January 2004 Entries

Alumni Page Update

Added: Chris Petersen David Boyce As always, you can access the BSQUARE Alumni Page by clicking on the “BSQUARE Alumni“ link in the left menu, or by just clicking here. For those asking when I will put Bill's name up on the Alumni Page....  Well, the Alumni Page has always been opt-in.  Nobody's name is on there that hasn't asked to be on there.  I haven't heard from Bill.  I'd be suprised if I did, actually, because I don't think he's a fan of my site.  Maybe he'll show up on Chris' mailing list?

Article Announcements

I have turned on the “Articles” feature of .Text.  I have used it in the past, more to just keep intentionally malformed posts out of the RSS feeds, but I am going to start writing some longer pieces on issues regarding network security.  Writing such things is a lot of fun for me, and this feature of my blog software allows me to do it without cluttering up my main page with really long blog posts. For the initial round of articles, I am just exposing some of my older blog entries which should have been articles to begin with: Nigerian Email Scams: ...

Offshoring Legislation

To track ongoing legislative efforts to curb the booming offshoring trend, check this website out. There are no fewer than 9 pieces of legislation at the federal level, and at least 7 at the state level. One bill making its way through my state's legislature is HR-2351, which requires, among other things, that call center employees identify their location to callers, and transfer the caller to a US-based call center if requested to do so by the calling party.

Detecting an email scam

This sorta started out as a quick blurb about 2 handy tools I use to decipher hexadecimal URL strings, AsciiTable.com and the URL Encode/Decode page at Albion Research.  But it kinda grew into why I needed these things, and then I couldn't really tell the story without, you know, telling the story, and we ended up with this novella.  This is grade-school stuff for most security folks, but I have a lot of innocent bystanders reading my blog too, and I hate to pass up the opportunity to educate an end user on how to identify an email as a phishing expedition.  So...

Speaking of Dean

Iraqi blogger Ali takes exception to this egregiously false statement made recently by Howard Dean: "You can say that it's great that Saddam is gone and I'm sure that a lot of Iraqis feel it is great that Saddam is gone. But a lot of them gave their lives. And their living standard is a whole lot worse now than it was before." In Ali's rebuttal to the presidential candidate, he says: “...only a (blind) man would believe it and only a man blinded by his ambitions would dare to say it...“ and “And all of this for what? For staying in the white house...

Politics and Blogs

I have been reading a few comments about Howard Dean's recent implosion since the primaries last week.  I'm frankly stunned when smart people are surprised that Dean treated his blog as just another avenue to get his word out, instead of using it how some people think he should have, to give people an insight into the campaign and the candidate. Well, DUH. What about politics makes anyone think a politician would say one thing in public, and then go on the Internet and say “Jesus, I've been on 3 planes in the last 24 hours and now some treehugger wants to meet with me...

Microsoft Fixing IE's Spoofing Weaknesses

Microsoft on Wednesday announced that they will be updating Internet Explorer soon to disable the ability to provide user credentials in HTTP and HTTPS URL strings. This feature has recently been exploited by scammers who have used weaknesses in the routines to trick users into going to malicious web sites.  (I covered these issues in depth, in my phishing expose “Phishing For A Living” and the followup “Spoofing the Address Bar in Internet Explorer”) While this change will certainly generate some heartburn for a few web developers, I applaud it.  Nobody should be sending user creds over the Internet in URL strings anyway, I can't think of...

Sorry for the recent outages

My cable modem gave up the ghost 2 nights ago and I just now got it replaced.  Comcast was pretty responsive after I got past all the BS the tech support people make you go through. So Comcast replaced the modem, which of course means a new IP address.  The tech also let it slip that they are going to be rolling DHCP addresses every 4 days from now on, in preparation for doubling the bandwidth both ways for cable Internet customers. So, I was looking around in the firmware of my Linksys router and realized it supports DDNS, or Dynamic DNS, if you...

New Guidance on Handling Incidents

Dana discovered a new document put out this month by NIST, providing some great guidance with regards to incident handling. I've only skimmed it, but so far it looks excellent.

This is me shutting up about ICF

So I finally took some time out this past weekend to have a hard look at the new version of Internet Connection Firewall that will come with Service Pack 2 for XP. It's good.  Actually, it's better than I dared hoped for. My fears that it will be too complicated for the average home user are completely unfounded, if this beta version is a fair representation of what will be in the shipping service pack.  I am able to run Everquest, Star Wars Galaxies, and other online games without all the configuration hassles that prompt users to disable similar firewalling products from...

Why I can't stand tablet PCs

There has been a lot of hype lately about the growth of Tablet PCs, like this Acer one. It's been a while since I first took a Tablet PC into my big hands.  I tried it for 5 minutes and couldn't run away fast enough. Why?  Because I can't write while keeping my hand suspended in midair.  Try it sometime; it's unnatural, and annoyingly hard.  When I write something, my hand needs to be resting on something, and on a Tablet PC that something is the screen.  Which on early versions meant most of my hand was mashing down 12 or more touch-sensitive buttons while my fingers...

Jobless Recovery a myth?

I promised some good news on the job front, and I have searched long and hard to dredge some up.  This one is a doozy. Bear Sterns today released a report indicating that the Jobless Recovery we've all been talking about is a factor of poorly designed metrics, and the job situation in America is actually much better off than most economic types and rant-prone bloggers would have you believe. On HobbsOnline, Bill Hobbs goes into a number of reasons why this economic recovery is not, in fact, jobless. Turns out there are in fact 2 ways to measure unemployment:  One way involves asking...

Wait a minute... Mexicans can write software?!?!

So it's slowly dawning on people that Mexicans can do more than pick oranges, cook, and clean houses.  This is something I've known all along, naturally, and this fact has been the root of my discomfort over the President's recent immigration proposal. The proposal may be intended for farm jobs, or other non-technical sectors, but unless the legislation is specifically restricted in such a way, the folks who run the nation's technology companies are going to be chomping at the bit to import Mexican tech workers (they do exist, I've met some, and they don't suck).  What would a mexican immigrant accept...

Back online

Sometime over the weekend the IP address I use here at bmonday(dot)com changed for no apparent reason, knocking the site off the air. Actually, I'm quite sure of the reason:  I had told a friend of mine last week “I've got a cable modem at the house and my IP address hasn't changed in 2 years”, as we were lamenting on her cable modem's address changing every time her power goes out. I know better than to say things like that.  Not sure what I was thinking. So anyway, I figured it out this morning, and then spent 2 hours brute-forcing my way into...

Iraqi Eloquence

There is a fantastic essay on the Iraqi blog “Iraq The Model“ about the state of Iraq and its future.  Iraq The Model is definitely one of my favorties lately.

IE Team Insights

I saw a post on Scoble's blog about a recent meeting he had with the head of Microsoft's IE team.  It's fairly enlightening.  They say the site spoofing bug that I have been railing against for the last month has been unusually difficult to squash without causing other issues, but they are working hard on the problem. Yes, those guys need a blog, badly.  The lack of outward communication is leaving us with conjecture and speculation as the only source of information about bugs and other issues relating to IE.  It should be noted that many people (myself included) have been...

Offshoring Eats Away at IT Pay, Study Shows

eWeek is running an interesting story about the decline of IT pay scales as a result of the recent boom in offshoring.  Some professions have declined nearly 30% in pay in just the last 12 months. We're witnessing the beginnings of the reset I anticipated, as job seekers in the US adjust pay expectations downward in order to compete with foreign workers for IT jobs.

No IE fixes in January's updates??

I'm stunned that Patch Day has come and gone without a single update to Microsoft's most popular and most bug-ridden application, Internet Explorer.  Some very critical bugs remain unpatched, and worse, are actively being exploited in the wild. Phishers started using the new address obfuscation techniques only a week after they were announced to the world, reports SecurityFocus.  Bank of America, Citibank, PayPal, Earthlink, Barclay's and Lloyd's have all been targeted by the new enhanced form of phishing made possible by this egregious bug in Internet Explorer since the bug was first made public 5 weeks ago. Is there anyone left on the...

January's (and December's!) Round of Microsoft Fixes Are Now Available

Microsoft is releasing 3 fixes for the month of January: MS04-001 concerns a flaw in ISA Server 2000, Microsoft's firewall/proxy product.  This patch is deemed critical, as it allows remote command execution MS04-002 is a moderately severe flaw in Exchange 2003 that could allow privilege escalation MS04-003 is yet another MDAC buffer overflow, that Microsoft deems “important“ in severity.  This patch replaces the one provided in MS03-033 Enjoy!

Small layoff at BSQUARE, plus comments on Bill's departure

There was a small RIF (5 people) at BSQUARE yesterday.   I promised some additional comments on Bill's departure, and I might as well lump them in here. I'm sad to see Bill go.  Not because I think it's the wrong thing for BSQUARE, but just because he was the last founder to go, and the company seems that much different to me now.  I can only think of one person still at BSQUARE who was there when I started, back in 1996, when we were only 30 people strong.  I no longer feel a part of the current BSQUARE (and I shouldn't, it's...

Apathy

This happened a couple months back, but I am just now getting around to commenting on the issue: I was troubleshooting a problem I was having with new servers in my lab.  They would run for about 5 minutes, then suddenly drop off the network.  They would still be attached to the network, but any network traffic sent to them, or sent by them, seemed to get stomped on.  This behavior occurred on multiple new systems, and was driving me insane. So at some point I fired up my EtherPeek packet analyzer and pointed it at the port one of these misbehaving...

45% of executables on Kazaa are malicious

According to this Wired story, a recent analysis of executables available for download on the popular file sharing service Kazaa showed that nearly half the files downloaded contained some form of malware. The malware ranged from trojans that turned the downloader's computer into a spam relay, to programs intended to search through the system looking for personal files and passwords. Always look a gift horse in the mouth, because you might find it full of trojans.

Strange Dream

I had a dream this morning that I was pet-sitting a giraffe for a friend of mine.  But while the giraffe was chilling in the (unusually clean) garage, someone drove up and kidnapped him. When I woke up from the dream, I looked over to Prince Charming (one of my 2 cats) and said “Dude, I just had the weirdest dream.  The garage was spotless!” It's pretty sad that, given a choice between a clean garage and babysitting a friend's giraffe, the clean garage seems the more fantastic story.

BSQUARE Alumni Updates

I made some changes to the BSQUARE Alumni Page page this morning: Added: Hamid Ghassemi Michelle Manson Nannette Benner Updated: Charles Bagley  

Bill Baxter resigns from BSQUARE

Bill resigned from BSQUARE today.  I'm still reading the email, I'll post more later.

Unemployed Americans can still vote come November, GW

I was reading the text of President Bush's speech today announcing the new immigration policies, and frankly I feel like I just got sucker-punched.  This is the last thing I expected out of a President who has been cracking down on foreigners at every possible opportunity.  In fact, I was hoping he was going to announce some much-needed reform of our woefully mismanaged immigration policies. Instead, his new proposal is going to: Introduce a new 3-year visa program for illegals who are already in the country Allow foreign workers into the US to fill American jobs under the same program, provided the jobs...

bmonday(dot)com now running .Text v0.95

As I mentioned in a previous post, I spent this afternoon updating this blog to version 0.95 of .Text. Most of the features for 0.95 are for the convenience of the admin (me).  However, some new features will be of interest to my readers: You can now subscribe to individual categories of posts.  For example, if you are only interested in BSQUARE-related posts, you can set your RSS reader to only pull down the feed for the “BSQUARE Alumni Page” category.  You can see the links for the RSS feeds denoted as “(rss)“ at the end of each category listed on the left...

.Text Upgrade in Progress

Bear with me while I work through upgrading to version .95 of .Text.  The methods used for skinning has changed significantly, so I will be using a generic skin during the course of the upgrade.  I will have the web version of this blog looking like normal by the end of the day (I hope).

First Look at XP Service Pack 2 beta

Yes, I know I promised to give the Beta a try and report back on how it does.  But I haven't gotten around to it for several reasons, first of which is that it took some time for Microsoft to put the (400MB!) ISO up on MSDN so people could download it. And then it became a factor of my motivation level, which has been staggeringly low lately.  (“Staggeringly“.  Hmm.  First time I have ever used that word here I think.  I think I like it!) Anyway, Security Pipeline recently wrote up a nice first-look at the Service Pack.  So go there...

BSQUARE Management Changes

Seems Nogi Asp has resigned as BSQUARE's CFO and VP of Finance, effective today. Replacing him is Scott Mahan, a consultant who has been working mostly with the PES organization. It always makes me nervous when a CFO “leaves” right after a quarter ends.

.Text v0.95 is out

Scott released the highly-anticipated .95 version of .Text yesterday.  Changelist is here. This site uses .Text, and so far I freaking love it.  I'll be upgrading to .95 this weekend, as there are several features in it that I have been waiting on for a long time.