Sunday, April 29, 2007

Don't break that Compact Fluorescent Light Bulb!



More grumbling about CFL's after my last mini-rant.

"Bridges had the misfortune of breaking a CFL during installation in her daughter's bedroom: It dropped and shattered on the carpeted floor.

[ . . . ]

The DEP sent a specialist to Bridges' house to test for mercury contamination. The specialist found mercury levels in the bedroom in excess of six times the state's "safe" level for mercury contamination of 300 billionths of a gram per cubic meter. The DEP specialist recommended that Bridges call an environmental cleanup firm, which reportedly gave her a "low-ball" estimate of US$2,000 to clean up the room."



Wednesday, April 25, 2007

Congress wants to pass a Spyware law that you don't want.



Spy Act Only Protects Vendors and Their DRM

"Last week a subcommittee of the House Committee on Energy and Commerce approved H.R. 964, the Spy Act.

[ . . . ]

If the Spy Act become law, hardware, software, and network vendors will be granted carte blanche to use spyware themselves to police their customers' use of their products and services. Incredibly broad exceptions will probably allow even the worst of the adware outfits to operate with legal cover. State attempts to deal with the spyware problem will be pre-empted and enforcement left up almost entirely to the FTC."



Sunday, April 22, 2007

Microsoft Office Compatibility Pack released

If you use Microsoft Office products (Word, Excel or PowerPoint) version 2000, 2002 (aka XP) or 2003 and would like to be compatible with the new file formats for the 2007 versions of those applications, Microsoft released a 'free' new compatibility pack that will enable you to view, edit and save your files to those new formats. This is pretty nice, as you will no longer have to tell co-workers/co-students/co-anybody using Office 2007 to save stuff in the old formats so you can use them.

Before you run off to install it, there are some caveats. You MUST upgrade your version of Office (or standalone Word, Excel or PowerPoint) to the very latest service packs available.

If you need direct links to the various required Service Packs:

Office 2000: SP3 - http://www.microsoft.com/downloads/details.aspx?FamilyID=5c011c70-47d0-4306-9fa4-8e92d36332fe&DisplayLang=en

Office 2002 (XP): SP3 - http://www.microsoft.com/downloads/details.aspx?FamilyID=85af7bfd-6f69-4289-8bd1-eb966bcdfb5e&DisplayLang=en

Office 2003: SP2 - http://www.microsoft.com/downloads/details.aspx?FamilyID=57e27a97-2db6-4654-9db6-ec7d5b4dd867&DisplayLang=en

Those Service Packs work for all full versions of Office, as well as the standalone versions of the three main applications included.

In turn you must also get the most recent critical fixes published as of April 10, 2007 using the Office or Microsoft Update site.

Once you have finished all the updates needed, go and install the Compatibility Pack from http://www.microsoft.com/downloads/details.aspx?familyid=941b3470-3ae9-4aee-8f43-c6bb74cd1466&displaylang=en&tm


Friday, April 20, 2007

Global warming???




Global warming?


"Local fishermen say the ice conditions are the worst they've seen in more than 20 years."


Thursday, April 19, 2007

The new frontier for hackers: your router



http://www.infoworld.com/article/07/04/19/HNroutercellattackrisk_1.html

"Jack's null pointer exploit is effective on the Arm and xScale processors that are widely used in embedded devices, but it does not work on Intel architecture processors used by PCs.

In his demonstration, Jack plans to show how his attack could be used to make changes to the firmware of a router so that it injects malicious code into any executable files downloaded from the Internet. This technique could be used to turn legitimate software updates -- Microsoft's monthly software patches, for example -- into an avenue of attack."


So what routers use these processors? Almost all of the home firewall/router boxes made by D-Link, Netgear, Linksys and other brands. Most modern PDA's and Pocket PC's also use one of these processors.

Nothing like this is in the wild -- yet. But now that the concept is out, you can be sure it will be used sometime in the future. I will be tracking this closely. Best case scenario is that simple firmware upgrades to your router can close off the attack vector. Worst case scenario is that millions of home routers will need to be replaced.

Scary stuff . . . :-/

A nod to sanity in the media

There is (some) hope . . . At least one of the media outlets picked up on this opinion:

Mental Health Expert Says Shooter Was Trying to Attempt Immortality; Showing Clips Validates His Delusions

http://abcnews.go.com/GMA/VATech/story?id=3056168

Welner believes that instead of offering insight, these videos merely offer validation of delusional behavior.

"I think that's very important for the viewing audience to understand. This is not him. These videos do not help us understand him. They distort him. He was meek. He was quiet. This is a PR tape of him trying to turn himself into a Quentin Tarantino character," Welner said. "This is precisely why this should not be released."

Let there be light!



Maybe I'm just old-fashioned and a bit of a power pig, but I really hate fluorescent lamps for indoor use. I especially hate so called compact fluorescent lamps (CFLs) designed to fit into incandescent sockets. Give me warm light from a "natural daylight" spectrum bulb to work and read by at night. Don't get me wrong, compact fluorescents have their place - outside my home on the lawn post, or in the garage. There are even some that come very close to producing pleasing light - but I remain a skeptic for now.

Recent moves by Wal-Mart to discontinue selling ALL incandescent bulbs, and rumors that a new bill will soon come before congress to outlaw them, concern me.

Seems that I am not the only one.

First and foremost, compact fluorescents contain mercury. People that toss CFLs into the garbage when they burn out are contributing to mercury contamination in our ground water. Everyone should recycle these types of lamps - even though it's hard to get rid of them in areas with poor recycling programs.

Secondly, it appears that the move to compact fluorescents will also impact the US job market - again.

Wednesday, April 18, 2007

Is your Microsoft Update service not working? Error 0x8DDD0009 ?



Two days ago I ran across a perplexing post by describing an odd problem with Microsoft's Update Service. Automatic Updates . . . weren't. Manual Updates via Microsoft's Update Site were failing with error code 0x8DDD0009 after a VERY long time watching the scan animation.

I totally fubared on my initial advice to her, which led me to do a bit of research.

Searching Microsoft for that error comes up with nothing. Searching the Internet provided hundreds of posts describing the same exact problem, with conflicting advice from others - some of which was close, but none that were complete or reliable solutions. I decided to try and reproduce the problem myself - then find a solution.





The problem is multi-part and started with a recent update (January I believe) from Microsoft that was supposed to reduce CPU overhead when Automatic Update ran. Unfortunately, it appears that there was a bug in that patch that corrupts the Windows Software Distribution folders. Once it gets into this state, all updates - Automatic or Manual - will fail.

Here is the fix. Be warned, parts of this process will take a while, so if you do this on a Laptop, make sure you're plugged in . . .

1) Right click My Computer >> Properties >> Automatic Updates and turn it OFF. Click OK back out.

2) Start button >> Run and type in CHKDSK C: /R then press enter. Answer Y when it asks you if you want to run it at the next reboot. But don't reboot just yet.

3) Go to http://support.microsoft.com/kb/927891/ and find the link for the version of Windows you are running under RESOLUTIONS, then download the hotfix.

4) Install the hotfix you just downloaded and reboot. Wait for that CHKDSK you did in step 2 to complete - go take a break as it will take a while.

5) Right click My Computer >> Manage >> Services and Applications >> Services. Find both the "Automatic Updates" and "Background Intelligent Transfer Service" and right click them >> Stop. Make sure that both services show a stopped status in the Management window.

6) Open My Computer (double left click) and browse into C:\Windows (click the warning about system files to clear it out if you get it) and find the folder named "SoftwareDistribution". Rename that folder to "$SoftwareDistributionOLD$".

7) Reboot again, and try using http://update.microsoft.com/ . . . it should work now.

8) If it succeeds, go ahead and turn Automatic Updates back on if you are so inclined. Reverse the directions in step 1.

Please comment below on your results if you try this.

Pluto!

Some of you may not know, but I am a step-grandchild (one of many) of the late Clyde Tombaugh, the guy that discovered Pluto many many moons ago.

So when I stumbled on this Userpic today, ganked from and , I could not help myself, I had to grab it . . .

Friday, April 13, 2007

ERA Status



Old news, but apparently still true.

- 96% of American adults believe male and female citizens of the United States should have equal rights

- 88% believe the Constitution should make it clear that male and female citizens are supposed to have equal rights

- 72% believe that the Constitution of the United States does make it clear that male and female citizens are supposed to have equal rights [even though it in fact does not].

The 15 currently - unratified - states are Alabama, Arizona, Arkansas, Florida, Georgia, Illinois, Louisiana, Mississippi, Missouri, Nevada, North Carolina, Oklahoma, South Carolina, Utah, and Virginia.

http://eracampaignweb.kis-hosting.com/why.php

http://www.equalrightsamendment.org/era.htm



And yes, posting this is my reaction to the whole Imus thing.

Sunday, April 8, 2007

Wi-Fi 128-bit WEP encryption - now with new and improved INsecurity



WEP is the old standard for wireless networking encryption. New standards include WPA and WPA-2, plus a few alternates that include server authentication (RADIUS) and other flavors.

Most new wireless routers will support WPA in some incarnation. All new wireless cards for clients also support WPA. Some older wireless cards either require new drivers, or cannot support WPA - an excellent argument to upgrade equipment ASAP.

Trouble is, far too many people still rely on WEP. A recent article and publicly released working code sample (plug-in) from the Technical University of Darmstadt as reported by Heise Security allows the bad guys to hack into 128-bit WEP protected wi-fi networks in about a minute using only a laptop and a popular hacking program available to anyone on the Internet.

"A wireless network secured with 128-bit WEP encryption can, according to the researchers, be cracked in less than a minute using their attack method."

Wednesday, April 4, 2007

ANI Vuln saga continues! ARRRRRRG

Just when we thought this was over . . .

Apparently poor testing procedures led to a serious issue for people that downloaded yesterdays ANI / GDI patch MS07-017 (mouse animated curser bug) that also use the RealTek HD Audio sound card, which is common for integrated sound cards on many popular and modern mainboards.

Microsoft at least placed a fix for the conflict early this morning.

Information about the problem:
http://support.microsoft.com/kb/935448/

"SYMPTOMS
When you start a computer that is running Microsoft Windows XP with Service Pack 2, the Realtek HD Audio Control Panel may not start. Additionally, you may receive the following error message:

Rthdcpl.exe - Illegal System DLL Relocation

The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:\Windows\System32\Hhctrl.ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.
This problem occurs when the Realtek HD Audio Control Panel (Rthdcpl.exe) by Realtek Semiconductor Corporation is installed.

CAUSE
This problem may occur after you install security update 925902 (MS07-017) and security update 928843 (MS07-008). The Hhctrl.ocx file that is included in security update 928843 and the User32.dll file that is included in security update 925902 have conflicting base addresses. This problem occurs if the program loads the Hhctrl.ocx file before it loads the User32.dll file.
"

Link to download the fix, but don't get it unless you get the error on boot up as described above:
http://www.microsoft.com/downloads/details.aspx?FamilyId=74AD4188-3131-429C-8FCB-F7B3B0FD3D86


Grrrrr . . .

Tuesday, April 3, 2007

ANI Vulnerability - MS07-017 official patch available now

Microsoft has released the official fix for the ANI mouse curser vulnerability. You can get it via Microsoft Updates at http://update.microsoft.com -- just look for the KB925902 critical update. If you have Automatic Updates turned on, you should get the fix at a random time during the next few days. Personally I would not wait for that - this is that serious an issue.

Information about the release schedule: http://blogs.technet.com/msrc/archive/2007/04/03/ms07-017-released.aspx

And the relevant Microsoft Security Bulletin with manual links to download the patch for network deployment for all platforms: http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx

If you installed the eEye 3rd party patch last week, see this post for details on what you should do before installing the MS patch.

Tuesday morning - various short updates

*yawn*

1) The ANI vuln fix is not yet online at Microsoft's Update site. Hoping to see it appear later today.

2) An excellent source of information and resources for scam victims including methods to determine some of the most prevalent scams can be found at this site:
http://scamvictimsunited.com/

3) Saturdays UserFriendly cartoon is awesome:
http://ars.userfriendly.org/cartoons/?id=20070331

Monday, April 2, 2007

ANI Vulnerability update: MS official patch tomorrow

Looks like Microsoft will be releasing a fix for the ANI (mouse animated cursor) vulnerability a week early. Tomorrow in fact . . . assuming the patch passes testing today.

"From our ongoing monitoring of the situation, we can say that over this weekend attacks against this vulnerability have increased somewhat. Additionally, we are aware of public disclosure of proof-of-concept code. In light of these points, and based on customer feedback, we have been working around the clock to test this update and are currently planning to release the security update that addresses this issue on Tuesday April 3, 2007.

I want to note that we are testing still and will be up until the release, to ensure the highest quality possible. So, it’s possible that we will find an issue that will force us to delay the release. If we do find an issue, though, we will let you know through the MSRC weblog as soon as we know."





If any of you installed the 3rd party patch released Friday by eEye to mitigate this exploit, and you choose to install the MS patch tomorrow ( I highly recommend using the supported MS patch when it becomes available to prevent future compatibility problems ) then there are extra steps you need to make before updating.

Tomorrow:

1) Close all programs, especially email programs and all browsers.

2) UN-install the "eEye Digital Security .ANI Zero-Day Patch" (Control Panel >> Add / Remove Programs)

3) Reboot

4) Use Windows Update Services (IE Browser, Tools >> Windows Update) and get the new patch.

5) Reboot.

IMPORTANT: It's advisable that users refrain from checking email or surfing the web between the time they uninstall the 3rd party patch and install the Microsoft patch.

Sunday, April 1, 2007