Month: March 2007

Greg Kras and I are a web presentation tomorrow on our Ninja email security product. Feel free to join in for the fun:

Live Web Demo Of New Ninja V2.1
Join us for a preview of Next-Generation Email Security from Sunbelt Messaging Ninja with Alex Eckelberry, President and Greg Kras, VP of Product Management for Sunbelt Software on Tuesday March 13th at 2:00pm EDT for a live web demo introducing the new Version 2.1 of Sunbelt Messaging Ninja for Microsoft Exchange. Learn about the features of this robust email security product including:

• Policy-based plug-in management for antispam, AV, and attachment filtering
• New policy-based and global disclaimers
• Fast deployment in Exchange environments
• Superior spam detection using two antispam engines
• Aggressive virus detection and elimination using two AV engines
• Custom rules for content inspection and attachment filtering
• Powerful reporting options for all plug-ins
• And more…

When: Tuesday, March 13, 2007 2:00 PM (EDT)
To join the day of the event please visit:
http://www.wservernews.com/070312-Ninja-Web-Demo
Meeting ID: 92SSQC
Attendee Meeting Key: XR*mw9Z
Audio: Toll free: +1 (800) 416-4956
Toll: +1 (978) 964-0050

Alex Eckelberry

Over the holidays, I bought myself a Canon Rebel XTi as a Christmas present.  It’s my first digital SLR (I have an analog 35 mm SLR and plenty of digital point and shoots, but never made the leap to digital SLR) and I’ve been learning slowly but surely, with a bit of help from Robert LaFollette, Sunbelt’s creative director (and an uber-guru on photography). 

One area I’ve been playing with is HDR (High Dynamic Range), using PhotoMatix.  I love the effect but there are tricks to learn to do it well.  Of course Robert’s done plenty of HDR and he sent me this incredible HDR photo he took in Miami a few weeks ago.

You can see more of Robert’s pics here.  And if you want to see lots of HDR flicks, there’s also a HDR section on Flickr.

Alex Eckelberry

A mixed bag: Some good, some bad, and plenty of grumblings.

It’s worth noting that while Microsoft has gotten plenty of heat, the issues are all over the place — as an example, both our CRM and ERP systems were also affected by the change. 

Alex Eckelberry

The FTC is proposing a $1.5 million settlement with Direct Revenue.

Do you agree? You can voice your opinion by sending an email here.

If you want a great source of documents about how Direct Revenue practiced their business in the past, you can go to Ben Edelman’s page here. This is a company that made a lot of money during their heydey and caused a lot of pain.

I will note that we have been trying to get Direct Revenue’s software to load, and their installers all look dead. The company looks DOA.

Alex Eckelberry

DST is this Sunday. Be prepared for some potential problems. 

For example, a number of us are seeing our calendar entries in Outlook all off an hour for three weeks in March.

Remember, the world runs on Windows now… for better or for worse.

Alex Eckelberry

Alex Eckelberry
(Thanks Eaglewolf and the PIRT team)

I’m never going to nag a competitor having false positives, because all antispyware and antivirus companies have problems from time-to-time with FPs.  But the key is how fast they are corrected.

I was a bit surprised by a story in ComputerWorld where OneCare is deleting Outlook and Outlook Express files.  There’s two problems here:  Apparently in some cases, OneCare removing the entire PST or DBX file if a virus is found in one message (gulp) but more importantly, this was first reported six weeks ago by a Microsoft MVP.  And the bug is not being fixed until next Tuesday.

Alex Eckelberry

I guess someone wants to make a point.

We apologize for the difficulties you may have had in connecting to the site over the past 48 hours. BillOReilly.com was attacked repeatedly by a malicious technology called a “botnet.” This means that the site was bombarded by data that overloaded our firewalls. We had to take the site down in order to protect it, and so we could make sure that every possible countermeasure was being taken.

We will do our best to keep the site up and running, and will keep you informed of new developments. Thank you for your patience and your understanding.

Alex Eckelberry

Lawsuit against slime WinFixer, video on YouTube.

Alex Eckelberry
(Posted on SpywareWarrior — thanks Suzi)

It looks like the malware people have practically taken over Live search in Italy. 95% or more of the following search results lead to extremely nasty malware and exploit sites (namely rustock.b or Gromozon). 

In Italian:

A search for “jacket milan”:

“online house insurance”:

and “online multimedia encyclopedia”:

And these are just examples.  

Alex Eckelberry
(Thanks Francesco)

A picture taken of our building in the last few days.

We’re here on Google Maps.

Alex Eckelberry

 

Gromozon, one of the nastier pieces of malware known to security researchers, uses a variety of sites to infect users — and has a particular affinity for Italy (perhaps one reason is that Italians are huge users of Acer laptops, and Acer’s now-patched ActiveX vulnerability is one avenue of exploit that the Gromozon gang uses).

A while back, Francesco here was checking out some new domain names the Gromozoners registered, and found a new website registered — al-qaedah(dot)net.

(Obviously, going to these sites themselves is a very bad idea.)

One can only wonder as to what content they’ll put on that site – but perhaps it’s a cruel irony that a site named after al-qaedah will spawn one of the most vicious malware infestations one can get.

Alex Eckelberry

Normally from a group associated with running haxdoor monstrosities, we see this opportunity to be a mule.

Your task as a Smart Transfer manager will consist in transferring payments from one of our clients to another.

Due to the fact that our company works in securities market, we constantly buy and sell payments, so you will work with this money. Also there will be tasks to receive charity money from our donators worldwide and resend them to our HQ for future resending.

 Your profit depends on how fast money circulates in the world transaction system. You have nothing to loose while doing this one-click job. Just check your email for a message from us with information about wire transfer to your checking account and instructions what to do with it. The faster you send the money further, the higher numbers of transfers to process you get. No office work, no need in special financial skills, flexible timetable. You choose work time yourself. 1-2 hours of occupation a day. For each transaction you will get 140$.

  For the first month you should receive about 15 transactions, later, depending on your speed and accuracy you can get more. You will get paid on the 10th day from your first transfer, and after that monthly. We guarantee that you receive at least 15 transfers a month, what makes minimal payment of 2100$.

Registered to Fidel Castro in Havana. Cuba libre!

Alex Eckelberry
(Thanks Patrick)

How to make XP look like Vista
If you like the Vista look, but don’t want to pay for the new OS or go through the hassle of upgrading right now, there are configuration tricks and add-on programs available that will help you make your XP machine look and feel more like Vista, from the desktop sidebar to the quick search features. Read about them here.

How to install XP on a Vista computer (dual boot)
It’s easy to install Vista in a dual boot configuration on a computer running XP. But as everyone who’s ever set up a dual boot machine knows, the rule is that you’re always supposed to install the earlier operating system first. What if you already have Vista installed (for instance, you buy a computer running Vista) and you want to install XP in a dual boot configuration? You might think you’ll have to wipe the drive and start over, installing XP first – but this step by step guide from James Bannan shows you how to install XP after Vista.

You can extend the Vista activation grace period to 120 days
When you install Vista, you have thirty days before you have to activate the product before it goes into “reduced functionality” mode – unless you know the secret of extending that trial period. It seems there’s a simple command that can be run up to three times to extend for an additional 30 days, which gives you 120 days in all. According to a recent ComputerWorld article, Microsoft has confirmed that this is not a violation of the EULA. Read more here.

What’s the difference between the Vista editions?
Last week, reader Kit B. wrote to say: “If you are going to write about certain features in Windows VISTA, please tell us which versions of the OS include the feature, since many of us have not yet purchased VISTA at all.” That’s an excellent point, and I do try to do so – but I may sometimes forget. For those who may be wondering about specific features, here’s a handy chart that compares the features of the four editions of Vista that are available through retail channels (Home Basic, Home Premium, Business and Ultimate).

WHS: Don’t go home without it?
Home networks are getting more and more sophisticated as families often have three or more computers. You can share files among your desktops and laptops, of course – but what if the song you wanted to hear is on your teenager’s laptop, and he’s taken it to school with him? Or the scanned copy of your refrigerator’s warranty is on your spouse’s desktop, and it’s turned off? Businesses store files that will be shared on servers, and now there’s Windows Home Server, which makes it easier for home users to do the same thing. This makes it easier to back up important files, too. Microsoft introduced WHS at this year’s Consumer Electronics Show in January. Here is a detailed overview of what it can do for you.

IIS 7 Web server on Vista
Windows XP Pro includes the Internet Information Server (IIS) 6 web server software, with which you can host your own web site. Windows Vista Home Premium, Business, Enterprise and Ultimate editions include the new IIS 7.0 Web service. The version on Home Premium is limited and doesn’t include FTP services and other more “professional” features. The new version of IIS has a new management interface and a modular architecture (which means you can install only the features you need). It’s also easier to copy configuration settings from one server to another, as they’re now stored in XML files. To read more about the new IIS, click here.

How to enable and configure the fax service in XP
Want to be able to send and receive faxes without installing third party software or using a dedicated fax machine? You can do it with your Windows XP computer. Of course, you must have a fax modem installed and connected to a telephone line. The fax service isn’t installed by default in Windows setup, so you need to do the following:

1. Click Start | Control Panel | Add or Remove Programs.
2. Click Add/Remove Windows Components.
3. In the Components list, select Fax Services and click Next. The fax service will be installed. You may need to insert the XP installation CD. Click Finish when it’s done.
4. Now click Start | All Programs | Accessories | Communications | and click Fax Console. This starts the Fax Configuration Wizard, which will guide you through the process of configuring the fax service.

For detailed information on how to configure each page of the wizard, see KB article 306550.

Confused about licensing Virtual PC?
Virtual PC itself is free and you don’t need a license for it to install it on your computer. But you do need licenses for the operating systems you install, just as you would if you were installing them on a separate physical machine. That’s because they function as separate computers, with their own names and IP addresses and ability to access and be accessed on the network.

The cost of a license depends on the OS you install and where you buy it. If you’re a student or faculty member, you might be able to get good pricing through your college bookstore or another academic outlet. Some operating systems, such as some Linux distros, are free, so you can install these in a virtual machine without buying a license. The bottom line is that, when it comes to licensing, the requirements for installing in a VM are exactly the same as the requirements for installing on any other computer.

Another option? If you want a very useful virtual tool for safe surfing or testing, download the free Vmware Player and use any one of the free virtual appliances (like Ubuntu).

Restoring the Recycle Bin icon in Vista
If you deleted the “Recycle Bin” icon in Vista, you cna bring it back by doing the following:  

1. Right click an empty area of the desktop and select Personalize.
2. In the left pane of the Personalization window, click Change Desktop Icons.
3. Under Desktop Icons, put a checkmark in the box labeled Recycle Bin.

“Play All” link in Windows Explorer doesn’t work
Folders with audio and video files contain a “Play All” link in Windows Explorer. You can click it to add all of the media files in the folder to the “Now Playing” list and automatically play them, one after the other. If this doesn’t work, it may be because a third party extension is blocking the feature. To find out what to do about it, see KB article 555409.

How to move the paging file in XP
You can increase the performance of your computer by moving the paging file from the partition that holds Windows system files to a different partition. You can also spread the paging file across multiple partitions. For instructions on how to do so, see KB article 307886.

Can’t move mouse pointer off monitor that displays Media Center in Vista
Vista Home Premium and Ultimate editions include Windows Media Center. When you run Media Center on a computer that uses multiple monitors, you may find that you can’t move the mouse cursor off the monitor displaying Media Center to use applications on another monitor. The solution is to switch Media Center from full screen to windowed mode. For more information, see KB article 929524.

Deb Shinder, MVP

It’s becoming increasingly popular to extend legal responsibility for illegal behavior way beyond the person who actually commits the crime. Bartenders are sued or even charged criminally if a person who buys alcohol from them drives drunk. Gun owners are blamed if criminals steal their weapons and commit murder or robbery. Parents are fined if their teenage children skip school, even if the parent has delivered the child to the schoolhouse door. Vehicle owners get tickets if their cars run red lights – even if they weren’t driving.

The concept of holding others responsible has been extended into the copyright arena, too. The recording industry has been sending letters to colleges, threatening to hold them responsible if students download music illegally from their university accounts. ISPs have been served with subpoenas requiring and threatened with legal action if they don’t cooperate with RIAA in suing their customers who are accused of illegal downloading.

Recently there has been a big drive to expand the laws to encompass more and more the concept of “secondary copyright infringement” – holding software makers and hardware manufacturers responsible if people use their products to exploit copyrights.

Some legal experts are referring to this movement as “copyright panic” – an emotional state that results in the passage of harsher and harsher laws that make it more and more difficult for the public to use copyrighted material, even legally.

Indeed, there seems to some sort of strong feeling at work. Not that many years ago, copyright infringement was a purely civil matter. If you violated it, you could be sued by the copyright holder in civil court. And you still can – but now making a copy of that DVD movie can also get you arrested by the FBI, put in prison for five years and fined $250,000 per copy. In the past, it wasn’t a crime unless you did it for monetary gain. Now it’s a federal offense even if there’s no monetary gain involved at all.

As a professional writer, I make my living producing intellectual property, so I am no advocate of piracy. However, I believe the increasingly draconian laws being pushed by the movie studios, RIAA and other representatives of copyright holders are going to backfire (and, in fact, already are backfiring).

The more intrusive copyright protection technology gets, the more difficult it makes it for consumers to use legally purchased material, the more likely they become to either turn to illegal venues to get it or just stop consuming it at all. In either case, the copyright holders lose more money than before. It’s a simple fact of business that you can’t make all your customers mad at you and stay in business.

And it’s not just their customers that they’re going after. Courts have held that file sharing networks can be held liable because people use them to exchange copyrighted files illegally, that parents or grandparents can be held liable when their children use their computers to share files illegally without the computer owner’s knowledge, and that technology makers can be held responsible if their customers use their software to “rip” copy protected songs or movies.

The implications of such decisions are far-reaching and a little frightening. If software makers are responsible for how people use their programs, that opens up a Pandora’s Box of immense proportions. If a kidnapper uses Word to create a ransom note, can Microsoft be held liable? If a child pornographer uses PhotoShop to crop obscene images of kids, is Adobe responsible? If an extortionist sends threatening email from a Gmail account, is that Google’s fault?

It doesn’t have to be limited to software makers, either. If that child pornographer uses a Seagate hard disk to store the images, didn’t Seagate make technology that “enabled” him to commit the crime of possessing such images? You can see where this is going. And you might say such extrapolations are ridiculous. Two decades ago, I’d have agreed with you that the legal system would never become that skewed. Today, I’ve seen laws passed that are just as ridiculous and unbelievable.

As I’ve said before, we are fast headed toward a world in which it’s impossible for anyone to avoid being charged with a crime. Almost every human activity that’s considered in the least way undesirable or potentially dangerous is becoming criminalized. And now you don’t even have to be the one who engages in the illegal activity to be held responsible for it.

Many of those who advocate passing all these laws talk a lot about “personal responsibility” – yet they’re diluting the whole idea of personal responsibility when they seek to hold persons responsible for what someone else does.

And these laws ultimately hurt us, the public. Just as the cost of health care has skyrocketed because doctors must buy high priced insurance to protect them from frivolous malpractice suits, if software vendors are held liable for what people do with their software, the cost of software will go so high that many people won’t be able to afford it. And many vendors will stop making software altogether. They’ll go into some other, safer business, and software innovation will slow or stop. And we’ll all be the worse off for it.

What do you think? Should software and hardware vendors be held responsible for what people do with their products? How about ISPs and those who run large networks such as universities? Should they be held liable for what users do on their networks? Do the increasingly harsh copyright laws really protect creators of intellectual property or will they backfire and result in less income to those copyright holders?

Deb Shinder, MVP

Our good friends over CastleCops have been under intensive DDoS attacks but they’re back and better than ever. 

There’ s a wiki showing what happened here.

Well done, Paul, Robin and all the rest of the CastleCops team. 

 

Alex

 

Alex Eckelberry

All purty and fresh.

www.sunbeltsoftware.com

Alex Eckelberry

The first quarter of 2007 will be remembered in the annals of history as “that time when life sucked for IT”.

There’s five critical issues going on, right now, all at the same time:

1. IE 7 rollouts. Legacy software breaking and certificate problems. Here are a couple of posts I just picked off our NTSysadmin forum:

Right now, when a user uses IE6 and goes to a https website that does it’s own certificate (like ours) it comes up and gives them the option to view the certificate then install. Then no more issues.

But with IE7, NOOOOOOOOO, it blocks the content and maybe, perhaps it’ll let the user through if they beg, but maybe it won’t.

Other than removing IE7 off all the machines (which is the current solution), is there any way for IE7 to trust us? I even did that http://domain/certsrv and installed the certificate manually (which works with IE6) but it won’t freaking work with IE7.

And

We have another problem. Users opening an Access database can’t open it because it is “untrusted”, even though it’s on the Network. The only work-around I have so far is to tell IE7 not to automatically detect the intranet (it doesn’t anyway) and select the other three boxes manually. PITA.

2. Vista. Well, enough said. If you deploy Vista broadly right now as an IT manager, you’re a masochist. But you still have to deal with some guy in the organization (inevitably, the CEO), who insists on installing his own version.

3. Office 2007. See 2 above.

4. Exchange 2007. Unless your Exchange server is already 64-bit, you’ll need to get a new server. Plus the migration issues themselves.

5. Daylight Saving Time. Some may characterize DST as a “mini-Y2K”. No, it’s not, it’s worse than Y2K. At least with Y2K, everyone had the runs for the year leading up to it and were prepared. DST has hit American IT over the head with a two-by-four. Here at Sunbelt, we have had buckets of work to do for the transition — updates to SalesLogix, Exchange, SQL 2005, Office, Java runtime engine, etc.

Even I had fun with this. If you run Outlook off of Exchange and applied the the DST patch before your IT department patched Exchange, good luck getting Outlook started. And then see if everything’s off by an hour in March.

Here’s an example from my Outlook calendar: I have a number of birthdays in my March calendar. Every one of them is now a two-day birthday, because they run from 1 am to 1 am, instead of 12 to 12. And all my meetings are pushed up an hour — a 2 pm meeting is now a 3 pm meeting.

I can only feel for IT managers right now.

Alex Eckelberry