Looks like it's darn near slave labor, according to BoingBoing
I have a new appreciation for the Dell keyboards as shown in the photo...
Thursday, February 12, 2009
Explaining Input Lag
Bit-Tech.net has an excellent explainer on input lag on a modern LCD monitor. A good monitor will techncially have some input lag, but at a tiny delay imperceptible to anyone. Poor-qualitiy displays are a diffrent beast entirely. Probably the best part of the article is explaining a methodology for detecting input lag. They're able to illustrate the problems clearly in video and pictures.
Sunday, February 8, 2009
Windows Vulnerabilities - 92% mitigated by not being administrator
I'm going to step aside from my normal patching discussions and talk about what happens when you do get attacked with malware that exploits a vulnerability. When a nasty program exploits an unpatched vulnerability, there are always mitigating factors that can help limit the impact. One of the big ones is that the exploit usually runs in the security context of the account which it attacks/is run against. Security vendor BeyondTrust looked at the 154 Microsoft vulnerabilities published in 2008. They found that 92% of all vulnerabilities had their impact mitigated or were rendered completely harmless when the user was running with no elevated privilege (normal user rights). Obviously this is a report from a security vendor selling software that helps manage user rights... but the breakdown for 2008 is striking, indicating that running as non-administrator at least mitigates:
Here's my beef with Microsoft in this regard. We all know that running in the least level of privilege is the safest and these numbers add good ammunition to that argument. While Microsoft has made great strides in allowing the user to elevate their privilege on some actions in the "XP era" and later, getting the ability to universally change security context on the fly eludes them. *nix with sudo and the standard GUI security elevation method of OS X both have serious problems, but they're a lot closer to right. Windows 7 will certainly continue the slow progress in this area, but at some point Microsoft ought to do better.
- 94% of Microsoft Office vulnerabilities reported in 2008
- 89% of Internet Explorer vulnerabilities reported in 2008
- 53% of Microsoft Windows vulnerabilities reported in 2008
Here's my beef with Microsoft in this regard. We all know that running in the least level of privilege is the safest and these numbers add good ammunition to that argument. While Microsoft has made great strides in allowing the user to elevate their privilege on some actions in the "XP era" and later, getting the ability to universally change security context on the fly eludes them. *nix with sudo and the standard GUI security elevation method of OS X both have serious problems, but they're a lot closer to right. Windows 7 will certainly continue the slow progress in this area, but at some point Microsoft ought to do better.
Wednesday, February 4, 2009
Windows 7 Update: Editions and Release Candidates
Windows 7 is moving along swimmingly (that's a betta splendens joke, son.) The good news that that the beta version that we have out currently is the only real beta we're going to get. RC1 be the next release. A mid-2009 release looks increasingly do-able with a late Q2 timeframe not out of the question.
The bad news is that Windows 7 will be coming in 6... editions that is. Things to note:
- Home Starter is a gimped edition allowing only 3 concurrent applications, similar to XP starter edition. This time, however, it'll be a worldwide OEM only release. Expect this version to ship on Netbooks, possibly including in developed countries.
- Home Basic is now for emerging markets only, but will look a lot like Vista Home Basic -- unlimited concurrent aplications but no Aero Glass, no "advanced multimedia" features and limited local area networking support.
- Home Premium is largely similar to Vista Home Premium in feature content with the main limitations being ones relating to remote access, joining a domain, EFS etc. This version will be available worldwide.
- Professional is the "intro" business class OS, with the ability to join a domain, use EFS, etc.
- Ultimate is again the ultimate home/business solution, and the best license that you can buy individually. Ultimate adds BitLocker, AppLocker, etc.
- Enterprise is available only as a volume license, and includes most of the same features that Ultimate does, plus deployment and management-centric tools.
At least it's no worse than Vista, but whomever thought limiting an OS to three concurrent apps should be shot repeatedly at close range. I'll be a sad panda if this version really starts infecting computers I have to touch.
The bad news is that Windows 7 will be coming in 6... editions that is. Things to note:
- Home Starter is a gimped edition allowing only 3 concurrent applications, similar to XP starter edition. This time, however, it'll be a worldwide OEM only release. Expect this version to ship on Netbooks, possibly including in developed countries.
- Home Basic is now for emerging markets only, but will look a lot like Vista Home Basic -- unlimited concurrent aplications but no Aero Glass, no "advanced multimedia" features and limited local area networking support.
- Home Premium is largely similar to Vista Home Premium in feature content with the main limitations being ones relating to remote access, joining a domain, EFS etc. This version will be available worldwide.
- Professional is the "intro" business class OS, with the ability to join a domain, use EFS, etc.
- Ultimate is again the ultimate home/business solution, and the best license that you can buy individually. Ultimate adds BitLocker, AppLocker, etc.
- Enterprise is available only as a volume license, and includes most of the same features that Ultimate does, plus deployment and management-centric tools.
At least it's no worse than Vista, but whomever thought limiting an OS to three concurrent apps should be shot repeatedly at close range. I'll be a sad panda if this version really starts infecting computers I have to touch.
Thursday, January 22, 2009
Seagate: Then and Now
I know I'm probably beating a dead (bricked) horse, here... but this Seagate drive survived being launched into space, operating in zero gravity and then crashing to Earth in a giant fireball. Why is it so hard to make drives today that die when you flip a power switch?
Wednesday, January 21, 2009
Seagate Drive Debacle, Take Two.
Seagate has now formally admitted that there is a problem. They even say so on their own support site. We're definitely looking at lots of drives affected, with what looks like all models of the 7200.11 and ES.2 affected. Seagate's got utilities up to detect the affected drives, but they don't have well-tested firmware to fix the problem before your drive bricks. What's more (and especially egregious considering the intended use of an ES.2) is that the detection and patching utilities are not only Windows-centric, but require the drive to be directly attached to a non-RAID SATA controller. Detecting, let alone fixing, nearline Enterprise drives is going to be a cast-iron b*tch.
On a lighter note, Seagate is reportedly going to be doing free data recovery on drives now that have bricked. That probably means just swapping the circuit board for one with a theoretical fixed firmware since the bits on the platters are just fine.
Does anybody have a catchy name yet for this disaster?
On a lighter note, Seagate is reportedly going to be doing free data recovery on drives now that have bricked. That probably means just swapping the circuit board for one with a theoretical fixed firmware since the bits on the platters are just fine.
Does anybody have a catchy name yet for this disaster?
Friday, January 16, 2009
Hardware: High Failure rates on Seagate 7200.11 drives
I had seen inklings of this before, but now it's getting very close to official. Seagate 7200.11 1TB drives, primarily ones out of Thailand are bricking themselves with no warning. This typically happens a few months after the drive is installed, so we're seeing this get critical now that the drive has been out a while. This is on top of other firmware and related issues with the 7200.11 and ES.2 family. If you've got valuable data on a 7200.11 drive, be warned and get your backups sorted ASAP.
I don't know for sure whether or not the ES.2 1TB drives are affected or not, and if they are, to what degree. I've got my eye on both, as I manage both.
Since this failure is happening without warning, it's not clear yet how big this might be. We might be looking at the biggest batch of drive failures since...well, you know.
Seagate has recently cut its warranty on consumer drives to 3 years (in general) down from 5 years (across the board).
Remember MS08-067? It's baaaack (Conficker A)
And this time, it's bringing a worm. At this point, the estimate of infected systems is at around 8 million according to F-Prot. I've not seen an infection yet myself, knock on wood, but considering:
A.) That there was more than enough warning with Microsoft flailing their arms over a serious out-of-band patch on 10/23/2008, plus at least one, probably two Patch Tuesdays since the patch was released.
B.) This worm only spreads over corporate and local networks -- networks that are supposed to be managed by professionals.
The numbers are disheartening to say the least.
--
Edit: Microsoft has a helpful portal for this worm. Ars Technica also has a great article, quoting an infection rate of around 1.1 million PCs for the last 24 hours.
A.) That there was more than enough warning with Microsoft flailing their arms over a serious out-of-band patch on 10/23/2008, plus at least one, probably two Patch Tuesdays since the patch was released.
B.) This worm only spreads over corporate and local networks -- networks that are supposed to be managed by professionals.
The numbers are disheartening to say the least.
--
Edit: Microsoft has a helpful portal for this worm. Ars Technica also has a great article, quoting an infection rate of around 1.1 million PCs for the last 24 hours.
Thursday, January 15, 2009
Apple: Steve Jobs stepping down for 4-6 months
I don't know what more there is to say that hasn't been said better elsewhere, but "Teh Jobs" is stepping down for health reasons, and at least nominally to keep his health problems from distracting Apple's business. I'm not entirely hopeful that this is temporary, but we'll see. Best of luck to Steve as he fights whatever is really wrong.
Monday, January 12, 2009
Dell: Musing on the XFR D630 (Review)
I know the D630 is an old model, and I'm getting a hold of the highly specialized XFR very late in its lifespan... but the XFR D630 is still the pinnacle of Dell's Fully Ruggedized lineup. I'm going to give my impressions, but some basic familiarity with a D630, or similar Dell D-series Latitude notebook would be helpful to understanding the contrasts. Unfortunately, I don't have a Panasonic Toughbook-- the primary competition-- to cross-compare.
The first thing you notice about this guy is the heft-- it's big and very heavy. At roughly twice the height of a D630, you almost get the feel that the case of the notebook is a throw-back to a notebook of the mid-90s. Once you get past the greatly increased size and weight, you realize that you're looking at a
totally different beast compared to a garden variety D-series. In fact, superficially it bears no resemblance to a D630 whatsoever. So, why is it still a D630? The guts are all still there. While the chassis is completely overhauled, if you remember basically where the ports, drives, access panels, and buttons were, they'll be in approximately the same locations on the XFR. While it's arguably different enough to be its own model, it still has to make-do with the D630 motherboard and the layout dictated by the basic D630 design.
So about this chassis? Is it rugged? In a word, yes. The outer casing appears to be hardened plastic with rubber bumpers around the sides and corners-- think Pelican case. Also in common with a ruggedized case, there's a nice Every single port can be sealed with a water-resistant hatch. The access panels in the bottom are secured by a simple screw, and then a lever to lock them down into place. The keyboard looks like a fairly standard D-series keyboard, but there's an extra water-resistant membrane visible underneath. The touchpad is still there, recessed, and the two buttons for the touchpad are underneath a rubber membrane.
So while on the subject of the keyboard, let's talk about usability. Obviously this is all subjective and heavily biased in relation to my experience with the D630, but I have to start somewhere with a baseline.
Input: The keyboard at first seems a bit mushier than a standard D630, and flexes quite a bit more towards the edges. There'e even significant flex evident when pressing down on the chassis panel directly above the keyboard. Even though it doesn't seem great, the center of the keyboard is fairly rigid and while not as good as a standard D630, it passes as acceptable. The touchpoin
t (nipple) mouse is retained between the G, H and B keys, but the left and right mouse buttons directly under the spacebar that normally work with the nipple mouse have been deleted. That makes it somewhat of a useless appendix. The recessed trackpad makes it a little harder to press on accident, but it also makes it feel fairly small. The option for scrolling hot-zones is preserved, but they're much harder to hit with the frame around the touchpad. The mouse buttons underneath the touchpad are mounted under rubber domes as noted earlier. I've got some very mixed feelings about this: The feedback is acceptable, and it's fairly comfortable to use the rubberized buttons, but at the same time, you're trying to push your thumbs down into a recess rather than just pressing on a button on top. My ultimate impression was that they were too short, top to bottom. If they had extended maybe 5mm towards the front of the case, my big meaty thumbs wouldn't have felt cramped when trying to press the buttons.
I'd like to give special mention to the (non-optional) fingerprint reader. It's located on the right wrist-rest, next to the touchpad. The mechanism is in a recess under a recessed plastic door. It's wide enough to comfortably use, but it gets a bit in the way when touch-typing.
The screen, however is the bright (har har) spot of the whole experience. The outdoor-viewable screen is glossy, but it's also polarized and transflective. Indoors, it's bright.... VERY bright, with a very crisp picture. It's a huge step up from some of the grainier D620/D630 screens out there. It really is viewable outside in direct sunlight. Light colors show up better, with a somewha
t "3D" type effect visible with a dark item on a light background. While it's not "goregous" outdoors, at least it does work fine in bright, direct sunlight. For work in the dark, two red spotlights are built in to the top of the screen bezel. The only difference from a standard keyboard is that Fn-RightArrow turns the lights on and off.
In terms of ports, it has all of them, and in pretty much standard locations. A minor quibble with the switch to turn wireless on/off-- it's now under a door on the left side. That's fine, but that reduces the convenience factor somewhat. The USB ports on the right side and in the rear are recessed to the point where bulky devices will probably have clearance issues-- obviously a hub or extension cable is needed here. The biggest issue is the optical-- what looks like a standard D-bay has been re-labeled as an X-bay and is not user-removeable at all. You'd have to tear the system down to swap in another device. That means that using the bay as a 2nd battery isn't an option, but I think that's also what was intended. While water resistant, a battery compartment needs to be really, really waterproof. I think that was part of the design decision that locks you into a single optical drive. A 9-pin serial port is retained as is a 4-pin, non-powered Firewire port.
For power and accessories, standard D-series accessories work. The power adapter is a standard 90-watt. Worth noting if you have a >90w unit floating around from a Precision-- the housing on those are too wide, and won't fit into the recessed power port on the back of the XFR. Those of course do work fine on the garden variety D630, but because the port isn't recessed.
Beyond looking things over, I didn't have a chance to test the anti-shock mounted hard drive, the ability to take the computer to a hose and hose it off, etc. Sorry in advance if you were looking for a torture test. With these things priced the way they are, it's comforting to know they are rugged, but I'm not going to put it to the test needlessly. I like my job and don't want to lose it. Lemme know if you have any questions.
The first thing you notice about this guy is the heft-- it's big and very heavy. At roughly twice the height of a D630, you almost get the feel that the case of the notebook is a throw-back to a notebook of the mid-90s. Once you get past the greatly increased size and weight, you realize that you're looking at a
totally different beast compared to a garden variety D-series. In fact, superficially it bears no resemblance to a D630 whatsoever. So, why is it still a D630? The guts are all still there. While the chassis is completely overhauled, if you remember basically where the ports, drives, access panels, and buttons were, they'll be in approximately the same locations on the XFR. While it's arguably different enough to be its own model, it still has to make-do with the D630 motherboard and the layout dictated by the basic D630 design.So about this chassis? Is it rugged? In a word, yes. The outer casing appears to be hardened plastic with rubber bumpers around the sides and corners-- think Pelican case. Also in common with a ruggedized case, there's a nice Every single port can be sealed with a water-resistant hatch. The access panels in the bottom are secured by a simple screw, and then a lever to lock them down into place. The keyboard looks like a fairly standard D-series keyboard, but there's an extra water-resistant membrane visible underneath. The touchpad is still there, recessed, and the two buttons for the touchpad are underneath a rubber membrane.
So while on the subject of the keyboard, let's talk about usability. Obviously this is all subjective and heavily biased in relation to my experience with the D630, but I have to start somewhere with a baseline.
Input: The keyboard at first seems a bit mushier than a standard D630, and flexes quite a bit more towards the edges. There'e even significant flex evident when pressing down on the chassis panel directly above the keyboard. Even though it doesn't seem great, the center of the keyboard is fairly rigid and while not as good as a standard D630, it passes as acceptable. The touchpoin
t (nipple) mouse is retained between the G, H and B keys, but the left and right mouse buttons directly under the spacebar that normally work with the nipple mouse have been deleted. That makes it somewhat of a useless appendix. The recessed trackpad makes it a little harder to press on accident, but it also makes it feel fairly small. The option for scrolling hot-zones is preserved, but they're much harder to hit with the frame around the touchpad. The mouse buttons underneath the touchpad are mounted under rubber domes as noted earlier. I've got some very mixed feelings about this: The feedback is acceptable, and it's fairly comfortable to use the rubberized buttons, but at the same time, you're trying to push your thumbs down into a recess rather than just pressing on a button on top. My ultimate impression was that they were too short, top to bottom. If they had extended maybe 5mm towards the front of the case, my big meaty thumbs wouldn't have felt cramped when trying to press the buttons.I'd like to give special mention to the (non-optional) fingerprint reader. It's located on the right wrist-rest, next to the touchpad. The mechanism is in a recess under a recessed plastic door. It's wide enough to comfortably use, but it gets a bit in the way when touch-typing.
The screen, however is the bright (har har) spot of the whole experience. The outdoor-viewable screen is glossy, but it's also polarized and transflective. Indoors, it's bright.... VERY bright, with a very crisp picture. It's a huge step up from some of the grainier D620/D630 screens out there. It really is viewable outside in direct sunlight. Light colors show up better, with a somewha
t "3D" type effect visible with a dark item on a light background. While it's not "goregous" outdoors, at least it does work fine in bright, direct sunlight. For work in the dark, two red spotlights are built in to the top of the screen bezel. The only difference from a standard keyboard is that Fn-RightArrow turns the lights on and off.In terms of ports, it has all of them, and in pretty much standard locations. A minor quibble with the switch to turn wireless on/off-- it's now under a door on the left side. That's fine, but that reduces the convenience factor somewhat. The USB ports on the right side and in the rear are recessed to the point where bulky devices will probably have clearance issues-- obviously a hub or extension cable is needed here. The biggest issue is the optical-- what looks like a standard D-bay has been re-labeled as an X-bay and is not user-removeable at all. You'd have to tear the system down to swap in another device. That means that using the bay as a 2nd battery isn't an option, but I think that's also what was intended. While water resistant, a battery compartment needs to be really, really waterproof. I think that was part of the design decision that locks you into a single optical drive. A 9-pin serial port is retained as is a 4-pin, non-powered Firewire port.
For power and accessories, standard D-series accessories work. The power adapter is a standard 90-watt. Worth noting if you have a >90w unit floating around from a Precision-- the housing on those are too wide, and won't fit into the recessed power port on the back of the XFR. Those of course do work fine on the garden variety D630, but because the port isn't recessed.
Beyond looking things over, I didn't have a chance to test the anti-shock mounted hard drive, the ability to take the computer to a hose and hose it off, etc. Sorry in advance if you were looking for a torture test. With these things priced the way they are, it's comforting to know they are rugged, but I'm not going to put it to the test needlessly. I like my job and don't want to lose it. Lemme know if you have any questions.
Sunday, January 4, 2009
Abit: Not Dead Yet?
Well, perhaps the rumors aren't exactly on target. Abit's website still indicates that they'll return to normal business on 1/5/2009, or basically "now" with the wonder of time zones. I guess we'll see what the future holds for Abit. They're certainly not a powerhouse anymore, but 12/31/2008 came and went... Best of luck to Abit, and as more news happens, I'll try to keep on top of it. Apologies to Abit, if this is an unbstantiated rumor.
Wednesday, December 31, 2008
Tuesday, December 23, 2008
Merry Christmas
I'll be in and out of Internet contact until around 12/27. Have a fun, safe holiday and I'll see you later...
Sunday, December 21, 2008
Industry: ABit to exit the motherboard market?
TweakTown is reporting that ABit is leaving the motherboard market on 12/31/2008. Things have been bleak for the once beloved motherboard maker for quite some time, but with a lack of products shipping and all signs pointing towards failed product launches, the best outlooks are all pretty bleak. Perhaps ABit will be able to reorganize itself as a company hawking more consumer-oriented wares like Soyo... But with just a few weeks to go, the death watch awaits the news.
Unless things change, this will count for my eulogy. The recent boards were pretty much fine, but the fondness I have for the NF7-S v2.0 and BP6 does not fade with time. Of course, your capacitors did, but to be fair you were not alone...
Saturday, December 20, 2008
Another Out Of Band MS08-078
This is going to be short as it's already covered well elsewhere and this is late... Microsoft has another out-of-band patch as of 12/17, MS08-078 affecting all versions of IE on all supported OSes except Server 2008 for IA-32/x64. Zero-day exploits are already going on. Get this one patched ASAP.
I'd normally say "use Firefox" or some other browser whenever possible, but Firefox and Opera are also currently suffering vulnerabilities. Firefox 3.0.5 resolves the issues. While not quite as sever as the zero-day exploit on IE, these are noteworthy as cross-platform.
I'd normally say "use Firefox" or some other browser whenever possible, but Firefox and Opera are also currently suffering vulnerabilities. Firefox 3.0.5 resolves the issues. While not quite as sever as the zero-day exploit on IE, these are noteworthy as cross-platform.
Sunday, December 14, 2008
Dust Bunnies are Evil
I know this seems like a mundane task that most of us are admonished to do on a regular basis, but it really does need to be repeated: Blow your computers cases out once in a while, especially if they get dusty.
We all know that heat sinks and fans lose their effectiveness when dusty leading to potential overheating, but there's a worse possibility. I ran into a system last week that had dust bunnies in it-- nothing out of the ordinary, except that one of them had lodged itself into the video card's tiny fan. The user reported a blue screen indicating video driver failure. I was busy and asked him to reboot since this was a first time thing. He came back shortly after reporting that it happened again, and now the system couldn't POST. A single dust bunny had lodged in a tight fan, causing the fan to jam, burning out the motor. The video card (a Quadra, unfortunately) then overheated to the point of death. Odd stuff like this can absolutely happen, without showing general signs of overheating.
To be fair, the opposite is true. It's possible you might dislodge some conductive dust which might land in an inopportune spot, causing problems. That can typically be fixed pretty easily with a second cleaning. A burnt out video card, northbridge, etc. can be a lot more costly.
We all know that heat sinks and fans lose their effectiveness when dusty leading to potential overheating, but there's a worse possibility. I ran into a system last week that had dust bunnies in it-- nothing out of the ordinary, except that one of them had lodged itself into the video card's tiny fan. The user reported a blue screen indicating video driver failure. I was busy and asked him to reboot since this was a first time thing. He came back shortly after reporting that it happened again, and now the system couldn't POST. A single dust bunny had lodged in a tight fan, causing the fan to jam, burning out the motor. The video card (a Quadra, unfortunately) then overheated to the point of death. Odd stuff like this can absolutely happen, without showing general signs of overheating.
To be fair, the opposite is true. It's possible you might dislodge some conductive dust which might land in an inopportune spot, causing problems. That can typically be fixed pretty easily with a second cleaning. A burnt out video card, northbridge, etc. can be a lot more costly.
Thursday, December 4, 2008
Windows XP domain migration tip: Overwrite the Default User profile
For all of you guys out there tasked with migrating users from a previous authentication domain (or workgroup) to a new domain know that when a user logs in with the new credentials, a new profile will be created and all of the user's previous settings and files will remain in the old profile.
You can go in after the fact and clean this up or use some other tricks (like using the FAST wizard, treating the old profile as the old computer and new profile as the new) but I've found something faster. I'm probably boneheaded for not hearing of this sooner, but I did a 7k workstation migration at an old job and they never tried anything this simple and relatively foolproof.
Go into Documents and Settings (typically on c:) and locate the Default User profile. It's hidden with stock XP settings, so you need to turn on the option to show hidden files and folders. Under normal circumstances, this profile gets stamped out as a template for new users. You can twiddle with this to make bulk changes to new users, but we'll use it for a slightly more nefarious purpose.
Go ahead and back up Default User, as we'll be replacing the entire profile. You never know-- you might want it later.
Take the user's existing profile and copy it, renaming it as... you guessed it, Default User.
Now go ahead and perform your domain migration. Upon first login, the user's old, familiar profile will 'stamp' itself into the new one. The only 'gotchas' are that you can only do this for one account per computer and if your users have limited drive space and large profiles, you might run short on hard drive space with essentially 3 copies of the profile hanging out there. Still, this is a very easy migration method, and you can remove the old copies once you're sure the user is happy with the migration.
This should work just fine on Windows 2000, and I assume Vista as well. I just haven't tested it.
You can go in after the fact and clean this up or use some other tricks (like using the FAST wizard, treating the old profile as the old computer and new profile as the new) but I've found something faster. I'm probably boneheaded for not hearing of this sooner, but I did a 7k workstation migration at an old job and they never tried anything this simple and relatively foolproof.
Go into Documents and Settings (typically on c:) and locate the Default User profile. It's hidden with stock XP settings, so you need to turn on the option to show hidden files and folders. Under normal circumstances, this profile gets stamped out as a template for new users. You can twiddle with this to make bulk changes to new users, but we'll use it for a slightly more nefarious purpose.
Go ahead and back up Default User, as we'll be replacing the entire profile. You never know-- you might want it later.
Take the user's existing profile and copy it, renaming it as... you guessed it, Default User.
Now go ahead and perform your domain migration. Upon first login, the user's old, familiar profile will 'stamp' itself into the new one. The only 'gotchas' are that you can only do this for one account per computer and if your users have limited drive space and large profiles, you might run short on hard drive space with essentially 3 copies of the profile hanging out there. Still, this is a very easy migration method, and you can remove the old copies once you're sure the user is happy with the migration.
This should work just fine on Windows 2000, and I assume Vista as well. I just haven't tested it.
Windows 7 Rumors and "Teaser"
GeekSmack has apparently found somebody willing to brave the wrath of Microsoft's lawyers, and broken cover with a video of Windows 7's boot screen. This doesn't really show much besides a slicker animation than Vista, but it does indicate serious progress if they're already tweaking the "nice to haves" vs. the core changes and updates.
Betas of Windows 7 are likely to be released in January, so a 2009 timetable for Windows 7 is starting to look a lot more likely.
Betas of Windows 7 are likely to be released in January, so a 2009 timetable for Windows 7 is starting to look a lot more likely.
Wednesday, December 3, 2008
Dezombiefication
OK, I'll admit the blog has been quiet of late. 2+ weeks without an update is inexcusable, so I might as well give the excuse. I was finally able to get an early Christmas present of a new Xbox 360. There's a tremendous back-catalog I'm going through now. Combine that with a fervor to finish out the last few PS2 games before the platform quiesces in January and a few other fun projects on the side, I would be busy enough...
But alas, I've been sick twice in the last month and on top of that slammed at work. I'll try to do better in future. In more fun news, Core i7 has been overclocked to 5510 MHz!!
But alas, I've been sick twice in the last month and on top of that slammed at work. I'll try to do better in future. In more fun news, Core i7 has been overclocked to 5510 MHz!!
Monday, November 17, 2008
Big Week: Core i7 and NXE
This is a big week-- I've been tremendously busy with work and being sick lately, but stuff is happening with or without me. Core i7 released today, although motherboard and RAM prices will keep it from the mainstream for now. Tomorrow is the grand re-launch of the XBox360 with the New Xbox Experience.
Exciting times!
Exciting times!
Thursday, November 6, 2008
WPA Encyrption hacked, 15 minutes to heaven
PC World is reporting that a "mathematical breakthrough" combined with a method for forcing a router to give you lots of good samples of encrypted data allows for a non-dictionary attack against the TKIP encryption algorithm behind WPA. Researchers expect that WPA encryption can be cracked in 12-15 minutes given modern hardware. Combine that with a high power antenna, and you should be very concerned if you have routers and systems using WPA to carry sensitive data.
Aircrack-ng is already being updated to take advantage of the latest vulnerability, so this attack is in the wild now or will be shortly. (props to DownloadSquad for the info.)
As you should already know, WEP encryption is trivial to bypass, and while WPA2 isn't officially "cracked" yet, significant advancements in parallel processing using CUDA allow for much faster brute-force cracking of WPA2. That would still require a very high end system with lots of local storage over a 24+ hour period to crack, but the impractical is now possible.
So with anything below WPA2 being easily exploitable, using WiFi without additional encryption layers (SSH, VPN, etc.) is becoming too risky for any kind of sensitive data. Be careful out there...
Aircrack-ng is already being updated to take advantage of the latest vulnerability, so this attack is in the wild now or will be shortly. (props to DownloadSquad for the info.)
As you should already know, WEP encryption is trivial to bypass, and while WPA2 isn't officially "cracked" yet, significant advancements in parallel processing using CUDA allow for much faster brute-force cracking of WPA2. That would still require a very high end system with lots of local storage over a 24+ hour period to crack, but the impractical is now possible.
So with anything below WPA2 being easily exploitable, using WiFi without additional encryption layers (SSH, VPN, etc.) is becoming too risky for any kind of sensitive data. Be careful out there...
Tuesday, November 4, 2008
MS08-067 in the wild
It appears that at least two credible variants of worms based on the MS08-067 exploit have gone live.
I'm fully (and I do mean fully patched) and your organization should be too.
I'm fully (and I do mean fully patched) and your organization should be too.
Monday, November 3, 2008
Amazon: No more Wrap Rage!
OK, so maybe this isn't the most high-level IT topic I've covered, but I've got to hand it to Amazon for trying to find a serious solution for a serious problem. They're working with manufacturers to eliminate overpackaged, hard-to-open containers for merchandise!
While on some level, Mother Nature is breathing a sigh of relief, there are also tangible benefits in terms of cost and frustration as well as weight. Heck, there's a closet-industry built up around devices to open modern blister packs!
In my day toys came in a cardboard box, possibly with some assembly required and with at most a small plastic window to see some of the contents inside. The current trend of exposing as much of the toy as possible in a demo mode is so ungodly frustrating to me that it makes me want to strangle kittens. Knowing that I'll be undoing half a roll of tape and a few dozen steel twist-ties is frustrating!
Just package the stuff in an appropriate, but not overdone package. A lot of computer stuff is already very lucky in this regard, but tons of consumer-oriented gear is not. Nobody is putting their greasy mitts on an Amazon product in a retail store. You don't have to compete with other items on the shelf. It's all going to ultimately come in a plain brown wrapper no matter what, so let's save time, material, plastic, frustration, etc. and see some more sensible packaging. Good job, Amazon! Keep it up.
While on some level, Mother Nature is breathing a sigh of relief, there are also tangible benefits in terms of cost and frustration as well as weight. Heck, there's a closet-industry built up around devices to open modern blister packs!
In my day toys came in a cardboard box, possibly with some assembly required and with at most a small plastic window to see some of the contents inside. The current trend of exposing as much of the toy as possible in a demo mode is so ungodly frustrating to me that it makes me want to strangle kittens. Knowing that I'll be undoing half a roll of tape and a few dozen steel twist-ties is frustrating!
Just package the stuff in an appropriate, but not overdone package. A lot of computer stuff is already very lucky in this regard, but tons of consumer-oriented gear is not. Nobody is putting their greasy mitts on an Amazon product in a retail store. You don't have to compete with other items on the shelf. It's all going to ultimately come in a plain brown wrapper no matter what, so let's save time, material, plastic, frustration, etc. and see some more sensible packaging. Good job, Amazon! Keep it up.
Intel: i7 first benchmarks released.
I'm not going to rehash what's out there, and what's out there is still pouring in, but Core i7 is fast. Big surprise there. Here are some early reviews:
Maximum PC
TechSpot
PC Perspective
Expect mass-market acceptance by Q2-Q3 of '09, but with the Core i7 920 at around $270, that's tempting for a midrange + system now. i7 Xeon benchmarks are still MIA as far as I can tell, but expect similar performance.
Shanghai will be good, but Intel has so much breathing room now... things are looking grim over at the green camp.
Maximum PC
TechSpot
PC Perspective
Expect mass-market acceptance by Q2-Q3 of '09, but with the Core i7 920 at around $270, that's tempting for a midrange + system now. i7 Xeon benchmarks are still MIA as far as I can tell, but expect similar performance.
Shanghai will be good, but Intel has so much breathing room now... things are looking grim over at the green camp.
Thursday, October 23, 2008
Windows: Vulnerability MS08-067
I don't normally beat the dead horse with Windows patch news, but this one is bad. Microsoft released an out-of-band patch this morning with MS08-067.
This vulnerability affects all current shipping Windows versions, with worm-style propagation being a very real likelihood. Versions of Windows 2000 and XP Pre SP2 are highly vulnerable, with some XP SP2+ and Windows Server 2003 systems being exploitable under certain common/popular firewall conditions.
Vista and Server 2008 appear to be exploitable, but only in terms of a DDoS type attack. Remote Code Execution has not yet been shown on a Vista system.
As of 12:30 PM Pacific Time, Microsoft reports attacks in the wild. This could be the next Blaster/Sasser type attack, so get patching!
This vulnerability affects all current shipping Windows versions, with worm-style propagation being a very real likelihood. Versions of Windows 2000 and XP Pre SP2 are highly vulnerable, with some XP SP2+ and Windows Server 2003 systems being exploitable under certain common/popular firewall conditions.
Vista and Server 2008 appear to be exploitable, but only in terms of a DDoS type attack. Remote Code Execution has not yet been shown on a Vista system.
As of 12:30 PM Pacific Time, Microsoft reports attacks in the wild. This could be the next Blaster/Sasser type attack, so get patching!
Subscribe to:
Posts (Atom)
Posts
