Sunday, 11 February 2007

Just the other day someone asked me why Internet Explorer had lost its menu bar after they ran a Windows Update. Of course, the "problem" was IE7 and the fact that the whole UI changed. Remember, IE7 is considered a critical update (and the first time an IE version has been promoted as such). The classic menu bar of the previous browser versions (and practically every other Windows application) is no longer visible by default. There are a couple ways to turn it back on, but when you do the result is not exactly optimal for some people. Maybe they're just whiners or getting old and set in their ways, but whomever you may be there is a solution for you. (Oh, and before people start saying "yeah, use firefox instead" please just stop and understand we got the point a long, long time ago. Firefox rocks, but this post is about menu bars in IE. tyvm.)

One thing many people don't realize is that the menu bar is actually still there in IE7, and one way you can access it just by hitting your ALT button. One tap and there it is, ready to use.

Or maybe you want it on all the time. To accomplish that in IE7, click on the the Tools menu (it has a little gear icon) and select "Menu Bar" from the options there. Now you have the menu bar back full-time and you can do your File, Edit, View, etc stuff all you want.

But, when you enable the menu bar, it actually appears below the address bar, which is a little weird for some people. And worse, you can't unlock and then drag and drop the menu bar to rearrange things because the address bar is not in the draggable/droppable list of UI stuff. everything appears below it. Bummer.


Have no fear. Chris Hanscom has posted a nice little registry hack that lets you put things back to the way you want them. The little animation above shows the three phases of menu bar goodness: Turned off completely (the IE7 default, which get a little more web page content on the screen and above the fold), Turned on and below the address bar (IE7's default location), and post-registry-hack style, with the menu bar back where you've expected it to be since dirt was first made.

So, no matter what your preference is, you have an option to meet your needs. Enjoy. And thanks to LifeHacker via Omar for the find. Check out both those blogs if you haven't already. Good stuff.

Add/Read: Comments [7]
Sunday, 11 February 2007 11:14:48 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Wednesday, 07 February 2007

I spent a good day and a half (off and on) trying like heck to get rid of some drivers that ended up being problematic in Vista on my new Z61t ThinkPad (which is a nice laptop by the way). The integrated Verizon WAN card was not happy (it needed updated drivers) and one of the virtual device drivers for the DVD-RAM drive was causing Vista to complain a lot. Despite al my attempts, the system would not allow me to remove or change them. There was not much helpful information about why my attempts were failing, though. After a while it was obvious there was a pretty serious access control problem.

It became clear that the issue I was likely up against was the new permissions and user account access limits established by Vista and its new security model. In order to get Vista to allow me, for example, to uninstall the software in question I had to go into the user managment applet in the control panel and disable User Account Control (UAC), despite the fact that my account was configured as an admin. Now all has been rectified and is well.

Interestingly, I have seen one application that, when run, included a button to elevate the privileges of the user running the app temporarily and just for that app so configuration data could be saved. Cool stuff and well-designed.

So, Vista's User Account Control certainly works - maybe even almost too well (if that's really possible). While I had to disable it to remediate some issues realted to drivers that were installed under XP originally, that's not necessary for items installed under Vista post-upgrade. And UAC is turned back on now, just as it should be.

Add/Read: Comments [2]
Wednesday, 07 February 2007 21:48:34 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Sunday, 04 February 2007

If you happen to be at the RSA security conference in San Francisco this week, get in touch and hopefully we can meet up sometime. I'm here through Thursday doing a bunch of media briefings and whatnot (for work) and (whenever I can) attending sessions. My cell number is in the right sidebar, or email me (greg-greghughes-dot-net).

Add/Read: Comments [0]
IT Security | Random Stuff
Sunday, 04 February 2007 22:36:38 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Friday, 02 February 2007

Bad guys are not stupid. What the lack in morals they sometimes make up for in creativity and smarts. That's why they can be so dangerous. Think like a bad guy: If you wanted to find a way to take advantage of a large public event in order to gain fraudulent access to thousands (or more) individual computers so you could install keystroke logging software and trojan software to allow you to grow your rogue bot network, what would you do?

Well if it was today, maybe you'd think to yourself, "Hey the Superbowl is this weekend. Let's set up a fake site and trick people into going there with an email and screw 'em all over."

Or, if you were smarter, you'd just take over the server that houses the site for Dolphins Stadium.

If this doesn't tell you why you should be focused on security, then what does?

The news item is here, and an advisory with a description is here.

The official Web site of Dolphin Stadium, home of Sunday’s Super Bowl XLI, has been hacked and seeded with exploit code targeting two known Windows security flaws.

In the attack, which was discovered by malware hunters at Websense Security Labs, the server hosting the site was breached and a link to a malicious JavaScript file was inserted into the header of the front page of the site. Visitors to the site execute the script, which attempts to exploit the vulnerabilities.

According to Dan Hubbard, senior director, security and technology research at Websense, the malicious site hosting the script has been taken offline by law enforcement officials but the hacked Dolphin Stadium site — which is attracting a lot of Super Bowl-related traffic — is still hosting the malicious JavaScript.

A visitor to the site with an unpatched Windows machine will connect to a remote server registered to a nameserver in China and download a Trojan keylogger/backdoor that gives the attacker “full access to the compromised computer,” Hubbard said.

Oy. What's it gonna take??

Add/Read: Comments [0]
IT Security | Safe Computing | Tech
Friday, 02 February 2007 12:58:44 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Thursday, 01 February 2007

One of my all-time favorite coworkers and human beings is Phillip Forteza, who works in the QA department. He's started blogging, and I'm excited about it.

Phil is one of those guys that smiles, smiles, smiles - regardless of the day or the situation. He is a truly good person, one of the kindest I have ever met, and I am always glad to see him. I only wish I was as up-beat and positive as Phil is every single day, though good and bad. If I'm every feeling down and out and I happen to run into him, it's a guaranteed fact that his powerful attitude will lift me up and remove that monkey from my back.

Check out what Phil has to write, it's more than worth the read. We need more people like Phil in this world, but alternatively more spreading of The Phillip Way is a pretty good option.

Add/Read: Comments [2]
Personal Stories | Random Stuff
Thursday, 01 February 2007 21:36:02 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Wednesday, 31 January 2007

I hope mine is not an exception to the rule, because this is pretty cool: I've been running the release version of Windows Vista on one of my laptop computers since yesterday (one that I use all the time and which does a whole boatload of work), and quite literally everything seems to run considerably smoother and faster than it ever did on XP. Now, I don't have Aero Glass/WDM on (graphics card doesn't support it), but Office, web browsers and all apps are notably better. Especially Outlook. Wow.

The only issue I have found so far is that the Explorer shell seems to hang every now and then. I probably just have a rogue random utility that's not playing well. I'll have to look into that. At least when I kill the Explorer process, it's sending trouble data off to Microsoft for analysis. That's a good thing. It recovers gracefully, though when the process restarts. While I have not seen this kind of issue since the Windows 95/98 days, the fact that the process comes back gracefully and everything still works is a plus.

I ran all the betas, and I for one am glad they delayed and fixed up some stuff. So far it looks pretty darn good. Some of the dialogs (like the new Start Menu style and file system dialogs) are a little goofy for a power user, but I intend to stick with them and see if I can make them work well. I am, after all, getting older and more set in my ways, so I find I need to allow more time for me to adjust than I used to, heh.

Add/Read: Comments [9]
Wednesday, 31 January 2007 09:30:34 (Pacific Standard Time, UTC-08:00)
#  Trackback