Sunday, February 27, 2005
This site is a part of the Government and business partnership programme Project Endurance, which is being funded by a number of commercial organisations and government departments/agencies. See here for ITsafe's partner list.
Thus far, the site is not overly compelling although this will improve with time. The information is limited and the site design requires a lot of server hits - the amount of information returned from each hit is limited. Content wise, the site is very new - there are no security alerts, no security advisories, and only two "other" advisories (one relating to a buffer overflow issue with Trend AntiVirus software and the other a FireFox vulnerability). The amount of information that is displayed for each issue is also limited, although links to more information are provided.
Despite these minor grumbles, this is a a great start to Project Endurance. You can sign up to receive ITsafe bulletins by email by going here. One nice touch with the sign up - the signup form asks for an itsafe word. This word is then added to the subject heading in the email - highly useful for filtering purposes. It would also reduce the risk of phishing attacks allegedly coming from itsafe.
For more security links, see Technorati's Security page.
Saturday, February 26, 2005
Features in the beta that I like include:
* Multiple snapshot and snapshot management capabilities--for capturing and managing multiple configurations
* Teams feature--for managing connected virtual machines and simulating "real world" multi-tier configurations
* Cloning functionality--for copying virtual machines and sharing them with colleagues. This includes the ability to convert a VPC VM into a VMware Workstation VM! * Improved USB support - just about everything's supported inside a guest. * Support for 32-bit and 64-bit hardware. * NX bit support - the VMware "hardware" now supports this bit, for OSs that can make use of it (e.g. XPSP2, Server2k3SP1).
The beta is a LOT quicker to save and restore VMs. I run (for better or worse) my mail server inside a VMware VM using VMware 5.0, and this VM is run from my main workstation (a nice dual proc Xeon box). Since I am regularly rebooting my workstation, I also have to save and then restore the mail server - which now takes just seconds. For a fuller set of details on what's in VMware Workstation 5.0, see the beta page on VMware's web site.
So does VMware 5.0 stack up against VPC 2004? The the current version of Vmware has more features than VPC already. VMware 5.0 adds many useful and important features that power users will appreciate, thus widening the feature gap. I've not seen pricing yet, so I can't comment on that yet!
So where does that leave VPC? Well, being a Microsoft product, it is less less expensive than the competition, and has fewer features. BUt, it is fully supported by Microsoft. VPC is aimed at corporate customers who do not want to have to deal with potential support issues arising from using MS OSs inside a VM, and customers not needing the extra features. VPC is ideal for desktop Windows XP user who needs to run applications that are only work in earlier versions of Windows. VPC is also a very valuable tool for Microsoft demo warriors and trainers (who get VPC VMs from Microsoft!).
At the end of the day, I'll end up using both products. I've got, for example, a set of fantastic ISA Server Enterprise Edition labs which will stay as VPC VMs, while my mail server will continue to run in VMware. As an MCT, most of training courses I run these days run either in part or in whole using VPC VMs. VMware is a much heavier duty product, with a higher spec - I think of it as the 'workstation' vs 'pc' type product. I'll continue to use it at home and in those cases whe the extra featues are needed.
Friday, February 25, 2005
However, some issues can not be easily fixed or even fixed at all. For example, applications that come with .VXD kernel mode drivers (for win9x). These do not work in the NT versions of Windows. In such a case, you either stick with Winoows 9x (possibly running your App within a virtual machine running 9x), or get a newer version of the applicaiton or the driver for one that runs on 2000/XP/2003.
Application comptability has been a major focus of MS for some time, and they've done some great work, to some degre behind the scenes - application compatibity is an OS feature and is used often without you even knowing it - automatically fixing applications. as a result of this work, MS has also produced Application Compatibility Toolkit, which contains tools and documentation to assist you in remediating most, if not all compatibilitly issues. Many issues can be remediated by using the toolkit. The toolkit enables you to apply individual fixes to an application and test the results. Once you fix the application, you can create custom application compatibility database (an SDB file). By using sdbinst.exe, you install that sdb to your system and from then on, every time the application runs, it gets properly dealt with at run time. It's dead cool stuff - and I suspect most users, and most admins are blissfully unaware of it!
A revised version of the application compatibility toolkit, version 4.0, is in the works - and should be due anytime soon. MS is now adveretising the TechNet Support WebCast: How to use Microsoft Application Compatibility Toolkit 4.0 to manage application compatibility on Microsoft Windows. If you are doing deployment, I'd advise taking a look at this webcast.
For most corporate users, this has no effect at all, since they are using retail or volume licensed copies. What it will hit is the hobbyist, and enthusiast who has bought an OEM box, and wants to re-install the OS. It will be interesting to see how this develops!
Monday, February 21, 2005
From mail I've had today "Beginning 12 April 2005 this temporarily blocking mechanism will expire and systems with Automatic Update enabled or interactively download SP2 via Windows Update will begin receiving SP2. Note that this is also the scheduled day for the monthly cumulative release of security updates. We strongly encourage customers to take the appropriate steps to implement SP2 deployment decisions by that time.
April patching day is going to be an interesting one!
Tuesday, February 15, 2005
You can nominate yourself for this beta by going to http://beta.microsoft.com, log into the system using a MS Passport ID. Then use the guest ID of "MBSA20" and complete the survey. If you are seleted, you will be contacted by MS with full details. If you are not selected, there will be a public beta starting late March. My take is to test this tool (and file bugs if you find any!!).
Bill Gates is using the RSA Security show to announce a new version of IE. To be dubbed IE7, a beta is to be released this summer, with release "when the product is ready". IE7 is meant to be a major release focusing on security and usability. Security issues to be tackled in IE7 include phishing, malware, and spywaare. There is no news yet of precisely what will be in it, but from the demo I saw recently, browsers tabs do seem to be included! :-)
Monday, February 14, 2005
It turns out that if you feed Firefox a set of URLs, separated by teh "|" character, FF can open a window, with each page in a separate tab. Going further you can create a desktop short cut, with the shortcut pointing to the "|" delimited string of site names to create a short cut to a tabbed set, all in one window. For some things I do, this is really handy. You all probably knew this, but I thought it was cool. Now all I've got to so is to work out how to save as set of open tabs (opened by manual browsing) as a single shortcut from within FireFox.
So, until and unless your organisation adopts a formal policy, you may be better off simply not mentioning the company you work for You should also probably refrain from making jokey comments in your blog about your pointy haired bosses, your lack of email, your having to wear meaningless badges in lieu of having any kind of real security, etc, etc. It's clear that some organisations have had a sense of humour bypass as well as all common sense glands removed.
Sunday, February 13, 2005
Saturday, February 12, 2005
If you are the administrator of nemf.com,or know the administrator - could you tell them please to shut off their spam filter till it's a bit more reliable? But if you are the administrator, you'll need to use a different email addres as I've blocked your domain from my site.
Friday, February 11, 2005
But the most interesting thing about Howe's research (and which you can really only discover by reading Livingston's analysis!) is how effective the existing programs actually are - or should I say how INEFFECTIVE. The most effective tool in Howe's tests was Giant AntiSpyware, which has been purchsed by Microsoft. But even this tool fixed less than two thirds of the adware that was installed. As many folks have been saying: you shoudl use more than one product to do spyware detection and removal. Livingston's analysis shows that using Giant plus other tools improves the perccentage of adware fixed (but this still leaves 30% or more of the adware!).
I take three things away from this article: the advertisers (and malware writers) are keeping ahead of the technology (which is scary enough), people are far less secure than they think they are, and while no product is perfect, MS certainly did buy the best of the anti-spyware bunch! The down side of that is that the bad guys are now targeting the MS anti-spyware package!
In an interesting article, Planet PDF makes a great argument for PDF as opposed to .exe files Distributing documentation as PDF (or for the bandwidth challenged, pdf in a zip file) makes so much more sense. As firms begin to use Software Restriction Policies that limit what programs a user can run, there is a need to recondider the 'documentation via .exe' approach. I would hope all large firms that post documentation on the web listen to this argument and take notice!
Thursday, February 10, 2005
I've set up my bookmark list at http://del.icio.us/tfl. Right now there's not too many entries (some users have literally thousands of entries!). But I'm sure the list is not goint to remain so small. From my bookmark page, you can see two of my bookmarks, for example, are also bookmarked by other people. You could then browse those individuals and view their bookmark lists (from where you can repeat the process ad infinietunm - or until the data/time runs out!). If on your travels, you find something interesting, you can easily copy it back to your bookmark list.
This is fantastic if you are on the road using a 3rd party terminal, etc. By using del.icio.us, my links are available to me anywhere I could probably use them! You can also share your lists with others and see what others deem useful enough to bookmark too. I'm certainly going to put the bookmarks I have setup on my home PCs onto my bookmark list!
The book is divided into 6 logical sections (e.g. C# Language Elements, .NET Resource Management, etc). In each section you'll find a series of essays, each discussing a particular issue in C#. Each essay provides a clear explanation of the issue, offers the programmer alternatives, and shows how to write the most effective code. The tone is very rational - just the facts, with no emotion to cloud the reader's judgment.
Now, I'm not a programmer, and can only do really simple things in C#, so many of the topics in this book are beyond me. Even though I'm not the target audience, I found it a great read. I sure learned a lot!
Wednesday, February 09, 2005
The first two litems of software are NT4, and contain links to the necessary patches. While I think it's a great thing that MS is still keeping NT4 users patched, I really thought that NT4 was beyond the stage of free security patches.
Monday, February 07, 2005
Saturday, February 05, 2005
- 9 Microsoft Security Bulletins affecting Microsoft Windows. At least one of these is Critical and some of these updates require a restart.
- 1 Microsoft Security Bulletin affecting Microsoft SharePoint Services and Office. This is moderate and may require a restart.
- 1 Microsoft Security Bulletin affecting Microsoft .NET Framework. Rated as important, the update requires a restart.
- 1 Microsoft Security Bulletin affecting Microsoft Office and Visual Studio. Rated Critical, this update requires a restart.
- 1 Microsoft Security Bulletin affecting Microsoft Windows, Windows
- Media Player, and MSN Messenger. This is rated as Critical and requires a restart.
Thursday, February 03, 2005
Microsoft's Windows Update Service is working it's way through it's stabalising phase. Beta 2 was out last November, an RC is due in the next few months, and RTM planned late this half (ie by the end of June). One issue that's been noted with the prodcut is the name. WUS simply is a bad name (aside from the sound of the name when spoken sounding sub-optminal and highly mockable) because it's not a Windows Update Service. It's a Software Update service, initially updating Windows, Office, SQL, Exchange. It also does more than just update software - since in theory at lests, updates to DDKs/SDKs etc could ge shipped vis WUS.
With WUS (or whatever it's called) being a key security product in the small to medium business sector for the coming few years, it's important to get the name right. Every product should pass the Ronseal test: it should do what it says on the tin. By comparion SBS passes this test with flying colours - it's THE small busines server product - a product for small businesses. WUS, on the other hand, fails.
Whatever the name change, there are some changes coming, providing useful improvements over features in the public beta. I'm looking forward to the RC, and putting the product through it's paces. It's also worth remembereing that the beta is not planned to be upgradeable to RTM (and probably not upgradeable to the RC), something that may deter some small businesses testing the beta.
For more on WUS, see the WUS Wiki: http://wus.editme.com