Month: June 2006

WinFS, which promised to be a radical new file system that was originally going to ship with Longhorn/Vista is apparently now even further on the back burner.

It’s been nearly a year since I wrote my entry about WinFS Beta1, but rest assured, we have been working furiously since then.  Today I have an update about how we are delivering some of the WinFS technologies. It represents a change to our original delivery strategy, but it’s a change that we think that you’ll like based on the feedback that we’ve received. 

As most people who read this blog know, WinFS has always been about many things – a new model to enrich how users manage information, rich storage technology, and sometimes also a packaging of technology.  The real change I am addressing today is in the packaging strategy. 

Link here (via /.).

Three years ago, we were on the brink of getting into the enterprise storage management space with a pretty killer product, but decided not to because “WinFS was just around the corner”.  Ooops. (What the heck, it was probably for the best, as enterprise storage management is a pretty rough place to be these days.)

 

Alex Eckelberry

When Hotbar was sold to 180Solutions, the company issued trophies to its employees.  They looked like this:

On the plaque, was the inscription: “Remember, You are the best! You’ve made it happen”.

To some, it was a consolation price, since a number of employees were let go after the acquisition.

An eBay listing for one of the trophies reads:

Genuine Hotbar.com acquisition trophy with original Hotbar.com plaque, signed by CEO and founder Oren D.
One of the original golden trophies issued to the victorious Hotbar.com employees, following a phenomenal 5 years of start-up success.

Own a piece of WINNER KARMA!!!

It’s sold now… for the lucky number of $66.06.  (And a gremlin tells me the buyer was the indefatigable Wayne Porter)

Alex Eckelberry

First it was China.  Now it’s Italy!

“It looks like the blogger is being punished for his bad language and not because he posted false information, which is unacceptable. He was found responsible for comments posted on his blog by some of his readers, a decision which goes against European jurisprudence.”

“This verdict could well have a negative effect on the Italian blogosphere, in pushing people running a blog into wrongly censoring messages posted by visitors,” said Reporters Without Borders.

Link here.

Italy, please, I love your food, weather and everything about your country.  Give us stupid, grumpy, bad-mouthed bloggers a chance!

Alex Eckelberry

This time, the Navy.

The Navy said it discovered earlier this week that personal data – including Social Security numbers and birthdates – on 28,000 service members and their family members had been published on a civilian Web site.

A Navy Personnel Command spokesman said the information, contained in five spreadsheet files, has been removed from the civilian Web site.

Link here.

Alex Eckelberry
(With copious thanks to Catherine)

Well this is one RIP that no one will grieve over: 

Claria will stop displaying GAIN pop-up and other ads on July 1, 2006 and will stop supporting all GAIN Supported Software on October 1, 2006. After October 1, 2006, GAIN software may not function properly.

Our software will continue to collect data about your web usage from your computer for research and other purposes as described in our Privacy Statement until September 30, 2006, unless you uninstall the software before this date.

It is recommended that you uninstall all of GAIN Supported Software presently on your computer. To view a list of GAIN Supported Software installed on the computer you are currently using click here.

First time I’ve ever seen a spyware product ask you to uninstall itself.

Link here.

Alex Eckelberry
(Hat tip to Richard Smith)

Over the years, we’ve developed a bit of a bad-boy reputation for our Tech.Ed high jinks. Our marketing team spends months planning it.  This show is basically Microsoft’s big push to bring IT managers and system administrators up to speed on the latest IT-related advancements.  It’s also an opportunity to imbibe massive quantities of sugar and drive around in buses.

Last year, we gave out a custom-made chopper.  This year, we gave out a $25k entertainment system.  This thing was pretty bad-assed, and included:

Pioneer Elite 61″ PureVision Plasma Monitor
Xbox 360 Premium
Alienware Mediacenter PC
Denon AVR-5805 THX 9.1 Receiver
Denon DVD 3910 Progressive Scan DVD player
8 speaker Bowers and Wilkins Surround Sound system
(specs)

We also had four Xbox 360s for runners-up.

We’ve posted some pics of the show at our Sunbelt Underground site.  However, I’m also posting a few here.

Our booth, with the presentation system on display.  I routinely upset Tech.Ed staffers by cranking up the volume and playing the THX deep-note sound at extremely high decibels.  It was so loud, it was echoing throughout the convention center.  I’m sorry, I’m naughty, but it was so damned cool.

Our VP of Product Management, Greg Kras, doing a demo on our new Ninja messaging security product for Exchange.

Our trade show presenter, Gary Saxer, showing off our products.  He’s a non-stop presentation machine (some of you may recall him when he and I worked together at Quarterdeck years ago — he was known as “Mr. Memory”). I’m in the foreground with our tradeshow manager, Kendra Wallace, trying to figure out how to scan a badge with these new-fangled RFID readers.

More Gary Saxer presentation madness.

There’s me (white shirt) again trying to figure out the damned RFID card scanner.  

Sunbelt’s co-founder and VP of Marketing, Stu, pondering.

The madness surrounding the giveaway.  And it was madness!

More massive mobs of techies looking to win. 

The winners:  One got the whole entertainment system, and four got Xbox 360s as runners-up.

We have entirely too much fun around here.

 

Alex Eckelberry

Hall-of-famer Dork of the Month award winner Jeffrey Toback, who sued Google for being “the “World’s Largest Facilitators and Distributor of Child Pornography”, has apparently figured out that he had absolutely no case and is ducking out with the following attempt at saving face, saying the lawsuit was dropped because “Google has offered to sit down and discuss the issues. They didn’t want to do that while litigation was pending, so we’re taking them up on their offer.”

Please.

Link here (via techdirt).

Alex Eckelberry

 

Common Cause has come out swinging with a new report.

The report, Malfunction and Malfeasance: A Report on the Electronic Voting Machine Debacle, finds that 17 states, including critical swing states such as Pennsylvania, are at “high” risk of having election results compromised due to problems with voting machines known as DREs. States designated as high risk because they use DREs with no paper backup are: Arkansas, Delaware, District of Columbia, Florida, Georgia, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maryland, New Jersey, Pennsylvania, South Carolina, Tennessee, Texas and Virginia.

You can see the report here (via beSpacific).

And if you haven’t watched the video of Clinton Curtis testifying on hacking voting machines, it’s interesting. .

I personally am a big believer in the promise of electronic voting.  We have it here and it’s light years better than the old chad-ridden system.  However, we need to seriously look at security issues with these systems…

Alex Eckelberry

 

One hundred and sixty million dollars. And that’s just the start.

A Senate panel on Thursday approved $160 million to pay for credit monitoring for veterans, one of many expected payments as the government struggles with fallout from data breaches crossing several agencies.

Link here.

Alex Eckelberry
(Thanks Catherine)

 

Ok, it’s more than most readers of this blog would care about, but it’s got some interesting material in there. 

Checkmate magazine, link here.

Alex Eckelberry

Our Malware Research team is seeing the (recently patched) Microsoft MDAC RDS.Dataspace ActiveX vulnerability being exploited to install a backdoor Trojan on to user’s machines.

While attacks exploiting this vulnerability currently appear limited in number, the threat still exists. If you have not yet applied security patches from Windows Update within the past two months, you are putting yourself at serious risk for infection.

Adam Thomas
Malware Research

(Hat tip to our friends at MAD and Lance James at Secure Science Corp.)

Well, these are a dime a dozen these days.  Some idiot loses his laptop and the result is a lot of people getting screwed.

Eckelberry Security Principle #1:  If you don’t have the data in the first place, it can’t be stolen.  Sensitive data is not for putting on to spreadsheets in plain text form and then traveling around.

Well, in this case, the FTC just lost two laptops containing highly sensitive personal information.

In a statement, the FTC said two employee laptops were stolen from a locked vehicle. The PCs contained data on about 110 people that was “gathered in law enforcement investigations and included, variously, names, addresses, Social Security numbers, dates of birth, and in some instances, financial account numbers.”

Link here.

This is really getting sickening.

Alex Eckelberry

Interesting stuff here.

After the tremendously successful 2000 and 2003 security tools surveys, Insecure.Org is delighted to release this 2006 survey. I (Fyodor) asked users from the nmap-hackers mailing list to share their favorite tools, and 3,243 people responded. This allowed me to expand the list to 100 tools, and even subdivide them into categories. Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with. I discovered several powerful new tools this way. I also will be pointing newbies to this site whenever they write me saying “I don’t know where to start”.

Link here.

Alex Eckelberry
(Thanks Zoran)

This video is pretty wild.  It shows a Comcast technician who came to a fellow’s house to fix his high-speed service, spent an hour on hold with his own company and fell asleep.

The state of customer service these days is awful, and this is one area where I hope we can make a difference.  All of our products come with free toll-free support, 7 day email support, and you always get a person, not a bunch of buttons to push on your phone.  Sorry, I know I’m plugging our company, but I’m damn proud of our support!

Alex Eckelberry
(Hat tip to BoingBoing)

This whole predatory pricing thing has been quite interesting. There are views all over the place.

I want to point everyone to Microsoft’s latest quarterly earnings:

Here’s where Microsoft makes its money:

Client	2,458
Server and Tools	882
Information Worker	2,257
Microsoft Business Solutions	(20)
MSN	(13)
Mobile and Embedded Devices	(17)
Home and Entertainment	(433)

In other words, Business Solutions, MSN, Mobile and Embedded Devices and Home and Entertainment were money losers. Information Worker (Office), Servers, and Client (primarily XP OEM), generated their profits.

Let’s look at what happened in the browser market: Microsoft killed Netscape. IE took over as the dominant browser. Within a few years, we had the massive attacks of adware and spyware. Coincidence? No. IE was an exploitable browser and it was suddenly the majority. Adware and spyware vendors took advantage of the monoculture of the browser space.

What about Access? Microsoft blew it out for $99 and killed Borland (my former employer). Then took over the high-end market with SQL. What happened? SQL gets slammed by worms and the effects have been horrendous. And how many security patches have we had with Access?

What about the Word viruses that plagued us years ago? These were horrific at the time, with whole companies being taken down.

Is a monoculture in security truly healthy?

Are we just whistling past the graveyard?

Alex Eckelberry

Finally!!!!!!! 

Extortr promises to change the world of blackmail.  Clearly on the web 2.0–type paradigm of
“Blackmail-As-a-Service” (BAS), they have created a new method that promises to revolutionize blackmail as we know it.

Link here (via Josh Spear)

Alex Eckelberry
(and yes, it is a joke)

Ok, this is pretty mindblowing.  A Dell laptop bursts into flames at a conference in Japan.

Imagine this happening on a plane?  

More here (via /.)

Alex Eckelberry
(Thanks Eric)

Gary Warner, a steadfast volunteer who works on PIRT (the all-volunteer antiphishing group I started with Paul and Robin Laudanski), has some news to share of how well it’s going.  It’s just incredible what’s happening out there — PIRT is really making a difference. 

From an email from Gary:

Every day the PIRT Squad receives dozens of thank you notes from Brand Owners, Web Masters, and Network Owners, thanking us for letting them know about the Phish we have reported to them.

Do you know that NetCraft, who has an Anti-Phishing Toolbar used by tens of thousands of people to help protect themselves from phishing sites, says our team is #1 at reporting phish? This month we have notified them of 631 phishing sites that they have confirmed themselves to be phish. That is more than 40% of all the phishing sites confirmed by NetCraft for the month! (In May, we reported 1593 phishing URLs to them that they confirmed we were the FIRST anti-phishers to report!)

May was an INCREDIBLE month for PIRT. We produced 1143 separate PIRT reports on 1190 brand attacks against 90 different brands!

The PIRT Squad also went out of their way to help Companies, Churches, Governments, Schools, and even a Motorcycle Gang remove the phishing sites from their webservers and, in many cases, determine what vulnerabilities were used to place the files there originally so they could apply appropriate patches.

Every day the PIRT Squad recovers “Phishing Kits” and “Drop Email Addresses” through the cooperation of webmasters and network owners where we send reports. We share these files with our contact at the FBI. 

You can find out more about PIRT here.  Join up, help us out.  It feels darned good to take down these sites.

Alex Eckelberry

Martin Taylor was a high profile exec with Microsoft.  He was one of the key execs in fighting the open source movement and more recently, was a senior executive in Live and MSN.

He just abruptly left.  Why?  No one knows and Microsoft isn’t talking.  Microsoft Watch wonders as well.

Why is this interesting?  This was the guy in charge of the marketing battle against Google.  It’s quite curious, especially since he was a very highly placed executive.  No sabbatical, no retirement, no gold watch.  Just “poof”. 

Maybe he took Ballmer’s parking space by accident?  Spilled his coffee?

AP story here. 

 

Alex Eckelberry
(Thanks Catherine)

            Skip voting — just show me the results