Can you tell it's almost Halloween? I can. And I can also tell how much traffic one little blog article can drive. My stats for the past few days are awash with Google and other searches landing people on this site for pumpkin carving patterns, since I wrote about a great deal I found and how to get them them the other day. Here's a small, partial listing of a small portion of the search referrers for pumpkin carving, taken from today's web traffic stats on this site:

 

pumpkin carving patterns (www.google.com)	34
free pumpkin patterns (www.google.com)	29
pumpkin patterns (www.google.com)	29
free pumpkin stencils (www.google.com)	21
free pumpkin carving patterns (www.google.com)	13
pumpkin patterns (www.google.ca)	11
pumpkin patterns (www.google.com)	11
free pumpkin patterns (www.google.com)	11
pumpkin designs (www.google.com)	10
free pumpkin carving stencils (www.google.com)	10
pumpkin stencil (www.google.com)	10
free pumpkin stencils (www.google.ca)	9
free pumpkin patterns (www.google.ca)	9
pumpkin carving pattern (www.google.com)	9

And it just keeps going from there, too. Hundreds of similar search combinations and terms in addition to those. Definitely noticing the increase in the number of visits (still a small drop in the bucket, but interesting to see).

"Microsoft: Connecting with the IT community for a pain-free future"

Did you know that 1% of bugs account for more than 60% of errors? As a result of the Windows XP error reporting dialog box, Microsoft has reduced crashes in the consumer products by as much as 80%. Leveraging this program, Microsoft formed WE-SYP, which stands for "We Share Your Pain," a direct feedback program that connects customers to the people responsible for programming the portion of code that creates your frustration.

Oh, if only it was true, hehehe... But the video (take off from TechNet) is hilarious, and the premise is great. View it here.

(from ActiveWin)

Unless, of course, you die today... In which case, you probably don't care much about this right now.

Hugh over at gapingvoid.com writes hilarious (and often poignant) cartoons on the backs of business cards. Come of them are decidedly off-color, granted - but they're worth looking at as long as you don't have easily offended sensitivities or something.

Oh and many of the designs are available as T-Shirts and BlogCards.

Halloween is coming, and for those who really get into the event, carving pumpkins is a lot of the fun. No better place to discover the intricacies and tricks of the jack-o-lantern carving trade than the Internet.

The Pumpkin Carving 101 site has lots of information, history, tips and tricks to make you a real pro in the carving biz. Whether you're doing traditional, old-fashioned carving or going the stencil route, there's lots of help there. They even have tips for photographing your carved work of art.

If you're looking for patterns and stencils, SpookMaster has a few free ones as well as a HUGE number (more than 200) of inexpensive designs, all of which you can get for a one-time fee of $5.95 - not a bad deal. When you subscribe, you get access to their subscriber site, which you can continue to use through at least January of next year. I just ordered them for a youth group even that's coming up, and I think it's a great deal. The patterns can be downloaded in PDF or JPG formats.

They've even got your NFL teams set up with stencils to carve, as well as stencils for other holidays like Thanksgiving and Christmas (which is an interesting concept and another conversation entirely). Pop culture, famous people, traditional Halloween images - it's all there.

Enjoy.

(via Make blog)

Over at bandwidth.com they've added a Voice Over Internet Protocol (VOIP) test to let you check your Internet pipe for factors relevant to supporting VOIP phone services. The VOIPTEST "gives you the inside track to understanding how many VoIP phones you can support, evaluates the quality of your Internet connection and provides insight into your firewall configuration."

Click to run the test. (it's free)

Lots of service pack and patch announcements the past couple weeks, and here's another one of note. Exchange Server 2003 Service Pack 2 was released the other day, and it contains a number of fixes and important enhancements.

Better support for Windows Mobile devices (push technology with Windows Mobile 5, for example - which stands a chance of giving RIM a run for it's money eventually if the devices keep getting better) and incorporation of the Sender ID protection from spam, enhanced security, better offline address book support and even enhanced mailbox store sizes (75GB per store).

Webcasts are available here, and a top-ten reasons to upgrade list can be found here. The latest information about Exchange Server can always be found on the Exchange web site.

If you have the MSN Toolbar on IE6, go grab the new beta Phishing Filter (shouldn't that be PHilter?) and install it.

The Phishing Filter Add-in offers access to the beta version of a new dynamic online service, updated several times an hour to warn you and help protect your personal information from these fraudulent websites by:  

• Scanning websites you visit and warning you if they are potentially suspicious.
• Dynamically checking the web sites you visit with up to the hour online information via an online service run by Microsoft and blocking you from sharing personal information if a site is a known phishing website. 

I only get, ohhhhh... maybe 50 phishes a day (seriously), so I checked my email from tonight, chose one of the several PayPal phishes that arrived this evening (most of which still had live web sites associated with them) and found the new add-in for the MSN Search Toolbar did the job quite well. It caught the page and blocked my ability to enter info into the form fields (click the image to view full size):

• Download the SPS SP2 files
• Description of SPS Service Pack 2
• List of issues fixed in the service pack (note than some fixes must be enabled after applying the service pack by changing a registry key)

Windows SharePoint Services (WSS) Service Pack 2 was also recently released. It is also a roll-up of the previous service pack and previously released (post-SP1) fixes, plus it includes some new fixes.

• Download the WSS SP2 files
• Description of WSS SP2
• List of issues fixed in WSS SP2

Finally, Version 1.7 of the WSS Administrator Guide has been updated to reflect changes in WSS SP2

Now this is both interesting and kind of nifty... Microsoft Labs has published and posted a download for "Virtual WiFi," which allows a wireless card use to connect to more than one WiFi network at a time with a single wireless card.

VirtualWiFi is a virtualization architecture for wireless LAN (WLAN) cards. It abstracts a single WLAN card to appear as multiple virtual WLAN cards to the user. The user can then configure each virtual card to connect to a different wireless network. Therefore, VirtualWiFi allows a user to simultaneously connect his machine to multiple wireless networks using just one WLAN card. This new functionality introduced by VirtualWiFi enables many new applications, which were not possible earlier using a single WLAN card. For example,

With VirtualWiFi, you can connect to a guest's machine or play games over an ad hoc network, while surfing the web via an infrastructure network.

You can use VirtualWiFi to connect your ad hoc network, which may contain many nodes, to the Internet using only one node.

VirtualWiFi can help make your home infrastructure network elastic by extending its access to nodes that are out of range of your home WiFi Access Point.

Other possible uses are listed on the Virtual WiFi web pages at Microsoft Research

There are some limitations in this release. For example, the current version of VirtualWiFi does not support networks using WEP or 802.1X. Also - be sure to review and follow the install/uninstall instructions carefully and note that this is not production grade software (when they say Microsoft Labs, they actually mean it's, well, experimental).

Installation (and uninstallation) of the app/service and drivers are done at the command prompt, after making some other manual changes (seriously, read the instructions before you start).

Here's a screen shot snippet from my system after setting up the multiple connections. Shown are two connections created via Virtual WiFi: My infrastructure (IS) network (SSID=hughes), plus an ad-hoc (AH) network connection (SSID=TEST).

It works. It's very manual and not for beginners (you have to disable the wireless auto configuration in Windows and manually install the service, set up connections, etc), but it's an interesting technological idea with some interesting possible uses.

Correction posted: SANS updated their post to reflect the fact that it was in fact MS05-012 that had been exploited. That's good news, but get patched before it's here...

If you think you can wait to apply patches til it's convenient, think again. According to an update from the Handler's Diary at SANS, the first instances of code exploiting MS05-051 have been detected in the wild on the Internet:

Trend Micro reports that they spotted a POC for MS05-051 in the wild. They found it included  as a new exploit in other malware. We don't have any details yet beyond what can be found in at Trend Micro. If you find a copy of this malware, please forward it.

Trend Micro states that the malware was written in Visual Basic, which usually indicates some low skilled bot-kid. Kind of odd to see it surface this way, but having it included as a new warhead in existing malware matches past patterns.

Trend Micros virus statistics do not report any "captures" of this exploit in the wild. Not exactly sure if this is just a lab sample, or if it was actually seen in the "wild".

We will update this diary as we learn more.

Rich Claussen has the low-down on a new pact between Microsoft and the government of Nigeria to combat fraud:

Not well publicized is how this came to be. Unknown to most, Microsoft's Chief Software Architect, Bill Gates, received the following (condensed) email from the government of Nigeria soliciting his and his company's assistance.

FIRST, I MUST SOLICIT YOUR STRICTEST CONFIDENCE IN THIS TRANSACTION. THIS IS BY VIRTUE OF ITS NATURE AS BEING UTTERLY CONFIDENTIAL AND 'TOP SECRET'. I AM SURE AND HAVE CONFIDENCE OF YOUR ABILITY AND RELIABILITY TO PROSECUTE A TRANSACTION OF THIS GREAT MAGNITUDE INVOLVING A PENDING TRANSACTION REQUIRING MAXIIMUM CONFIDENCE.

Read more on Rich's blog here. Nice sense of humor there, man.

Seriously though - Read the news about the *actual* agreement (for real) between the company and the country here.

Microsoft on Tuesday released nine security patches that are intended to alleviate 14 problems in various versions of the Windows operating system. Today the company issued an advisory to its enterprise customers via email that the MS05-051 patch, which is considered to be the most critical of the bunch, may cause problems on some computers where it is applied. However, Microsoft if still strongly encouraging everyone to apply the patch and has published a knowledge base article describing the issue with the patch and explaining how to resolve the associated problem, should it come up.

•	The Windows Installer service may not start.
•	The Windows Firewall Service may not start.
•	The Network Connections folder is empty.
•	The Windows Update Web site may incorrectly recommend that you change the Userdata persistence setting in Microsoft Internet Explorer.
•	Active Server Pages (ASP) pages that are running on Microsoft Internet Information Services (IIS) return an “HTTP 500 – Internal Server Error” error message.
•	The Microsoft COM+ EventSystem service will not start.
•	COM+ applications will not start.
•	The computers node in the Microsoft Component Services Microsoft Management Console (MMC) tree will not expand.
•	Authenticated users cannot log on, and a blank screen appears after the users apply the October Security Updates.

For a complete description and resolution instructions, read KB article 909444.

If you happen to have the .NET Framework 2.0 pre-release installed on a Tablet PC and you've noticed reliability and/or stability problems using the Microsoft Ink functionality on your Tablet, Microsoft has released an update to fix some compatibility problems:

"Compatibility issues (events not firing, classes being disfunctional) with CLR2.0 have been found in Windows XP SP1/SP2 versions of Microsoft.Ink.dll on Tablet PCs. Since this dll is a system file on these configurations, they require update through Windows Update."

So negative you are. Lighten up you must.

So - Before you say Microsoft sucks one more time, just let yourself laugh at what some of its employees manage to come up with from time to time.

Case in point: YODA, the programming language

Matt Warren posted his idea to build a programming language in Yoda-like English (can't quite call it plain English, can you?).

From Matt's post:

---

 

Instead of the cryptic c-like syntax below:

 

 

public void Main(string[] args) {

   Console.WriteLine(“Hello World”);

}

 

 

We will now have eloquent YODA-like syntax:

 

 

(args of string many are they) Main is what they seek yet return they do not.

 

Brace you must

     Written it is, the Console. “Hello World”

 

 

I know it’s difficult to believe, as strange as it seems. Yet, sometime in the future, everyone will be writing software this way. Knowing this, it makes my work so much more invigorating. I can literally feel the electricity in the air around here. It’s like some queer energetic force.

 

---

Go read the comments. They're just as good.

And by the way, for the record it only takes a little looking around to find out that Matt Warren isn't 100% joker. His real job has had him working at Microsoft with a supremely talented team on LINQ, which is "a set of extensions to the .NET Framework that encompass language-integrated query, set, and transform operations. It extends C# and Visual Basic with native language syntax for queries and provides class libraries to take advantage of these capabilities." I barely understand that, but I know it lets me (well, more like those code artists around me) do some cool querying of data in XML file, relational databases, in-memory data stores, whatever - which is cool. It's kinda like SQL syntax in .NET, is what it looks like to me. Linq is short for "language-integrated query." Makes sense. It's all for the next versions of C# and VB.NET.

[via Philippe Cheng [who also taught me some mad new beginner programming skillz today], via analog data transfer by Matt Lapworth]

It must be true. I read it on the Internet. On a blog even.

It looked pretty convincing, really. Someone started a blog called Google Tooth in September, under the guise of being Google's first live-in, on-site dentist. A plausible possibility, when you consider the benefits Google offers its employees.

But it's not for-real.

Google has already confirmed it's a fake, but the real fun is in figuring it out without asking the newest Internet giant for their two cents on the matter. Of course, the one group you can count on to do just that is a bunch of weblog readers. Not to mention real Google employees.

The most obvious tell-tale giveaway was an image that was posted on the Google Tooth blog, ostensibly of the new office space (click the image below to go to the blog entry):

Nice use of color and open space, eh? Only problem with the image is this photo from the SUNY Stony Brook web server (click the image to load it from the sunysb.edu server):

Amazing and uncanny resemblance. What do you figure the odds are?

This was a harmless enough - and even amusing - fake blog. Don't be surprised though if it ends up rubbing some people the wrong way. Fake blogs threaten some and amuse others. I thought it was creative and funny.

But people do get fooled:

• Silicon Beat - "Google's live-in dentist"
• Silicon Beat again - "Actually, we were just testing you"
• Google Blogoscoped makes it clear: "Google Dentist?"

Or maybe it's real and the trick is that people are saying it's not real, but what they're saying is actually the part that's not real.

Yeah, that's it.