Random thoughts

  • PortReporter

    Have you ever wanted to find out about any of the following: The ports that are used The processes that use the port Whether a process is a service The modules that a process loaded The user accounts that run a process Yes? Good. Because Microsoft has a new toy for you - PortReporter. It logs all the information above on Win2K3 and XP. The tool also works on Win2k, but it logs less information. Anyway, go can read more about it in KB 837243. Then download it and play around. Continue reading...

  • Are blogs worth advertisements in them?

    I use RSS so that I can avoid all the clutter of the HTML overhead. Including the advertisements. So imagine my dissapointment when clicking on the last post from one of the blogs I used to read showed a full-page advertisement in my browser. I realize that blogging is not free; at least not for most people. So if somebody has to pay their expenses - they can charge for it. It's their blog and they can decide whatever they want to do with it. And I would love to pay for it - provided the perceived cost of the goods (the content) corresponds to the charge, as deemed by me. After all, I should have a choice as well, should I? My attention is not a “free” resource. Advertisement is a form of indirect charge; I am paying with my brain. But my brain is my most valuable resource. My brain is not getting younger. I can learn and remember so many things. I can't afford mind garbage anymore. I think this “cost” is too high and in no way what I am receiving is worth what is being “taken” from me. End result: unsubscribed. Continue reading...

  • Bloggers influence?

    While reading this interesting (as in not-the-usual-rant-against-microsoft-world-dominance-or-how-this-or-that-system-is-inherently-more-secure-than-windows-just-because) story, I could help but notice the following: You can sit naked at your desk and buy a product by, effectively, pushing buttons And it remainded me of this post of Rory: Buying an eBook (theoretical version)1. Walk into living room naked.2. Find book on Amazon.3. Buy it.4. Read it.That sounds really awesome.Unfortunately, we aren't really there yet. Btw, Rory, there might be several certain ... umh, strange queries in your referrals log. Then again, after the naked petrified Natalie Portman I guess nothing can surprise you... Continue reading...

  • Mars in 3D

    If you are geeky enough, you most probably have those colored stereo glasses that would help you see the NASA's 3D images of Spirit. If you are not geeky enough (or you are cheapskate like me :-)), MS Research can help you here... Continue reading...

  • Paid drivers?

    If you have Pocket PC or Palm, chances are you've seen the Pocketop wireless foldable keyboard. At a very reasonable price you get a great product. If you use your PDA everyday to enter a lot of information, you will find it probably the best $79 bucks you spent for peripherals. Or might turn out to be the useles device you ever bought... unless you are ready to cough some more dough. The reason - every piece of hardware is as good as the drivers you get with it. Otherwice it's just a scrap of plastic you can use to bang your head with. In the case of Pocketop's keyboard you have to buy the drivers for additional $10 to $20. The price just jumped up with 12.5% to 25%. And if you change your device, you might as well face another 12.5% to 25% increase int he price. I am sooo looking forward to the moment when my cable company will send me the cable box and small note that I could download the software for it for the small amount of $30... Continue reading...

  • Security Readiness Kit

    Another great tool to have handy - Security Readiness Kit. Here's what TechNet says about the tool: “The Security Readiness Kit (SRK) CD and its companion web site at http://www.microsoft.com/technet/security/readiness are designed to give you easy access to the documentation and tools you need to ensure that your network operates with the best security possible.” If you have TechNet, I believe you should have it in there (but don't quote me on that :-)). There is upcoming web page to order the CD as well.   Continue reading...

  • Cable ISP stops my VS.NET from working

    An old ISP-Planet article about the ACLU report on Broadband Regulation (I couldn't find the actual report unfortunately) says: The ACLU report says, "a company providing Internet access over a cable system has many opportunities for interfering with online activities, often in ways that are invisible to their customers. In fact, much like the administrator of an office LAN, they have the potential for an all-seeing, all-controlling power over the activities of customers on their networks. Cable providers are under no obligation to remain a neutral pipe for content over an end-to-end—and have many incentives for interfering with that pipe." ... "In short, cable broadband providers have both the financial incentive and the technological capability to interfere with the Internet as a free and neutral medium for the exchange of information," the report states. Well, I was hit by this very issue. Not in a hard way, almost unnoticeable. Frankly, if I didn't try to use VS.NET to directly work with my C# project on my host site, but instead I worked locally and used FrontPage to sync the two sites, I wouldn't have noticed this. The issue is that Ygnition is stripping down HTTP headers from the packets I receive. In this particular case, it's the WWW-Authenticate header, which VS.NET needs to get in response to start the authorization process with the remote server. In a time period of six months I bugged my broadband provider Ygnition (former Interquest) to resolve this issue. Ultimately, after months of silence, I was told on the phone that “The HTTP header is stripped down. This is the way Ygnition infrastructure works and  we can't [i.e. won't] do anything about it.” I haven't checked what other scenarios/applications might be blocked by Ygnition, but I wouldn't be surprised if there are other as well. I also don't think this was a explicit management decision; it's more of a case of lazy and incompetent technical staff that can' … Continue reading...

  • net send * HEY!

    With schools like this one, I shouldn't be worried about my job anytime soon. Read the whole story straight from the source... Continue reading...

  • The Power of Scoble

    [Update: John's site was back up about half an hour after I posted this. I guess I have healing..., errr, fixing powers...] [Update 2: Exactly 1 hour and 10 minutes after I posted this, Scoble himself showed up for comment. Apparently, there is true to the old wisdom that knowing the name of somebody gives you power over him!] While taking my daily portion of Scobleizer, I noticed a link to John Dowell's blog. Heading over there, I was greeted by warm “Internal Server Error”. Bloggers, be afraid of The Power of Scoble... (I just hope he doesn't link to this post... :-)) Continue reading...

  • Bite the bullet and give us full text

    Blogging was supposed to be that great medium that will help us transition from the web world where the design and the presentation so often dictate what we see and where individuals and companies are judged by how they look to a world where the ideas are the main thing and everybody is earning ranks based on their minds and souls. Well, at least it was supposed to be about content, not about presentation. And it was supposed to speed up the processing of the information overflow and help us find the interesting stuff. And it is - to a degree, though. There are still people that would put in their feed only 20 words. Which is great if these 20 words are the essence. But, every so often these words are just the first 20 words of the post. And as with any beginning, they often fail to catch my attention. This feels wrong on so many levels. Here I'll list only few: I often have to make a decision whether I want to read something based on the author's name only, not on the content. I've lost any supposed productivity gains, as I have to resort back to the browser - granted, it's embeded in my reader, but it's still the browser and it has to fetch the page and render all the html, download all the graphics, run all the flash. And it's slow. It presents to me lot of visual crap - my eyes have to process the navigation, the title of the blog, any page headers and whatever other "noise" there is, just to get to the content. Anyhow, Chris Clark said it better than me. Bite the bullet and give us full text. Continue reading...

  • Microsoft Baseline Security Analyser (MBSA) V1.2

    Check out the Microsoft Baseline Security Analyser site. There is new version available for download - MBSA v1.2. The tool is now localized in couple other languages, support for additional products was added, IE custom zones support and few other things were thrown in. Continue reading...

  • Can a printer be a security threat for your computer?

    Everybody has printer at home. Well, mostly everybody. Chances are if you have computer at home, you most probably have a printer as well. It is just sitting there on the shelf or on your desk and silently (or not so - depending on the model) waits for you to use it. You open an email from your significant other or a page on the internet, hit the Print button and there it is - a hard copy of whatever you need. However, in all the years you did that, have you ever thought about the privacy and security implications of using a printer?   Yes, that is right, you read it correctly. By the fact of using your printer, you might actually disclose private information to anybody that can access you computer. You might even disclose information that can help other people to compromise your system security.   Case in example - my HP 7150. The drivers for the printer create a log file. Nothing unusual, almost any software on the planet creates some type of log, where it stores information about what happened. Anyway, the log files can always be deleted. Besides, the file is on the local disk and is protected by the file system security, so it is not a big problem. Furthermore, the file is in proprietary binary format, thus, it cannot be read easily. So we are safe, right?   Wrong. Open the file in notepad and the first thing you notice is that it contains the names of every single document you printed. Now, this would not be that big of a problem, were it not for a couple of bad choices the developer made: The log file is not per user, it is a single log file for the whole system. Most probably, the arguments went on like: “This particular printer targets mostly home users. Most home users run Windows 98 or ME, or if they run Windows XP, they do not use separate users. If the majority of the computers to run this software are going to be “single-user” systems, why bother with multiple log files? “ Once the choice one was made, it is … Continue reading...

  • Welcome to the Internet Helpdesk

    This is hilarious. Everytime I hear it, I laugh out loud. Ok, sir, did you boot it up? No sir, do not kick it! Is it started yet? Three Dead Trolls in a Baggie: Welcome to the Internet Helpdesk Continue reading...

  • Whidbey configuration APIs

    Here's an article on some of the upcoming features in Whidbey. Although most of the features are ASP.Net specific, burried close to the end you can find info on the new configuration API. Some of the things supported by the new API: Strong-typed properties Encription of configuration sections Support for reading/modifying web.config, app.config and machine.config Separation between the System.ConfigurationSettings and the System.Configuration.Configuration views.   Continue reading...

  • Airport security

    My wife and I spent the holidays in L.A. Turns out after three years, the place we lived is exactly the same. It's like we left yesterday... Anyway, the post is not about this. It's about the airport security. You know, all the lines and the endless waiting and the strip search... oh, wait, that's another story. But you get the picture. Last Monday, Sea-Tac, we are flying to L.A. Mih doesn't trust me and thinks I am unreliable and anything important should be handled by her. Not that I blame her or anything - most of the times she is right; not this time though - she lost the boarding passes. Not sure what to do, we tell the attendant at the gate we lost them and “Can we please get on that plane for LA?“. With alert level at orange, I expect a sirens to start and at least two SWAT teams to jump from the roof. I wouldn't be even surprised by a black helicopter landing on the plane outside. The attendant just smiles at us and asks if we are on the flight and what our names are. I tell her my name, she checks in the computer and nods us in. At that point I figure out L.A. is not that big of target anyway. I mean, it's not like anyone would want to drop a bomb on JLo's or Britney Spears' house, right? Umh, strike that; still, apparently L.A. is considered a safe place to fly to. On the other hand, you never know when someone will try to sneak a penguin to Seattle and let it loose in Building 8. So the security on the flight back should be better. Saturday morning, LAX, we are going back to Seattle. Two miles before the airport half the lanes are closed because of a security check point. At the check point I learn why it is called so when I notice the police officers are checking out the hot chick in the next lane. We pass by, get to the airport, check in (no IDs required), go through the metal detector, get to the gate. Mih hands the boarding passes and our IDs to the attendant there. Quick glance and we are let in;& … Continue reading...