Thursday, January 27, 2005

Microsoft: No licence, no Windows updates

Microsoft seems to be pushing ahead with the Genuine Advantage programme, whereby you have to prove you are licensed before you can get updates for your Windows system. The article in Computer Weekley, Microsoft: No licence, no Windows updates describes Microsoft's plans.

I spoke with Joe Petersen, one of the many VPs in the Windows team, on Tuesday night. He described this expansion as a way of rewarding people who had legitimte copies of Windows. I'm just fine with this, however half of my legitimate machines report themeselves as NOT genuine. Joe was aware of this issue, and promised that it would be resolved before MS pushed ahead with Genuine Advantage. I hope so!

Wednesday, January 26, 2005

BlackBelt Security Webcasts

MS has just announced a Digital BlackBelt Security Webcast Series. This will be several months of detailed drill down into Security "problems and solutions" specifically for developers.

Here's the list:

The Software Security Crisis: Selling Management on the Need to Invest in Secure Software Development (Level 100) Friday, February 4, 2005 11:00 A.M.-12:00 P.M. Pacific Time, United States and Canada (UTC-8)

Building an Intentionally Secure Development Process (Level 200) Friday, February 18, 2005 11:00 A.M.-12:00 P.M. Pacific Time, United States and Canada (UTC-8)

Security Principals and Guidelines (Level 200) Friday, March 4, 2005 11:00 A.M.-12:00 P.M. Pacific Time, United States and Canada (UTC-8)

Protecting Secret Data (Connection Strings, Passwords, etc.) (Level 200) Friday, March 18, 2005 11:00 A.M.-12:00 P.M. Pacific Time, United States and Canada (UTC-8)

Defending the Database (Part 1 of 2): The SQL Injection Attack in Detail (Level 300) Friday, April 8, 2005 11:00 A.M.-12:30 P.M. Pacific Time, United States and Canada (UTC- 7)

Defending the Database (Part 2 of 2): Making the Right Design Choices (Level 300) Friday, April 22, 2005 11:00 A.M.-12:00 P.M. Pacific Time, United States and Canada (UTC-7)

Beating the Hacker: Don't Let Them Steal Your Code (Level 200) Friday, May 6, 2005 11:00 A.M.-12:00 P.M. Pacific Time, United States and Canada (UTC-7)

Social Engineering: and Making Your Software and Mitigating System Vulnerability (Level 200) Friday, May 20, 2005 11:00 A.M.-12:00 P.M. Pacific Time, United States and Canada (UTC-7)

Tuesday, January 25, 2005

Stop Ashlee Simpson from "Singing" Petition

I have no idea who Ashlee Simpson is, and can not recall ever hearing her name or her singing. Having said this, Stop Ashlee Simpson from "Singing" Petition is doing the rounds, and thus far, has over 190,000 signatures (and seems to be growing by 10-20k signatures per day). The original petition was created by Bethany Decker in the US, as a bit of a protest. She never dreamed it would become a popular cause.

So what impact is this likely to have. One could argue that 190,000 people can't all be wrong. On the other hand, you could assume that 'all publicity is good publicy', and that this will just help her albumn sales. But what I do find very aumusing is that on the view signature pages, the site owners have put in Google Ad frame - advertising Ashlee Simpson tickets and her 'music'.

Sunday, January 23, 2005

The .NET Celebrity Auction for Aceh Aid at IDEP

So go on over and bid at eBay for item 5552696499 (Ends Feb-02-05 06:00:00 PST) - The .NET Celebrity Auction for Aceh Aid at IDEP.

Direct Show / Windows Media Player .SHN Plug-In

While the world is entranced by MP3s and MP3 players, a small segment of the digital music revolution is more interested in lossless music. Using the filetypes of SHN (Shorten) or FLAC (free lossless audio codec), these file formats give better quality but result in larger files. I have a library approaching 1 terrabyte of lossless music, the centre piece of which is my collection of around 500 Greateful Dead live shows (a collection that will shortly be growing when the additional of 2TB of disk space on "back order" finally arrives!).

While SHN and FLAC files offer better quality, you need to use WinAmp, plus the relevant WinAmp Plug-ins to play them in stead of Media Player. There has been no plug in to Microsoft's Media Player to support these formats.

Welcome then to Direct Show / Windows Media Player .SHN Plug-In written by someone at RIT in the US. Don't know too much more about the author, other than his email address from the site. But it works OK (so far) and I can hear no real difference in sound quality between MedialPlayer and WinAmp with their respective plug-ins loaded.

And if you are into live music, the Live Music Archive contains tens of thousands of live concerts, many in SHN/FLAC format. This includes 2777 Grateful Dead Shows, 19 New Riders shows, and 2 Phil Lesh and Friends shows. Oddly, there's no Jerry Garcia Band or Bob Weir shows.

Saturday, January 22, 2005

Clever Social Engineering

Sophos researchers have discovered a new worm which poses as breaking news headlines. The worm, named W32/Crowt-A, sends mail with the subject line, message content and attachment names all gathered in real time from CNN. For corporate users that receive news bulletins via email (I sure do!), the less savy are going to open the attachment, and load the malware. Read the Sophos bulletin for more information on the work, and it's payload.

Winternals Administrator's Pak 5.0

Winternals is the commercial software firm run by Mark Russinovich and Bryce Cogswell. It's sister www.sysinternals site, is (or sure should be) well know by Windows power users around the globe as the source of outstanding free utilities. I've lost count of the number of times I've used their tools to really do useful things (e.g. regmon, filemon, bginfo, just to name a few!). Sysinternals takes those free tools to the next level and produce some really great commercial systems management tools.

One of Winternals' tools is the Administrator Pak. The current version 4.2 edition is a great set of tools enabling you to revive unbootable or damaged systems, diagnose problems with Windows, etc. The pack includes ERD Commander 2003, Disk Commander, NTFSDOS Professional, Remote Recover, Monitoring Tools, and TCPView Pro.

Winternals is due to ship Version 5.0 later this month. The new version features improved versions of both ERD Commander and Remote Recover, a centralised navigator, and some new tools including Insight for Active Directory, AD Explorer, and Crash Analyzer Wizard. This later tool uses the standard crash dump tools you can download from MS to help you to diagnose the source of blue screens!

Full product details have not yet been posted to Winternal's site. The current version is licensed on a per administrator basis, enabling each admin to use the tools on an unlimited number of systems. A neat licensing model - here in the UK, the RRP for each license is US$1410/admin (plus US$282/year maintenance). No prices have been disclosed for the new version yet.

Thursday, January 20, 2005

MSN Messenger 7.0 Beta Available

Microsoft has released an MSN 7.0 Messenger Beta. There are a couple of new features, including drag and drop backgrounds and the ability to set status before logon (you can see who's online before others know you've logged in). I've been playing with it much of today and it appears solid!

Tuesday, January 18, 2005

EPIC 2014 - A look at the future

I'm not sure if the EPIC 2014 is satire, or not. It is certainly an interesting look at how some of the big players (i.e. Microsoft and Google) could develop over the coming decade.

Monday, January 17, 2005

Microsoft Windows Internals - A New Book

This is the long awaited book on Windows 2003 by David Solomon and Mark Russinovitch. Every self respecting Windows Geek must own this book! Keeping with the tradition started by Helen Custer, Dave and Mark have produced another definitive book on the internals of Windows. See the web site, and buy this book!

Saturday, January 15, 2005

On the Value of Patching

In a recent USA article, entitled Unprotected PCs Can be Hijacked in Minutes, the authors demonstrate both how important patching is, and the value of firewalls! The article also demonstrates how hostile the Interent can be.

The study ran for two weeks and looked at how vulnerable certain types of systems were, both to being attacked, and to being attacked successfully. The XP SP1 and Mac OSX systems were attacked at about the same level (340 attacks/hour), with 9 succesful XPsp1 attacks, and none for the Mac, or the systems running Linspire (Linux),and XP SP2 with the Internet Firewall enabled.

If this doesn't demonstrate how important it is to keep up to date, I don't know what does!

Avalon Preview Released for XP

At the last PDC, Microsoft presented it's vision for Longhorn, the next version of Windows. At that time, the idea was you'd get loads of cool new stuff (whizzy presentation layer, a to die for file system, etc) by upgrading to Longhorn. It turns out that Longhrn was a bit of a tall order, and the requirement to upgrade to Longhorn was something many corporates were uncomfortable with - many of them still had not fully deployed XP yet, let along wanting to think about another roll out a couple of years down the line. So last summer, Microsoft had a rethink on the scope and direction of all this technology, the result of which was that WinFS was removed from Longhorn and is meant to come later. Additionally, MS announced Avalon (the new presentatiuon layer) and Indigo (the communications layer) were to be backported to Windows XP.

As reported over on Slashdot Microsoft has now released an initial beta of Avalon. Dubbed a Community Technology Preview (CTPs), it's a huge 261MB download. This was first made available to MSDN customers in November 2004, Microsoft has now made this a lot more widely available. CTP releases are not always super stable, so if you do decide to install it, you should probably avoid installing it on your primary workstation(s). In order to use the Avalon CTP, you also need a beta version of the .NET Framework Version 2 (download from Microsoft - it's 24MB!) your XP system (which can be XP Tablet!) needs to be at SP2, and you probably need a DirectX 9 capable graphics card as well.

You can read the slashdot reader's comments over at Slashdot. As usual, there's loads of anti-MS stuff and rather inaccurate comments, , but some good information. And for details on the release itself, head over to the MSDN Site and look at the Avalon November 2004 Community Technology Preview article. And for the low-down nitty gritty on WinFX, see the WinFX On-line SDK.

Tuesday, January 11, 2005

Secunia - Internet Explorer Command Execution Vulnerability Test

Thanks to my fellow RD, Hector M Obregon, for pointing out the latest new IE vulnerability. Hector pointed me to a New Scientist Article which descrives the flaw. Security Firm Secunia has posted details of this flaw on their site. They have also posted a Vulnerability Test that shows whether your system is vulnerable.

Patch this one as soon as possible.

Monday, January 10, 2005

Firefox on the Ascendency

I've been using Firefox a lot lately, and have switched over to it on my main workstation as my primary browser. It does NOT handle all sites perfectly, but these are few enough that I don't mind. I like the extra features that I get with Firefox and the plugs ins. When I get a suitable supply of tuits, I shall pepare a more detailed look.

It looks like I'm not the only one who is switching. For some weeks now, I've been noticing an interesting upswing web hits based on Firefox. Usage is on the upswing, based on a highly unscientific survey, aka a quick look at two websites (this blog and The WUS Wiki Site). In both cases, the stats come from Site Meter as I have their free counters running on these two sites which track (IIRC) just the last 1000 connections.

If you look at the WUS Wiki Browser Share stats, Firefox has a 22.22% share, IE 6.X 74.75%, IE 5.X 1.01%, Netscape 3.x 1.01% and Opera 7.X 1.01%.

Looking at the stats on this blog, the stats are: Firefox 26%, IE 6.X 69%, IE 5.X 3%, Netscape 4.X 1% Opera 6.x 1%.

So roughly, IE's market share is down to around 75%, with Firefox at around 20%, with the others making up the numbers.

You can't read a great deal into these numbers as they change regularly over time - I regularly see huge swings in percentages, e.g. the other morning, IE had a 90% share on my personal blog. But they are certainly an indication that usage of Firefox is growing, and in places has grown to a a resptibly healthy healthy level.

Sunday, January 09, 2005

Computing the size of a directory is more than just adding file sizes

I never tire of reading Raymond Chen's The Old New Thing blog. . While sometimes he's way over my head with coding or API details, often his posts contain great explanations on some of the things that Windows does.

In a recent post, Computing the size of a directory is more than just adding file sizes, Raymond looks at why computing the size of a directory is difficult. The things you can put into a directory these days is a bit advanced from the days of DOS 1.0! And, to some degree, his post makes you want to question whether the concept of the "size of a directory" is actually meaningful.

Friday, January 07, 2005

More on Microsoft Windows AntiSpyware Beta

I posted about this yesterday - and I've been playing with this a bit today, first on my main desktop (which was pretty clean). It generated a couple of false positives, and the deep search identified problems contained in one of the restore points. The scan on my laptop was pretty clean too.

Some observations:

1. The download is 6.23 MB.

2. MS have a simplified FAQ at

3. It installs on XP without needing a reboot.

4. It does not deal with cookies.

5. It looks an awful lot like Counterspy.

6. There is an open newsgroup for folks to talk about the product. Sadly, there are a lot of anti-MS posters there, which diminishes the value of the group a bit.

Microsoft release Spyware Beta

Microsoft yesterday released a free public beta of the recently acquired Giant anti-sypware program. MS has a (anti) Spyware site for more information and to download the free beta. I'll post more when information on this as I play with it.

Thursday, January 06, 2005

The Worlds Safest Online Computing Environment

According to a recent study entitled: Deep study: The world's safest computing environment , a UK Security firm says BSD and Apple MSC OSX (which is based on BSD) are the safest. In a survey conducted by IT security firm mi2g, the firm analysed 235k successful digital breaches against a global set of 24x7 permanently connected systems.

Their results show that Linux was the most breached (65.64% of all breaches recorded), while breeches of Windows based systems remained steady (25.19%). MAC OS X or BSD based online computers trended down to 4.82%. The breaches analysed hit all sectors, including home based systems (32%), SMBs (54.9%) and larger enterprises (only 2.5%). From these numbers, the smaller business was hit hardest.

For more information on BSD and MAC OSX,and a good bit of background on BSD, see Darwin/Mac OS X: The Fifth BSD over on

Wednesday, January 05, 2005

WUS - Windows Update Services Nearing Completion

Windows Update Services (WUS) is nearing completion - with a broad reach Beta, with Beta 2 available freely - and is due out this year. WUS is, in essence, SUS V2 and provides a number of new features currently available with SUS.

WUS is roughtly a year late so far - with expected RTM '1st half of 2005'. In October 2003 at the World Wide Partner Coference in New Orleans, I heard Steve Balmler announce SUS V2 would be delivered in the the 1st half of 2004. According to the transcript, he said "I guarantee you that if I come back to this conference, which I will -- when I am back at this conference next year, I am going to ask people whether they've deployed Software Update Services 2.0. And if as few hands go up as went up today, I'm going to have a real issue with our product development people or with our marketing people, because, believe me, this is targeted at one of the key pain points that you and our customers have identified."

WUS Beta 2 shipped last November, and RTM is due 1st half of 2005 (i.e. by end of June). Beta 2 is a solid product - it pretty much works, although there are as ever in a beta, a few minor issues to resolve.

As delivered Beta 2 provides a lot more facilities than were available in SUS, including:

  • Client targeting - supports different updates for different clients
  • Supports Exchange, SQL, Office, as well as Windows upates (despite the name!)
  • Better reporting
  • A thorough API to allow you to write add on tools/reports
  • Ability to remove a patch.

For more information on what's new, see the WUS Wiki Page on What's new in WUS.

WUS is far from perfect (and I'm not talking about the minor bugs you sort of expect to have with a beta!). The biggest problem to me is it's usability. I find it harder to use and troubleshoot than it should be. Some specific examples of this include:

  • From the main WUS Admin console, there are a series of dashboard figures on the number of updates available, the number approved and the numbers not approved. These numbers to not add up properly.
  • From the admin console, you can see clients that have yet to be udpated. But there is no easy way to actualy see which clients these are, and what updates are missing.
  • The client updates should 'just work'. But when they don't (9/11 of my systems worked fine first time, 2/11 didn't and still don't. It would be faster to fully reinstall the OS than it's taken me to troubleshoot this (unsucessfully).
  • There are no client troubleshooting tools.
  • There is no control over downloading updates (downloading it either on or off).
  • There is no support for 3rd party patching - it's MS only.

WUS is a great step forward, but it's late and needs more work.