greg hughes - dot net

Microsoft today released SP2 for Office 2003, which can be downloaded via Office Update, or you can grab it here and you can read about it here.

In addition, OneNote 2003 SP2 was also released today - read about it here, and download it here.

One of the notable features in my book is the Phishing protection update for Outlook:

Microsoft Office Outlook® 2003 Phishing Protection and Junk E-mail Filter

SP2 contains a new Phishing Protection feature to be used with the Outlook Junk Email Filter. Phishing is the luring of sensitive information through e-mail, such as passwords and other personal information, by an attacker masquerading as someone trustworthy. Phishing attacks can result in a user divulging sensitive information, including financial information, that can result in a loss of privacy or money. Phishing e-mail is hard to identify, because attackers make their e-mail appear genuine and often mimic recognizable e-mail sent out routinely by legitimate organizations such as banks and credit card companies.

To enable phishing protection, you need both Office 2003 SP2 and the latest Outlook 2003 Junk E-mail Filter Update. Once both are installed, Office 2003 SP2 has phishing protection turned on by default.

For best results, we recommend you regularly download the latest version of the Outlook 2003 Junk E-mail Filter Update. To determine whether you need this update, see the Microsoft Knowledge Base article (872976): How to obtain the latest Outlook 2003 Junk E-mail Filter.

I've become a bit of a flag-at-half-staff resource on the Internet it seems. I get lots of emails on the subject, and just this morning received one from a FOX affiliate asking if I send out emails announcing when the flag should be flown at half-staff. Well, uhh - no. Really, I'm not an authority on much of anything.

But, Mark Peterson at the Peterson Flag Company does have such an email list, so for those who want to be notified every time a proclamation is issued to fly the American Flag at half staff, here you go:

• PetersonFlags.com - Half Staff Notification

I've recently started a little research project, through which I am hoping to figure out the best option for replacing four disparate old-skool PBX systems with a single, unified VoIP/SIP-based system. I've amassed more than a few Internet resources and have been doing research for a number of weeks, and figured someone else out there might have some ideas, as well. Plus, I need a place to catalog my thoughts and discoveries, so here we go...

I have specific needs that must be met, and probably the most complicated of them is that I have people who work in multiple locations, but who need to be logically grouped together as a team. So, there's a need for an Automated Call Distribution (ACD) capability, with full management monitoring, sign-in and sign-out, etc.

Whatever I come up with, it must be SIP-based (duh), and should integrate with/leverage the existing Windows 2003 Active Directory, as well as the communication and presence capabilities of Live Communication Server 2005 (which is highly SIP-aware, of course). A feature-rich unified messaging voice mail, FAX, etc. system is a must, with the full compliment of delivery methods. End user self-service is important - In this day and age, it's hard to imagine putting in a system that doesn't allow its users to self-manage those settings that are safe to expose.

And it needs to work. All the time. None of this random glitch, dropped call, nasty audio quality stuff. VoIP has come a long way in the past few years, and my expectations are very high. I use Vonage at home and have watched it grow from mediocre to pretty darn good over the past 18 months. But I don't want to (read: can't) do that with a business-critical PBX system, and my expectations are that the IP-PBX system will be a better experience than I've had with Vonage.

It should be enabled to integrate tightly with Microsoft Business Solutions and the Office System servers and software - like Microsoft CRM, for example. And Outlook. SharePoint integration would be a huge plus, too. Web-based chat for the customer service folks would be terrific.

What else? Well, easy to setup and maintain is a plus, and web-based administration is a no-brainer.

And it needs to be something a medium-sized business can swallow, cost-wise. The days of high-priced telephony systems and proprietary solutions are practically over, and so is my involvement with them. Good riddance.

So, here's a partial list of what I have looked at so far. I guess if it's on the list, it stands out enough in my mind enough to merit a mention:

• Asterisk - Open source (some commercial packages of it), in use all over, has matured somewhat. I know people who have deployed it and swear by it, and others who cuss its name daily. I'll let you guess which group tends to use a strict change management process...
• Vonexus - A commercial, Microsoft-platform-cased IP PBX system from Vonexus and parent company Interactive Intelligence, geared for and targeted at small and mid-sized businesses. The more I read about Vonexus, the more I drool. I need to contact these people and find out more. It looks almost too good to be true. We'll see what it costs.
• Other standard players - mostly hardware specific systems from Cisco, 3Com, Avaya, etc. All are great, but all are expensive and fairly proprietary. Not sure I want to go that route.

Anyone done this before and care to share experience? Know of something I am missing out on? Let me know, especially if you're familiar with Vonexus - I'd like to speak with people who use their systems (in addition to talking to their sales people).

A few online resources that are good to watch for VoIP:

• http://www.sipthat.com/ - VoIP blog and podcast
• http://technorati.com/tag/VoIP - Technorati listing for VoIP
• http://voip.weblogsinc.com/ - Weblogs, Inc.'s VoIP weblog
• http://voip-blog.tmcnet.com/blog/rich-tehrani/ - Rick Tehrani's VoIP blog - good one
• http://www.voipnow.org/ - VoIP Now blog

And there's many more. Send me yours and if I like 'em I'll post them, too.

In the course of trying to save some time and make things a little more streamlined at work, I've been looking for Microsoft RSS feeds for security patch releases with sufficient detail in them to be able to do some automation of our internal patch tracking. I am already aware of the RSS feed at TechNet, since I have been subscribed to it since day-one:

http://www.microsoft.com/technet/security/bulletin/secrss.aspx

But unfortunately it munges multiple pieces of discreet information into one data element (specifically the title) and also leaves a bunch of stuff completely out, since it's just a list of summaries, really:

   <item>

  <title>MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423)</title>

  <link>http://www.microsoft.com/technet/security/Bulletin/MS05-043.mspx</link>

  <description>This update resolves a newly-discovered, privately-reported vulnerability. A vulnerability exists in the Print Spooler service that could allow remote code execution. The vulnerability is documented in the “Vulnerability Details” section of this bulletin. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</description>

  <guid isPermaLink="false">http://www.microsoft.com/technet/security/Bulletin/MS05-043.mspx</guid>

  <pubDate>Tue, 9 Aug 2005 00:00:00 GMT</pubDate>

</item>

Maybe this is a good example of where RSS extensions could or should come into play, or maybe what I need instead is a more generic (non-RSS for all I care) XML feed that has a schema that supports keeping the patch number, KB article title, bulletin name and long description as separate data points. Plus, where's the rest of the info for each bulletin? I'd also like to see what platforms each bulletin applies to (in a yes-or-no format for each one), the intricate details about the vulnerability, and other stuff like that.

Is there an XML feed that does that already? Maybe there is but I've just not found it. There's the old MSSecure.XML from the HFNetChk command line tool (not updated since 2004 on the MS Downloads site, it appears), but even that's much more verbose than what I need. I've looked around here and here, and I have done some searching, just no luck. I figure they have the data available to build all those services, but I can't find a good detailed source to build my own lists.

I did three minutes worth of Excel work to play with the feed (and I suck at Excel so my formatting in it is poor, but it basically works) and came up with a working spreadsheet from the TechNet feed. I definitely need to be able to do more with it though. You can see my l33t Excel skiilz (um, not) here:

• File Attachment: MSFT_Patches_RSS.zip (8 KB)

What I really want is to be able to automatically pull the details of each released security bulletin into a list or Excel spreadsheet, add my own metadata to each one, and have that list/spreadsheet live over time. I'm trying to avoid a whole lot of cut/paste activity and need to find a way to speed this process up. Before you say I should just use Excel and VBA to parse through the available data, let me ask you - What if Microsoft changes their formatting on their bulletins?

So - my biggest obstacle right now is a data feed. If anyone knows of one, drop me a line and let me know.

Every now and then some random person or event comes along that deserves memorialization. Such is the case with Lt. Gen. Russel Honore and his words this past week when confronted with a gaggle of reporters. Honore and others (including the Mayor of New Orleans, who was having a hard time with the media crowd) were at a press conference (called by the mayor) in order to immediately get out the important word about the government's plan to evacuate people from the city of New Orleans in the face of yet another hurricane - this time, it was Rita.

But some of the reporters at the press conference were apparently still stuck on Katrina. The General was there to make sure they clearly understood their role in the situation. There's a time and a place for everything, to be sure - and that means there's a time for the media to ask questions, and there are other times when the message needs to be immediate, clear and loud in order to save lives and ensure peoples' safety. Unfortunately, there are many in the media who are all about conflict, not about helping people (regardless of what they say their motivations are). It's makes the former journalist in me scream at the TV. I hate it.

So - Thank God for people like Lt. Gen. Russel Honore. Here's his words, an audio file and a partial video of the interaction between him and the media:

Audio Attachment: 0920honorestuckonstupid.mp3 (1685 KB)

Video Attachment: stuckonstupid2.wmv (2957 KB)

Gen. Honore: And Mr. Mayor, let's go back, because I can see right now, we're setting this up as he said, he said, we said. All right? We are not going to go, by order of the mayor and the governor, and open the convention center for people to come in. There are buses there. Is that clear to you? Buses parked. There are 4,000 troops there. People come, they get on a bus, they get on a truck, they move on. Is that clear? Is that clear to the public?

Reporter: Where do they move on --

Gen. Honore: That's not your business.

Reporter: But General, that didn't work the first time --

Gen. Honore: Wait a minute. It didn't work the first time. This ain't the first time. Okay? If...we don't control Rita, you understand? So there are a lot of pieces of it that's going to be worked out. You got good public servants working through it. Let's get a little trust here, because you're starting to act like this is your problem. You are carrying the message, okay? What we're going to do is have the buses staged. The initial place is at the convention center. We're not going to announce other places at this time, until we get a plan set, and we'll let people know where those locations are, through the government, and through public announcements. Right now, to handle the number of people that want to leave, we've got the capacity. You will come to the convention center. There are soldiers there from the 82nd Airborne, and from the Louisiana National Guard. People will be told to get on the bus, and we will take care of them. And where they go will be dependent on the capacity in this state. We've got our communications up. And we'll tell them where to go. And when they get there, they'll be able to get a chance, an opportunity to get registered, and so they can let their families know where they are. But don't start panic here. Okay? We've got a location. It is in the front of the convention center, and that's where we will use to migrate people from it, into the system.

Reporter: General Honore, we were told that Berman Stadium on the west bank would be another staging area --

Gen. Honore: Not to my knowledge. Again, the current place, I just told you one time, is the convention center. Once we complete the plan with the mayor, and is approved by the governor, then we'll start that in the next 12-24 hours. And we understand that there's a problem in getting communications out. That's where we need your help. But let's not confuse the questions with the answers. Buses at the convention center will move our citizens, for whom we have sworn that we will support and defend...and we'll move them on. Let's not get stuck on the last storm. You're asking last storm questions for people who are concerned about the future storm. Don't get stuck on stupid, reporters. We are moving forward. And don't confuse the people please. You are part of the public message. So help us get the message straight. And if you don't understand, maybe you'll confuse it to the people. That's why we like follow-up questions. But right now, it's the convention center, and move on.

Reporter: General, a little bit more about why that's happening this time, though, and did not have that last time --

Gen. Honore: You are stuck on stupid. I'm not going to answer that question. We are going to deal with Rita. This is public information that people are depending on the government to put out. This is the way we've got to do it. So please. I apologize to you, but let's talk about the future. Rita is happening. And right now, we need to get good, clean information out to the people that they can use. And we can have a conversation on the side about the past, in a couple of months.

Time to print some bumper stickers... "Don't get stuck on stupid." Heh. It's not a new phrase - more like old made new again. But it's great, and appropriate.

Update: The Stuck on Stupid Blog. Heh...

(via RadioBlogger and The Political Teen)

A long, long time ago, I ripped apart my Series 1 TiVo PVR and put in a couple 120GB hard drives. In the end I got an obscenely huge number of hours of recording time, plus I added an ethernet card so a phone line's not needed to get programming info, and then I did some other fun "hacking."

Anyhow, I woke up this morning and found out my trusty modified TiVo was misbehaving badly. Or maybe it's just sick - It had a choppy image and sound on both live TV and recordings, even on the menu systems you can hear the drive inside moving between glitchy animation pauses on the screen, and it's exhibiting generally sluggish, choppy behavior. So, I figured I'd sacrifice everything on it (it's practically full - maybe another cause of the problem, who knows?) and I did a delete and reset through the TiVo's menu system.

That was at about 7am. The system restarted and the screen read, "Clearing and deleting everything. This will take an hour." It's after 2pm now and the screen hasn't changed. Seem like either the system assumed it has a 20GB hard drive in it still, or the hard drive(s) are having problems. But, it sounds like it's still methodically plugging away, so I'll let it go for a while longer and just see what happens.

Anyone else been through this? Any ideas? I've had this TiVo since they first came out, and it's served me well, but I'm also thinking maybe it's time to pick up a Series 2 TiVo and open it up and do some more PVR hacking.

Waking up to views like this from the front porch makes the commute worthwhile:

(Mt. Hood - Oregon - click for a larger image)

Overheard on United Airlines flight 955 to San Diego (insert Will Farrell comment here) yesterday:

"For those of you on the left side of the aircraft, you have an unusually clear and spectacular view of the city of Los Angeles, Dodgers stadium, and the downtown LA area. For those of you on the right side of the plane, you have a great view of the backs of the heads of the people who are looking at Los Angeles out the left side of the aircraft..."

Heh...

Scoble posted something that's had my attention all evening (well, off and on anyhow - I'm easily distracted). Have you seen the Slingbox from Sling Media? It's may just be the perfect gadget for me. Think something along the lines of a Media Center extender (note: it's not one of those, just try to think along those lines), only instead it extends any TV image to pretty much any computer anywhere you have a fast connection to the Internet.

"The Slingbox is a compact and elegantly designed, state-of-the-art electronic device that connects to the back of your TV. It redirects, or “placeshifts,” the TV signal from your cable box, satellite receiver, or digital video recorder (DVR) to your computer or laptop of choice, no matter your location — so long as you have a high-speed Internet connection."

It's something close to pure simplicity, too: Plug it in, hook it up, install the SlingPlayer software on your PC, and BAM! You're controlling and watching your TV, DVR, set top box or whatever you use from your computer, wherever you may be.

It's for PCs now, but more is coming very soon:

"In the coming months, SlingPlayer software will be available for select PDAs, smart phones, and Macintosh computers and will be fully compatible with the Slingbox."

You can check it out at:

http://www.slingmedia.com

And then, of course, there's Orb, for some of the same people who are interested in Slingbox (the geeky ones who are not looking for a plug-and-go solution since Orb uses your home PC and a tuner card), and it's especially nice for those who have Windows MediaCenter Edition):

http://www.orb.com

Nope, we're not in the air. That would be nice, but no such luck. Instead we're stuck on the ground in San Francisco with the typical SFO airport weather delays. They loaded the aircraft and then all the ground crews were ordered off the ramps due to tons of lightning, so we're just hangin' out.

Luckilly, I can stay productive anyhow thanks to the TMobile hot spot that must be right inside the terminal.

Ive been traveling a bit lately, and have been to 11 states in the past few weeks. This time I'm to San Diego for a few days, for conferences and all that sort of stuff. If anyone's in the area, let me know and maybe we can meet up if schedules allow. My cell phone number and email are over in the right menu bar.

Research in Motion, makers of the BlackBerry devices and servers, are getting ready to kick another new model out the door - the BlackBerry Electron. It looks a lot like the 7290 in size and basic shape, but also appears to have features you typically see on the 7100 series.

The higher-resolution screen will be a welcome addition, and the idea of programmable keys is also something I'd definitely take advantage of.

And perhaps the best part: EDGE network capability. About time! Plus a speakerphone.

Only one thing more to hope for: Will it play MP3s and have a SD card slot? Well, we can always hope.

(via BlackberryCool)

NASA's latest plans to return to the moon, and from there to go on to Mars, are now out, with more detail available. The spacecraft look a bit like the old Apollo ships, but looks can be deceiving:

"Coupled with the new lunar lander, the system sends twice as many astronauts to the surface as Apollo, and they can stay longer, with the initial missions lasting four to seven days. And while Apollo was limited to landings along the moon's equator, the new ship carries enough propellant to land anywhere on the moon's surface.

"Once a lunar outpost is established, crews could remain on the lunar surface for up to six months. The spacecraft can also operate without a crew in lunar orbit, eliminating the need for one astronaut to stay behind while others explore the surface."

• Lots of information on the NASA Web site
• QuickTime video of the proposed new spacecraft and system here

Fly softly, and carry a big stick...

I just found a great story linked from a new b5media blog (oops ) called Flightnest.com, where a student pilot was out with his instructor in a Cessna 172 and the landing gear would not lock down. Talk about baptism by fire!

Anyhow, even better is the way they solved the problem. While the student ad his instructor flew around the airport for about an hour and fire crews stood by, a couple guys in a jeep raced down the runway with the aircraft flying a few feet away. they eyeballed the gear, grabbed a big stick, and - well - go watch the video. Nice.

Scoble's posted an interview with Rob Leferts, a program manager at Microsoft, who talks about the new workflow services that will be built into SharePoint in the next version, which is tentatively set to release in the last half of 2006.

There's all sorts of new features that take advantage of the two-way connection between SharePoint 12 and other Office tools, including the Office suite of applications like Word, Excel, Outlook and others.

What does baking workflow into SharePoint in the Office 12 release mean for business people? In a nutshell, it means a set workflow features that just shows up and notifies you that you've got something that needs to be checked on or completed. It also means users can create workflow and leverage it to suit their business needs.

Example: I open Outlook and I get a notification in Outlook that says I have a task pending to complete an employee's performance review, which points me to a SharePoint site where that document lives and is waiting for me to add my two cents. When I am done, I click a button in Word or whatever program I'm in that says I am done, and the workflow takes over and pushes the document on to the next step in the business process and notifies the next person. You can buy that kind of functionality and build it in to existing SharePoint sites if you really want to, but it's a lot of work and it takes lots of time (and therefore money). So, out of the box is a terrific thing. Some of us need that. Badly. 

Automating the processes that business follow in writing documents, managing tasks, and a variety of other things can be well-served by workflow automation, and the fact that they're building it into the entire Office system is not only nice to see happening, it's important to making SharePoint and the Office system in general better accepted and more usable - and therefore a more worthwhile investment.

• What you have today in SharePoint: Share and save documents, control security, publish and get notified of changes, etc.
• What you get tomorrow: Build workflow to share the document template, drive it through a process of step by step edits and reviews, get sign-off and then publish (or whatever). Note: Approvals are processed online, it's not an off-line process. You can take a doc off-line and work on it, then connect back to the server to sync it back up to its "home," then push the button to indicate you've completed your workflow task.

Expiration and document lifecycle policies can be created and automated, to ensure content is properly disposed of, flagged, reviewed or whatever. This is a pretty big deal in today's business world, where a document lifecycle process and program is - in some cases - legally mandated.

Lots of great stuff coming from these talented people, and lots of business uses and enhancements to look forward to for those of us that need to help workers better organize information and collaborate.

Again, it's going to be a very, very interesting year.

If you're like me and you disappeared for random business trips at the last minute this past week, and if your business trip didn't take to PDC in Los Angeles (neither did mine), you may have also missed out (like me) on the real-time updates related to the next version of the Office System products - currently known generically as Office 12 and the Office 12 servers.

Simply put, the Office user experience is changing significantly - and at first glance, the changes are pretty amazing and definitely fall on the "hey that's cool" side of the fence. Watch this Channel 9 video interview with Julie Larson-Green of Microsoft to get a sneak peek of what's coming.

Check Jensen Harris' blog here for Office 12 experience updates, too. Good stuff showing up there already.

Channel 9 tags for categorized videos and articles related to the topics:

• MS+Office
• SharePoint
• PDC05