Friday, 10 June 2005

An email list I am subscribed to had a quick thread that pointed to a conversation about FeedDemon and the fact that a user didn't want to use IE as the default embedded browser inside of FeedDemon. That's fine, but the problem is that someone suggested he actually abandon his favorite RSS reader (meaning FeedDemon) and try another one.

The recommendation was (in my opinion) premature. Why? Because FeedDemon can in fact use the Mozilla engine as it's embedded web browser, and you can find out how here.

And by the way - if there's something you wish was in FeedDemon for the future, Nick listens. Go to the FeedDemon forums and just ask.



Add/Read: Comments [0]
RSS Stuff | Tech
Friday, 10 June 2005 13:19:15 (Pacific Standard Time, UTC-08:00)
#  Trackback

There is an interesting post describing the exploit of a weakness in MD5 via collisions, with a reproducible real-world example. The authors computationally found the collisions and were able to reliably and predictably produce two completely different postscript documents with the identical MD5 checksum. Their use-case story revolves around maliciously capturing a digital signature and using it for something other than it was intended. In the story, the MD5 checksum is relied upon to validate the authenticity of a document. The researchers wanted to show how this flaw could possibly be used in the real world.

"Recently, the world of cryptographic hash functions has turned into a mess. A lot of researchers announced algorithms ("attacks") to find collisions for common hash functions such as MD5 and SHA-1 (see [B+, WFLY, WY, WYY-a, WYY-b]). For cryptographers, these results are exciting - but many so-called "practitioners" turned them down as "practically irrelevant". The point is that while it is possible to find colliding messages M and M', these messages appear to be more or less random - or rather, contain a random string of some fixed length (e.g., 1024 bit in the case of MD5). If you cannot exercise control over colliding messages, these collisions are theoretically interesting but harmless, right? In the past few weeks, we have met quite a few people who thought so.

"With this page, we want to demonstrate how badly wrong this kind of reasoning is! We hope to provide convincing evidence even for people without much technical or cryptographical background."

Once again, security by obscurity defeated. Interesting read and might make you think. If anyone has comments on their test or process. I'd be interested to hear.



Add/Read: Comments [0]
IT Security | Tech
Friday, 10 June 2005 05:51:03 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Thursday, 09 June 2005

For those with a tastefully colorful sense of humor, here's some tech news. It looks like a new MP3 player in the shape of a toy bear has been released...

Bear01

Controls are located on the little blue arms and on its head, but(t) what's the best thing about it? To sync with your PC, you just hook up to it's USB rectum:

Bear02

Nice. Classic. Sure makes ya wonder, though. What were they thinking? Heh.

(via the Raw Feed)



Add/Read: Comments [1]
Humor | Random Stuff | Tech
Thursday, 09 June 2005 22:39:45 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Tuesday, 07 June 2005

Microsoft has released their Windows Server Update Services (WSUS) product, which is a replacement for Software Update Services (SUS). The server solution acts as an in-house patch management and deployment solution for your networked Windows machines and core applications.

What's New in Windows Server Update Services:

  • More updates for Microsoft products, in more categories (Windows XP Professional, Windows 2000, Windows Server 2003, Microsoft Office XP, Office 2003, Microsoft SQL Server 2000, Microsoft SQL Server 2000 Desktop Engine [MSDE] 2000, and Microsoft Exchange Server 2003, with additional product support over time) 
  • Ability to automatically download updates from Microsoft Update by product and type
  • More language support for customers worldwide
  • Maximized bandwidth efficiency through Background Intelligent Transfer Service (BITS) 2.0 (BITS 2.0 is not installed by Update Services and is available on Microsoft Update)
  • Ability to target updates to specific computers and computer groups
  • Ability to verify that updates are suitable for each computer before installation—a feature that runs automatically for critical and security updates
  • Flexible deployment options
  • Reporting capabilities
  • Flexible database options
  • Data migration and import/export capabilities
  • Extensibility through the application programming interface (API)

This new release is ten-fold better than the old SUS product, and if you are responsible for deployingpatches reliably and verifably across your company, this is something you must at least try. It will save time, improve your comtrols, and generally help you sleep at night.

Oh - and it's free to download. Just install it on a Windows 2000 SP4 or Windows 2003 server - your existing CALs cover it.



Add/Read: Comments [0]
IT Security | Tech
Tuesday, 07 June 2005 15:20:54 (Pacific Standard Time, UTC-08:00)
#  Trackback

Too bad there's not a Windows Mobile device that truly rivals Blackberry's form-factor for durability and real-world practical power use (yet, that is) (in my humble opinion, that is), but I can continue to hold out hope for better PocketPC's now.

Why? Because the Windows Mobile OS (2005 version) will soon be getting a messaging security and feature pack update that will enable "push" technology for instant delivery of all your Exchange 2003 info (email, contacts, calendar, etc) to your Windows Mobile 2005 powered device. Exchange 2003 SP2 will enable the functionality on the server side.

So half my concerns about the PocketPC/SmartPhone editions of Windows Mobile will be alleviated - namely the always there, immeidate delivery story.

Funny thing... I was having coffee with a Microsoft friend just the other day. He asked me why I was still using a Blackberry (common question from my Microsoft acquaintances), and I didn't have to say much. My first argument was the lack of real-time push.sync (which we both knew was coming on with the next Exchange update and the Mobile update). He agreed with me in one respect, though: RIM got the form-factor figured out when they built these Blackberry things - nailed it right on the head. RIM's keyboard rocks, plain and simple.

Good going for the Windows Mobile team. Lord knows that whole Blackberry Connect thing has never really panned out (it's supposedly Blackberry software that runs on the Windows Mobile OS, but it's really not materialized anywhere to speak of).

But about those devices running Winodws Mobile... They need to be improved to really make them work and hold up. My idea? Simple. Microsoft doesn't make the hardware (they keep reminding us of this, and it's become more of an excuse than a reason over the past couple years, guys), but they do have some control and impact in that area. Microsoft should exercise some release management and licensing control over the hardware manufacturers - Perhaps they should specify some quality and usability requirements and license the OS first to those manufacturers that actually produce a better product. that meets some stringent requirements for usability, reliability, durability, performance and battery efficiency.

Important message to all companies looking to do handheld QWERTY keyboards: You might want to consider where you're going to spend your "innovating" funds. You might be best served to simply pay RIM however much they ask to use their keybord. Like, as in their actual keyboard, not some knock-off, lumpy chicklet version like on several of the Windows Mobile powered devices I have used in the past, or the river-rockish Treo keyboard (yuck). Just buy the technology from RIM - Their's ain't broke, nothing to fix or improve.

At any rate, looks like the possibilites continue to change and grow, and Microsoft's made a good move here. Glad to see it's coming to pass.



Add/Read: Comments [0]
Mobile | Tech
Tuesday, 07 June 2005 05:52:28 (Pacific Standard Time, UTC-08:00)
#  Trackback

I was super busy all day yesterday, so I didn't get to update about the Tablet PC stuff that was announced by IBM. The news is everywhere, so I am just providing a few detail items that matter...

First of all - A link to the IBM/Lenovo PC Institute's webcast from Monday (which is available til the end of June). They spend a lot of time talking up TabletPC's in general (Tablet PC's for beginners), discuss what they saw in the Tablet PC market that people really wanted, and show off their new X41 model.

Too bad it's 1024x768 though. That's going to have to change at some point. But I can live with that, my Acer Tablet that I've been using for some time now is 1024x768... I like the resolution of the Toshiba (yes I have used that one as well), but not the screen image quality. We can still dream.

And finally, here are the two models that were given actual online catalog prices and remain listed on the IBM/Lenovo SKU list that I mentioned last week. And hey, what happened to the others that were on there, and where's the $1899 model everyone's quoting press releases on?

X41 TABLET PENT M LV 758 (1.5) 12 WAXGA 256 40GB BG XPT 8C
LENOVO 18662GU
$2,199.00
 
X41 TABLET PENT M LV 758 (1.5) 12 WAXGA 512 40GB BG XPT 8C
LENOVO 18666GU
$2,399.00



Add/Read: Comments [0]
Tablet PC | Tech
Tuesday, 07 June 2005 05:39:36 (Pacific Standard Time, UTC-08:00)
#  Trackback