Tuesday, 11 July 2006

Yesterday at work, I had the privilege of spending a couple hours with this cool kid named Connor. He's the son of a friend and coworker, and is an all-around good kid. Every now and then he'll come to work with his mom for a day and we'll hang out for a bit. It sure beats back-to-back meetings, heh.

Sidebar: For what it's worth, I'd kill to be eleven years old again (if I could stay that age, that is - no point in going through all those intervening years again, heh...).

True to form, he asked if we still have an XBOX. People kind of freak out when I tell them I bought an XBOX 360 for work. We actually have a couple of them on campus. "Video games at work??" they ask me. Heck yeah - it's a great way for creative minds to take an occasional and much-needed brain break (as long as it doesn't become something that's overdone), and some of the best idea-generating conversations happen when you're kicking someone else's butt in DOA4 or some other game. It's also of great interest, it turns out, to eleven-year-old kids. Yeah, go figure.

But most of the time we spent hanging out on Monday was occupied with trying to find a clean whiteboard somewhere in the building that didn't say "SAVE" on it (what the heck is up with THAT anyhow?) and then talking about computers and networks and how they work. Teaching kids something they have yet to learn about is really a lot of fun. I explained the underlying technology basics of how web browsers and web servers work, using analogies like phone books (for DNS), mapquest data (for routes) and phone numbers (for IP addresses) to try to describe some pretty complicated, intangible and abstract stuff in a way that makes some sort of sense. You know - looking up a name in a phone book and finding the phone number is like looking up a URL in DNS and getting an IP address, and using mapquest to figure out how to get from one place to another one step at a time is a lot like finding the route to a web server... We got a little more detailed than that, but you get the idea. His face really lit up when - all of a sudden - he "got it."

Next thing I knew, he was explaining how it works to me. Which was really cool. :)

I used to teach middle school kids back in the day, and there's something about those "getting it" moments that are a lot of fun to watch. Seeing reality expanding itself in a kid's mind is a pretty amazing thing. They sure do learn quickly.

At any rate, Connor will be back again sometime soon, and we'll see who's teaching whom whenever that day comes. For my part, I'm betting on the kid.

 Monday, 10 July 2006

I'll be on the road (well, in the air actually) Wednesday through Friday this week, as I am traveling to Toronto, Ontario (Canada, of course), where I'll be speaking at a conference this Friday on the topic of strong authentication for web sites and the role of web site users in the security process. They say there will be somewhere around 2,000 attendees, so it should be an interesting conference. I've been doing a lot of this kind of presentation recently - there are many changes in the works in the financial services industry for performing strong authentication of people who access online banking and other secure web sites. That's pretty much everything I've been doing for the past year or so, in fact.

It's been several years since I have visited Toronto, so I am looking forward to the time there. It's always been one of my favorite cities - clean and attractive.

If anyone happens to be in the Toronto area later this week and wants to try to catch up, be sure to let me know. Email and phone info are in the menu bar on the right side of the page on this site.

 Sunday, 09 July 2006

The Firefox 2 Beta 1 release candidate I mentioned last night includes a new feature that I just noticed (after using it practically all day), and it's simply terrific. It may seem small, but often it's the little things that make a real difference.

As-you-type spell checking is built right in. Just right-click on anything Firefox doesn't recognize and you'll get just what you'd expect. Looks like it's a basic English dictionary that's used, so you'll have to add some commonly typed terms - even Firefox isn't in the dictionary.


In Internet Explorer I have used IESpell for a couple years and it's always been very useful. But it doesn't do the red-underline thing to show me what's out of whack as I type, though, so this is another case where the Firefox team is again raising the bar.

Nice stuff.

NOTE: The Beta 1 release is set to hit the streets this week. Also, I confirmed that this weekend's binary release is definitely a pre-beta-1 release candidate (one of the nightly builds) and so it's likely (even probable) that it's not the same code that will ship as the actual Beta 1 this week. So, as mentioned last night, downloader beware. You'll probably want to wait. Sorry to anyone reading for gun-jumping, but hey we're all geeks around here, and it's in my nature to test early and test often.

Note: Sometimes bleeding-edge is fun, but it's not for everyone. I mention that so you'll know that this blog post is not for average computer users. But for those that like to try the latest, greatest things the second they become available and don't mind installing pre-release software...

UPDATE 7/10/2006: Since this post was originally authored the RC2 binaries for FF2B1 have been released earlier today in the nightly builds area. I've removed the old links.

Firefox v2 beta 1 about dialogYou know Firefox is a great browser, and if you're one of the hard-core, gotta-have-it types (like I am), you'll be glad to know binaries for Firefox v2 Beta 1 are available on the Mozilla.org FTP server. It won't be formally released they say 'til Tuesday, and the files could certainly change between now and then (this looks like it's labeled RC1 of Beta 1), but as you can see from the image at right the 2.0b1 English binaries are there. You can grab it now:

Download binaries for:

You know you want it. There's some nifty and subtle updates in the release, like close buttons on browser tabs and friendly, clean feed display in the browser window.

And by the way... Really, you should know how this stuff works, it's not magic, you know. People are organized and work hard to give you something you can download for free and which makes your life better. Have you said thank you yet?

So, why don't go and get to know the project a little bit? Find out what goes into the software you use. It is a community thing, after all. Here, I will help you with starter links and a few facts:

The codebase was frozen on July 5th in preparation for release this week. The latest status meeting notes are viewable here. The code name for the release up 'til now has been "Bon Echo." From the Firefox 2 section of the MozillaWiki (where you can get lots of geeky details for yourself, by the way - so go learn and amaze your friends) here's a touch of high-level Firefox 2 trivia:

Theme of Firefox 2

Firefox 2 will aim to build on the success of Firefox by addressing issues related to the problem of managing the vast amounts of use a pre-release code name taken from a public park. Bon Echo Provincial Park is located in Ontario, Canada. The name literally translates to "good echo", and reflects how it is our goal echoes that of Firefox information available on the Internet. Our goal is to provide a browser that helps users manage and organize their online information channels.

About Bon Echo

Continuing the tradition, Firefox 2 will x 1, once again focusing on improving the browsing experience for our users, making it simple, effective, fast and useful.

While the release notes are not yet up as of this writing, and while the binaries you see on the FTP site certainly may change before they're formally released, you might also be interested in taking a look at the changes that were made up through the latest Alpha release (Alpha 3).

 Saturday, 08 July 2006

Looks like a new variant of an old virus is making the rounds.

I got an email tonight in my personal email account that pretended to be from Microsoft and which contained a virus in an attached ZIP file. The attachment was called "Microsoft SMS Manager.zip" and contains two files - which are packaged as a .JPG file and a .HTA file. The JPG file is actually the infected binary and the HTA file is a real HTA with malicious content to call the binary and perform some other actions. The email came from an IP at an ISP located in Asia.

Of course I didn't get infected, because I saw it as obviously fake. Microsoft will never send software or updates via email, but in the social engineering department this one is bound to fool a number of people (despite the bad grammar), so it's a good idea to get the word out. I confirmed the virus infection with Symantec's AV software client on the local machine.

Here is the info about the infected contents of the ZIP file (specifically the JPG file):

Scan type:  Auto-Protect Scan
Event:  Threat Found!
Threat: W32.Gavgent.A
File:  C:\DOCUME~1\*********\Temp\Temporary Directory 1 for Microsoft SMS Manager.zip\Product.jpg
Location:  C:\DOCUME~1\*********\Temp\Temporary Directory 1 for Microsoft SMS Manager.zip
Computer:  *******
User:  *******
Action taken:  Delete succeeded : Access denied
Date found: Saturday, July 08, 2006  11:22:31 PM

If the AV software is correct and it's actually a W32.Gavgent.A virus in this file, this is an older worm (1995) that was not too prevalent at the time. The dates on the files in the ZIP are 8/2005, so it's entirely possible this is a reuse of an older virus. The HTA file in the package is an actual HTA file, and it references "Gavgent.B" in it's contents, so it's likely this is a repackaging of the Gavgent.A variant. At this time, there is no reference to Gavgent.B at Symantec Security Response. Luckily the old Gavgent.A variant is what trips the Symantec software, so detection seems to be easy enough. Below is the header from the HTA file. The executable section contains a lot of obfuscated VBScript and an IFRAME that loads the microsoft.com site with some extra arguments on the query string.

    CAPTION="Microsoft SMS Manager"

This virus does the classic network worm thing and collects email addresses and spreads via the common methods. It tends to restart the computer it infects and is generally an annoying dude. It will also try to kill AV and other security processes upon execution. Details are available here.

The original email I received is below. The subject line was "SMS Manager from Microsoft."

Developer@microsoft.com wrote:

Dear Customer,
This email provides you information about new product from Microsoft
Corporation, called Microsoft SMS Manager.
These product would help your activities, you can send and receive SMS
messages through your PC with no charge before December 31, 2005 (trial
It's compatible with most of GSM and CDMA operators.
The Installation's document is attached (Microsoft SMS Manager.zip).

For further informations, please contact support@microsoft.com

Best Regards,

Microsoft Corporation

Remember that guy who decided last year to start with one red paperclip and trade it up for a house?

Well guess what?

He succeeded.

Kyle MacDonald will soon be moving into a house in the small town of Kipling in Saskatchewan.

The two-storey house in Kipling was built in the 1920s and has undergone renovations in recent years. Roach admits some touchups and yard work are needed before turning the keys over to MacDonald, and a work party is scheduled for Saturday, July 8 to do just that. He is hoping residents will jump on the bandwagon and that there will be lots of help that day, in preparation for welcoming Kyle and Dom to Kipling.

Here is the progression of trades (with a link to the details of each item):

one red paperclip fishpen.JPG knobt.JPG  coleman.JPG  generator.JPG one instant party skidoo2 yahk2 Cintas  Cube Truck1995 one recording contract phoenix one afternoon with Alice Cooper one KISS snow globe one movie role one house

Tenacity and a blog. Wow.

