May 31, 2007 at 1:03 pm | Posted in Technical | Leave a comment

I am now completely tempted to put a Citrix server in my house, and then put one of these in every room.

One of the silly things about thin clients in my opinion has been that in the past, you didn’t get much real estate back when you made the transition from a traditional PC to a thin client. Most of them aren’t that much smaller than a MicroATX-based PC. They have the same number of cables tangled up at the back, too. Of course they have many positive features; fewer moving parts for a longer life cycle, and easier management for the IT staff.

The JackPC has added the features I thought the thin client was lacking. I wish I could get my hands on one to try it out!


Amazing gear coming!

May 30, 2007 at 7:41 am | Posted in Entertaining, News, Technical | Leave a comment

I have to admit. Microsoft has knocked my socks off this time. Their surface computing stuff looks pretty awesome.

Don’t settle for reading an article; you’ve got to see this thing in action: http://crave.cnet.com/8301-1_105-9723647-1.html 

It’s being proposed for uses on restaurant tabletops, though, which to my mind is a bit impractical. I’m thinking this will be fairly pricey, and do you really want a restaurant patron dumping a plate of spaghetti on your extremely expensive computer?

Still, kudoes to Microsoft for bringing us ever-closer to the world of Philip K. Dick.

OLPC security boss makes a good point

May 22, 2007 at 7:31 am | Posted in Technical | Leave a comment

In a speech yesterday, Ivan Krstic, the security director for “One Laptop Per Child” made an excellent point regarding desktop security, one which many systems administrators know and loathe.

“The No. 1 broken assumption of desktop security…is this very simple premise that all executing software should execute with the full permission that its user possesses,” Krstic said.

“There are a bunch of programs that ship with all major operating systems–including Linux, Mac OS and Windows–that can format your hard drive, spy on your computer, spy on you with your microphone and camera, and turn over control of your computer to third parties,” Krstic said.

I understand that this dates back to the very earliest days of computing, when security took the form of a padlock on your punchcard box. Why is it, do you suppose, that in today’s volatile networked environment we are still allowing processes to run with user rights?

If you think about it, every time you visit a web site, you are executing code which has been created by some unknown person. That means with every web site you visit you allow your computer to run some completely foreign code and simply trust that the author doesn’t have any malicious intent. While I’d like to think that every HTML designer out there is an honest, hardworking, trustworthy person, I know any faith I can summon in the strangers of the Internet is probably misplaced. Caution is the better part of valour, after all.

What are my choices, though, short of throwing up my hands in despair and trying to learn to live without the Internets?

To my mind, this is one of the best arguments for desktop virtualization I can think of at the moment. By isolating a virtual machine, and only using that one for web access and Internet connectivity, it’s possible to keep an entirely separate virtual machine for all your other purposes. When your Internet-connected VM executes malicious code, it will not be able to penetrate your other virtual machines. Wipe it out, and start over.

Of course, that’s assuming that you don’t weave your Internet life and your work life together, as so many knowledge workers do. For an increasing number of us,  the Internet is where we work. Slipping to another VM every time we need to access it would be very inconvenient. I can’t quite imagine a world where copy/paste didn’t span my entire desktop.

I hope that the need for more and more workers to have the Internet at their fingertips will drive the OS developers to find a different way to design operational permissions. Short of that, I will have to continue to take that frequent leap of faith!

Longhorn Beta 3

April 26, 2007 at 7:04 am | Posted in Technical | Leave a comment

Microsoft is looking for folks to try out Longhorn Beta 3, their long-developed Windows Server offering. The following is a quote from their press release:

The release allows people to evaluate the increased control, flexibility and protection built into Microsoft Windows Server “Longhorn” Beta 3, available for download today at http://www.microsoft.com/getbeta3. The final version of Windows Server “Longhorn” is on track for release to manufacturing in the second half of 2007.

“As they take it for a test drive, our customers and partners will find we made some vast improvements in Windows Server ‘Longhorn’ to help them reduce costs and adapt to changing business needs,” said Bill Laing, general manager of the Windows Server Division at Microsoft. “Between early adopter customers and Microsoft IT, we have hundreds of servers running in production environments today. If there’s one message we want to send today, it is get ready, download and evaluate.”

Improvements Microsoft is touting for this release:

1. Windows PowerShell, a scripting tool for administrators, is now included in the product.
2. Active Directory Federation Services improvements allow customers to implement new policies and make it easier to set up a relationship between trusted partners.
3. The Server Core installation option now comes with additional roles and enhanced functionality, such as print services and Active Directory Lightweight Directory Services.
4. The Server Manager console includes additional remote administration tools to provide a more integrated management environment.
5. Windows Firewall with Advanced Security, now on by default, provides a persistent and more secure environment beginning at installation.
6. NAP is integrated with Microsoft Update and Windows Update to enable administrators to decide which updates are critical and set policies accordingly. It also has a new administrative interface for simplified setup, scalability and better performance.

Ubuntu Out of the Box

April 16, 2007 at 7:57 am | Posted in News, Technical | Leave a comment

Ubuntu’s next release is creating quite a stir this week, as Ubuntu makes aggressive strides into the world of high-end servers.  Essentially, the next release of Ubuntu (Feisty Fawn, scheduled for April 19) is the first Linux distribution with Para-Ops and VMI support for optimized performance under VMware.  Of course, Feisty Fawn still supports open-source virtualization packages, like Xen.

If the release works as it should, you could run Feisty Fawn on your Linux server, and install a VMWare layer. From there you could do all the ordinary things VMWare supports, including running virtual Windows machines.

New Mac Pro reaches epic proportions…

April 5, 2007 at 7:25 am | Posted in News, Technical | Leave a comment

When I saw Apple’s web site this morning, I think I heard the lofty trumpet sounds of Copland’s Fanfare for the Common Man chiming down from the heavens. I am pretty sure the murky clouds over the Detroit area parted, and a single ray of sunshine beamed directly down through the Dynamic Computer ceiling and onto my flat panel.

The new Mac Pro is just an unspeakably awesome computer. Let’s start with options for 8-core Xeon processing. Up to 16 GB of RAM. 3 TB of storage & your choice of three hot graphics carts. It is downright swoonworthy. The best part: the entire thing is customizable. You can opt to start out with this case nearly empty, leaving a ton of room for expansion, or you can load up. The price difference there is about $2500 for the bare bones (still pretty great) up to about $12,000 for the most incredible desktop computer I have ever seen.

I can’t wait to see if the reviewers like these. I think it’s a great move for Apple to offer just one really amazing new computer, and let people scale it the way they want it. I’m sure most home users aren’t going to shell out $12,000 for a machine to play World of Warcraft or Doom; the nearly empty version could still make for some pretty smooth gaming or multimedia performance. I can, however, see how some professionals might want to inch toward the $12,000 top end. I have got to think this would be an amazing architect’s or engineer’s computer. It would also be great for my work with the Adobe Creative Suite, rendering vector graphics and such, although I’d have a tough time convincing Casie and Farida of the ROI of switching me from Windows to Mac and buying me a computer that costs as much as a car.

Dare to dream.  And now, all together on the count of three:

one,        two,         three:    *swoon*

Don’t forget your Windows Update today

April 4, 2007 at 7:25 am | Posted in Technical | Leave a comment

Microsoft released a patch yesterday for that security hole in all Windows operating systems that I mentioned last week. As it turns out, Vista was also susceptible to these exploits; it just took a little convincing to get Microsoft to admit it.

So, if Windows is nagging you right now to run your updates, you probably should go ahead and do that. Unfortunately, it requires a reboot; but then you will have the peace of mind that comes with knowing your computer is free of holes. Well, that is, until the next one is discovered sometime next week…

Why businesses should take SPAM seriously.

April 3, 2007 at 2:36 pm | Posted in Technical | Leave a comment

I don’t think a day goes by the we don’t all get spam. For the most part, it is an annoyance; a mailbox full of ads for pharmaceuticals we neither want nor need. It’s that joke that everyone in our family forwards to us, or that sales list we accidentally joined when we signed up to win that free iPod.

First off, let’s consider the cost of spam if it somehow hits its target, and finds a willing victim. Spam is illegal in many states, because it is a method for committing  so many crimes. Email spam may have started out as an annoying sales tactic, but it has rapidly become  a vector for violating the law. It has been used in financial theft, identity theft, data and intellectual property theft, virus and other malware infection, child pornography, and fraud, to name a few.

The worst thing about spam is that it marches right through the front door and takes advantage of people’s desperation. Particularly evil spammers target people with serious illnesses, children, and drug addicts. If you think this isn’t a threat to your business, and that spammers usually target individual home users, think again. Your office assistant may not be a child, but he may click a link that appears to be related to his job. The newest trick spammers use is to hack legitimate web sites and continue the confidence game right up until the point where they’ve got access to your files, or your financial data. Even the savvy user may be suckered by a link, and thereby usher a trojan virus onto your network.

Although it has fallen from awareness and been labelled an annoyance rather than a threat, the sheer volume of spam is on the rise. This, in itself, is a problem.

MessageLabs, a New York based messaging and Web security company released a report yesterday finding spam levels jumped 76.3% in the first quarter the year. Small and medium-sized businesses are bearing the brunt, ending up with more than double the volume of spam than larger companies. This suggests that technical solutions employed by large companies are working, but lower-cost measures available to the smaller companies are either not effective, or not being put to good use. Either way, smaller and mid-sized businesses need to snap out of it and start taking spam seriously before it gets them into trouble.

I  believe that  many IT professionals have lost touch with the danger involved with spam, considering it a daily irritation, and a necessary side-effect of having an email system. Certainly  many companies do not have funds sitting around, earmarked for antispam systems. Mark Sunner, chief security analyst at MessageLabs, agrees with me. “The majority of small businesses… have given up on dealing with the issue, only to find that bad guys target them even more aggressively. If the first-quarter data tells us anything, it’s that malicious activity in the form of spam will only continue on an upward trend.”

Aside from its other criminal uses and annoyance, spam squashes worker productivity. A survey published yesterday by Nucleus Research and KnowledgeStorm reports it costs $712 per employee per year in wasted work time, or $71 billon to all U.S. businesses annually.

Spam can also serve as a denial of service attack, slowing your network or clogging your email server with thousands of unsolicited messages.

Absent any strong antispam legislation or any enforcement to protect us, all you can do is build in the most robust antispam measures you can afford. In the meantime, try not to throw your mouse across the room in frustration when you see your inbox each morning. I’m right there sympathizing with you in spirit.  

OMB Thick, but Learning

April 2, 2007 at 7:29 am | Posted in News, Technical | Leave a comment

The office of management and budget has officially weighed in, declaring that federal agencies must attempt to secure desktop computers.

In a memoranda released on the whitehouse.gov web site, the OMB instructs agencies to take actions that, frankly, should be common sense. I would consider configuring Windows security to be the bare minimum that can be done.  

Here are some of the items from the list:

• Use virus and spyware detection and removal utilities
• Use e-mail clients that filter spam
• Do not allow unapproved applications such as file-sharing and instant-message tools
• Run the system with limited user privileges
• Configure software to reduce exposure to threats
• Don’t let Java, JavaScript and ActiveX applications launch by default

The guidelines also require robust passwords, and strict adherence to a password changing regimen. I’d have hoped that the federal government was already doing all of these things, but I guess it’s better late than never. Happy Monday!

Microsoft Update Time

March 29, 2007 at 1:19 pm | Posted in Technical | 1 Comment

For the 90 percent (or so) of us who are using MS Windows, it’s time to avoid opening unsolicited email, and to be careful what web pages we browse, because there’s another vulnerability which can be exploited via HTML page. The affected systems are:

Windows XP Service Pack 2, Windows Server 2003 Service Pack 1
Microsoft Internet Explorer 6 for Windows XP Service Pack 2
Microsoft Internet Explorer 6 for Windows Server 2003 SP1
Microsoft Windows Internet Explorer 7 for Windows XP SP2
Microsoft Windows Internet Explorer 7 for Windows Server 2003 SP1

(Good news for all 12 of you who have already loaded up Vista; you’re not vulnerable!)

Microsoft has not yet completed an investigation, but McAfee has had some time to look into it, and reported it publicly yesterday . According to McAfee researcher Craig Schmugar, the flaw exists in the way IE handles malformed .ani files (the format is used to read and store Windows Animated Cursors) and malicious code can be easily placed on an attacker’s Web site to trigger the vulnerability. McAfee was able to demonstrate the vulnerability exists on fully-patched WinXP SP2 systems.

Multiple sources in the anti-malware community have confirmed McAfee’s discovery, which includes the use of arbitrary .exe files and Trojan downloaders. Microsoft has acknowledged that this is, indeed, a vulnerability which will require an MS Update to remedy, although they have not yet released a fix.

In the meantime, it is best to stick with familiar trustworthy web sites, and to avoid viewing unsolicited email messages. If you are using a “preview” window in your mail client, it is a good idea to switch from HTML to plain text displays, since the preview can cause the malicious code to execute without your actually opening the unsolicited message. 

« Previous PageNext Page »

Create a free website or blog at WordPress.com.
Entries and comments feeds.