Archive for December, 2003

Don’t post Word docs!

December 13, 2003

Woody’s Office Watch #8.50 has more examples of Word docs posted on the web with information stored in them that probably shouldn’t be there. Docs from the Department of Homeland Security, the Speaker of the House, Newt Gingrich, the Chief Security Architect from Dell (!) (some of the links will probably be dead or lead to docs that have had the information talked about removed — at least I hope so!). Names and ids of the folks who edited them are in there as well as the locations of the files on the users’ drive, not to mention complete revision histories!
Be careful. Think about what you’re doing. Pay attention.

Advertisements

Opera file overwrite vulerability

December 13, 2003

Secunia has released SA10425 which describes a vulnerability in Opera which allows a malicious website to overwrite a file with a simple download operation. The solution? — upgrade to Opera V7.23.
It’s interesting that we see a lot of exploits for non-Microsoft products posted after their solution is available.

On social networking

December 10, 2003

This posting to VentureBlog gives some insight into what (at least one) VC is thinking. Some excerpts:
“I frankly think that social networking is close to a zero sum game.”
“Relationships are maintained through interaction — we call, email, have lunch, etc.”
“It is conceivable that technology could make us more efficient
and therefore increase our universe of relationships (…) But I
believe that increase is marginal.”
In other words the free ride is over. Friendster, LinkedIn, tribe.net and the others need to find some way to provide value or face extinction. This isn’t uncommon. First-wave adopters have an advantage of being there (ahem) first but once the “ooo-ahh” has worn off, consumers will turn away unless they have a real reason to stay. It has begun. Within 3 months we’ll see the 2nd generation and, hopefully, they’ll actually have something to contribute.

Spelling’s one of the things that goes …

December 10, 2003

… when you cut back. I’m probably “two” hard on them but the editors at Microsoft apparently didn’t check this KB article very carefully. For the “two” busy amongst us, read the CAUSE section carefully.

Online WiFi hotspot locator

December 10, 2003

Intel has an online WiFi hotspot finder at http://intel.jiwire.com/index.htm. They say they’re verified which is good. Wonder how long it’ll last?

Excellent Linux site: LinuxPipeline

December 9, 2003

Another item from Scot’s December 4, 2003 newsletter. He’s launched a new Linux site called LinuxPipeline. News, info on applications and distributions. Bunches of stuff that professional Linux folks can use.

Another set of RSS references

December 9, 2003

Courtesy of the December 4, 2003 issue of Scot’s Newsletter — an excellent newsletter that, unfortunately, isn’t published in RSS form.

  • Introduction to RSS – Webreference
  • What Is RSS? – XML.com
  • RSS Tutorial for Content Publishers and Webmasters – Mark Nottingham
  • Lockergnome’s RSS Resource
  • All About RSS – Fagan Finder
  • RSS Feed Reader / News Aggregators Directory – Hebig.org
  • Top Aggregators – UserLand
  • RSS Readers – Weblogs Compendium
  • Worm infects Windows-based ATMs

    December 9, 2003

    ZDNet reports on this and you’ve probably already heard about it but it’s one of my worst nightmares — that an ATM gets infected by a worm. Of course, that begs the question of how the worm got to the ATM in the first place? Wouldn’t a responsible bank have the ATMs on an isolated network, firewalled separately from everything else?

    Oracle (?) warns of SSL vulnerability

    December 9, 2003

    eWeek reports that Oracle has issued a High-Severity SSL vulnerability warning, a follow-up to CERT’s Advisory CA-2003-26. Looks like there are no viable workarounds so the only option is to apply Oracle’s patches from their MetaLink support website.

    Anti-virus: Avast

    December 9, 2003

    A long time ago I used McAfee’s anti-virus product … the retail one. Then a few years back I switched to the online version. Their ads and constant attempts to upsell me finally got to me so when it came time to renew this year, I didn’t … even when they said they’d cut the price in half. I went searching for a replacement, tried a couple and wound up with Avast! It’s free for personal use and they post frequent updates. You ‘ve gotta get over the fact that you’re retrieving your AV updates from a Czech site, though 🙂