computers

Ding dong, SCO is dead!

Jason Thibeault, 2 Comments

Despite years of protestation from the likes of Rob Enderle and Maureen O’Gara, SCO never had a case. What they had was a windmill (Linux), a dusty set of armor (being their legal theories), a papier-mache lance (their attempt at extorting money from all Linux users for “licensing their proprietary code”), and a mule (being their Unix System V licensed from Novell) to ride on.

Finally, after six years of tying up the courts with their baseless claims that Linux contained proprietary UNIX code inserted into it by IBM, and the countersuit by Novell claiming they did not even have the right to sue for such a thing as they were effectively revoking all SCO’s rights over the code for breach of contract, SCO is being forced to file Chapter 7 after their attempt at Chapter 11 bankruptcy turned out to be such a dismal failure. That’s right, now they’re being forced to sell the computers, laptops, patents, chairs, desks and toilet paper rolls in one big fire sale, then divvy up the money and hand it out to their creditors. Meaning, of course, Novell is not terribly likely to get all the back license fees owed to them when SCO misreported how many licenses they had sold.

Either way, the court case isn’t necessarily dead, so PJ can’t put on her red dress just yet. I want a real resolution to the case so there’s a judgement on the facts that Linux users can point to the next time a Microsoft proxy tries to sue F/LOSS out of existence.

Ding dong, SCO is dead!
{advertisement}

My brilliant would-be scientist gets blogged!

Jason Thibeault, , , ,

And I am blogging about it!  I’m proud of her.  She’s asked how to go about getting into science, biology specifically, and knowing she’s an animal person she’s going to have a fun time.  She has a letter answered by John S. Wilkins of Evolving Thoughts on how to break into the biology field and he makes some excellent suggestions.

In the meantime, I am playing Fallout 3 pretty well every spare minute I can get away from work-and-work, which amounts to maybe a couple hours a night.  I am on call all the time and do what I can where and when I can for everyone, as evidenced by the fact that I have remoted into the “Other Site’s” computers half of the day and altered software for them.  My in-office time is spent avoiding total disaster with software pushes that don’t work quite right when there’s a lingering bad self-made MSI install of Thunderbird 2.0.0.14 that seems to not want to remove itself from certain systems even after the program files directory is removed, requiring removal of a registry key.  Software installs are not fun under Windows.  Now maybe if I had a way to remote into them like SSH, that I could do some awesome system stuff while someone else is logged in, that’d be perfect.  You know, like under a Linux computer.

I bet such a thing already exists for Windows, but I can’t imagine unless you can remotely spawn a local copy of a GUI application that it would be nearly as useful as under Linux.  I believe you can do something like that while remoting into Windows 2003, but unless there’s some third party out there, Microsoft can’t do it intrinsically, I don’t believe.  There’s one mentioned here that I want to look into, which looks to have the command prompt half of it at least.  It’s 1999 stuff though, so who knows how good it’ll be.

My brilliant would-be scientist gets blogged!

Two computer cases I had tonight.

Jason Thibeault,

Tonight I fixed two computers “on-the-side”, not relating to my actual job.  One was a Vista laptop whose password had been lost — I downloaded and burned a copy of Offline NT Password & Registry Editor, used that to change the person’s password to the same as her BIOS boot and hard drive passwords.  This was a bright, shiny new Compaq, and incredibly hefty.  The screen was gigantic and beautiful.  A shame it was sullied by Vista.  I’d have had Ubuntu on that baby and travel in style, with XP on a boot partition for playing games away from my desktop (which would be possible given the sweet on-board NVidia it had access to — a shame it was wasted on Vista’s Aero decorations).

Heeeeey, I could play Fallout 3 on it and be able to not be a hermit.  You know, hang around out in the living room with Jodi while playing that Oblivion-engine-based Fallout revival.  I’m a bit surprised by how much of Oblivion I can still see in that game.  They did a decent job making what appears to be a first-person shooter with heavy exploration elements, basically Oblivion with guns.  Called shots (VATS — dunno what it stands for) are cool.

But I digress.  More on that later.

Case number two was a fantastic issue, and by fantastic I mean it puzzled me for several hours.  Local-ISP Internet Security Services, a rebranded F-Secure by F-Prot, apparently stomped on some files installed by Google Toolbar, causing the venerable old toolbar to refuse processing DNS while in Internet Explorer.  By extension, because the stomping seems to have damaged the internet stack itself, which Firefox has to share, it refused to process Firefox requests for certain webpages, and seemingly pushed all internet traffic over a localhost-based proxy (which I’m assuming Google Toolbar used to interpose itself into the flow of internet traffic).  As a result of this, the issue I was approached with was that the Local-ISP internet services installer was unable to, after installation of the software, actually contact their registration service (since its own traffic was redirected to that no-longer-existing Google Toolbar proxy).  The poor owner shut the computer down rather than letting the computer run without any kind of antivirus, and called me for help.

Local-ISP Tech Support had been no help whatsoever, having run through the uninstall and reinstall of the security product to no avail.  I’m thinking either they’re not aware of the incompatibility of their software with Google Toolbar, or I might just be off base on the exact cause of the situation as the whole timing thing is my only real concrete link between cause and effect in this case.  That, and uninstalling Google Toolbar via HijackThis having fixed the issue, which isn’t quite a solid evidence one way or the other for whether or not the security suite actually stomped the Google Toolbar files.  The thing is, I can’t see any other possible cause for the toolbar to have just fallen over and died.

Anyway, the installer for the Local-ISP software is running now, and I have all through the weekend to finish this thing, so I might as well go to bed.

Oh yeah.  Back is still sore, I’m heading back to the doctor ASAP.  It’s getting better, kinda, but it’s way slower than it should be.  Granted, I haven’t come to another crisis yet, I’m more worried that I’m just going to be stuck like this if we don’t start getting some x-rays or MRIs or whatever else and figure out what the hell is bugging my back so much.

(Mini update — I fixed the time frame.  I had intended to post this tomorrow morning if I didn’t get it finished, but I did, and forgot to go back and change “last night” to “tonight”.  Bet that’ll be funny in the RSS feed.)

Two computer cases I had tonight.

Don’t rush to upgrade Java.

Jason Thibeault

Michael Horowitz at CNet News’ “Defensive Computing” blog has an article up on Java 6 Update 10, which was just released this weekend, and whether or not you should update from your current Update 7.  This is great advice — well thought out and perfectly reasonable, especially where this new version does not contain any security fixes, only new features.

Wish I’d read it before I spent all day updating my work’s computers to Rev 10, finding out it was incompatible with a tool we need to use, then having to roll everyone back.  Oh well, live and learn.  Lost most of the day to this little escapade, but the day’s almost done so I’m okay with that.

Don’t rush to upgrade Java.

Microsoft critical vulnerability — quel surprise

Jason Thibeault, , 3 Comments

Microsoft last night sent out an urgent security bulletin to all eOpen members via e-mail, which I quote verbatim:

Subject: Alert – Critical Product Vulnerability – October 23, 2008 Microsoft Security Bulletin Release (Out of Band)

Due the urgency of this bulletin, you have received this notification in English. If your specified language preference is French, we will send you a French language version as soon as it becomes available. Thank you for your understanding.

What is the purpose of this alert?

This alert is to provide you with an overview of the new security bulletin released (out of band) on October 23, 2008. Microsoft has released security bulletin MS08-067, Vulnerability in Server Service Could Allow Remote Code Execution (958644), to address a vulnerability in all currently supported versions of Windows. This security update was released outside of the usual monthly security bulletin release cycle in an effort to protect customers.

Executive Summary

This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter. The security update addresses the vulnerability by correcting the way that the Server service handles RPC requests.

Recommendations

Microsoft recommends customers prepare their systems and networks to apply this security bulletin immediately once released to help ensure that their computers are protected from attempted criminal attacks. For more information about security updates, visit http://www.microsoft.com/protect.

New Security Bulletin Technical Details

Identifier

MS08-067

Severity Rating

This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important for all supported editions of Windows Vista and Windows Server 2008.

Impact of Vulnerability

Remote Code Execution

Detection

Microsoft Baseline Security Analyzer can detect whether your computer system requires this update.

Affected Software

All currently supported versions of Windows

Restart Requirement

The update requires a restart.

Removal Information

· For Windows 2000, Windows XP, Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility

· For Windows Vista and Windows Server 2008: WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.

Bulletins Replaced by This Update

MS06-040 is superseded on these operating systems: Windows 2000 SP4, Windows XP SP2, Windows XP X64, Windows Server 2003 SP1, Windows Server 2003 X64, Windows Server 2003 SP1 for Itanium-based Systems.

Full Details:

http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx

Public Bulletin Webcast

Microsoft will host a Webcast to address customer questions on the bulletin:

Title: Information Regarding an Out-of-Band Security Bulletin Release (Level 200)

Date: Friday, October 24, 2008 11:00 A.M. Pacific Time (U.S. & Canada)

URL: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032394179&Culture=en-US

Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. Microsoft’s security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s Web-based security content, the information in Microsoft’s Web-based security content is authoritative.

If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant.

Thank you,

Microsoft CSS Security Team

So it was urgent enough to spam their license-holders via e-mail, and it’s predictive of the next big worm.  In the past, these e-mails have been remarkably prescient — probably because hackers read these e-mails at the same time and are well aware that people regularly leave their boxes unpatched for months at a time.  If you’re using any Microsoft OS, patch your shit now before it hits the fan.

Microsoft critical vulnerability — quel surprise

What a fine way to spend Turkey Day Evening…

Jason Thibeault, 7 Comments

… sipping green tea and watching someone with a decent handle on science mangle creationists on Youtube.  This is why VenomFangX got his panties in a bunch, because he got thoroughly whomped.  I’ve only watched up to Part 4, but I’m going to watch the rest after linking the whole bunch from here.

As promised, here’s Thunderf00t’s series, “Why do people laugh at creationists?”  Parts 2 through 26 (yeah!), after the fold.  If this kills people’s computers, I could also replace the whole lot with a link to the playlist on Youtube.  Sit through it all, and you’re going to be treated to a dissection of the views of our favorite VP Candidate, Bible Spice Sarah Palin.

Part 1: https://www.youtube.com/watch?v=BS5vid4GkEY

Continue reading “What a fine way to spend Turkey Day Evening…”

What a fine way to spend Turkey Day Evening…

I’m beat.

Jason Thibeault, , 5 Comments

Last night, I went to bed at 12:30. Admittedly late knowing that I was to take an hour and a half drive the next morning, meaning I’d have to leave at 8 am to get there in any decent amount of time. I fell asleep pretty well right away, which is unusual for lately, then at 2 am one of our smoke detectors (with CO2 detection) went off… for five seconds. And stopped.

I pretty well bolted out of bed (I remember saying “what the hell?” out loud twice and was halfway downstairs before I was really conscious), searching for any sign of anything that could have caused the smoke detector to freak out randomly, given that it wasn’t a short chirp like the usual warning that your battery’s giving way. In fact, as I was still in a half asleep fog, I wasn’t even sure which of our three detectors had gone off. Also, neither of the other two had registered a even a blip. So, I closed all the windows in case someone was burning something outside (which happens often around here in the summertime), then went back to bed. I was concerned it would happen again, and the adrenaline of the situation was still pumping, so I didn’t fall asleep easily.

And at 3 am, it did happen again, only it kept ringing. I tore it down off the ceiling and pulled it out of the power outlet it was connected to, but it kept ringing. It took me about a minute and a half of turning it over, twisting it and prodding it before I found the battery outlet, on the front of the stupid thing. Having taken it down, I was able to get back to sleep relatively easily this time. Too bad 7:15 came along really quickly.

Got to work, thinking I was doing the job solo, but the IT guy for the site was there, bum knee and all. Sadly, I had to do much of the brainwork, being that that’s why I was called in — the other IT guy couldn’t figure out what it was exactly that was necessary to get all the phones moved, despite being walked through it by folks higher up on the food chain than myself. So he was stuck doing gruntwork, hobbling back and forth using a chair to transport computers back and forth, while I hunted down the correct punchdowns to pull, reroute and re-punch on the proper spots. The whole job had much fewer complications than I had anticipated, given that I was told there was a number of wires that needed special punchdown configurations (which by the way nobody gave to me, so I would have had to guess and test through the process).

The biggest complication, however, came from something totally out of my control. Some idiot apparently wrote something along the lines of, “there’s a bomb in the building”, on the womens’ washroom mirror, using mascara. This delayed our move project significantly — almost two hours lost right after lunch, right after I had gotten everything straight and gotten a plan put together, and right before I actually got to implement it. So there I was, stuck sitting in the parking lot (sitting, literally, because of the amount of standing and walking I’d had to do for quite some time up until that point), needing to go to the bathroom, with absolutely nothing to do but watch the comings and goings of the cops and fire truck and forensic unit, desperately wanting coffee (those two facts kind of go hand in hand — I’d drank a good deal of coffee already at that point), not knowing hardly anyone at the centre, when it started to rain.

Impressed by this turn of events, I marched off to a nearby building (where Clifton happens to work) to find a bathroom and some coffee. The coffee was definitely necessary at that point — I was nearly falling asleep on my feet. It was also horrible. Seriously tasted like it was on a burner for eight hours, even though it was in a carafe.

Anyway, to wrap this story up (as I’m dead at this point), we dealt with the remainder of the phones in roughly five hours after regaining access to the building once the forensic unit had left.  The drive home was a killer as far as awakeness is concerned, though luckily it only sprinkled a bit so I didn’t also have to deal with the elements.

Now.  It’s time for bed.  Once again I push off my draft.  (Not that it’s the only one.  I have two other drafts on the go that I still haven’t posted, because I never really get around to working on them.)

I’m beat.

Still haven’t gotten to the supposed two-fer from yesterday

Jason Thibeault8 Comments

Tomorrow I’m destined for a last-second panic-attack-induced road trip to another work site wherein I will have to perform duties I estimate as being about 30 hours of work in much, much less than that. No cracks about the Scotty rule either — I’m serious when I estimate that’s how much work it will normally take to perform the toning out and migrating of 20 computers and VoIP lines, especially where any number of these lines might be set up to use Cat3 instead of Cat5. That’s right, VoIP (including PoE) on Cat3. Possible, but hairy as hell.

Anyway, I’ll eventually finish that draft I’m working on, but it’ll probably have to be tomorrow night. A teaser — it’s about my thoughts on the “resolution of the universe”. I won’t explain that until you see the post itself.

Still haven’t gotten to the supposed two-fer from yesterday

Update on the house situation

Jason Thibeault10 Comments

The seller has signed our offer, and the signed copies of the offer are in the hands of her lawyer.  Once they wend their way to my lawyer, I sign it, give the lawyer a $100 deposit on the closing costs, and then have to get that paperwork to the mortgage brokers to get the mortgage on the go.  The closing date is set for August 18th, and I’m taking a week’s vacation to get this place packed and moved to the new one.

As for the closing costs, we’re depending heavily on selling one of those two computers mentioned earlier, however neither of them are generating the kind of interest they should be getting.  My father’s agreed to loan me $500 until such time that one of them sells, or if they don’t, then until I can save up enough to pay him back.  Hopefully the closing costs won’t be nearly as expensive as most other places, since there won’t be a title search, survey, or other such legal trivialities to undertake, what with it being leased land.

The fact that it’s leased land, though, gives me a different piece of paperwork to have to do — the lease consent form, that basically says the mortgage brokers are aware that it’s a leased land and are allowing it, and that the leased land owners do not have any claim over the house itself.  This is turning out to be a bit of a hassle, with both the land owners and the mortgage brokers demanding the other sign first.  I happen to agree with the mortgage brokers, on reading the text of the document — despite my not having a legal background, I can read high-level English and can usually get at least something out of the documents.  It’s in the land owners’ hands now, having been faxed to their head office.  Hopefully it doesn’t come back with another request to get the mortgage brokers to sign first, but we’ll see.

Update on the house situation

Excellent.

Jason Thibeault,

We went over the numbers again, checking out different scenarios and taking into account some expenditures and incomes we hadn’t considered in our original budget for trying to scrape together the down payment on the house.  As it stands, we will have all but $500 on the 3rd of August, meaning we could move the closing date back a week (to the 18th) without taking a hit.  So, we’re going to be depending on selling one of the computers.  My father actually volunteered to give me $500 from his vacation pay when I spoke to him last month — bless his heart — but I refused then.  I’m considering borrowing it from him until one of the computers goes, or, if they don’t, then paying it back over time.  That $500 is the last piece of the puzzle, barring any unforeseen costs over the next month.

In short… excellent.  Everything’s working out perfectly.

As for this blog, I hope to put a bit more effort into the Computer and Games sections relatively soon, hopefully once I get most of the house-related business squared away — I especially want to talk about Sam and Max at some point.  I’ve been intending to put up a tribute to George Carlin since his death, especially regarding how the media has completely ignored most of his actual oeuvre, mentioning only his pushing the boundaries of profanity in this love-fest they’ve been giving him.  I also have a few introspection posts planned, including some of my history, and my thoughts on creation, evolution, existence, and other big scientific questions that for some reason I think I’m an authority on despite millenia of intelligent people failing utterly at answering them.  This is all assuming I can get my thoughts together coherently enough to bother publishing them.

Then again, if you want eloquence, you’re looking in the wrong place.  I never finished my English degree.

Excellent.