Thursday, 16 December 2004

Near and dear to my heart (professionally speaking), the latest increasing numbers related to the number of fraudulent phishing sites (sites that look like a bank or other business, but which are actually set up by bad people who are wanting to steal your personal and private information) are worth taking notice of:

“The number of phishing sites, or fake Web sites set up to fool victims into handing over personal information, reached 1,518 last month, the Anti-Phishing Working Group said in a report released on Wednesday. The total was up almost a third over October and three times the level in September.”

That’s an increase of 29% over the previous month. It’s also – in my opinion – an understatement of the real number, since it deals only with reported phishing sites. But it pays to be conservative with numbers, I suppose.

“A total of 51 brands were hijacked by cybercriminals during the month, the group found. Financial services was again the most targeted industry, averaging 75 percent of all hijacked brands. ISPs faced a fair share of scams, accounting for 16 percent, according to the report.”

The Anti-Phishing Working Group publishes the monthly stats. You can find them here.

Also close to me professionally is the fact that recently the company I work for banded together with and a few other organizations to form the Anti-Fraud Alliance - a team of companies with existing, powerful software and services that can be used together or individually to combat fraud online, including phishing.

Note: My employer, Corillian Corporation, is a member of the Anti-Fraud Alliance. I mention them here simply because I wanted to and because I believe its relevant. No compensation involved, and opinions expressed here are my own, not those of my employer.

Add/Read: Comments [2]
IT Security | Tech
Thursday, 16 December 2004 14:42:31 (Pacific Standard Time, UTC-08:00)
#  Trackback

Apparently some are of the opinion this is not a security vulnerability, according to Microsoft’s comments to ZDNet reporters, but in the real world – it’s a hole. A Mack-Truck-sized security hole. The news story reads a bit like one team saying “Hey, we’re not in charge of that, so it’s not a problem” and the other one saying “We do things the way we do them, and that’s what we do.” Oof.

Anyhow… If you run Windows XP with SP2 you need to make sure you have this update.;en-us;886185

After you set up Microsoft Windows Firewall in Microsoft Windows XP Service Pack 2 (SP2), you may discover that your computer can be accessed by anyone on the Internet when you use a dial-up connection to connect to the Internet.

This problem occurs because of the way that Windows Firewall interprets local subnets when the “My network (subnet) only” option is used. Windows Firewall is included with Windows XP SP2.

Because of the way that some dialing software configures routing tables, Windows Firewall in Windows XP SP2 can sometimes interpret the whole Internet to be a local subnet. This can let anyone on the Internet access the Windows Firewall exceptions. When the "My network (subnet) only" option is enabled, it is automatically selected for file and print sharing. Therefore, your shared drives can be unexpectedly revealed on the Internet when you use a dial-up connection.

To resolve this problem, you must download and install the Critical Update for Windows XP (KB886185).

Use Windows Update or click the above link. If you’re not already set up for automatic updates, make that change now.

Add/Read: Comments [1]
IT Security | Tech
Thursday, 16 December 2004 13:44:55 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Wednesday, 15 December 2004

Are you a Microsoft OneNote user? I am – big time. If you’re getting started with OneNote and are interested in learning some of the basics about how to use OneNote to be productive and organized, you might want to check out this webcast, scheduled for December 21st:

Microsoft Office System Webcast: OneNote Tips and Tricks (Level 100)
Tuesday, December 21, 2004
9:00–10:00 A.M. Pacific Time, United States and Canada (UTC-8)
Join this webcast and learn how to flag notes, manage pages and sections, and use stationery and outlines in e-mail and other Office applications.

Add/Read: Comments [0]
Office 2003 | OneNote
Wednesday, 15 December 2004 22:30:21 (Pacific Standard Time, UTC-08:00)
#  Trackback

If you’re someone who needs or wants to learn more about InfoPath (an addition to the Office suite in the 2003 version) and building some really cool XML forms, you’re in luck.

“Create dynamic interactive forms in an advanced XML forms editor that feature strong validation with built-in business rules and use them to collect, re-purpose, and present data throughout the organization. Use existing data schemas, Web services, and XML data to create solutions without complex data mapping. Use point-and-click integration with back-end systems and take advantage of "silent" deployments and version upgrades via simple centralized management.”

A series of recent webcasts, Understanding InfoPath, is available now for on-demand viewing. Titles include:

Best Practices for Designing InfoPath Forms
Level 200 - Tuesday, October 5, 2004 - 9:00 AM to 10:30 AM
Presented by Scott Roberts, Software Design Engineer, Microsoft Corporation

User Roles in InfoPath 2003
Level 200 - Tuesday, October 12, 2004 - 9:00 AM to 10:30 AM
Presented by Josh Bertsch, Software Test Engineer, Microsoft Corporation

Building Advanced Dynamic Solutions in InfoPath 2003
Level 200 - Tuesday, October 19, 2004 - 9:00 AM to 10:30 AM
Jun Jin, Software Design Engineer, Microsoft Corporation

Business Logic in InfoPath 2003
Level 300 - Tuesday, October 26, 2004 - 11:00 AM to 12:30 PM
Presented by Yuet (Emily) Ching and Prachi Bora, Software Test Engineers, Microsoft Corporation

Using Managed Code and Visual Studio to Build Solutions
Level 300 - Tuesday, November 2, 2004 - 1:00 PM to 2:00 PM
Presented by Willson Raj David, Software Design Engineer, Microsoft Corporation

InfoPath in End-to-End Enterprise Solutions: Integrating InfoPath with Siebel and SAP
Level 300 - Monday, November 2, 2004 - 11:00 AM to 12:30 PM
Presented by Hagen Green, Software Test Engineer, Microsoft Corporation

Digital Signatures in InfoPath 2003
Level 300 - Monday, November 15, 2004 - 11:00 AM to 12:30 PM
Presented by Mihaela Cristina Cris, Software Test Engineer, Microsoft Corporation

Creating Custom Controls for InfoPath SP1
Level 400 - Monday, November 29, 2004 - 11:00 AM to 12:30 PM
Presented by Andrew Ma, Software Test Engineer, Microsoft Corporation

Programming Workflow into InfoPath Solutions: Using InfoPath with BizTalk Server 2004 and Human Workflow Services
Level 400 - Monday, December 6, 2004 - 11:00 AM to 12:30 PM
Presented by Rick Severson, Software Test Engineer, Microsoft Corporation

Database Connectivity in InfoPath Through ADO.NET DataSet Support
Level 400 - Monday, December 14, 2004 - 11:00 AM to 12:30 PM
Presented by Mikhail Vassiliev, Software Design Engineer, Microsoft Corporation

Add/Read: Comments [0]
Office 2003 | Tech
Wednesday, 15 December 2004 22:15:07 (Pacific Standard Time, UTC-08:00)
#  Trackback

Lots of Microsoft downloads recently it seems… Catching up…

If you have a Tablet PC and use Office 2003, Microsoft has released an update that you need to download and install. The update improves recognition of “inked” handwriting in Office 2003 applications, including:

  • Microsoft Office 2003
  • Microsoft Office Excel 2003
  • Microsoft Office InfoPath 2003
  • Microsoft Office OneNote 2003
  • Microsoft Office Outlook 2003
  • Microsoft Office PowerPoint 2003
  • Microsoft Office Word 2003

Get the update patch here.

Add/Read: Comments [0]
Office 2003 | OneNote | Tablet PC | Tech
Wednesday, 15 December 2004 21:32:26 (Pacific Standard Time, UTC-08:00)
#  Trackback

Over on it’s GotDotNet workspace, you can download the Collutions cBlog package, a custom site definition for SharePoint released under a Shared Source license. The cBlog package creates a blogging environment on the Windows SharePoint Services (WSS) platform. WSS ships as a free web server add-on/enhancement to Windows Server 2003.

This is interesting stuff. Jim Duncan’s sample blog is viewable online, and is a real, working blog that appears to be dedicated to the development and discussion of the cBlog custom site definition itself, at least so far.

Looks like Jim has already created an  RSS  2.0 Feed  for the WSS cBlog, too. Subscribed!

Going to have to look into this one further…

Add/Read: Comments [1]
Blogging | SharePoint | Tech
Wednesday, 15 December 2004 21:14:22 (Pacific Standard Time, UTC-08:00)
#  Trackback