Posts filed under 'IT News'
Looking at some of the news in the IT world at the moment, there is certainly a lot happening.
Starting with the Microsoft WMF (Windows Metafile) bug, which is undoubtedly the worst bug Microsoft have had for quite a while. Basically, a WMF file is a vector image script, which defines lines and shapes, effectively allowing it to be scaled to any size without distortion. Unfortunately when Microsoft designed the WMF specification, they included an error handler so that a faulty WMF image could still do something, however this allows people to write bad WMF files with an error handler containing malicious code. Even worse is that it is virtually undetectable, as a WMF files doesn’t have to have a .wmf extension and can be opened simply by being an image of a webpage, in an email, a document of some description or any number of other ways.
It gets worse, within 24 hours of the exploit being discovered, there were active exploits, dropping all sorts of nasties on Windows based computers everywhere, and Microsoft still don’t have a patch, despite the fact that it is now well over a week since the exploit was found. Thankfully an independent security expert has written a temporary patch, which Microsoft and many security agencies are recommending that you install.
The patch has been verified by the Internet Storm Centre who have hosted the patch at http://handlers.sans.org/tliston/wmffix_hexblog14.exe, the patch has also been verified by many other security agencies and experts. This vulnerability affects most versions of Windows, and is a very severe. It is recommended that you install the patch.
Apart from that, it is common sense security which will also help. The usual don’t open unknown attachments, don’t follow suspect links, and something that a lot of people don’t do but should, turn off the preview pane in your email client, otherwise your emails open simply by being selected, which can happen very easily, and very accidentally.
Other interesting and good IT News includes:
Wisconsin requires voting software to be open source and print a paper confirmation so that anybody who wants to can verify the software does what it should do.
The French military police ditch Internet Explorer and Outlook in favour of Mozilla Firefox and Mozilla Thunderbird, citing standards compliance and the fact that they want everybody to be able to read their public information, not just Microsoft users.
Portable Apps releases a portable USB thumb drive version of Open Office 2.01, so that anyone can access their documents and office apps anywhere.
Massachusetts confirms that they are adopting the Open Document Format (ODF), currently found in Open Office, and ditching Microsoft’s proprietary office format, citing, again, open standards compliance, enabling anyone to read and write the data regardless of operating system or office software (once Microsoft play ball and accept ODF in MS Office, it’s Microsoft’s loss if they don’t!).
An interesting day or so in IT, and not Microsoft’s finest!
Samuel
January 5th, 2006 at 12:14pm
Firefox 1.5 was released earlier today, but due to Mozilla moving from mozilla.org to mozilla.com the download link was slightly hidden. Thankfully Mozilla have corrected that in the last few hours (mostly), but I’ll put a link here anyway.
http://www.mozilla.com/firefox/
When I started using it I noticed instantly that the menus have changed appearance slightly and now look similar to those seen in Open Office. The tabs are now sortable, RSS/Atom feed notification icon now appears in the address bar rather than the status bar, the options window has been reorganised to make it easier to use, and some dialog boxes have been improved. Another thing I had heard about and checked out for myself is the fact that a lot of the dialog box spawning errors (such as site not found) now bring up an error page, similar to the way Internet Explorer handles it. This is good in some ways and bad in others, but the page looks nice and friendly so overall I’ll say it’s good.
Here is an example of an error page generated when I deliberately misspelled the URL for this site. (Click to enlarge)
Other notable improvements include
- Faster “back” and “forward” browsing
- Improvements to the Gecko rendering engine, with support for new standars, and even better support for older ones
- Optionally automatic updates. Updates are also now “update size” rather than the old full reinstall system
- The ability to clear the private data (browsing history, cookies, saved passwords etc) with a “tools” menu entry or key combination (presumably with confirmation dialog box, I haven’t tried it yet).
Update: Just tried it out and it sure beats going through parts of the options window to find the data to clear!
- New levels of disabled person accessibility to the browser. Firefox 1.5 is the first browser to ever meet US government accessibility standards for people with physical impairments.
- And lots more…
If you haven’t done so already, I strongly suggest that you give Firefox a try, I use it and love it, and it happily and easily imports settings from other browsers.
That link again
http://www.mozilla.com/firefox/
Samuel
December 1st, 2005 at 01:16am
A few nights ago I decided to install Ubuntu Linux 5.10 on my main computer, so I set about doing it, I downloaded Ubuntu 5.10 via Bittorrent as it provides downloads which are checked for errors as they come in. On previous occasions I have downloaded large things via HTTP (the “normal” way) and then fixed the errors by letting Bittorrent redownload the broken bits.
I decided to give Ubuntu 20GB of the 80GB hard drive, but I noticed that the hard drive was approaching 60GB of used space, so I went and removed a lot of excess clutter, which deleted roughly 20GB of files.
Then I set about running Disk Defragmenter which is always a good idea when repartitioning existing partitions, as it tends to move all the files into one large chunk, which makes the whole partitioning exercise easier.
The rest of the process should have been easy, I inserted the Ubuntu CD and booted from it, ran through the installation wizard, hist the wrong button on the partitioning screen without realising, had a minor panic attack and decided to partition the drive myself. So I whipped out my copy of Partition Magic 8.0 (without realising that it is the version of Partition Magic which creates NTFS partitions which Windows XP can’t recognise) and set about resizing the existing NTFS partition to 60GB which would leave a nice blank space for Ubuntu to deal with as it likes. Partition Magic slowed to a crawl and gave a useless error halfway through making the changes to the hard drive and promptly exited.
At this stage panic sunk in, I rebooted the computer (which was about all the computer would let me do) and watched Windows try to start itself. This was somewhat spectacular, before the XP logo screen could appear, I saw half of a stop error (AKA Blue Screen Of Death) and the computer restarted so it could do it again…needless to say, I was not impressed, and having not backed up the important data on the now useless partition I was very concerned.
I came to the conclusion that Microsoft own the file system, so they should fix it. So I got out my XP CD and booted off that and entered the recovery console…this proved how bad things really were, it didn’t even ask me for the administrator password, which is it’s way of saying “Well, I can’t find any reason to authenticate you…looks like that’s a hard drive…you fix it!”
I tried to get a directory listing, but it gave me some error along the lines of “failed to enumerate directory structure”, so I ran the recovery console version of CHKDSK, it told me the partition had errors (wow…it must be bright), so I let it loose with the /r switch in full force telling it to repair. During the hour or so that it spent showing me a percentage of completion, I frantically searched for my notes on the recovery console, which I appear to have placed in an unknown location.
Somehow, during this ordeal, I ended up deciding that this was exciting, so I greeted the completion of CHKDSK with some relief and joy…I restarted the computer and to my surprise Windows XP booted perfectly…all my data was still intact, and I was pleased.
Undeterred I set out on Installing Ubuntu again, and this time, having hit the right buttons, it went flawlessly, it resized my NTFS partition, created some new partitions, installed itself, configured the bootloader, and just plain worked…imagine how much time and angst I would have saved if I had hit the right buttons in the first place.
Samuel
November 9th, 2005 at 02:57pm
Microsoft have threatened to take Windows out of South Korea if the powers that be decide they have breached anti-trust laws by bundling MSN Messenger and Windows Media Player with Windows. It appears that Microsoft see this as a viable threat, and quite possibly blackmail, but they haven’t taken into account the growing number of people and governments using open source software.
Large chunks of Africa are running on Ubuntu Linux and doing just fine, governments in many places around the world are turning their back on Microsoft and proprieatary standards and software because they see major problems (not just financial) with investing their documents and operations in the whims of private enterprise. The fact of the matter is that not even Microsoft can import an early powerpoint presentation into modern versions of powerpoint with accuracy. The somewhat undocumented proprietary file standards are causing data loss amongst all kinds of computer users.
Open source invariably uses open standards, which, even when outdated, are still documented and can be imported into various programs. Open source software not only provides financial benefits, but can be altered to perform certain functions better.
I’m not saying that proprietary software is bad, I’m just saying that Microsoft seem to b showing an odd level of arrogance in their dealings with South Korea, and if they continue they will cause many other governments to reconsider their dealings with Microsoft and similar companies….except for the backward thinking ACT government that is…they have developed a strange “Open source is never documented and is always the worst solution and is only there to annoy people” stance on the matter. Strange when you consider the fact that ANYBODY can write a program which reads and writes Open Office files perfectly (because it is properly documented) and you have to reverse engineer and make guesses to implement a buggy filter for MS Office files (you try calling Microsoft and asking to see the documentation).
South Korea could make a decision as early as Wednesday….it’s not my place to speculate, but have fun flying those executives back to the US, Microsoft!
Samuel
October 29th, 2005 at 11:36pm
I’m very excited about the release of Ubuntu Linux 5.10, the “Breezy Badger” edition. It has a number of improvements over the 5.04 “hoary hedgehog” version, including better menu administration, a more friendly startup splash screen and better multi-language support.
Even more exciting is the educational institution specific Edubuntu release, designed for use in educational institutions, the good thing about this is that it appears to be virtually perfect for schools, including some excellent open source programs that do the same, if not better, job than the equivalent commercial programs. With any luck I should be able to play with this at Dickson College sometime soon, especially seeing as we have a limit on our Windows XP licences and don’t really intend on increasing the number…considering the awful costs involved. The good thing here is that there is a high chance the staff and students will find it highly useful and want it installed in more locations, which can only be a good thing.
The lovely people at Ubuntu, financially backed by gazillionaire Mark Shuttleworth, give away Ubuntu CDs and DVDs for free, with free shipping and all. You can still download it from the downloads page, but I’ve ordered some CDs from them, and you can to by heading over to the ShipIt page.
Samuel
October 13th, 2005 at 08:59pm
The other day I stubled across Google’s personalised homepage thing, and realised I could customise it with live feeds from most Google services, and any RSS/Atom feed on the web. But I noticed one small omission, I couldn’t receive updates from Google Groups, which annoyed me, so I emailed them about it…this was Tuesday.
This morning when I went to check on Google Groups I noticed something very nice indeed, Firefox was reporting to me that Google Groups is now available in RSS & Atom feed formats, which enables me to:
A) Put it into my live bookmarks in Firefox, and
B) Add info from Google Groups to my Google personalised homepage.
This all goes to show that Google are listening, thanks guys!
Samuel
October 6th, 2005 at 02:50pm
According to the Linux.Conf.Au 2006 organisers, there has been a massive number of submissions for LCA, so they have had to delay speaker notifications and attendee registrations.
The new dates are as follows:
September 28: Speaker Notifications Start
October 3: Speakers Announced
October 6: Program Announced
October 7: Early Bird (cheaper) Registrations Open
November 18: Early Bird Registrations Close (Prices Rise)
Naturally, registrations will close when places run out.
Samuel
September 24th, 2005 at 01:39pm
Broadband Over Powerline (BPL) is an exciting new technology that utilises the existing powerlines to bring broadband Internet access to every home with a connection to the elctricity grid. BPL is really just a new adaption of existing Power Line Communication technology used in such things as home automation.
The alternating current that currently uses the power lines operates at 50-60 Hz depending on your location, whilst the newer BPL signals operate at around 1-30 MHz and can bring speeds of up to 2.7Mbit to homes. Whilst this is certainly a clever technology, it has certain issues.
Some people may have already worked this out simply from reading the above, but I’ll explain it anyway. Powerlines tend to be unshielded and untwisted, making them perfect antennas, and this also means that they are very good at creating radio frequency interference.
The main problem with BPL is the enourmous amount of interference that it does create, in some cases blocking out AM radio frequencies, as well as some amateur, government and defence frequencies. There have been reports of interference to the FM frequencies as well, although I find that slightly harder to believe.
Considering that virtually every suburban power line would be acting as a radio transmitter, the concerns of people in the radio industry (especially amatuer radio entusiasts) are quite understandable.
It’s not all bad news though, as the FCC and the ACMA (formerly known as the ABA) have released rules requiring “notching” of the frequencies used by BPL to avoid the interference. The majority of the BPL systems that are capable of notching frequencies operate at mainly higher frequencies and are therefore capable of higher speeds, it is expected that they will be able to provide speeds in excess of the 24Mbit potentially provided by ADSL2+
The important thing for now is making sure that the regulators are kept up to date on what interference is occuring, and to make sure that the electricity companies know that they can’t take shortcuts and create unacceptable interference.
BPL will be the way of the future, potentially providing much more than just Internet access, but it is important that it is setup in the correct manner, and the only way to ensure that is to keep a close eye on the regulators and the companies involved. I for one don’t want to lose AM radio, FM may be technologically superior, but I find AM has many benefits, including it’s incredible ability to “bounce” for incredibly long distances at night. People don’t seem to realise that AM radio is capable of stereo transmissions, or that digital radio will probably use frequencies currently used by AM radio. Certainly FM is better at reproducing music, but it is more suceptible to frequency drift.
I’m sure John B1_B5 understands the theory behind AM and FM better than I do and will hopefully be able to explain things a bit more clearly and correct any mistakes I may have made. I’ll admit that I don’t really understand the theory behind AM and FM radio very well, but I’ve done my best…
Anyway, I’m all for BPL, as long as it is implemented in a correct and cautious manner.
Samuel
September 19th, 2005 at 10:50am
British Companies have been warned that they face a computer “meltdown” as zillions of british workers use their computers to track cricket scores during the fifth Ashes test.
One of the quotes from computer firm Network General was quite interesting and amusing
While every company is aware of the risks posed by computer viruses, few will have ever considered Ricky Ponting and Michael Vaughan’s men a potential threat to their computer networks
Interesting, this could be an opportunity to semi-solve the problem of yesterday’s “cricket score statusbar” searcher.
I personally use the resources of Channel 7 to keep up to date with cricket scores when I’m not near the TV, just hover on cricket and click scoreboard, and hey presto (or bingo, or bingo bango bongo) you have live cricket scores & stats.
Samuel
September 6th, 2005 at 10:51am
Just a quick reminder that the Call For Papers for Linux.Conf.Au 2006 to be held in Dunedin closes in two days. If you were planning to submit an abstract and haven’t done it, then you better hurry up and do it.
I have submitted three abstracts, and will put them up here once the CFP closes.
Samuel
September 3rd, 2005 at 06:55pm
The title explains the answers.
When I plugged in my flash drive a few moments ago, I had Windows Media Player minimised, and as soon as I plugged it in, Media Player decided it had to ask me if I wanted to scan it for media files ten times.
My answers, well, I’ll read the title of this post to you:
“No, No, No, No, No, No, No, No, No, No”
Thankyou to the lovely loony monkeys typing code for Microsoft, you have made my life so much easier…now, what did I plug in my flash drive for in the first place?….Blast, I forgot, and I think it was important too….
Samuel
August 11th, 2005 at 11:15pm
This afternoon at work, we were discussing pie’s (the charming Indian boss who had never heard that word thought we were talking about “pine”, which really isn’t as tasty and often leads to tooth damage), and after following a link to a pie recipe, I noticed an ad telling me I had won something. Normally, I would not click on one of these ads, but on this occasion, I quite simply couldn’t help myself.
After clicking the link, I was presented with a page that had a strange little animation “calculating” my reward, which turned out to be $1101, the page also presented me with a timer telling me I had three minutes to call the number on the screen, which just happened to be an Australian free-call number, I printed the page (it had the claim number on it) and went next door to the office, which has the phone.
Upon dialing this free call number, I was transferred (at the advertising company’s cost) to a US call centre indentifying themselves as the “prize claim hotline” or something.
I told the girl who answered the phone that I had just won $1101 and she seemed to become excited (I don’t think many people ever ring the number, maybe she was happy to hear another person) and she proceeded to ask me for my claim number, which I gave her. She then went and asked me a few strange, although suprisingly understandable, questions about my holiday habits, how long has it been since my last holiday, what credit card to I prefer to use etc. She also asked for my name and phone number (office phone).
She then went on to tell me about this prize I had won, she was pretty much elaborating on what I had on my printout, a holiday to various places, I didn’t really care whether I was going to see a beach near a rollercoaster or not, but I pretended to be interested. She went on and on and on and on and on, until eventually she made the scam a little bit clearer, I was getting this fantastic holiday, I had to take at least one other person with me (which makes the per person cost seem much lower), and the third & fourth person is free. The total cost of this amazing holiday was a mere $1699. Naturally I had my $1101 discount, so it was only going to cost me $598, on credit card NOW and I can take my holiday whenever I want for the next 18 months.
During this entire performance, she was telling me information I was supposed to write down, names of places I could visit, and her name which, just on the off chance she is real and wants to google herself or you speak to her, was Shirley Mathis
She then had a recap of this amazing holiday, and then wanted my email address, she didn’t say why she wanted it, so I asked her:
“Are you going to spam me?”
to which she replied
“I’m sorry, I couldn’t hear you”
I asked her a second time and she froze, after a silence of about five seconds she said she was transferring me to her supervisor who “would be able to handle my enquiry better”.
I placed them on mute temporarily while I updated my surrounding co-workers on the status of this bizarre call (it was originally on speakerphone, but Shirley couldn’t hear me very well, so I picked up the handset), after a brief time on hold, an American man who never identified himself answered the phone and started blabbering more repeated details of this holiday before asking me for my email address, I asked him whether he was going to spam me, to which he replied
“I’m not going to stand on you!”
so then I said
“No, Spam…SSSS-PAAAAM”
He paused, and seemingly went into shock, and after about five seconds said
“Oh, no, no, no (chuckle) we just want to send you a verification code so you can see your prize again.”
He didn’t bother asking for my email address again, and instead went on to a postal address, I started with a number, and had to spell it out to him, then I had to spell out the worded part of the postal address….twice, at which point one of my co-workers burst out laughing and rolled on the floor for a while, which I told the man on the phone, he seemed to ignore that, and as soon as we were finished with that he went and told me (for the third time) that once he was finished with me he would put me through to a tape recording from the legal department which would ensure that I knew what I was receiving (as if they hadn’t told me enough times already). I was beginning to suspect that he was a tape recording himself.
He eventually got to the “I want your credit card details” section of the conversation, and I made an excuse, I told him I had left my credit card at home today, and he said that people usually tell him that when they don’t believe the holiday deal. He suggested that I should call home
“Put me on hold and call home!”
I couldn’t argue with that logic, so I said I was putting him on hold, couldn’t find the hold button and pressed mute instead, I obviously wasn’t going to ring home as I had no intention of giving them my financial details, during the time I had them on mute I discussed the progress of the call with my co-workers and heard Shirley saying something to her supervisor about me, which sounded derogatory, it also sounded like she was saying something along the lines of “I think we’ve got this one”. I’ve always wanted to listen in on people who are on hold, it can prove to be entertaining, my wish came true today.
I waited a few more seconds before taking them off of the muted hold, and continued to play their game as if I hadn’t heard anything.
Samuel: Are you still there?
Shirley: Yes, I’m here
Samuel: Oh, ok, your supervisor said I should ring home to get my credit card details
Shirley: I know, I was standing right here
At this stage I was thinking “But you said you were transferring me, how many other people are listening to this, perhaps you are in a small office and the other call centre voices are just a recording.”
The call continued
Samuel: Well, I tried, but nobody is home.
And the banter went on for a but longer, she started to sound disappointed, and told me about my holiday again, what came next really caught me off guard.
Shirley: You should borrow your bosses credit card…he can take it out of your pay cheque!
Samuel: (Laughter) I suppose, but he isn’t here right now
He was actually less than four metres away at his desk listening to me talking, but I wanted to finish this call politely, maybe they would let me have the bogus holiday to secure the scam…but alas, Shirley reached the stage where
Shirley: Well, I’m not going to be able to process your order without a credit card, I’m really sorry, I really wanted to help you out, I always look out for the people who sound like they need a holiday, and you sounded like that, and I really wanted to help you…
Samuel: Well, with the rate that your ads keep appearing, I’m sure you will be able to give it away to somebody, it is a pity, I would have liked the holiday, it sounded great, I guess it’s just not my day.
Shirley: Well it will go back into the system, I really wanted to help you, but I’m so sorry I can’t, maybe next time.
And that pretty much ended the call. I went back to the computer to find the three minute timer had changed to “Call Now”, I refreshed the page, and got the same claim number, the same prize, and another three minutes to call.
The call itself lasted for 24 minutes and 17 seconds, all of which was paid for by these lovely scammers.
Now if you have some spare time, and want to make those scammers pay, give Shirley and her supervisor a call, the more people the better, just use the details from my printout.
Ah yes, the fun that can come from those internet ads.
Samuel
August 9th, 2005 at 10:55pm
If you have a question about SmoothWall, the answer is probably in one of the 101,000 threads on the SmoothWall forums. Go and check it out.
Samuel
August 5th, 2005 at 09:56pm
Hmmmm, does anybody reading this remember Idiot Number Three?
Well, I do, and he still likes Internet Explorer, and went on a mini rant when he found Firefox and no Internet Explorer on the computer he was using, he went so far as to say “I hate Firefox”…the words of an idiot, pure & simple.
His mini rant prompted another person in the room to start complaining as well, apparently they want IE to be the default browser…if I never had any contact with that network I probably wouldn’t care, but the fact is I am in contact with that network every day, and work on some fairly important files there. The last thing I want is some leaky, pain in the rear end, security risk, poor excuse for a browser on my desktop.
The main reason this Firefox roll out occurred is because far too many computers on the network were having difficulty receiving proxy and other IE configuration info from the server. Firefox, apart from being the better browser, allows us to lock down these settings locally, so even without a server it still works.
For some reason, the second person mentioned seemed to think the IE’s view source command handles viewing source nicely. IE opens it in Notepad, where you see a large block of semi-gibberish text in a window, which notepad has retrieved from a temporary location and will discard as soon as you close the window (unless you remember to save your changes). Firefox on the other hand opens source in it’s own source viewer, which colour codes the HTML, which is much easier to read and deal with than notepad’s “Block of text” view. The other benefit of Firefox’s view source command is that is forces you to save the HTML file before you modify it…no more of those “I made the best change ever and forgot to save it” moments.
These people know (or at least should) that Firefox is the better browser, and yet use IE without giving it a second thought, why?
This kind of attitude is the reason that so many of the Windows exploits get around so quickly, all those worms spread and all those malware issues take over your desktop with strange offers and pictures. It isn’t so bad when people simply don’t know, but when they do know, and do nothing about it, that is when the problems start.
Not updating software and not following secure computer usage principles is the main reason that all this malware gets around so easily, often the users of the computer don’t know that they are being used to spread garbage, but if they followed some basic security principles then they would be less likely to suffer from, and help spread, such problems.
That being said, following security principles won’t stop malware issues, but it will slow it down, and it will result in less problems for you when you go surfing the web, or need to type a letter, or do something else.
Unfortunately, some people just won’t learn, like those pesky Internet Explorer loving idiots.
Get Firefox!
Samuel
August 1st, 2005 at 06:50pm
Occasionally Slashdot readers leave interesting comments, usually I don’t notice them because I have better things to do, on this occasion I noticed a very good description of various programming languages by “WebCowboy”.
Thinking about it, you could have a similar discussion about languages–“C culture” vs. “Perl culture” vs “VB culture”. C might be like iron, C++ stainless steel. Java might be aluminum foil. Perl would be binder twine. VB…hmm….styrofoam peanuts…or silly string?
WebCowboy also had some interesting, although poorly spelled and punctuated, comments about mainframes.
I can’t say I really know for sure what a “mainframe toy” would be–mainframes don’t seem like fun at all. I think “mainframers” may have forgotten what childhood was like, or perhaps hatched from a pod fully grown, who knows. I do not have a lot of exposure to that philospohy/culture. If I HAD to pick a toy that was most mainframe-like I might say Mecanno, because like UN*X they are fery uniform in structure, however you have tediously fiddle with those little screws to put anything together, just like a mainframe–you have your “special screwdrivers” (arcane knowledge) and have to follow tedious processes to get things done. Or, perhaps it is like building a birdhous with popsicle sticks, where you have to tediously glue the pieces together with Elmers glue, wait for it to dry before putting it out. In either case, the result is very strong/robust but difficult or impossible to change do you don’t bother–you just retrofitr what is there until you get an extremely bizarre looking contraption that is ugly but still very sturdy and dependable.
Samuel
July 31st, 2005 at 07:25pm
Next Posts
Previous Posts
