Thursday, 26 August 2004

Wow. This is different[QuickTime MOV]

Ever wonder what your purpose in life is? Apparently, so does that little lawn bomb your dog left in the yard:

"Once upon a time, a little doggy poo lived on the side of a road. He felt all alone in the world. He believed that nobody needed him for anything, and that he had no purpose in life. If only Doggy Poo had a reason for being, then he wouldn't give up on his dream to be useful to the world.

"One day, Doggy Poo meets a lovely dandelion sprout. Will she explain his purpose in life? Will she help make his dream come true?"

You ever get the feeling maybe someone is stretching the premise just a little too thin? Well, anyhow if you're into this kind of shi... uhh I mean stuff, go buy the DVD or book or soundtrack. Enjoy.

Add/Read: Comments [1]
Humor | Random Stuff
Thursday, 26 August 2004 21:06:50 (Pacific Standard Time, UTC-08:00)
#  Trackback

Larry Osterman points out what should be obvious, but is largely overlooked or ignored since it makes tasty "news." Recent reports that there is a security "hole" in Windows XP SP2 miss the big picture, he says.

The gist of the reported complaint is this: The new Security Center in SP2 uses WMI to control what information is displayed to the end user regarding what software is in place and it's status. Malicious code can, therefore, potentially use WMI to modify the information displayed by the Security Center, thereby convincing the user of the system that their firewall is on and AV software is running when in fact it's not.

PC Magazine and others ran articles about how they were able to spoof the new Windows XP SP2 Security Center, causing it to display false information about the status of the system. Microsoft later responded and PC Magazine followed up on the response, where they changed their tone somewhat.

From PC Magazine's original article:

"Based on an anonymous tip, we looked into the WMI and the Windows Security Center's use of it, and found that it may not only be a security hole, but a crater in the wrong hands. Due to the nature of WMI, the WSC could potentially allow attackers to spoof the state of security on a user's system while accessing data, infecting the system, or turning the PC into a zombie for spam or other purposes."

While this is technically possible, what is missed is the fact that in order to use WMI to make those changes, a program would have to be downloaded and installed on the machine with "system" level permissions. Any unwelcome code that is allowed/able to get that level of access has already won the race and is able to do much more harm than simply changing the information displayed in the Security Center. Even if the security center was not a part of your system, as soon as you ran the malicious code you'd be equally screwed, and the malware could make changes to pretty much any other apps running on your system. It would not need the Security Center to do its dirty work.

Read Larry's post for more, but remember one thing: The fact that someone claims something is a security hole - or in this case, a "crater" - does not mean they're right. It is, of course, always best to check things out and play the role of the skeptic, but accuracy in reporting is of primary importance, even if it is not as exciting. I'm glad PC Week followed up with their second story.

Their conclusion?

"We see the WMI and WSC as an indirect security risk, or hole, or whatever you want to call it. Maybe we're giving hackers and malware writers too much credit. WMI allows a program to get the security status of a user's system, as well as spoof it to give the user a false sense of security. Maybe it is too subtle. However, it is another tool in the hacker's toolbox. To have easy public access to the security status of a user's machine is like sending a password in plain text to a web site. It may not be used, but then again it might..."

"Do we think that end users should upgrade? Yes, Windows XP Service Pack 2 is a must do, especially for end users. However, we would recommend users not take the WSC as gospel, If you use an antivirus, or 3rd party firewall, look at their status panels as a sanity check. Keep your Antivirus, windows, firewall updates current, and most of all, be very careful of what you run on your system."

I do think the articles serve an important and valid purpose, though: They call to light the importance of securing systems by default and continuing to improve in that area. It's fair to say that in the real world, people will do exactly what you hope they would not do, and that the default configuration of the operating system, which is certainly greatly improved with the new service pack, is still a real concern. They point out that there is still work to be done, and that while things are better, they;re not perfect.  In that sense, I think they're right on.

Crater? No. Worth mentioning and asking about? Absolutely.

Add/Read: Comments [1]
IT Security
Thursday, 26 August 2004 18:59:50 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Wednesday, 25 August 2004

Microsoft will ship the CD to you free of charge. This CD includes the same Service Pack 2 software that is available for download from Windows Update. You'll wait 4-5 weeks for delivery, according to the site. You can also download the complete service pack here.

Note that Microsoft started the electronic delivery of SP2 to Windows XP Home Edition users last week, and to XP Professional Edition today via the Automatic-Updates distribution route.

Add/Read: Comments [8]
IT Security | Tech
Wednesday, 25 August 2004 20:43:19 (Pacific Standard Time, UTC-08:00)
#  Trackback

Microsoft's latest version of MOM has been released to manufacturing, with retail availability slated for October 1. MOM, or Microsoft Operations Manager, is a console for administering Windows servers and applications, with tools for monitoring and analyzing performance. MOM 2005 includes an easier setup, new user interface and improved built-in security.

MOM 2005 takes the product to a whole new level. Pricing and licensing has also changed.

To enhance and extend MOM 2005 even more, there are five MOM Solution Accelerators available to streamline the way MOM works, integrates and deploys. Solution accelerators at Microsoft are generally chunks of code, tools and prescriptive info you can use to design your own custom extensions and to make their products fit more tightly into your environment:

Check out the animated demo presentation, here, for a high-level explanation of how MOM works. You can also use the MOM 2005 Online Virtual Lab to learn more about the product and how to use it to solve problems in your environment. Looking for more information? Check out the blog published by the Operations Management team, which did the dog-food work with the product before it was released.

Small businesses with 10 or fewer servers to monitor should check out MOM 2005 Workgroup edition, which is priced appropriately - one flat fee of $499. Nice to see Microsoft taking the needs of the smaller business into account. My company has many more servers than that license would allow, but I know a number of people who will be able to take advantage of it.


Add/Read: Comments [0]
Wednesday, 25 August 2004 18:22:40 (Pacific Standard Time, UTC-08:00)
#  Trackback

Corey Gouker is a Media Center MVP, and he has posted a detailed description of his experiences with a new Creative Portable Media Center Device. Included at the bottom of the article are a couple of Windows Media videos and a gallery of images showing the device in action.

For anyone who has been wondering what these are all about and what you'll really get, check this out - with the videos and his description, it's a view that you've likely not had til now, unless you have been lucky enough to get your grubby hands on one.

Also: Sean Alexander post more links to details about the devices.

[via Scobleizer]

Add/Read: Comments [0]
Tuesday, 24 August 2004 23:21:42 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Tuesday, 24 August 2004
From Paul Fallon's blog, more SP2 planning news:

Yesterday, the Application Compatibility Testing and Mitigation Guide for Windows XP Service Pack 2 was published.

This guide considers potential application compatibility issues that may arise after a Service Pack 2 deployment. The guide provides mitigation procedures that can be followed to overcome compatibility issues. Since the mitigation procedures relax the default security configuration, the guide in no way recommends that they should be followed, but if there is no other way of overcoming compatibility issues, they can be applied in the short term.

The Guide also includes a download of example scripts. The scripts demonstrate how to reconfigure a Service Pack 2 computer to overcome compatibility issues. The scripts are designed as functional samples and will require modification for use in a production environment.

I've only flicked though it, but I am very impressed with the level of detail of what I've seen to date.

Add/Read: Comments [0]
IT Security | Tech
Tuesday, 24 August 2004 20:59:29 (Pacific Standard Time, UTC-08:00)
#  Trackback