Your Ad Here
 Tuesday, January 11, 2005

Microsoft today released three security bulletins, two of which are classified as “Critical” severity, and related patches to resolve the issues described in each bulletin:

Jan 11, 2005 Vulnerability in HTML Help Could Allow Code Execution (890175): MS05-001

Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me, Internet Explorer 6
Windows NT4 Service Pack 6a, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold, Internet Explorer 6 SP1 Critical
Jan 11, 2005 Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711): MS05-002

Affected Software: Windows NT Server 4.0, Windows NT Server 4.0, Enterprise Edition, Windows NT Server 4.0, Terminal Server Edition, Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition, Windows 98, Windows 98 SE, Windows Me
Windows NT4 Service Pack 6a, Windows NT4 Terminal Server Service Pack 6, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows Server 2003 Gold, Windows 98 Gold, Windows 98 SE Gold, Windows 98 SP1, Windows Me Gold Critical
Jan 11, 2005 Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250): MS05-003

Affected Software: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows 2000 Professional, Windows 2000 Server, Windows XP Home Edition, Windows XP Professional, Windows Server 2003 for Small Business Server, Windows Server 2003, Datacenter Edition, Windows Server 2003, Enterprise Edition, Windows Server 2003, Standard Edition, Windows Server 2003, Web Edition
Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows Server 2003 Gold Important



Add/Read: Comments [0]
IT Security | Tech
Tuesday, January 11, 2005 11:45:30 AM (Pacific Standard Time, UTC-08:00)
#  

I was wide awake at about 4am today, looking around for a fast way to get live syndicated content (need it to always be up-to-date) from a weblog’s RSS feed to the home page of a web site I am maintaining for non-profit organization. Cops on Top has climbers in Africa this week for a memorial mountain climbing expedition to Kilimanjaro, and they are sending electronic communications from the field via email and phone calls. The messages can show up on the weblog in real time, without anyone else’s intervention. So, I wanted to be able to show the latest weblog posts on the org’s home page.

I did a quick Google for what I needed, and came up with a gem of a tool: Feed2JS.

What Feed2JS does is to provide an interface where you can specify the URI to a RSS feed, click a few boxes and buttons on a web page to specify your options, and generate a Javascript output that you can stick straight into your web page, ready to go and immediately syndicating content from the specified feed. In addition, there’s a stylesheet generator on the site that lets you customize the look and feel of the feed as it’s displayed on your web page.

You can even download the original PHP scripts (which are provided under an open source license) and run Feed2JS on your own server, which could speed up the feed-to-web proxy function if you have scalability concerns due to very large volume, or if you want to modify the RSS cache to update more frequently than every 60 minutes. That is the default cache time for feeds being gathered and serviced by the Feed2JS system. At any rate, download your own copy and run it yourself, and you get complete control.

The results are quite good. Sure, the end user has to have jscript/Javascript enabled on the client, but that works for this purpose, so I am happy. Recommended.

Another slightly less-elegant (but quite useful) method using server-side ASP is called RSS in ASP. It works, as well.



Add/Read: Comments [1]
RSS Stuff | Tech
Tuesday, January 11, 2005 6:25:58 AM (Pacific Standard Time, UTC-08:00)
#  
 Monday, January 10, 2005

I have been testing development and release builds of dasBlog 1.7 for the past week or so. There are a few of us running it on our live sites to make sure everything’s working as expected and to provide real-world feedback.

This version – spearheaded by developers Omar and Scott and incorporating the work of several others – simply rocks.

There are a large number of performance improvements (it’s a lot faster and uses less resources on the server) and feature additions/enhancements. You can read about all the changes on the dasBlog wiki page for v1.7. Some of my favorites are the ability to post drafts without actually publishing to the live site, RSS 2.0 enclosures, referral spam protection,

One thing that I just added to this site with the latest build is live support for the Movable Type Blacklist, which is another mechanism to kill referral spam before it happens. There’s also the ability to block referrers from being listed by keyword. It’s all pretty cool.

It’ll be done soon, and when it is you’ll want to check it out, regardless of whether you currently use dasBlog.



Add/Read: Comments [1]
Blogging | Tech
Monday, January 10, 2005 8:52:38 PM (Pacific Standard Time, UTC-08:00)
#  

Adam Gaffin, who publishes Network World Fusion’s Compendium (RSS feed here: RSS feed), has announced that Network World’s weekly interviews are now available a la Podcast – as a RSS 2.0 feed with enclosures.

So, point your feed reader or podcast client over to the RSS feed podcast feed at http://www.nwfusion.com/podcasts/radio.xml and partake of the quality content – these are quite good interviews and recordings, especially for IT pro’s and people who want to learn more about IT in the home and office.



Add/Read: Comments [0]
Blogging | Tech
Monday, January 10, 2005 3:46:30 PM (Pacific Standard Time, UTC-08:00)
#  

Here is a point of view I tend to agree with, with regard to business and blogging… It’s not just what you say at work that can get you fired, and companies can employ (or not) based on a number of aspects of a person’s life. If you’re a blogger, these thoughts over at the Blog Your Way weblog are worth reading and taking into account:

Blog Your Way » My thoughts on being fired for blogging

There have been a lot of posts lately about being dooced (fired for blogging). Dooce (Heather) was the first to be fired almost three years ago and thousands have been fired since then. It seems that many more will follow. What was the common denominator in the majority of them? Discretion…and not thinking about the possible reaction to their posts.



Add/Read: Comments [0]
Blogging
Monday, January 10, 2005 3:36:07 PM (Pacific Standard Time, UTC-08:00)
#  

From MS MVP Jerry Bryant comes news about the new malicious software combat tools that will launch on Tuesday this week from Microsoft:

Announcement of Upcoming Release of Malicious Software Removal Tools

Starting from January 11th, 2005, Microsoft will provide Windows customers with Malicious Software Removal Tools. New versions of these tools will be available monthly (second Tuesday of every month on the same schedule that Microsoft already delivers other security updates) or more frequently if necessary…

…Microsoft will provide new versions of this tool updated to remove malicious software that is found to be prevalent for that month. The first version of the tool available in January will be able to remove Blaster, Sasser, MyDoom, DoomJuice, Zindos, Berweb (also known as Download.Ject), Gailbot and Nachi viruses / worms.

These removal tools will be made available to customers through the following delivery vehicles:

  • As a download through the Microsoft Download Center
  • As a critical update through Windows Update and through Auto Update for those customers who have Auto Update turned on
  • As an ActiveX control also available at www.microsoft.com/malwareremove


Add/Read: Comments [0]
IT Security | Tech
Monday, January 10, 2005 3:15:49 PM (Pacific Standard Time, UTC-08:00)
#  
 Friday, January 07, 2005

To make creating weblog entries simple, fast and easy, I use a tool called BlogJet. Dmitri (the author) has just released v1.5 of the program:

BlogJet 1.5 Final Release

Great news – BlogJet 1.5 is available now. It’s a huge improvement over previous versions – it has slightly better user interface, more features, support for more blog services and CMS and it’s more stable.

BlogJet 1.5 is the free update for registered users.

Download it now!

Full release notes are here.



Add/Read: Comments [0]
Blogging | Tech
Friday, January 07, 2005 9:16:56 AM (Pacific Standard Time, UTC-08:00)
#  
 Thursday, January 06, 2005

My gnome friend Brandon Watts jumped on the proverbial horse and rode straight out the barn on his first PodCast earlier today. And all in all, he did a fine job.

If you have not heard about Brandon before, here's a little info:

  • He wrote his own programming language for beginners, called Leopard, a couple years ago.
  • He's 18 years old now.
  • He's wicked smart.
  • He writes for Lockergnome and has had his writing featured in a variety of print and online media.
  • He has a pretty darn good radio voice.
  • He has a blog.

Check out his podacst (for the uninitiated, podcasting's this new thing that all the kids are doing with MP3 files and easy-to-use-and-distribute audio shows). Let him know what you think.



Add/Read: Comments [0]
AudioBlogging | Blogging
Thursday, January 06, 2005 11:49:17 PM (Pacific Standard Time, UTC-08:00)
#  

Chris Pirillo is a well-known geek and all around goofy (and smart and good) guy. He founded Lockergnome and did a show for TechTV back before that network went straight to crap.

He’s starting his new weekly audio broadcast today, two-and-a-half hours of live talk from the Consumer Electronics Show (CES). His show’s new website is online and the live broadcast starts at 11:30am Pacific Time, but the stream is already running so jump in now. Replays available if you miss(ed) the live show, and RSS feeds are on the site for subscribing – I did.

http://www.thechrispirilloshow.com/

I am working form home today, and so I will be listening to it in the background whilst editing papers and organizing stuff. Good to see you back on the air, friend!



Add/Read: Comments [0]
AudioBlogging | Geek Out | GnomeDex | Tech
Thursday, January 06, 2005 11:19:10 AM (Pacific Standard Time, UTC-08:00)
#  

The other day I was discussing the differences between geeks and nerds with someone. I said that I thought I was probably more of a geek than a nerd, and had to try to explain why there’s a difference and what those differences are.

I started to wonder if I was wrong, that maybe they’re the same, but today I think I can safely say that’s simply not true.

Hypothesis: I am a fairly prolific geek. I am not much of a nerd.

I just took this online test because Mark Orchant (theofficeweblog) was surprised at his results. He’s obviously a smart person, and came out with a pretty darn nerdy score and I was wondering what mine would be.

This test is very nerd specific – meaning it addresses things like Star Trek, graphing calculators, the periodic table, pictures of really old guys nerds would know about, and stuff like that. On a scale of 1–100, I scored 31. Click the graphic to find your score…

I am nerdier than 31% of all people. Are you nerdier? Click here to find out!

So there you have it – Greg is not nerdy.

What about the Geek Factor? Exactly one year ago today (hmmmm that’s kinda weird, isn’t it?), I took another online test – the “Digital IQ” test at MSNBC. I scored way off the top of the scale on that one. I also took it again this morning to refresh my memory of the questions and to see if my score had changed – it was exactly the same. In this one they use the word “nerd” in their description of “digital ace,” but I think it’s misplaced based on the questions they ask. Geek would be a better term, IMO. It’s still available online – click the image below to find out your score there.

 



Add/Read: Comments [5]
Geek Out | Random Stuff
Thursday, January 06, 2005 10:26:35 AM (Pacific Standard Time, UTC-08:00)
#  

“Meet Your Computer’s New Bodyguards” is one of the taglines you’ll see when installing the new Microsoft AntiSpyware beta software. Microsoft today launched its public beta of the software, which is available to download from the company’s web siteMsspywareclip.

A lot has been said recently about Microsoft’s acquisition of Giant, a company that makes anti-spyware software used to protect computers from prying eyes and privacy leaches.

After installing it and running it, it’s interesting that its flagging things that AdAware and SpyBot S&D don’t alert on. That’s good. In my case, it didn’t hit on anything I wanted to change or remove (I have a few tools on my computer that it sees as potentially problematic, if someone else had put them there, for example.

The UI is nice and clean, and I like the automatic updates (already working). It’s pretty darn IO intensive, so don’t plan to do any disk-related work while it’s performing a check. By default it schedules a scan to happen at 2am each day (you can change this) and it sets up a real-time protection service that works a lot like an anti-virus program does, watching for known spyware and prompting the user for certain types of system changes as they happen.

I really have only one complaint. If I am running a scan and click on any menu item or button in the user interface to to go to another page, my current scan aborts without warning. This is really very frustrating and will likely cause many people to skip completing a full scan because they’d just killed a scan after 10 minutes and would have to start over again.

Overall, great start and I already like the interface and approach better than the other options out there today. Look out, here comes Microsoft – again. This is one area they’ll have to get right, for sure.

(found via NeoWin) 



Add/Read: Comments [2]
IT Security | Tech
Thursday, January 06, 2005 8:37:40 AM (Pacific Standard Time, UTC-08:00)
#  
 Wednesday, January 05, 2005
Okay, I will make one prediction for 2005. Why not, it’s all the rage, ya know:

PREDICTION:  Robert Scoble will go broke before February 1, 2005.

Why? Because at $5 a pop, it’s going to get awful expensive! Great cause, though.



greghughes.net weblog


Add/Read: Comments [0]
Blogging | Humor
Wednesday, January 05, 2005 10:39:10 PM (Pacific Standard Time, UTC-08:00)
#  
 Tuesday, January 04, 2005

Nick Bradbury has just made a donation of $8044.80 to the American Red Cross’ International Response Fund using the proceeds from all sales of his FeedDemon and TopStyle software during the last week of December.

Talk about awesome – This is terrific!



Add/Read: Comments [3]
Helping Others
Tuesday, January 04, 2005 8:36:45 PM (Pacific Standard Time, UTC-08:00)
#  

This always seems to happens to me. It’s part of being an early adopter, I guess:

From Engadget: Vonage is partnering with VTech on the next best thing: a cordless phone that comes with Vonage’s broadband Voice over IP service built-in. The has a VoIP gateway chipset built right into its base station, which you just connect right up to your router. Besides letting us toss out that bulky analog telephone adapter we’re still using, the ip8100-2 also operates on the 5.8GHz frequency, which means it won’t interfere with our WiFi.

Well, darn it… I bought a set of identical phones just a couple weeks ago, only without the Vonage service built in. I got them because my old 2.4GHz phone was worn out ad was messing up my WiFi big time. The phones look a little weird in pictures, but they have a really decent speakerphone built in, ringers that don't sound like an 80's alarm clock, and generally work very well. And these are the *same* phones, which I brought home and – get this – plugged straight into my Vonage IP phone adapter device. Argh.

I also saw a combination unit this weekend at a big big big gadget warehouse store that was a combination of the Linksys 802.11G router and a Vonage IP phone adapter. Again - I have both already. I am tempted to buy that one though, because simplifying the voice QOS configuration and compatibility there would certainly improve my call quality at times. My current setup gets glitchy at times.



Add/Read: Comments [3]
Tech
Tuesday, January 04, 2005 7:05:23 AM (Pacific Standard Time, UTC-08:00)
#  

Scoble on blogging at Microsoft and assumptions that might be made by people on the outside:

“… They think someone has "spun" Bill Gates into believing blogging is good for Microsoft.

“Please, if you're gonna say something like that, warn me not to be drinking water when it comes online.

“I wish I could tell you why that made me laugh. Let's just say the skepticism is misplaced. You don't get 1300 to 1500 people doing ANYTHING at a company without some very explicit decisions made at the very top of the company. Think about that one for a while.”



Add/Read: Comments [0]
Blogging
Tuesday, January 04, 2005 5:04:18 AM (Pacific Standard Time, UTC-08:00)
#