Abby informed me recently that, horror of horrors, she’s a neophyte when it comes to the ways of the Blogosphere, and thus doesn’t know how to use RSS feeds. So, herein, I shall endeavour to show her, and you, and maybe some random Google searchers, how to make use of the RSS readers that you probably already have installed presently. If Firefox and IE are insufficient, then I leave it as an exercise for you to find alternative RSS readers.
Windows
{advertisement}
My brilliant would-be scientist gets blogged!
And I am blogging about it! I’m proud of her. She’s asked how to go about getting into science, biology specifically, and knowing she’s an animal person she’s going to have a fun time. She has a letter answered by John S. Wilkins of Evolving Thoughts on how to break into the biology field and he makes some excellent suggestions.
In the meantime, I am playing Fallout 3 pretty well every spare minute I can get away from work-and-work, which amounts to maybe a couple hours a night. I am on call all the time and do what I can where and when I can for everyone, as evidenced by the fact that I have remoted into the “Other Site’s” computers half of the day and altered software for them. My in-office time is spent avoiding total disaster with software pushes that don’t work quite right when there’s a lingering bad self-made MSI install of Thunderbird 2.0.0.14 that seems to not want to remove itself from certain systems even after the program files directory is removed, requiring removal of a registry key. Software installs are not fun under Windows. Now maybe if I had a way to remote into them like SSH, that I could do some awesome system stuff while someone else is logged in, that’d be perfect. You know, like under a Linux computer.
I bet such a thing already exists for Windows, but I can’t imagine unless you can remotely spawn a local copy of a GUI application that it would be nearly as useful as under Linux. I believe you can do something like that while remoting into Windows 2003, but unless there’s some third party out there, Microsoft can’t do it intrinsically, I don’t believe. There’s one mentioned here that I want to look into, which looks to have the command prompt half of it at least. It’s 1999 stuff though, so who knows how good it’ll be.
Microsoft critical vulnerability — quel surprise
Microsoft last night sent out an urgent security bulletin to all eOpen members via e-mail, which I quote verbatim:
Subject: Alert – Critical Product Vulnerability – October 23, 2008 Microsoft Security Bulletin Release (Out of Band)
Due the urgency of this bulletin, you have received this notification in English. If your specified language preference is French, we will send you a French language version as soon as it becomes available. Thank you for your understanding.
What is the purpose of this alert?
This alert is to provide you with an overview of the new security bulletin released (out of band) on October 23, 2008. Microsoft has released security bulletin MS08-067, Vulnerability in Server Service Could Allow Remote Code Execution (958644), to address a vulnerability in all currently supported versions of Windows. This security update was released outside of the usual monthly security bulletin release cycle in an effort to protect customers.
Executive Summary
This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter. The security update addresses the vulnerability by correcting the way that the Server service handles RPC requests.
Recommendations
Microsoft recommends customers prepare their systems and networks to apply this security bulletin immediately once released to help ensure that their computers are protected from attempted criminal attacks. For more information about security updates, visit http://www.microsoft.com/protect.
New Security Bulletin Technical Details
Identifier
MS08-067
Severity Rating
This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important for all supported editions of Windows Vista and Windows Server 2008.
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update.
Affected Software
All currently supported versions of Windows
Restart Requirement
The update requires a restart.
Removal Information
· For Windows 2000, Windows XP, Windows Server 2003: Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility
· For Windows Vista and Windows Server 2008: WUSA.exe does not support uninstall of updates. To uninstall an update installed by WUSA, click Control Panel, and then click Security. Under Windows Update, click View installed updates and select from the list of updates.
Bulletins Replaced by This Update
MS06-040 is superseded on these operating systems: Windows 2000 SP4, Windows XP SP2, Windows XP X64, Windows Server 2003 SP1, Windows Server 2003 X64, Windows Server 2003 SP1 for Itanium-based Systems.
Full Details:
http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx
Public Bulletin Webcast
Microsoft will host a Webcast to address customer questions on the bulletin:
Title: Information Regarding an Out-of-Band Security Bulletin Release (Level 200)
Date: Friday, October 24, 2008 11:00 A.M. Pacific Time (U.S. & Canada)
URL: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032394179&Culture=en-US
Regarding Information Consistency
We strive to provide you with accurate information in static (this mail) and dynamic (Web-based) content. Microsoft’s security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s Web-based security content, the information in Microsoft’s Web-based security content is authoritative.
If you have any questions regarding this alert please contact your Technical Account Manager or Application Development Consultant.
Thank you,
Microsoft CSS Security Team
So it was urgent enough to spam their license-holders via e-mail, and it’s predictive of the next big worm. In the past, these e-mails have been remarkably prescient — probably because hackers read these e-mails at the same time and are well aware that people regularly leave their boxes unpatched for months at a time. If you’re using any Microsoft OS, patch your shit now before it hits the fan.
I’m beat.
Last night, I went to bed at 12:30. Admittedly late knowing that I was to take an hour and a half drive the next morning, meaning I’d have to leave at 8 am to get there in any decent amount of time. I fell asleep pretty well right away, which is unusual for lately, then at 2 am one of our smoke detectors (with CO2 detection) went off… for five seconds. And stopped.
I pretty well bolted out of bed (I remember saying “what the hell?” out loud twice and was halfway downstairs before I was really conscious), searching for any sign of anything that could have caused the smoke detector to freak out randomly, given that it wasn’t a short chirp like the usual warning that your battery’s giving way. In fact, as I was still in a half asleep fog, I wasn’t even sure which of our three detectors had gone off. Also, neither of the other two had registered a even a blip. So, I closed all the windows in case someone was burning something outside (which happens often around here in the summertime), then went back to bed. I was concerned it would happen again, and the adrenaline of the situation was still pumping, so I didn’t fall asleep easily.
And at 3 am, it did happen again, only it kept ringing. I tore it down off the ceiling and pulled it out of the power outlet it was connected to, but it kept ringing. It took me about a minute and a half of turning it over, twisting it and prodding it before I found the battery outlet, on the front of the stupid thing. Having taken it down, I was able to get back to sleep relatively easily this time. Too bad 7:15 came along really quickly.
Got to work, thinking I was doing the job solo, but the IT guy for the site was there, bum knee and all. Sadly, I had to do much of the brainwork, being that that’s why I was called in — the other IT guy couldn’t figure out what it was exactly that was necessary to get all the phones moved, despite being walked through it by folks higher up on the food chain than myself. So he was stuck doing gruntwork, hobbling back and forth using a chair to transport computers back and forth, while I hunted down the correct punchdowns to pull, reroute and re-punch on the proper spots. The whole job had much fewer complications than I had anticipated, given that I was told there was a number of wires that needed special punchdown configurations (which by the way nobody gave to me, so I would have had to guess and test through the process).
The biggest complication, however, came from something totally out of my control. Some idiot apparently wrote something along the lines of, “there’s a bomb in the building”, on the womens’ washroom mirror, using mascara. This delayed our move project significantly — almost two hours lost right after lunch, right after I had gotten everything straight and gotten a plan put together, and right before I actually got to implement it. So there I was, stuck sitting in the parking lot (sitting, literally, because of the amount of standing and walking I’d had to do for quite some time up until that point), needing to go to the bathroom, with absolutely nothing to do but watch the comings and goings of the cops and fire truck and forensic unit, desperately wanting coffee (those two facts kind of go hand in hand — I’d drank a good deal of coffee already at that point), not knowing hardly anyone at the centre, when it started to rain.
Impressed by this turn of events, I marched off to a nearby building (where Clifton happens to work) to find a bathroom and some coffee. The coffee was definitely necessary at that point — I was nearly falling asleep on my feet. It was also horrible. Seriously tasted like it was on a burner for eight hours, even though it was in a carafe.
Anyway, to wrap this story up (as I’m dead at this point), we dealt with the remainder of the phones in roughly five hours after regaining access to the building once the forensic unit had left. The drive home was a killer as far as awakeness is concerned, though luckily it only sprinkled a bit so I didn’t also have to deal with the elements.
Now. It’s time for bed. Once again I push off my draft. (Not that it’s the only one. I have two other drafts on the go that I still haven’t posted, because I never really get around to working on them.)
That last post brings me to a related rant.
A computer-related rant, specifically. About some choices the Ubuntu folks have made that I don’t agree with.
That’s right, I’m about to complain about Linux, rather than my usual target, Windows.
Continue reading “That last post brings me to a related rant.”
“… but let’s not actually GIVE this stuff away, even if we got it for free!”
I tried to take the remains of my yard sale to the Salvation Army today. I was turned down. There’s something a bit odd about being told that they can’t take your donations because they don’t have room, considering that the idea is less about keeping it in storage until someone can pay for it, than it is about getting stuff to people who CAN’T afford it. Evidently the Salvation Army is a for-profit organization that has its roots in religion (thus the “salvation” part… and maybe also the “army” part). So people donate to it out of the goodness in their hearts, and they then turn around and sell all these items to others. I’m sure they make more than enough to cover their storage fees, but given how many keep cropping up everywhere, I almost get the feeling it’s some sort of scam or something.
So I thought about it for a while, and then donated it to a girl at work who had recently had her house burned down when I recalled that she was still in need of some stuff despite some extensive fund-raising at work. All told, there was two boxes of dishes, some books, some board games, a few small kitchen appliances, and various cables and bits that I otherwise had duplicates for. She was grateful, as evidently pretty well all of it was useful to her. Plus I got rid of about five boxes of stuff we would never use, and wouldn’t want to move anyway. Win-win all around!
I also tried to install a Motorola SM56 Softmodem into a Windows Vista machine for a yard-sale-goer I met on Sunday. The computer was relatively decent in the specifications, a 3.06GHz Intel chip with 512 megs RAM, which ran dog-slow under Vista Home Basic. Strike two against Vista for this case, came in the fact that the softmodem is totally incompatible. I tried several different drivers from XP, but most of them wouldn’t even install, and the ones that did wouldn’t recognize the PCI card. The funny thing is, when I installed it, Vista recognized it and even tried to find the drivers, but when it failed it told me exactly what model of card it was and that it was incompatible. That same computer could run both the dial-up modem and Windows XP with absolutely no problems whatsoever, I’m sure of it. It’s sad. We all know Vista’s designed from the ground up to be as resource-intensive as possible, even on the most basic model with the lowest settings you can set, so it’s an obvious bit of money-grab when they do things to attempt to force you to upgrade to Vista such as tying DirectX 10 into it, trying to force people to upgrade both their computers and their operating systems despite XP finally making it through its extensive breaking-in period and achieving some modicum of stability and security.
Needless to say, it was a failed exercise. A bit of a down note on an otherwise up day.
Firefox 3 is out
For those of you that are using Linux, you already know how to update Firefox — just use Update Manager and install any Firefox update that’s available. For you poor souls on Windows, good luck — the download site has been a very slow site all day long. And it’s no wonder — there have been (last time I checked) roughly 800,000 downloads today alone. The counter seems to be broken now, though, so I don’t know if that’s still incrementing.
Hooray for open source!
House
So, today we cleaned the house, I called a mortgage broker about getting a mortgage on a house, and House is on the teevee right now. No seriously.
Okay, I suppose we didn’t clean “the house”, so much as we cleaned our current place of residence, which is one half of a duplex in a co-op. We’re going to be participating in a block yard sale this weekend. And good lord, is there ever a lot of stuff to sell! I’m planning on selling my X-Box, with Fable, Ninja Gaiden and Halo 1, along with wireless controllers, a DVD remote, and the headphones for playing online (which I never did). My going plan is to bring those straight to EB Games to see what kind of price I get there, first. Unless one of my loyal reader (singular intentional) is interested, in which case I’d cut them a way better deal than EB Games would give them. If the price is unacceptable, then into the yard sale it goes. Right alongside a fake fireplace whose heater is broken, a bunch of books that I’ve been trying to get rid of for roughly six months, numerous electronics, some knicknacks, kitchen supplies, and all the standard yard sale fare. You know, like unopened Windows ME Upgrade boxes ($5! What a ripoff steal!), and a heavy bag that I’ve never been able to put up anyplace. E-mail me if you need directions, there’s actually a lot of decent stuff here that we just need to get out of our basement.
As for the house we looked at, it’s a two-year-old Prestige Home “mini-home”, 74′ by 16′, in perfect condition, and if we can get a mortgage, it’s practically ours right now. Yes, I know, that technically means it’s a trailer. And it’s technically in a trailer park right now. Our current long-term plan is to get the house, get a plot of land somewhere, and move the home there. Maybe put it on a foundation one day. Convert the front of the whole thing into a greenhouse, install solar panels and wind turbines, pack the back with a thermal mass, put a roof garden on it for insulation purposes, collect rainwater and passive solar heating… okay, that’s getting a little ahead of myself I guess.
By the way, I’m going to try not to let it go this long again. There’s quite a few topics I’ve wanted to discuss over the past few weeks, and I’ve mostly just been either working like crazy, or focussing on my home life. I suppose I can’t be blamed for that, but it’s hard to build readership when you don’t really ever post anything.