Category: Tech

Categories
Net Weird

It’s a weird world

I’m always amazed at how far the on-line world has come in the last ten years.


I’m even more amazed at how much I assume everyone else is amazed by that. 



  • I live in a special little world called Silicon Valley.

  • I live in a world where everyone has an e-mail address (and most have three). 

  • I live in a world where I look suspiciously at any business that doesn’t have a web site (even Internet addiction centers have web sites).

  • I live in a world where anything that can’t be Googled doesn’t exist.

  • I live in a world where most things that can be Googled still don’t exist (killed in a rocket car?  yeah, right).

  • I live in a world where WWJD stands for What Would Jobs Do?

  • I live in a world where people will buy a Mini because it’s compatible with their iPod.

  • I live in a world where a reality distortion field isn’t science fiction, it’s protected by the ADA.

  • I live in a world where the coolest computer company only has a fraction of the market and makes most of their money selling MP3 players.

  • I live in a world where a project doesn’t end when you ship, it ends when you get the T-Shirt.

Ah… paradise.

Categories
Microsoft Security

New security threat

Update: Patch for part of the problem:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4D056748-C538-46F6-B7C8-2FBFD0D237E3&displaylang=en




On line news sources have picked up ISC’s warning of a new threat to IE users which could allow hackers to steal on line banking passwords.  The code exploits a combination of a hole in unpatched IIS web servers to install malicious pop ups and a hole in IE to install a program via that pop up. The installed program watches for connections to a specific set of banking sites and logs the username and password (yet another reason everyone should get a pop up blocker, I’m so glad XP SP2 comes with pop up blocking as part of its greatly enhanced security).


Unfortunately the articles don’t do anything to help users understand what they should do to protect themselves from this attack or even if there is anything they can do. The reason for this lack of info is there is little users can do to defend against this exploit, even for advanced users. This is very scary to users of any level.


So… what should users do?  Here are my suggestions (yeah, these are my suggestions, my employer hasn’t approved them etc.)


Users of Windows XP can protect themselves by upgrading to Windows XP service pack 2, RC2 (RC2 means “release candidate 2”, i.e. it’s not the final version). Early adopters may rejoice and the braver among you may jump on board. I’ve been running SP2 for a while now and my personal opinion is: RC2 is great, but just in case you should back up your stuff and choose the install option which allows you to remove it if you have second thoughts later on. Unfortunately SP2 RC2 is a “preview” and isn’t supported by us yet. 🙁


Users should also review the ISC list of targeted bank URLs (scroll down through the report to find the list). If users have visited any of those sites recently they should seriously consider changing their banking password. By the law of averages users who get frequent pop up advertisements are the most at risk (regardless of the type of site you visit).


For users of earlier versions of Windows or people who aren’t willing to install the unsupported RC2 release there isn’t a fix yet, but there will be a fix in a couple weeks (no date has been announced yet). To help protect users until the patch has been fully tested Microsoft is working with law enforcement to shut down all the sites known to be hosting the exploit.


On a related note, if you don’t update your system regularly, you really should.  I’ve set Windows to automatically update my machines every night at 3am if needed.  Some worry automatic updates will cause problems but here’s my anecdotal data: I’ve been running automated updates on my very non-standard PC (a dual processor, 500 MHz Celeron with additional hardware that hasn’t been approved for Windows 2000 much less XP) for as long as it’s been available – I have never had a problem caused by the automatic updates.  Besides, the problems created by not updating far outweigh the possible problems you might encounter with the automatic updates.  Also, the automatic updates don’t include hardware drivers in the vast majority of cases (and it’s the hardware driver updates that cause many upgrade problems people encounter).


Some more details from ZDNet: http://zdnet.com.com/2100-1105_2-5251981.html?tag=nl

Categories
Hotmail Microsoft

Movement from the Mac guys

A couple big changes this week involving the guys from the Mac team (I used to test PWS, IMN, OE and Entourage for the Mac team):


Tantek Çelik has decided to leave the MS fold and strike out into the world.  Tantek was a key player in the IE browser for Mac and is well known for his CSS contributions.  He also worked to get his teams’ excellent rendering engine into one of our set top boxes, unfortunately without success.  He has a great summary of his MS work in his open farewell letter.  He has yet to announce his next project.


Also related to Microsoft Set top boxes, Dick Craddock has come on board with Hotmail as the Front Door Development manager (we call the servers which host all the chrome and features for Hotmail the “Front Door” machines because users enter through the front door).  Back in 1998 when Microsoft bought Hotmail the Mac Internet client team (IE and OE) in San Jose was kind of cut in two as many people went “downstairs” to work on the newly acquired service.  Dick took the reigns and I had the pleasure of reporting to him for a time.  Dick moved buildings along with the Mac IE team and went to work on Ultimate TV and then onto other MS TV products.  Now, almost six years later, I get a chance to work with him again.  Dick’s migration is 100% upside for Hotmail.


I moved from the Mac group to Hotmail in ’98.  Kristin, who used to report to me as a tester, joined later.  Omar, who first came to MS as an intern in my team, is now a lead here.  Dick, to whom I used to report, is now a dev manager here.  Hey, the world does revolve around me!

Categories
Blog

Are Blogs really “all that”?

Seriously now… blogs are little more than personal home pages with built-in text editors.


People put up web pages for a number of reasons, but it’s really all about a real or perceived notion that what they have to say is interesting to other people.  Blogs are all the rage now because they’ve cut through the painful overhead of setting up and maintaining a web page.  Here’s what I say, they’re nothing new, just a better implementation.


Bill Gates is now going to get a blog.  Doesn’t he already have one right here?  Sure… it doesn’t look like a blog, but it serves the same function.  So, if Bill Gates already has a web page that provides a forum for his views and news what is he really getting?


Perhaps it’s not that simple.  Our society is continuing to evolve from a formal to informal society.  We don’t wear ties to work anymore.  We don’t like our neighbor’s kids to call us “Mr. This” or “Mrs. That”.  We prefer instant messaging over e-mail.  Are blogs just an extension of that formal to casual transition our culture is making?


A formal home page is cold and corporate.  It has pretty graphics and structured layout.  A blog tends to have fewer static pictures and the content, while structured, tends to be shorter and come in fits and bursts (My posts range from a couple lines to long boring rants no one reads… are you still here?).


So what do you think?  Are blogs really something new?

Categories
Hotmail Net

Hmm, I was going to charge more than that

While I was only joking about selling addresses (see comments) it appears the AOL workers are a little less loyal to their users.


A snippet of the whole article from Reuters:



US Charges AOL Worker Sold Customer List for Spam
Wed Jun 23, 2004 07:07 PM ET


By Andy Sullivan


WASHINGTON (Reuters) – U.S. investigators said on Wednesday they had arrested an America Online employee and a Las Vegas marketer for stealing the Internet provider’s customer list and selling it to a purveyor of “spam” e-mail.

AOL members were flooded with millions of unwanted messages because of the scheme, according to a criminal complaint filed in U.S. district court in New York.

Jason Smathers of Harpers Ferry, West Virginia, was charged with stealing a list of 92 million AOL customer screen names and selling them to Internet marketer Sean Dunaway of Las Vegas.


[snip…]

Categories
Blog

If a blog falls in the wood…

My Cousin Mark Robert (I can’t remember a name for two seconds? Must be time to put me out to pasture) used to work for Nokia as a patent attorney, now it appears he spends his time blogging.  I guess I’ll have to drop him an e-mail to find out else what he’s up to.

Categories
Hotmail

The official word

The official press release is now available on MS Press Pass.  Enjoy!


In related news, Omar is also stoked about the change. 🙂

Categories
Hotmail

The cat’s out of the bag…

Yep, it looks like the articles are starting to roll off the presses, even before any press releases are out from MS Press Pass.  How do they do it? 🙂


Here’s what’s important: we’re not trying to have a “storage war” as some would say, we’re tying to make storage not be “the issue”.  We’re putting in a lot of effort to make sure we have the features users really want and need.  In the rush to announce the storage bump the articles gloss over that we’ll be doing things like improving security by changing the anti virus cleaning to be free for all users (we have had free anti virus scanning for all users for over five years).


I guess the basic thing is this: I want people to know that we love making cool software, we’ll continue to do that.


Related news:


Categories
Hardware

Happy laptop once more

The nice help desk guy got me up and running once again (and in fairly short order too).  There are a lot of perks to to working at Microsoft, not the least of which is getting questions answered (either from tech support or the people who designed the software in the first place).


The solution to my problem was to use the recovery module on the XP install CD to manually copy a new system file over from the CD’s system folder.  There may have been an automated method but it wasn’t obvious (not to mention the MCE install CD I had wouldn’t do the trick).  There was no way I was going to get it solved on my own except by wiping out Windows and starting fresh.


Now I just need to fix all drivers that managed to break in the repair process… how does replacing that one file cause all the other stuff to break?

Categories
Hardware

The best laid schemes o’ Mice an’ Men…

I was hoping to keep a record of my vacation (more for my sake than for any interest it might have) but my laptop threw a shoe. 



Windows could not start because the following file is missing or corrupt:
\WINDOWS\SYSTEM32\CONFIG\SYSTEM


Kee-rap!  Wouldn’t you know it, I have CDs of Windows from 98 to XP home but no XP pro cds to attempt a repair (I have MCE CDs but they seem to lock up when attempting to use them).


Oh Joy.  I get to pull my hard drive.