Feed your Messenger

Posted: 8:59 am
December 30, 2005
Web 2.0
5 Comments

I try not to make it a secret that MSN Messenger is my favourite IM app. I lived inside of Trillian for a long time (few years) because it simply was the best client out there. As Google Desktop started taking off and I found less and less reason to be connected to five networks. Not to mention that all my business pals were dragging me to MSN Messenger. Then came the webcam. Bye Trillian. Now on to the cool part. Microsoft has organized a contest called "MSN Messenger World's Best App Contest" and it has some pretty cool apps already in the App Gallery but more importantly I think someone at Microsoft figured out one of the major Google Secrets. Yup, even better deal than Indian PSS: Get people to work for you for free. So for a few grand and a bunch of free software they have managed to get a ton of free apps written for them and give even more people and even more developers to work on their messaging platform. Brilliant!

So who is behind WMF exploits?

Posted: 8:31 am
December 30, 2005
IT Culture, Security
Comments Off on So who is behind WMF exploits?

Ok Bill, day 3? It's time for some editorial ranting here. So there is quite a bit going on with people unloading exploited DLL's and people claiming its too harsh of a move. While Susan does have a very good point in using the layered approach that I agree with, this is a little too severe to stop at the best effort security. Why? Because its not just about WMF. Any file format that the DLL in question opens is vulnerable. That means BMP, GIF, PNG, JPG, JPEG, JPE, JFIF, DIB, RLE, EMF, TIF, TIFF and ICO could also be used in the exploit. Some of you have questioned why of why does every post come with a Firefox logo. Why? Make no mistake, the reason this is still an issue and I am writing the third post on it is because Microsoft has not done anything about it. Absolutely nothing. This is now day three and there is no hotfix. No patch. Nothing. I'm sure they are working very hard, that it takes a lot of time to test it, that there is a corporate documentation and QA team that needs to sign off on any code release, that…. that… Sorry, I almost choked on my Koolaid. What I meant to say is there is no patch and this closes yet another disappointing year in Microsoft's security strategy. Download Firefox, while they have security issues as will every other software, they are far more proactive and release updates much faster. And now that you know whose fault it really is that you're putting in overtime the day before the largest celebration on earth, lets look at the scum that is exploiting this issue: toolbarbiz.biz toolbarsite.biz toolbartraff.biz toolbarurl.biz buytoolbar.biz buytraff.biz iframebiz.biz iframecash.biz iframesite.biz iframetraff.biz iframeurl.biz Before you do anything else, plug those URL's into your firewall and drop them. Those are the web sites that are using this exploit: Registrant ID: 6463915-SRSPLUS Registrant Name: Ezhi Brozkevitsh Registrant Organization: Ezhi Brozkevitsh Registrant Address1: Al. Armii Ludowej 24 Registrant City: Warszawa Registrant Postal Code: 00-609 Registrant Country: Poland Registrant Country Code: PL Registrant Phone Number: +21.225798400 Registrant Email: admin@buytraff.biz Most likely fake but at least it gives you someone to be angry at.

WMF workaround

Posted: 2:14 pm
December 29, 2005
Security, Web 2.0
9 Comments

Figured I'd post the update to this panic that started yesterday and at least try to help a few of you out there that may not be protected by the likes of ExchangeDefender or competent IT staff. If you're worried about WMF exploit infecting your system try to unassociate the WMF files so they cannot be automatically opened by Internet Explorer: Un-register the Windows Picture and Fax Viewer (Shimgvw.dll)

1. Click Start, click Run, type "regsvr32 -u %windir%/system32/shimgvw.dll" (without the quotation marks), and then click OK. 2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.

Then check with your system admin and ask if they have restricted WMF flow (through the mail server), how up-to-date is your virus protection, what kind of content/network filtering is in place. There is always Firefox… Slight update. I'm just read an email from Michael Curley alluding to what I've said above about unassociating the filetype:

"Although blocking wmf extensions at the proxy is a good idea, it should be noted that a wmf can present itself as a .png or a .gif or a .anything, and windows can still read the metadata on the file and treat it as a .wmf."

In practical IT security (which is quite different from the idiots that write security books and have no business experience whatsoever) where you have to consider business practices, user experience / education and all the other factors in implementing a good and efficient security plan one size does not fit all. You have to implement as many layers you can to protect yourself. That is, use antivirus. Use a firewall. Use a proxy/content filter. Use everything you can tag onto your mail server to stop direct contact. Use content permission software to block where users are going. It cannot be a shotgun implementation.

WTF is a WMF?

Posted: 9:44 am
December 28, 2005
Microsoft, Open Source
20 Comments

Don't you just love the acronym land? Did you know that there is actually a person at Microsoft whose sole job is to manage the list of acronyms that Microsoft uses (TLA)? If you didn't then please add that to the worthless knowledge you now possess. But why talk about acronyms today? Well, mostly because there is a 0 day exploit of another Microsoft file format that makes your Windows XP system wide-open for hackers if you made some bad decisions. On top of those is still using Microsoft Internet Explorer to surf the Internet – what in the world are you thinking? How many times do you have to stab yourself to bleed to death? If you know the answer to that please download Firefox today and say goodbye to IE-borne online threats. The second mistake, perhaps, is not updating the Firefox you already have installed on your computer. If you are running Firefox 1.0.4 or earlier on Windows you are still vulnerable (though you'll have to hold the knife and push in order to impale yourself in that scenario). So if you use Firefox remember that its not made out of titanium, its software, and software is broken no matter who writes it. So upgrade Firefox to 1.5 if you already have not. Now on to the actual knife – the 0 day exploit in WMF. WMF is a windows metafile format and pretty much only used by Office to store clipart and such. Well, today it joins the long line of exploited Microsoft formats that are no longer welcome in any mail system (along with .ico, .bmp, .hlp, etc) so please do not open wmf files, especially from third-party, untrusted web sites. The exploit is currently being used to distribute the following threats: Trojan-Downloader.Win32.Agent.abs Trojan-Dropper.Win32.Small.zp Trojan.Win32.Small.ga Trojan.Win32.Small.ev There is no known patch and you'll be waiting until at least the second Tuesday (patchday) of January to get this fixed so do something about it today. Install Firefox and stop clicking on WMF files! Update: Perhaps you don't have the time to switch your entire client base to Firefox today. Fair enough, Jesper Johansson has a post on how to restrict which extensions can pass through your ISA 2004 firewall. If your office does not have a firewall solution… well, you need to fire your network administrator. It is easy, look at the blog comments, I fired entire Microsoft Internet Explorer team today. Update 2: Ok, this appears to be a very sensitive subject for a lot of people, judging by the amount of you that have chosen to contact me. So let me come out one more step. Jokes aside. Folks, don't be afraid of the comments, what you say to me is between you and me, what you post in the comments is seen by everyone. If you feel strongly about something, VOICE it. Remember that the IE team dropped all development of Macintosh version of IE, then outright said it would not develop anything for XP anymore and everyone would have to upgrade to Vista, then they slacked away on security work and instead focused on visual issues while they got spanked on features by Firefox (which is why I switched) and finally its frequent posts like this one pointing to it. The Internet Explorer team needs to be punished, severely, for slacking away and compromising your computer and data security. This is not the case with almost any other Microsoft product. Will Bill fix it? Not as long as you continue to take it and not vote with your feet or at the very least tell them you are not happy with the risk they are placing on your computer. Step back, compose your thoughts and feelings and ask yourself one very simple question: If the manufacturer of your front door lock saw web sites giving away the key to your door, would you wait 2 weeks (Patchday, second Tuesday of January) or over a year (Windows Vista) to change that lock?

Cool stuff of the week: Google Modules, Mozilla for PocketPC,

Posted: 12:46 pm
December 27, 2005
Mobility, Web 2.0
5 Comments

Here are a few cool things I found over the weekend while catching up on some of my favourite blogs: Google Modules is a web site that lists a ton of free, third-party, modules for personalized Google content. You know, the http://www.google.com/ig?hl=en site? Anyhow, that is what I use for my homepage mostly because it integrates a lot of what I look at. The thing that Sarah found was that this Google Modules site has a ton of really cool stuff: del.icio.us plugins, to-do lists, translators, etc. It is just very, very cool and easy to add to your personalized Google site. On the other side of the web dominance war there is the new Mozilla for PocketPC reported by msmobiles.com. If you use PocketIE you're probably not even reading this text, you've already ran to download it. And you should, I just spent a few days without wi-fi and surfing over GPRS is a very painful experience. Did nobody at Microsoft ever consider allowing one NOT to download images? And on the final note, I am back at work plowing through my to-do list in this thirteenth month as I like to look at it. Most people are on their vacations while your sysadmin is at work finishing stuff up for 2005. Here is what I thought to myself several times today:

Merry Christmas

Posted: 10:19 am
December 25, 2005
IT Business, SMB
6 Comments

I don't think I could have put it any better so the following is from Eric Ligman of Microsoft Small Business: It's the night before Christmas, and all through my house, I'm the only one stirring, so I thought I'd stop by the mouse. The kids are both sleeping, all tucked in their beds, With dreams of their presents, dancing wildly in their heads. Grandpa one took off yesterday, out of Sea-Tac he went, Grandpa two's upstairs sleeping, a few more days to be spent. The first Christmas in Washington, an experience oh yes, Presents coming and going, by mail and UPS. A surprise for the kids, for my wife too it'll be, The Xbox 360, from an auction (paid over ERP). 🙁 But I guess that's what happens, when you line up too late, On XBox release day, and you miss one by eight. So enough of my rambling, my ranting and rhyme, And on to the purpose, the goal of this time. To share with our members, a wish and a dream, Happy holidays to you all, from the Microsoft Small Business Team. Happy holidays and best wishes to ou all, Eric Ligman Microsoft US Senior Manager, Small Business Community Engagement

Eriq’s book is Unleashed

Posted: 2:06 pm
December 24, 2005
IT Business
3 Comments

Eriq was our guest on the SBS Show this week and we snagged him right in time to talk about his book that was published with help of many prominent SBS community members. That community bit was enough to whip out my Amex and order another Unleashed book not only because I need to exercise more next year and books look a lot better than weights but also because you want a book written by the people that participate in the community and understand what the actual shortcomings and frequent issues for SBS are. This is not to slight the Microsoft Press SBS book in any way but people use software in many ways that Microsoft did not expect. I want help running SBS the way the business demands it to, and I have more confidence that my fellow SBSers can put together a book that addresses those concerns than other publishers.

SBS Show – Episode 11: Eriq Neale and Unleashed SBS Book for Techies

Posted: 1:33 pm
December 24, 2005
SBS Show
8 Comments

New year is coming up and so are New Year resolutions. I'm sure you'll promise to exercise more and lose weight but SBS Show is here to help you make a promise you can actually keep – Become a better consultant and a better IT Pro. Joining us this show is Eriq O. Neale, the lead author of SBS 2003 Unleashed, to discuss what is in the book essential to everyone supporting SBS. However, we talk about a lot more than just the book: How do you make a transition from having a job to going out on your own, how to do a good default SBS install, how to integrate a Mac in your SBS network, going beyond SBS wizards. Download the SBS Show Episode 11: Click Here 7:10 Becoming a consultant 15:18 SBS Unleashed Books, writing process 21:30 What sells the book 30:00 Refrence book 37:53 Background and Mac maintenance 49:00 How much SBS can I get on my Mac 1:00:00 Q, Inc. Podcasts, webcasts, business, blogs, books and boards oh my Eriq's Links: http://www.eonconsulting.net http://www.eoncall.com http://simultaneouspancakes.com/Lessons http://www.eonconsulting.net/OnQ http://www.smallbizserver.net/Forum/tabid/53/view/topics/forumid/36/Default.aspx Vlad's Take: The reason you need to get this book is because it is written for you. Here is what I mean by that: This book is written by people that participate in the big SBS community. This book addresses the real world and the ups and downs of running SBS on the net instead of a Microsoft spec-sheet. Anne Stanton, Chad Gross, Susan Bradley, Amy Babinchak, Susan Bradley, Javier Gomez, Tim Barrett, Frank Clark, Henry Craven, Ed Walters contributed chapters to this book. Download the SBS Show Episode 11: Click Here

Guide to Organizing an IT Pro Group

Posted: 1:21 pm
December 21, 2005
IT Culture, SMB
Comments Off on Guide to Organizing an IT Pro Group

I hope that by this point everyone reading this blog is an IT Professional or at least striving to be one. But how do you get together and get better at your job or how do you get a better job? About a year ago I started the Orlando IT Pro group and I started networking with people worldwide that were doing the same thing I was – trying to lead a group, trying to promote it and make people aware of its existance, trying to get people to attend, trying to get vendors to come in and talk to the people that sell and support their software and hardware. Those people helped our ITPRO community in Orlando grow immensely and to give back to the community that gave Orlando IT Pro its legs I decided to put together a how-to whitepaper that will help newer group leaders go through the steps I had to go through. Another 14 people gave up their time to be interviewed to make this a non-biased look at whats involved in running a user group. I hope it helps you as much as its helped me. http://www.vladville.com/articles/GuideToOrganizinganITPROGroup.pdf Update: You are likely reading this as a link from Harry Brelsford's SMB Newsletter so please allow me to make a slight correction and save you a ton of time: The guide you are about to download is a guide to all the resources available to you as a user group leader to better organize and run your group. In addition to all the resources it features 15 other successful SBS group leaders and which resources they rely on to make their groups work. This is not a guide on how or why to start your group.

Sorry ladies, I’m taken.

Posted: 10:17 pm
December 19, 2005
Misc, Vladville
60 Comments

To all the girls I've loved before…. Yes, all two of you. I'm taken. At 6:10 PM, EST on the shore of Seven Seas Lagoon I proposed marriage to the love of my life, Katie Rebholz. I asked her on the the beach facing the Katie's Cove at The Grand Floridian Resort & Spa in Disney World. We've been dating for over 8 years. So needless to say she was expecting this. I have done my best to continuously taunt her about it and even faked it several times so when I really did it, it would be a surprise. I bought the diamond separate from the ring (since she wanted a Scott Kay designer ring) so I used the box I got from diamond.com to taunt her for a while. Today is her 27th birthday so I took her to Downtown Disney ("to see a man about an apple" since her favourite candy is an Apple coated in 80,000 calories) where the inept Disney cast members couldn't figure out how to core an apple. I did my very romantic thing of biting the core out of each quarter and spitting it on the ground directly in front of us. I then proceeded to try and wash the caramel off my hands with $3 bottle of water. After a little love-fest I went down on one knee and was immediately called for my bluff. We walked past the wedding pavilion and I told her I was thinking about proposing to her on top of Contemporary Resort. She said, "Why not right here on the beach?" So we went to the beach, got into a swing, talked a bit about things and started making out. I've been telling her that the ring won't be done until some time in January, so I asked her again if she would marry me. She said yes. I asked if it was ok that I didn't have a ring… "Honey, you know me, I'm good for it."… she said yes. I got down on one knee and asked her to marry me. She said yes. I pulled out the camera and gave it to her, sort of to shake on things and close the deal. She seemed very amused by this. Then I fumbled around a little bit and said "I'll make this better, I think I also have a receipt and a few quarters in here" as I tried to find the box. Finally I pulled out the diamond and asked again. She said yes.