[Geeks are Sexy] technology news





Wednesday, February 28, 2007

Installing Vista from a USB Flash Drive

Microsoft Employee Kurt Shintaku has recently published a very useful guide on his blog explaining how to install Windows Vista directly from a USB thumb drive. Personally, I have not tried this out yet, but according to the author, installing Vista using this technique should take you about half the time of a standard install.

Why would someone want to install a client OS from a thumb drive instead of a DVDROM or over the network? One reason: Performance. Installing Windows Vista from a high speed USB flash drive is in my experience the easiest & fastest way to complete a Windows Vista install. This is much faster than using a DVD, gigabit ethernet, or possibly even some external USB 2.0 hard drives, due to differences in access speed & transfer rate.

Read more (via HardOCP)



Shift Happens - Globalization and the Information Age (Video)

In today's wired world, the speed at which information grows and propagates goes way beyond what our human brain can visualize. Did you know that right now, the amount of global technical knowledge is doubling every 2 years and that by 2010, it is predicted to double every 72 hours? That most of the information that a 1st year university student learns today will be completely outdated before he finishes school?

The following video, Shift Happens - Globalization and The Information Age, was originally created by Karl Fisch, and later modified by Scott McLeod. It tries to illuminate us as what living on earth in 10 or 20 years will be like.



If everything they say in this presentation becomes reality, what will be the implications for humanity? What are your thoughts on this?

(Via John Chow Dot Com)



Tuesday, February 27, 2007

First Apple iPhone Commercial: Hello?

The marketing folks at Apple have managed to sneak in this quick iPhone commercial during this year's Oscars. The 30-second spot apparently cost Apple around $1.7 million bucks. Yep, that's a lot of money for an ad that just says "hello". Will the iPhone catch on when it comes out in June? What are your thoughts on this?



Related post: Hello iPhone!



Looking for Missing Vista Drivers?

Has anyone here had the misfortune immense pleasure of upgrading their old PC to Vista? Am I the only one here that met some driver compatibility issues during the procedure? Yes, Vista can be a pain in the behind to install, but fortunately, there are sites out there to help you if you run into any problems. One of the resources that I recently stumbled upon and was a real lifesaver for me is that very useful page listing a bunch of third party drivers that aren’t listed anywhere on Microsoft’s website. Definitely worth a look if you are planning to make the big move to Vista in the near future.

Check it out! (Via Tech. Filter)



Monday, February 26, 2007

Robotic Beer Launching Fridge

Now this is an amazing invention: a beer launching mini-fridge. Definitely a must for all you beer drinking couch potatoes out there. Enjoy the show!



IRS Goes After eBay, Wants Info on Seller Earnings

If you are making a living selling stuff on ebay and are not declaring your earnings, be careful. The US tax authorities are doing everything they can to make sure that you are not evading your responsibilities, and they're asking the online auction giant to provide the government with a list of sellers' earnings.

With so many people making part or all of their living through eBay, the government wants its cut. This isn't an issue of any new taxes, but an attempt to collect the income tax that is already required. Because eBay does not report information about its sellers to the government, income reporting is left up to individuals, and the temptation not to list eBay revenue as income can be a strong one—and in some cases, it's not always clear when one has to do so.

Read More



Monday Morning Links Serving: The February 26th Edition

-HowTo: Guide to replacing your laptop LCD

This is a general guide on how to replace an LCD on a laptop. Replacing an LCD is second to the most costly repair next to replacing the motherboard. I hope this guide will help you in repairing an LCD that has been damaged/destroyed.

-How to Move from Windows to Linux

You're moving from Windows to Linux. You've decided you want the stability, flexibility, and cost savings of Linux, but you have many questions in your head. Isn't Linux like UNIX? Isn't UNIX hard? Where do you begin to make sense of all of this? Is there a map you can follow?

-15 Things You Can Do Right Now To Help Your Career

If you’re sitting out there at your desk, tiredly wondering if there’s something better that you can be doing with your life, start with these fifteen tips that you can start executing immediately that will lead you down a path towards a better career.

-Throw a lifeline to your future

The purpose of a lifeline is to pull someone from where they don’t want to be - quicksand pit, raging seas, icy pond, the messy present - to where they want to be. Here’s how I think you can throw a lifeline to your future:

-How to Have a 36 Hour Day

How many times do you hear someone say “I wish there were more hours in the day” or something along those lines? The fact is that all of us are only given 24 hours. Having said that, how we spend those 24 hours varies radically from person to person. It's become a bit of a cliche by now but the 24 hours we have is the same 24 hours that Thomas Edison and Mother Theresa had and that Oprah Winfrey and Bill Gates currently have. As the old song goes “It's in the way that you use it.”

-101 Amazing Earth Facts

We live on a sphere of extremes and oddities. In fact it's not really a sphere, but it is a wild planet, mottled with deadly volcanoes, rattled by killer earthquakes, drenched in disastrous deluges. But do you know which were the worst?



Sunday, February 25, 2007

Old Articles Reappearing on Feed

Just a quick message to say I'm sorry about all those old blog posts reappearing on top of the feed. It seems that each time I go in to modify something in a previously published article and hit 'save', it suddenly reappears as a new item on everyone's feed reader. Unfortunately, the problem is related to blogger and there's not much I can do to prevent it. But on a more positive side, all these minor annoyances should be a thing of the past in a week or two as [GAS] will finally be shedding its first skin.



A Look to the Past: The Internet

Apparently, there's a new technological revolution going on in the world right now and it's called the Internet. Have you heard of it? Do you think it will catch on?

The network gained a public face in the 1990s. On August 6, 1991 CERN, which straddles the border between France and Switzerland publicized the new World Wide Web project, two years after Tim Berners-Lee had begun creating HTML, HTTP and the first few Web pages at CERN.



Friday, February 23, 2007

Drive-by Pharming Alert

It has recently hit the news that a few clever researchers have put together a rather clever and potentially devastating pharming attack aimed at consumer-level wireless routers. All that's required for a router to be "Drive-by Pharmed" is to have a user connected behind that router to visit a special evil webpage.

First, the attacker creates a web page containing a simple piece of malicious JavaScript code. When the page is viewed, the code makes a login attempt into the user's home broadband router, and then attempts to change its DNS server settings to point to an attacker-controlled DNS server. Once the user's machine receives the updated DNS settings from the router (after the machine is rebooted) future DNS requests are made to and resolved by the attacker's DNS server.

And then the attacker basically owns the victim's web connection.

In other words, once the attack has done its work, any browser on your network can be silently redirected to any site (legitimate or otherwise) that the attacker wishes. The browser or OS you happen to be using doesn't matter.

Apparently there are at least 77 Cisco devices that are vulnerable to this (for now) proof-of-concept attack. Symentec has a nice article detailing the mechanics of the attack, as well as nifty flash video for those who don't feel like reading. Suffice it to say, it would be a very bad thing for this attack to start cropping up in the wild. However, there are some very simple and relatively easy steps that everyone can take to protect themselves.

  • Change your router's password. There is no excuse not to. Seriously.
  • Browse with scripting disabled. And since javascript is needed for many legitimate uses, solutions like the NoScript Extension for Firefox are worth investigating.
  • Don't browse recklessly. Yes, I know those shady corners of the Internet are loads of fun, but they aren't worth getting your computer "totally pwned". Just be careful and use some common sense when clicking around.
Via Schneier.



SETI@Home Finally Finds... Something?

First, if you don't know what SETI@Home is, here's a quick recap from Wikipedia:


SETI@home is a distributed computing project using Internet-connected computers, hosted by the Space Sciences Laboratory, at the University of California, Berkeley, in the United States. SETI is an acronym for the Search for Extra-Terrestrial Intelligence.

Now that you know what this program is all about, here's a little bit of funny news. Since the inauguration of the project back in 1999, SETI@Home has never discovered a single piece of evidence that extraterrestrial life exists anywhere in our universe. It never discovered anything at all... until now!

It seems that one of the volunteers who is participating in the program recently got his wife's laptop stolen. After noticing the theft, the guy tracked the laptop back to the thief's home using the IP address that his SETI@home client was reporting back to the main SETI server.


I always knew that a geek would make a great husband," she said. "He always backed up all my data, but this topped it all. It became like `Mission: Impossible' for him, looking for hard evidence for the cops to use. ... He's a genius - my hero.

Read more



Watchfire Discovers Google Desktop Vulnerability

Google Desktop LogoFor those of you who are currently running Google Desktop on their box, beware: The folks at Watchfire have just discovered a new cross-site scripting vulnerability in the application that could let an attacker search for sensitive data on your network.

As much as I dig Google, I've always felt a little leery about Google Desktop. I mean, why would I want to make my computer searchable from the Web? It sounds more scary than beneficial. Turns out, my worst nightmares about Google Desktop came true. Good thing I didn't install it.



Thursday, February 22, 2007

Nick Burns: Your Company's Computer Guy

Just watch and laugh.



Final Versions Of Windows Vista's Free Deployment Tools

Microsoft Corp. today announced the availability of six new deployment tools that will help expedite businesses’ migration to Windows Vista™. The recently released tools are the Microsoft® Solution Accelerator for Business Desktop Deployment (BDD) 2007, the Microsoft Application Compatibility Toolkit (ACT) 5.0, Windows Vista Hardware Assessment 1.0, the Volume Activation Management Tool, the Key Management Service for Windows Server® 2003 and Virtual PC 2007.

Official Press Release

Here are the download links to the six tools:

-Solution Accelerator for Business Desktop Deployment 2007

-Application Compatibility Toolkit 5.0

-Windows Vista Hardware Assessment 1.0

-Microsoft Volume Activation 2.0 tools

-Virtual PC 2007

Happy testing everyone!



Wednesday, February 21, 2007

Perceptive Pixel: The Next Step of Multi-Touch Technology

For those of you who have been with us for a while, you probably remember that Matt, our oldest contributor here at [GAS], has blogged extensively about multi-touch display technologies. I'm sure most of you have already read both of his articles, but if you didn't, go ahead and take a look at them (1, 2), they're very interesting. Unsurprisingly, the technology that was featured in one of these posts is really getting noticed by the world, and Jeff Han, the researcher who invented it, has started a company named "Perceptive Pixel" to pursue its development. Here is a brand new video presenting the company and its technology.



Matt adds: As you can see, this video is an excellent mix of very shiny eye-candy and real-world applications that seriously benefit from the use of a multi-touch interface. It goes way beyond Jeff Han's TED demo in showing the technology's usefulness in collaborative applications on large-format displays.

The news that Han is forming a startup company is very encouraging. One of the things that's been quite worrisome since the iPhone announcement was that Apple would claim a patent on the concept of "multi-touch". Fortunately, the fact that Perceptive Pixel came into existence is a good sign that Apple doesn't own every right on this new and revolutionary idea.



Brain Controlled Robotic Arm Controlled by Monkey

Here is an interesting video presenting a prototype of a robotic arm that can be "equipped" on any humanoid being and controlled via its brain signals.

If these test work—which they look like they do, the monkeys are feeding themselves successfully—you too can lop off your own arm, stroll into the emergency room, and feel confident that they'll replace your missing appendage with the robotic equivalent. No wait! We mean in a couple of years!


(Via Gizmodo)



Technology Could End Deafness

iPod deafnessWired has an interesting piece today presenting a new technique under research by a bunch of university scientists that could literaly restore hearing in deaf people. If you are an iPod fanatic, you should most definitely read this because as you may not yet realize, you'll probably end up deaf one day!

The science of hearing is moving beyond traditional hearing aids and cochlear implants into a world where patients may be able to regain their hearing through manipulation of their own biology. New techniques, such as combining stem-cell transplants with the "recharging" of cells that power an amplifier in the ear, were discussed at the American Association for the Advancement of Science conference.

Read more



Tuesday, February 20, 2007

Could You Do Without? A Week With No Technology

Here is an interesting segment of the Today Show in which Forbes managing Editor, Dennis Kneale, tries to live without any mobile devices for a week. Enjoy the show!



RDP Magic: Exploring the Console and Shadowing Functionalities of RDP

Remote Desktop ConnectionAny Administrator who manages more than a few Windows servers has used the Remote Desktop Protocol (RDP) at one time or another. It allows us to manage systems remotely so we don't necessarily have to physically be in the server room (are you crazy? That place is COOOLLDD!!! Brrrr...). Connecting to a server via RDP is fairly straightforward. You open the program, enter the server name or IP address and click connect. After, just type in your userid and password to authenticate. There are various settings you can customize in your RDP client such as the size of your remote desktop, colors, sounds, and even the amount of bandwidth used by your remote desktop connection. RDP also includes some unique functionalities that most people are not aware of.

Console Session

Often we find ourselves having to install software like SQL or Exchange remotely. Installing via RDP causes problems and often fails because of the hardware mappings that occur within an RDP session. A possible solution to this problem is to install all software directly from the console, but in today's virtual world, sitting in front of the server in a data center may not be an option. So what do you do? Rely on some hardware monkey to install your critical database software? Of course not! If your server is running Windows Server 2003, there is a way to connect to the console remotely.

If you go to Start->Run and type 'mstsc /v:servername /f /console', you will get the same window as you usually do when connecting to a normal RDP session, but this will allow you to directly connect to the console session (session 0) just like if you would be sitting right in front of the server. You can verify this by opening the Terminal Services Manager and looking at which session you are connected to. This does not work on Windows 2000 Server. If someone else is logged into the console session when you attempt to connect, you will get this error:

The user domain\username is logged locally on to this computer. The user has been idled for <number> minutes. The desktop is unlocked. If you continue, this user's session will end and any unsaved data will be lost. Do you want to continue?

If you proceed, the user will be logged off and the computer will lock itself. If the userid's are the same, you will connect to the same session without any problems.

I'm sure many Administrators have come across situations where a problem occurs with a server and an alert is generated. Then everyone, even folks who cannot necessarily diagnose or fix the problem, will decide to remote into the server to see what's going on. This will unfortunately reserve the 2 available remote sessions and you will get this error when attempting to log on yourself:

The terminal server has exceeded the maximum number of allowed connections. The system cannot log you on. Please try again or consult your system administrator.

Now you can't get in to troubleshoot.


Connecting to the console basically gives you a third connection that most people don't know about. In most cases, this connection should be available, unless someone really is at the console or someone else beat you to it.

Shadowing

Along the same lines, you can shadow a current session. If another person is logged in, you can request to shadow their session by typing:

shadow x (where x is the users session number, which you can find in Terminal Services Manager)

You will receive a message stating:

Your session may appear frozen while the remote control approval is being negotiated. Please wait...

The user will then receive the following message:


domain
\username is requesting to control your session remotely.
Do you accept the request?


Why would someone do this? Imagine my previous scenario where you have a lower level worker physically at the console and you want to teach him/her how to do something. You can call this person on the phone and ask him to login, then, you login remotely and shadow his session. From this point, he will be able to see what you are doing and can observe the proper procedure while you are explaining it to him. Make sure he takes notes! You wouldn't want to get called again for the same problem when there is someone on site who is able to fix it right?

I hope you have learned something new today about RDP and its capabilities. Now that you know this, you have a new tool in your Administrators toolbox to handle some remote situations.

Labels:



Vista First Look: A Massively Multiplayer Beta Test

The Register's columnist Thomas C. Greene has recently pubbed a good article offering an entertaining review of Windows Vista, noting price differences in Europe, driver compatibility issues and security and user interface problems that affect the global Vista experience.

The most prominent feature of Windows Vista is its cost. So, before we get into the nuts and bolts of how it behaves, let's talk about value for money. Because at these prices, it had better be good.

Read more



Monday, February 19, 2007

Mobs Love Lists

It's no secret to anyone who's kept their eyes open while surfing the Web over the past couple years that lists are incredibly popular. They consistently top the "most popular" lists of bookmarking sites like del.icio.us, hit the Digg homepage, and are easy fodder for blogging. Why is this so? What makes a list of bullet-points more attractive to the average Web user than more detailed or fleshed-out pieces that are far more effective at getting to the meat of its subject matter?

To answer this question, I'm ironically linking to a list on a blog. The Net Business Blog has a nice array of 8 Reasons Why the Masses Love Lists.

This list isn't terribly flattering to either authors or readers, and given the number of "list" posts on this site, I feel obligated to point something out. Out of our top 10 most popular posts of 2006 (yes, yet another list), only one post fits the description of a mob-consumable list. I guess that means that our readership and/or our target demographic tend less toward being superficial sheep-like content consumers than the rest of the planet.

So thank you, dear readers and people-who-link-to-us, for staying ahead of the herd.



Google Study: Failure Trends in a Large Disk Population

Opened Hard DriveThe folks at Google have just published an interesting paper looking at failure trends in a large disk drive population. Surprisingly, the study says that heat is less of a factor in hard drive problems then other characteristics such as age, model or manufacturer. It also appears that SMART features in most drives are less reliable than we might think, often not reporting imminent failures when needed.

Our analysis identifies several parameters from the drive's self monitoring facility (SMART) that correlate highly with failures. Despite this high correlation, we conclude that models based on SMART parameters alone are unlikely to be useful for predicting individual drive failures. Surprisingly, we found that temperature and activity levels were much less correlated with drive failures than previously reported.

Failure Trends in a Large Disk Population (PDF)



The Real Hustle: The I.D Theft Hustle

In this segment of the Real Hustle show, the hustlers try to steal someones i.d by picking up various confidential documents from a garbage bin, and then signing up to a loan and various credit card offers using the collected information.



A Supercomputer in your PC?

According to Betanews, Nvidia has just released the first public beta of its CUDA development kit, an application developed to take advantage of a video card processing power to transform any system into a super number-crunching machine. Unfortunately, it appears that the software will only compatible with Nvidia's 8800 series of graphic cards, so if you are a developer and want to try this out, you'll have to shell out at least $600.

NVidia's objective is to exploit an untapped reservoir on users' desktops and notebooks. While multi-core architecture has driven parallelism in computing into the mainstream, multi-pipeline architecture should theoretically catapult it into the stratosphere. But applications today are naturally written to be executed by the CPU, so any GPU-driven parallelism that's going to happen in programming must be evangelized first.

Read more



Sunday, February 18, 2007

Monday Morning Links Serving : The January 19th Edition

-10 R’s to Apply if you Want to Succeed

The intent is to communicate a high-level framework -- one that guides our thinking and actions. It won't get you from zero to hero on its own, but if you follow it's principles and philosophy, it may just guide you when you need it the most.

-Top 10 Ways To Improve Your Mental Fitness and Make Your Brain Age Younger

There are two basic principles to keep your brain healthy and sharp as you age: variety and curiosity. When anything you do becomes second nature, you need to make a change. If you can do the crossword puzzle in your sleep, it's time for you to move on to a new challenge in order to get the best workout for your brain.

-Create your master feed with Yahoo! Pipes

Instead of going here, there and everywhere to see all the content you create on the web, combine it all into one master feed using with the newly-launched Yahoo! Pipes.

-How to Explain DRM to Your Dad

My friend John was trying to think of a way to explain the problem with digital rights management to his dad and friend of ours who don't see what's wrong with it. He compiled a list of examples of DRM-related problems to help people understand what the big deal is with DRM.

-OpenCola - The Open Source Coca Cola

OpenCola is a brand of cola unique in that the instructions for making it are freely available and modifiable. Anybody can make the drink, and anyone can modify and improve on the recipe as long as they, too, license their recipe under the GNU General Public License.



Friday, February 16, 2007

Bill Gates vs. Steve Jobs: Fight!

Here is an hilarious video in which Bill Gates and Steve Jobs fight against each other in the clean white virtual land of the iconic iWorld. Enjoy the show!



USB Hard Drive Enclosure that looks Like a Hard Drive

GW2.5HD-U2Hmmm, isn't this a bit confusing? The GW2.5HD-U2 is a USB 2.0 hard disk enclosure that looks like like a hard disk but isn't one. Just stick your favorite 2.5-inch PATA drive in it and you're ready to bring along your data with you everywhere you go. A hard drive within a hard drive... is this what we call "recursive humor"?

(via Gizmodo)



Vista On XP!

Here's a little something for the 'Cool File'!

If you don't want to risk getting Vista so soon after its release but still want to have a taste of what it will look like, look no further. I found a cool installer that changes the Shell in XP to look and act like Vista or Longhorn (take your pick).

CrystalXP.net has created a few themes to give you a glimpse into the future of Windows. These are stand-alone installers and do not interfere the system at all. I have it installed myself, and it really does look sexy!











To get this look, you need to download two items:

Download the Desktop Sidebar from FileForums, and install.
Download your preferred BricoPack from CrystalXP.net, and install (reboot required).

Once all is said and done, you can customize the 'Desktop Sidebar' and the 'Dock Object' as you see fit.

Enjoy!



New Hack Lets Bad Guys Sneak into Home Routers

Linksys WRT54GCnet has an article this morning reporting that researchers at Indiana University and Symantec have discovered that attackers could be using JavaScript code on a webpage to modify your home router's configuration. This threat will only work if your router is configured to use the manufacturer's default password, so if you haven't changed it yet, maybe you should start thinking about doing it!

The researchers found that it is possible to change the DNS, or Domain Name System, settings of a router if the owner uses a connected PC to view a Web page with the JavaScript code. This DNS change lets the attacker divert all the Net traffic going through the router. For example, if the victim types in "www.mybank.com," the request could be sent to a similar-looking fake page created to steal sensitive data.

Read more

Related [GAS] articles:



Thursday, February 15, 2007

The Real Hustle: The Hire-Car Scam

In this episode of "The Real Hustle", The Hustlers try to sell a hire-car several time over in a single day by asking the unsuspecting buyers to leave a deposit for the "deal of a lifetime".



YouTube Turns Over User IDs to Fox

For those of you who have been uploading copyrighted content to Youtube, Beware! Internetnews.com has an article today about How Youtube, after receiving a subpoena from the U.S. District Court in Northern California, turned over the user info of two of its members to FOX.

In an e-mail to internetnews.com, a 20th Century Fox Television spokesperson said that Google and Live Digital complied with subpoenas issued by the U.S. District Court in Northern California and disclosed to Fox the identities of two individuals who illegally uploaded entire episodes of "24" prior to its broadcast and DVD release.

Read more



Real-life Batman Utility Belt (Video)

All I can say is, I want one! This battery-powered Batman-like rope ascender was created by an MIT student named Nathan Ball for the Lemelson-MIT contest. It can lift 250 pounds 50 feet into the air in about 5 seconds.

With the help of Ball’s ATLAS Powered Rope Ascender, a fully loaded firefighter could reach the top of a 30-story building in only 30 seconds, compared to the six minutes or more it often takes to trudge up stairs with 80 to 100 pounds of equipment. The device, which is the size of a hand-held power tool, can lift a 250-pound load more than 600 feet into the air at nearly 10 feet per second, all on a single battery charge.



MIT Graduate STudents Wins $30,000 Lemelson-MIT Student Prize for Life-Saving Inventions (Via Techeblog)



Wednesday, February 14, 2007

The Worst Code You've Ever Written

Robert Nyman asked his readers to submit examples of awful code, and they graciously obliged (via 465 Berea Street). Now readers of both Nyman's blog and 465 Berea Street have come forward with some astounding snippets of code, mostly from the days of non-standard, table-based web development (and mostly written by themselves).

Inspired by Nyman, I've found it quite amusing digging up old projects and looking at the atrocious markup I once churned out. I'll scour those archives for a few gems and leave them in the comments. So, how about you? Got any embarrassing, self-incriminating evidence from the days of olde?



Blu-Ray and HD-DVD DRM: Hacked

It didn't take long, did it? A hacker who goes by the name of "muslix64" claimed last December that he had cracked the copyright protection system in an HD DVD movie, Serenity. The AACS organization, which is an authority in the domain of content protection, confirmed it recently.

The movie industry is self-delusional if it believes it can use Digital Rights Management (DRM) technology to thwart the copying of digital content, declared Bruce Schneier, chief technology officer of managed security company BT Counterpane.

"They have no credibility. DRM doesn't work. Anybody who knows security looked at this and said, 'So what?'" Schneier told TechNewsWorld. Trying to make digital content copying impossible "is like trying to make water not wet," he added.

With Microsoft having put so much time and money in supporting and re-enforcing these technologies, you have to wonder if it was really worth the time. I have agreed with whomever I spoke about this topic when they said it was only a matter of time before it was hacked.

Related Articles:


IGN Article
TechnewsWorld Article
TheMatt's G.A.S article: "Vista's Content Protection Badness"
Wired: Gadget Lab Blog



The Real Hustle: ATM Machine Scam

In this episode of "The Real Hustle", The crew demonstrate how easy it is for villains to steal your ATM card information. Has anyone here ever been a victim of a similar scam?



It's Microsoft Patch Day!

This month's patch day brings a total of 12 patches to us, including 6 critical ones and 6 that are rated as "Important". In all, the twelve patches fix 20 vulnerabilities in various Microsoft software.

Microsoft Security Bulletin
MS07-005
Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (923723)
Max Severity: Important

Microsoft Security Bulletin
MS07-006
Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255)
Max Severity: Important

Microsoft Security Bulletin
MS07-007
Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege (927802)
Max Severity: Important

Microsoft Security Bulletin
MS07-008
Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928843)
Max Severity: Critical

Microsoft Security Bulletin
MS07-009
Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (927779)
Max Severity: Critical

Microsoft Security Bulletin
MS07-010
Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution (932135)
Max Severity: Critical

Microsoft Security Bulletin
MS07-011
Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (926436) Max Severity: Important

Microsoft Security Bulletin
MS07-012
Vulnerability in Microsoft MFC Could Allow Remote Code Execution (924667)
Max Severity: Important

Microsoft Security Bulletin
MS07-013
Vulnerability in Microsoft RichEdit Could Allow Remote Code Execution (918118) Max Severity: Important

Microsoft Security Bulletin
MS07-014
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (929434) Max Severity: Critical

Microsoft Security Bulletin
MS07-015
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (932554) Max Severity: Critical

Microsoft Security Bulletin
MS07-016
Cumulative Security Update for Internet Explorer (928090)

Max Severity: Critical

Happy patching everyone!



Tuesday, February 13, 2007

Alternative Vista Installation Method

My Monday schedule sucks, and my Tuesdays are almost as bad. Couple that with some recent frustrations dealing with Vista at work (ranging from permissions issues to the horrible preferences and settings UIs), and the result is a sizable amount of ill temper being aimed at Microsoft's shiny new OS.

Apparently I'm not the only one who is having Vista-angst. But I'm not cool enough to figure out an alternative method of "installing" Vista on a machine like the dude in the video below. I am, however, just cool enough to spread the word. If all else fails, you'll always have this Plan B.




Via El Jobso.



Microsoft Home Server: Beta Released

Microsoft, for the most part, have kept the Beta Program for Home Server close to home. However, they've begun to take names from the public for those of you who are interested in testing Home Server!

What is Home Server?

Put simply, it is a storage server that sits on your home LAN and serves the other machines connected to your network, no matter where they are in the world. It also allows you to stream movies or photos from your XBOX and can even serve as a backup server for your home computers, providing either full PC backups or file version/rollback functionalities.

For me, the cool idea behind Home Server, and why I signed up to be a Beta-Tester myself (besides the fact that I like to break things), was that it gives you the capability of accessing your files from anywhere, inside or OUTSIDE of your home network. This can be done via a password protected web interface or a simple RDP client. I think that this is the greatest selling point of this technology.


At CES:


Video: Windows Home Server CES 2007


Related Articles:

ComputerWold
Softpedia News
Inside Microsoft Blog

Labels:



Preparing your Windows Environment for Daylight Saving Time Changes in 2007

In August 2005, the US congress passed an act that has the main goal of increasing the amount of time people spend in daylight, therefore decreasing their energy consumption. This act, dubbed the Energy Policy Act of 2006, will come into effect a few weeks from now. DST will now start 3 weeks earlier on March 11 and will end one week later then it used to on Nov. 4th. What does this mean for most of you? More time under the sun. And what does this mean for us, The system and network administrators of the world? Trouble, all sorts of trouble, especially for those of us who are currently supporting large windows 2000 environments and are running any versions of Exchange / Outlook previous to version 2007 on their domain.

As a result of this new DST ruling, system administrators in affected countries will have to work extra hours to set up a bunch of updates / registry hacks on their networks so that their environment can keep up with the new time adjustment.

To help you guys out with this very unpleasant task, here are a few links that should help you get started the right way.


Have you noticed that there isn't any links telling about how to patch an Exchange 2000 server? The reason for this is that since the product has entered in its extended support phase on the 10th of january, Microsoft will not be giving out this patch to anyone unless they are ready to shell out $4000 or have signed an extended support contract with them.

By doing this, Microsoft will be forcing a lot of people to migrate their old exchange mailing infrastructure to a newer one, taking advantage of the situation to make a few bucks.

Depressing isn't it?



Firefox Downloaded More Then 300 Million Times!

Firefox fans rejoice! Your favorite open-source browser has just reached a new milestone: 300,000,000 downloads! Isn't that amazing? If you are curious about looking at the official download counter, it can be found on the bottom right of the spreadfirefox.com homepage. You can also add that counter to your site by following these simple instructions.



Can Natural Language Search Bring Down Google?

PowersetPowerset, A startup search engine company, has just licensed technology from Xerox PARC that it hopes can give it an edge over Google. That edge: natural language search queries that actually work. Powerset's search engine is currently under development, so no working prototype is available on the web as of yet, but according to all the media coverage this company is currently receiving, things are looking good for the near future.


Upstart search engine Powerset has just secured an exclusive license for natural language processing technology from Xerox's Palo Alto Research Center. It's a move that some are claiming will allow the small firm to someday challenge Google.

Read more



Tuesday Morning Fun: The Fastest XP Prank Ever!

This is the perfect prank to pull when one of your work colleagues steps away from his computer for a few moments. This classic has been around forever but it never gets old!



If you enjoyed this post, take a few seconds of your time and subscribe to our feed! [GAS] is updated multiple times per day and is enjoyed by over 150000 unique visitors each month.



Monday, February 12, 2007

Microsoft Scripting Games 2007

For those interested, Microsoft is starting their annual Scripting Games 2007 modeled after the Olympics. It is a scripting contest with 10 "events" broken into 4 divisions.

  • VB Script-Beginner
  • VB Script-Advanced
  • Power shell-Beginner
  • Power shell-Advanced

You can submit to one or all divisions, and this year they have prizes for anyone who enters at least one event. In addition, anyone scoring 60 points or more in any division will receive a coveted Certificate of Achievement from the Microsoft Scripting Guys. The contest starts today at 0800 PST, but the first events close on Wednesday 0800 PST so get in right away if your interested.

Here is the link to the
Scripting Games site.

I did this last year and received a perfect score. As a result, my bio was listed under the 2006 Champions. It's challenging and alot of fun. I hope to see many of you there.

Steve



Malware Analysis: Rootkits

Most of you have probably heard a lot about rootkits in the past year, and we've written about them fairly often here on [GAS], but have you ever caught one in the act of subverting your computer? Here are 2 very interesting videos that will explain to you what rootkits are, how they work and what they can do to your system. Enjoy the show!



Sunday, February 11, 2007

Monday Morning Links Serving : The February 12th Edition

-How to maximize your first two hours of the day

The early morning is the time that we have the most control over our day. We need to use it to handle more important tasks that may be dropped by the wayside as more urgent, but less important, tasks and situations present themselves.

-Hack Attack: Getting good with Google Reader

Google Reader is one helluva feed reader, but unless you've spent a little time digging into the documentation, you probably aren't taking full advantage of what it has to offer.

-
How to Backup a Blogger Blog

This is a great backup solution for people who have upgraded their Blogger blog to the new version of Blogger.

-How to Reduce Your Workload in 1 Minute

...Or so this article claims. I'll have to try it out!

-
More details on Firefox 3 planned features

During this and last week Mozilla developers and drivers had a run of meetings to discuss Product Requirement Document (PRD, a list of what Firefox 3 should include) released some weeks ago.



Introducing Stephen Correia

Hi All, my name is Stephen Correia and I am one of the newest contributors to [Geeks Are Sexy].

I grew up in Portsmouth, Rhode Island and joined the U.S. Marine Corps when I graduated High School. As a Marine I was stationed at Quantico, VA; Scott AFB, IL (plush duty); and Okinawa, Japan. I started doing Mainframe Operations, moved into Desktop Support, and finally in Okinawa I planned, deployed, and supported fully functional networks supporting up to 2000 users in remote locations. I've been to Pohang, South Korea; mainland Japan; Okinawa; Hong Kong; and Australia. After 10 years in the Corps, I received an Honorable Discharge and began work as a Contractor teaching System Administration to the up-and-coming Devil Dogs (that's a nickname for Marines).

After a few years of that, an opportunity presented itself in 2004 for me to go to Baghdad, Iraq for a year and work as an Information Assurance Security Officer. This was a great opportunity, and a way for me to give back to the military that had so graciously trained me and provided great experiences. The year went by fairly quickly and, as you can imagine, I arrived home safely in early 2005 and began working in my current position as a Windows System Administrator. Since I work in a large data center, most of my articles will be about issues I come across there.

My lovely wife and I live in Virginia with our 3 children. We are celebrating 10 years of marriage this year but I won't be getting a discharge from this duty anytime soon, we are lifelong partners.



Saturday, February 10, 2007

Samsung Unveils iPhone Rival

Samsung F700Korean electronics maker Samsung has just unveiled the F700, a new mobile phone that offers great "iPhone-like" features and will probably be entering in direct competition with Apple's mobile when it comes out in June. The F700 features a 5 megapixel camera, has touch-screen capabilities and can play multimedia files of most formats. It also comes equipped with a sliding Qwerty keyboard, which should make it a much more desirable choice for business users.


Seoul (South Korea) - Making its debut in the midst of a legal battle for Apple over its much anticipated iPhone, Samsung today unveiled the F700, a new handset with a feature set designed to rival Apple's upcoming entrant.

Read more



Friday, February 09, 2007

Crysis Video Preview (Video)

Crysis is one of the most anticipated games of this year. Crytek's follow-up to the acclaimed Far Cry blends first-person shooter action with a science fiction storyline. Plus, the game was developed to run on Microsoft's Windows Vista (though not exclusively) and use the operating system's DirectX 10 framework for enhanced graphics. Here's a look at some actual gameplay footage of Crysis running on both Vista and Windows XP.



Today show interviews Bill Gates on Vista

The Today Show has recently interviewed Bill Gates for the launch of Vista, asking him questions about security, prices and a lot more. Enjoy the show.



Thursday, February 08, 2007

High Security for $100 Laptop

Wired has an interesting piece this morning explaining how security will be implemented in OLPC notebooks. Instead of using traditional security features such as a firewall or an anti-virus, "$100" laptops will apparently protect themselves from intruders / malicious code by running each of their applications into separate, independant virtual machines.

Krstic's system, known as the BitFrost platform, has only one user prompt (turning on the camera) and imposes limits on every program's powers. Under BitFrost, every program runs in its own virtual machine with a limited set of permissions. Thus a picture viewer can't access the web, so even if a hacker comes up with an exploit that lets him control the program, he couldn't use it to grab all the photos on the laptop and upload them to the internet.

Read more



Win the Ultimate Hi-Tech Toilet

Have you ever wished you could drink beer, watch television or play with your xbox 360 while behing comfortably installed on the "throne"? If the answer to this is "yes", then check this thing out:

The Ultimate Toilet

This monster was built by an Ohio-based plumbing company named "Roto-Rooter" and could actually be yours if you take a few minutes of your time to enter their "Pimped Out John" sweepstake.

Check your email, watch a movie, listen to you iPod, play your favorite video game - without leaving the bathroom.

If you win, you'll be tempted to sit for hours. Just remember, fresh air and contact with other people are good.

Think it's odd? Learn more about it and we think you'll change your mind.

On average, people spend a year and a half of their lives on the toilet, so why not enjoy it?



Wednesday, February 07, 2007

Congress & Tech Companies Working Towards Greening Up Servers

This story is a little bit old, but I thought I would bring it up as I am a little surprised it has not recieved more attention in the US. In December, before Democrats took control of Congress, the House and Senate passed legislation requiring the EPA to study power consumption in computers and in data centers. This study, which is to be completed and submitted to Congress by May, requires that the EPA essentially take inventory of the data centers in use by the US government and how much power they consume. The study is also supposed to come up with guidelines and best practices for lower power consumption and developing a more green system for data centers that should then be taken up by the IT industry. House Resolution 5646 states:

It is the sense of Congress that it is in the best interest of the United States for purchasers of computer servers to give high priority to energy efficiency as a factor in determining best value and performance for purchases of computer servers.

Usually when the Congress passes a “sense of the Congress” bill, forward thinking companies assume that Congress wants to start mandating something and will try to get ahead of the curve. Several companies are already doing so. Sun Microsystems and SalesForce are researching ways that they can green up (as are other companies). With Congress getting into the mix, the sense of urgency will increase. As is typical when the government decides to get involved, many companies will try to get their viewpoints published with the findings that will help maximize their exposure and their bottom line.

Get more:

The Register article with more details



10 Windows Vista Myths

The folks at TechRepublic have pubbed an interesting article yesterday listing 10 common Windows Visa myths. From exaggerated cost and hardware requirements to feature limitations and compatibility issues, this article will help you sort through all the hype and get a real picture of what the new OS will and won't do for you.

In this article, I'll take a look at some of the exaggerations, distortions, and out-and-out untruths I've heard floating around about Vista.

Read more



Steve Jobs Calls for End of DRM

Apple's CEO, Steve Jobs, has just posted his thoughts about the DRM problematic on Apple's website, claiming that Apple would embrace a DRM-free market if such a thing could be possible. Mr. Jobs then goes on and lists three viable alternatives to DRM systems. From the article:

Why would the big four music companies agree to let Apple and others distribute their music without using DRM systems to protect it? The simplest answer is because DRMs haven’t worked, and may never work, to halt music piracy. Though the big four music companies require that all their music sold online be protected with DRMs, these same music companies continue to sell billions of CDs a year which contain completely unprotected music. That’s right! No DRM system was ever developed for the CD, so all the music distributed on CDs can be easily uploaded to the Internet, then (illegally) downloaded and played on any computer or player.

This last quote only proves one thing: Music companies are managed by a bunch of bozos who have no ideas about how the Internet or technology truly works.



Tuesday, February 06, 2007

Interview with Agloco Founders Ray Everett Church and Akshay Mavani

For those of you who have signed up to Agloco through us, you will probably be interested in this interview from the Scoble Show presenting Agloco Founders Ray Everett Church and Akshay Mavani.



The Agloco phenomenon has been spreading like wildfire over the Internet lately. Even Marketing giants such as John Chow and Darren Rowse are starting to believe that the program will be a success, bringing a lot of credibility to the company. Agloco offers a great opportunity for everyone to earn a nice little income with no risk involved at all.

If you haven't signed up with Agloco yet, you can do so right here.



On Sand Castles and Silicon Valley

You've probably never asked yourself "what does a small child building a sand castle on the beach have in common with an IT pro whose life consists of toiling away in the trenches of Silicon Valley?" It is, however, a question that is on at least a few minds at the moment. The Show has The Answer.



Walmart Launches Ho-Hum Video Download Service

Another video download store has launched, and this one's from Walmart. Walmart Video Downloads stocks content from both the big and small screens, offering movies like Pirates of the Caribbean and Talladega Nights, as well as popular TV shows such as 24 and Prison Break.

The offered videos are unfortunately of medium quality and are only available in two formats: standard 640x480 for your PC/Laptop screen, and 320x240 for your portable media player. I wouldn't have expected HD quality, but if you're trying to convince me to buy files intead of DVDs, at least give me widescreen. Additionally, Walmart's video downloads are Windows-only.

As can be expected, all downloads come with a heaping spoonful of DRM. You may back up your video files to CD or DVD, but that's where it ends. You cannot burn and play back a DVD of the videos that you download, nor can you play them on a different PC.

Pricing in the Walmart Video Downloads is on par with iTunes. Pirates of the Caribbean is going for $14.88, 10 cents below its price in the iTunes Music Store.

Walmart's video download store fails to impress me. Why would I spend $14.88 on an online release when I can get the same movie for $17.99 at J&R? For roughly $3 more, I've got a DVD in my hand that can be watched on any PC, Mac or DVD player in widescreen, as well as backed up to my computer. In order to make me a customer, such a service would need to offer more than what I can get from a physical media, not less.

Oh, and more DRM doesn't count!



Study - Surfers Ignore Common Security Cues on Banking Sites

A new study paints a distressing picture of how easy it is to trick people into signing onto a fake web site and surrendering personal information. It's pretty hard to believe that in 2007, with all the media coverage that the subject has received in the past year, people are still falling prey to phishing attacks. Maybe online banking institutions should start thinking like PayPal and implement a mandatory two-factor authentication scheme on their sites.

Password protection has its limitations, especially when it comes to things like online banking. That's why millions of phishing attempts are made every day—it's relatively easy to craft realistic-looking web pages that convince users to divulge passwords and other personal details. Financial institutions are well aware of this and as a result, have come up with additional authentication measures for their customers. A new study conducted by researchers from MIT and Harvard casts doubts on the efficacy of such measures.

Read more



Monday, February 05, 2007

Moral Kombat: The Documentary

Independent filmmaker Spencer Halpin, in partnership with our favorite anti-video games lawyer Jack Thompson, has recently produced a documentary titled "Moral Kombat" that takes a look at video game violence and the terrifying effects it has on young people today. What are your thoughts on this? Do you think the current video game rating system is enforced strickly enough to keep our kids from playing these violent games, or should other measures be taken to protect our children's innocence?



Super Bowl Site Hacked with Trojan, Keylogger

For those of you that have visited the Dolphin Stadium's website in recent days with an unpatched windows computer, be warned: your computer might now be the new home of two highly undesirable visitors.


The code, hidden under the file name "w1c.exe," initiates both Trojan horse and keylogging capabilities, potentially allowing a hacker to track and record keyboard strokes in order to steal credit card, Social Security or other user information.

The malicious JavaScript file was inserted into the header of the front page of the Dolphin Stadium site. Once visitors entered, it was designed to execute a script that attempts to exploit two known vulnerabilities: MS06-014 and MS07-004. Both of these exploits attempt to download and execute a malicious file.

Read more



Study: Playing Video Games Can Be Good for You

For once, someone actually did a study looking at the positive effects of playing video games instead of looking at the usual negative sides of the activity.

While the findings don't prove that "video games are always good for you," Rigby noted, they do help to provide a more balanced understanding of people's motivations for playing them. "We're trying to in some sense normalize how people look at video games, rather than seeing them as having some mystical power to addict."

Read more



Sunday, February 04, 2007

Monday Morning Links Serving : The February 4th Edition

As is now usual on Monday mornings here on [GAS], here are a bunch of links I stumbled upon during the weekend that should help overclock your brain to start off your week the right way.

Inbox Zero: Email got you feeling overwhelmed?

These are posts from a special 43 Folders series looking at the skills, tools, and attitude needed to empty your email inbox — and then keep it that way.

26 Tips to Keep Your Computer Up and Functioning

When I loose productive time at work it is usually because of a problem I have encountered with my computer. And any time I have a computer problem it is usually related to one of the following items. In order to be a little proactive I have build this little checklist. I have automated as many of them as I can and if much of your livelihood depends on your technology functioning smoothly I suggest you consider doing the same.

Burn almost any video file to a playable DVD

This week I'm going to show you how to burn those downloaded TV shows to a DVD you can play in your living room using the free (as in speech), open source application, DVD Flick. In a few simple steps, here's how to burn almost any video file on your computer to a playable DVD.

How to Make Firefox Look Exactly Like Internet Explorer 6

Perfect for secretly replacing Internet Explorer with Firefox on your parents' computer. They will never know they're not using ie, and you won't have to clean out spyware as often.

Blue Screen of Death Through The Ages

Windows has gone through many changes over the years, but one feature has remained comfortingly consistent: the Blue Screen of Death. Otherwise known as a system freeze, the BSOD is well known to Windows users the world over. We take a look at some of the more unlikely BSOD sightings.

Have a great week everyone!



Web 2.0 - The Machine is Us

Michael Wesch, assistant professor of cultural anthropology at the Kansas State University, produced this interesting video taking us on a journey that starts at the very beginning of the Internet, and goes up to what we now know as "Web 2.0". Enjoy the show.