XP, server 2003, or 64-bit XP should IMMEDIATELY install Ilfak’s exploit suppressor into all of their systems.

Download: ZackNET Server
Source: Deansweb2004.com

Posted in Bugs, Security | Comments Off on New High Quality Temporary WMF Exploit Patch Available!

MSBLOG Team visits Dell Asia Pacific

January 3rd, 2006 by Patrick Elliott

After several hours on the bus from Kuala Lumpur, Malaysia up north to Penang, we finally made it!! Jabez, Me, and two of his friends had the oppertunity to visit Dell’s Asia Pacific manufacturing facility today located just to the east of Pulau Penang (Penang Island) in northern Malaysia. After staying the night on the island (and sampling some very good local food I might add), we took a ferry across back to the mainland and caught a taxi to Dell.

Dell’s Asia Pacific center manufactures almost all mobile (Latitude, Inspiron, XPS) units bound for the United States. (See Dell Worldwide Facilities) The facility itself is HUGE inside, and operates extremely efficiently producing an entire unit in about 5 hours including some QA testing and software load. The unit is then boxed and loaded onto huge pallates which UPS (United Parcel Service) then takes about 25,000 units a day onto a Boeing 747 bound for the United States. The facility also manufactures desktop, server, and mobile products for most of the south pacific market – including Austrailia and New Zealand.

Photography is strictly prohibited in the factory, but here are two photos of the exterior (including one of Jabez and I) for your enjoyment.


Patrick Elliott / MSBLOG

Posted in Computing, Daily Life | 2 Comments »

Next Entries »