greg hughes - dot net
Note that the contents of this site represent my own thoughts and opinions, not those of anyone else - like my employer - or even my dog for that matter. Besides, the dog would post things that make sense. I don't.
 Tuesday, January 11, 2005
Microsoft today released three security bulletins, two of which are classified as “Critical” severity, and related patches to resolve the issues described in each bulletin:
| Jan 11, 2005 |
Vulnerability in HTML Help Could Allow Code Execution (890175): MS05-001
Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me, Internet Explorer 6 |
Windows NT4 Service Pack 6a, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold, Internet Explorer 6 SP1 |
Critical |
| Jan 11, 2005 |
Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711): MS05-002
Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me |
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold |
Critical |
| Jan 11, 2005 |
Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250): MS05-003
Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition |
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows Server 2003 Gold |
Important |
I was wide awake at about 4am today, looking around for a fast way to get live syndicated content (need it to always be up-to-date) from a weblog’s RSS feed to the home page of a web site I am maintaining for non-profit organization. Cops on Top has climbers in Africa this week for a memorial mountain climbing expedition to Kilimanjaro, and they are sending electronic communications from the field via email and phone calls. The messages can show up on the weblog in real time, without anyone else’s intervention. So, I wanted to be able to show the latest weblog posts on the org’s home page.
I did a quick Google for what I needed, and came up with a gem of a tool: Feed2JS.
What Feed2JS does is to provide an interface where you can specify the URI to a RSS feed, click a few boxes and buttons on a web page to specify your options, and generate a Javascript output that you can stick straight into your web page, ready to go and immediately syndicating content from the specified feed. In addition, there’s a stylesheet generator on the site that lets you customize the look and feel of the feed as it’s displayed on your web page.
You can even download the original PHP scripts (which are provided under an open source license) and run Feed2JS on your own server, which could speed up the feed-to-web proxy function if you have scalability concerns due to very large volume, or if you want to modify the RSS cache to update more frequently than every 60 minutes. That is the default cache time for feeds being gathered and serviced by the Feed2JS system. At any rate, download your own copy and run it yourself, and you get complete control.
The results are quite good. Sure, the end user has to have jscript/Javascript enabled on the client, but that works for this purpose, so I am happy. Recommended.
Another slightly less-elegant (but quite useful) method using server-side ASP is called RSS in ASP. It works, as well.
Monday, January 10, 2005
I have been testing development and release builds of dasBlog 1.7 for the past week or so. There are a few of us running it on our live sites to make sure everything’s working as expected and to provide real-world feedback.
This version – spearheaded by developers Omar and Scott and incorporating the work of several others – simply rocks.
There are a large number of performance improvements (it’s a lot faster and uses less resources on the server) and feature additions/enhancements. You can read about all the changes on the dasBlog wiki page for v1.7. Some of my favorites are the ability to post drafts without actually publishing to the live site, RSS 2.0 enclosures, referral spam protection,
One thing that I just added to this site with the latest build is live support for the Movable Type Blacklist, which is another mechanism to kill referral spam before it happens. There’s also the ability to block referrers from being listed by keyword. It’s all pretty cool.
It’ll be done soon, and when it is you’ll want to check it out, regardless of whether you currently use dasBlog.
Here is a point of view I tend to agree with, with regard to business and blogging… It’s not just what you say at work that can get you fired, and companies can employ (or not) based on a number of aspects of a person’s life. If you’re a blogger, these thoughts over at the Blog Your Way weblog are worth reading and taking into account:
Blog Your Way » My thoughts on being fired for blogging
There have been a lot of posts lately about being dooced (fired for blogging). Dooce (Heather) was the first to be fired almost three years ago and thousands have been fired since then. It seems that many more will follow. What was the common denominator in the majority of them? Discretion…and not thinking about the possible reaction to their posts.
From MS MVP Jerry Bryant comes news about the new malicious software combat tools that will launch on Tuesday this week from Microsoft:
Announcement of Upcoming Release of Malicious Software Removal Tools
Starting from January 11th, 2005, Microsoft will provide Windows customers with Malicious Software Removal Tools. New versions of these tools will be available monthly (second Tuesday of every month on the same schedule that Microsoft already delivers other security updates) or more frequently if necessary…
…Microsoft will provide new versions of this tool updated to remove malicious software that is found to be prevalent for that month. The first version of the tool available in January will be able to remove Blaster, Sasser, MyDoom, DoomJuice, Zindos, Berweb (also known as Download.Ject), Gailbot and Nachi viruses / worms.
These removal tools will be made available to customers through the following delivery vehicles:
- As a download through the Microsoft Download Center
- As a critical update through Windows Update and through Auto Update for those customers who have Auto Update turned on
- As an ActiveX control also available at www.microsoft.com/malwareremove
Friday, January 07, 2005
To make creating weblog entries simple, fast and easy, I use a tool called BlogJet. Dmitri (the author) has just released v1.5 of the program:
BlogJet 1.5 Final Release
Great news – BlogJet 1.5 is available now. It’s a huge improvement over previous versions – it has slightly better user interface, more features, support for more blog services and CMS and it’s more stable.
BlogJet 1.5 is the free update for registered users.
Download it now!
Full release notes are here.
Thursday, January 06, 2005
My gnome friend Brandon Watts jumped on the proverbial horse and rode straight out the barn on his first PodCast earlier today. And all in all, he did a fine job.
If you have not heard about Brandon before, here's a little info:
- He wrote his own programming language for beginners, called Leopard, a couple years ago.
- He's 18 years old now.
- He's wicked smart.
- He writes for Lockergnome and has had his writing featured in a variety of print and online media.
- He has a pretty darn good radio voice.
- He has a blog.
Check out his podacst (for the uninitiated, podcasting's this new thing that all the kids are doing with MP3 files and easy-to-use-and-distribute audio shows). Let him know what you think.
Chris Pirillo is a well-known geek and all around goofy (and smart and good) guy. He founded Lockergnome and did a show for TechTV back before that network went straight to crap.
He’s starting his new weekly audio broadcast today, two-and-a-half hours of live talk from the Consumer Electronics Show (CES). His show’s new website is online and the live broadcast starts at 11:30am Pacific Time, but the stream is already running so jump in now. Replays available if you miss(ed) the live show, and RSS feeds are on the site for subscribing – I did.
http://www.thechrispirilloshow.com/
I am working form home today, and so I will be listening to it in the background whilst editing papers and organizing stuff. Good to see you back on the air, friend!
The other day I was discussing the differences between geeks and nerds with someone. I said that I thought I was probably more of a geek than a nerd, and had to try to explain why there’s a difference and what those differences are. I started to wonder if I was wrong, that maybe they’re the same, but today I think I can safely say that’s simply not true. Hypothesis: I am a fairly prolific geek. I am not much of a nerd. I just took this online test because Mark Orchant (theofficeweblog) was surprised at his results. He’s obviously a smart person, and came out with a pretty darn nerdy score and I was wondering what mine would be. This test is very nerd specific – meaning it addresses things like Star Trek, graphing calculators, the periodic table, pictures of really old guys nerds would know about, and stuff like that. On a scale of 1–100, I scored 31. Click the graphic to find your score… 
So there you have it – Greg is not nerdy. What about the Geek Factor? Exactly one year ago today (hmmmm that’s kinda weird, isn’t it?), I took another online test – the “Digital IQ” test at MSNBC. I scored way off the top of the scale on that one. I also took it again this morning to refresh my memory of the questions and to see if my score had changed – it was exactly the same. In this one they use the word “nerd” in their description of “digital ace,” but I think it’s misplaced based on the questions they ask. Geek would be a better term, IMO. It’s still available online – click the image below to find out your score there. 
“Meet Your Computer’s New Bodyguards” is one of the taglines you’ll see when installing the new Microsoft AntiSpyware beta software. Microsoft today launched its public beta of the software, which is available to download from the company’s web site . A lot has been said recently about Microsoft’s acquisition of Giant, a company that makes anti-spyware software used to protect computers from prying eyes and privacy leaches. After installing it and running it, it’s interesting that its flagging things that AdAware and SpyBot S&D don’t alert on. That’s good. In my case, it didn’t hit on anything I wanted to change or remove (I have a few tools on my computer that it sees as potentially problematic, if someone else had put them there, for example. The UI is nice and clean, and I like the automatic updates (already working). It’s pretty darn IO intensive, so don’t plan to do any disk-related work while it’s performing a check. By default it schedules a scan to happen at 2am each day (you can change this) and it sets up a real-time protection service that works a lot like an anti-virus program does, watching for known spyware and prompting the user for certain types of system changes as they happen. I really have only one complaint. If I am running a scan and click on any menu item or button in the user interface to to go to another page, my current scan aborts without warning. This is really very frustrating and will likely cause many people to skip completing a full scan because they’d just killed a scan after 10 minutes and would have to start over again. Overall, great start and I already like the interface and approach better than the other options out there today. Look out, here comes Microsoft – again. This is one area they’ll have to get right, for sure. (found via NeoWin)
Wednesday, January 05, 2005 Tuesday, January 04, 2005
 This always seems to happens to me. It’s part of being an early adopter, I guess:
From Engadget: Vonage is partnering with VTech on the next best thing: a cordless phone that comes with Vonage’s broadband Voice over IP service built-in. The has a VoIP gateway chipset built right into its base station, which you just connect right up to your router. Besides letting us toss out that bulky analog telephone adapter we’re still using, the ip8100-2 also operates on the 5.8GHz frequency, which means it won’t interfere with our WiFi.
Well, darn it… I bought a set of identical phones just a couple weeks ago, only without the Vonage service built in. I got them because my old 2.4GHz phone was worn out ad was messing up my WiFi big time. The phones look a little weird in pictures, but they have a really decent speakerphone built in, ringers that don't sound like an 80's alarm clock, and generally work very well. And these are the *same* phones, which I brought home and – get this – plugged straight into my Vonage IP phone adapter device. Argh.
I also saw a combination unit this weekend at a big big big gadget warehouse store that was a combination of the Linksys 802.11G router and a Vonage IP phone adapter. Again - I have both already. I am tempted to buy that one though, because simplifying the voice QOS configuration and compatibility there would certainly improve my call quality at times. My current setup gets glitchy at times.
Scoble on blogging at Microsoft and assumptions that might be made by people on the outside: “… They think someone has "spun" Bill Gates into believing blogging is good for Microsoft. “Please, if you're gonna say something like that, warn me not to be drinking water when it comes online. “I wish I could tell you why that made me laugh. Let's just say the skepticism is misplaced. You don't get 1300 to 1500 people doing ANYTHING at a company without some very explicit decisions made at the very top of the company. Think about that one for a while.”
© Copyright 2008 Greg Hughes 
This work is licensed under a Creative Commons License.
 | This page was rendered at Thursday, November 20, 2008 10:07:07 PM (Pacific Standard Time, UTC-08:00)
newtelligence dasBlog 1.9.7174.0
|
"Computers used to take up entire buildings, now they just take up our entire lives."
- Unknown
"So how do you know what is the right path to choose to get the result that you desire? And the honest answer is this... You won't. And accepting that greatly eases the anxiety of your life experience."
"To try when it seems there is no hope is to risk failure. But to not try is to guarantee it."
- Anon
Syndication [XML] and .net Alerts
For lazy, highly-technical or enlightened people, get this site's content without the use of a web browser. I use FeedDemon for this, but you can choose your own. Subscribe - click the icon for my feed... or sign up for Microsoft Alerts to receive updates through your MSN Messenger, e-mail, or mobile device. Click the orange button thingie to sign up with your Passport account: 
Contact
Drop me an email: Phone: 503-766-2258
Add me to MSN Messenger
Monthly Archive
| November, 2008 (4) |
| October, 2008 (18) |
| September, 2008 (18) |
| August, 2008 (18) |
| July, 2008 (35) |
| June, 2008 (16) |
| May, 2008 (12) |
| April, 2008 (16) |
| March, 2008 (22) |
| February, 2008 (32) |
| January, 2008 (9) |
| December, 2007 (6) |
| November, 2007 (4) |
| October, 2007 (19) |
| September, 2007 (36) |
| August, 2007 (19) |
| July, 2007 (17) |
| June, 2007 (16) |
| May, 2007 (13) |
| April, 2007 (11) |
| March, 2007 (5) |
| February, 2007 (14) |
| January, 2007 (16) |
| December, 2006 (16) |
| November, 2006 (4) |
| October, 2006 (23) |
| September, 2006 (14) |
| August, 2006 (21) |
| July, 2006 (34) |
| June, 2006 (25) |
| May, 2006 (20) |
| April, 2006 (20) |
| March, 2006 (17) |
| February, 2006 (34) |
| January, 2006 (30) |
| December, 2005 (23) |
| November, 2005 (39) |
| October, 2005 (30) |
| September, 2005 (49) |
| August, 2005 (31) |
| July, 2005 (21) |
| June, 2005 (35) |
| May, 2005 (53) |
| April, 2005 (54) |
| March, 2005 (60) |
| February, 2005 (27) |
| January, 2005 (59) |
| December, 2004 (70) |
| November, 2004 (58) |
| October, 2004 (55) |
| September, 2004 (64) |
| August, 2004 (53) |
| July, 2004 (65) |
| June, 2004 (50) |
| May, 2004 (49) |
| April, 2004 (26) |
| March, 2004 (20) |
| February, 2004 (26) |
| January, 2004 (28) |
| December, 2003 (12) |
| October, 2003 (8) |
| September, 2003 (11) |
| August, 2003 (1) |
On this page
Search and Translate this Site
Blog Posting Categories
Navigation Links
Blogroll
 Alex Scoble
Alex is a former coworker who blogs about a variety of IT-related topics. |
Brent Strange
Brent is a cool dude and a great QA guy that I used to work with. His blog is, appropriately, focused on QA and testing technology. |
Chris Brooks
Chris was formerly my boss at work and is an avid board gamer and photographer. He always has some new info about top-notch board games you may have never heard of, so if you're into them, you should check out this blog. |
Chris Pirillo
Lockergnome by trade, Chris is always up to something new. If you are not familiar with the Lockergnome newsletters, be sure to check them out, too. |
Matthew Lapworth
Matt's a software developer and friend. He seems to enjoy extreme sports. That's fine as long as he doesn't, like, die or something. |
Milind Pandit
Milind writes about all sorts of interesting stuff. We worked toegther for eight years, and he worked at our employer longer than I, which pretty much makes him old as dirt in company time. :) |
MSFT Security Bulletins [RSS]
RSS feed for all Microsoft security bulletins provides an always-up-to-date list of updates along with complete descriptions of each. |
neopoleon.com
Rory Blyth is one of the funniest and most thought-provoking bloggers I read. And I blame him for everything. Literally. |
Scott Adams' Dilbert Blog
Scott Adams is the creator of Dilbert, and his blog is an incredibly smart, clever and often funny (sometimes very serious) look at the world. Everyone should read this blog. |
Scott Hanselman
Scott's computerzen blog is a popular spot for all things .NET and innovative. I used to work with him, but then he went off to Microsoft. He's one of the smartest guys I know, and arguably the best technical presenter around. |
Sign In
Who Links Here
Total Posts: 1782
This Year: 202
This Month: 4
This Week: 2
Comments: 2916
Apple (35) AudioBlogging (42) Blogging (153) Fireworks (1) Geek Out (116) GnomeDex (20) Helping Others (27) Home Servers (4) Humor (142) IT Security (210) Kineflex Artificial Disc Surgery (6) Management (8) Mobile (103) Movies (30) Mt. St. Helens (13) Office 2003 (52) OneNote (29) Personal Stories (159) Photography (26) Random Stuff (619) RSS Stuff (47) RunAs Radio (27) Safe Computing (36) SharePoint (55) Tablet PC (41) Tech (962) Things that Suck (64) Windows (1) Windows Media Technology (27)
|