Web kiloseven.blogspot.com
www.arrl.org www.eham.net

2004-07-16

Scary



2004-07-14

Randomness, but for a good deal

Originally posted 2004-06-18:
Here's a site (was: http://gmailmachine.mmgn.com - gone now); which, if you like the 1 in 30,000 odds and don't mind the risk of carpal tunnel syndrome, allows you to gamble on winning a Gmail account. Groovy.


And, here's another similar site. It's cheaper than the Oregon Lottery, and to my mind, more entertaining.

2004-07-13

Secunia reports still yet another critical IE security vulnerability

This month's M$ Security Updates show multiple security patches. Please make sure to apply all the relevant patches, today.

Secunia reports yet another IE security vulnerability. Solution: Find another web browser or turn off JavaScript and ActiveX.

There are security bugs in Word and Messenger as well.

Bill Gates: "Our software should be so fundamentally secure that customers never even worry about it."
Uh-huh.

2004-07-12

Nerd Radio

If you enjoy listen to folks talk about tech, this web link leads to a list of radio and Internet talkshows on technology.


2004-07-11

Inexpensive Extended WiFi

Looking for a way to make WiFi reach further? Here's the improvizations of a New Zealand ham who's done rather well with off-the-shelf hardware.
In spite of wind susceptibility & carrying weight, pressed steel parabolic woks have also emerged as suitable homemade WiFi dishes.

2004-07-07

Sunspots highest in millenium, global warming 'data' was fudged

The BBC (hardly a bastion of conservative thought) here reports the Sun is at a 1,000-year high of sunsports (a key indicator of how much radiation the Sun emits). Gee, if the Sun's hotter than usual, could that explain 'global warming'?

Perhaps it can, if it's really happening... for the key study which claims it's underway has been 'corrected' because of
collation errors, unjustifiable truncation or extrapolation of source data, obsolete data, geographical location errors, incorrect calculation of principal components and other quality control defects... poor data handling, obsolete data and incorrect calculation of principal components.

So, we're actually no warmer now than in the 15th Century, according to the true data.

This surprises me not, for I remember from history class the Perfidous Brits hauling cannon on sledges across the frozen Hudson River to defend Staten Island in 1779... and, when was the last time the Hudson froze that solidly, that far down towards the Atlantic?

Climate changes, because the Sun is a Variable Star.


Homeland Security recommends Internet Explorer users consider other browsers

YAIESR (Yet Another Internet Explorer Security Risk):
OWIE (Outlook, Windows, and Internet Explorer)!

(updated 7-07, original post 6-30)

As per Robert Bruce Thompson, author of O'Reilly's extremely useful PC HARDWARE IN A NUTSHELL:
The SANS Internet Storm Center has announced yet another critical exploit against Internet Explorer, this one related to the Browser Helper Objects (BHO) commonly used by banks (Note: and other web sites) to extend the functionality of IE. This exploit subverts SSL and HTTPS security to give the malefactor access to passwords and other account information. For details, see:

SANS (SysAdmin, Audit, Network, Security) Institute report

Tech Republic report
This exploit is still more confirmation that the focus of these attacks has changed. Until recently, most viruses/worms/Trojans were mere vandalism perpetrated largely by teenage script kiddies looking for a cheap thrill. Most malware/spyware was, if sometimes skating gray areas of the law, at least intended for semi-legitimate purposes.

That has changed and is continuing to change. Several recent exploits have apparently originated with organized crime and the Russian Mafia. These folks are not playing games. Their intentions are clear. They want access to critical data such as username/password combinations that they can exploit to drain people's bank accounts and that will provide the raw material for identity theft. These folks are out to pillage your identity and your bank accounts, pure and simple.

The common thread through all of this is Outlook, Windows, and Internet Explorer (OWIE). If you continue to use these products, particularly IE, for personal work, you are risking having your bank accounts compromised and your identity stolen. As anyone who has been the victim of identity theft will tell you, recovering is a long, expensive process.

The risk is even worse in corporate environments. Imagine the result if a bank, law firm, or other business allows client/customer information to be compromised as a result of continuing to use software products with known severe security flaws. I expect the first law suit based on such a claim to occur in the near future, and I would expect it to be difficult to defend when competing software products without significant security flaws are so readily available. Even the Department of Homeland Security (through their CERT division) has suggested abandoning IE and using another browser.

"CERT recommends that Explorer users consider other browsers that are not affected by the attack, such as Mozilla, Mozilla Firefox, Netscape and Opera. Mac, Linux and other non-Windows operating systems are immune from this attack."

Washington Post story
DHS CERT recommendation
Updated recommendation, via Internet News
At any rate, Internet Explorer, Outlook, and, to a lesser extent, Windows itself are security disasters just waiting to happen. I strongly encourage everyone to cease using IE as their default browser and replace it with an alternative. My own preference is Mozilla 1.7, but Mozilla Firefox or Opera. (Poster's note: The latter is not free) is also an excellent choice.

Please take this seriously. Ignoring this problem won't make it go away. Download Mozilla, Firefox, Opera, and start using it as your default browser. It's human nature to hate new things, but I promise you that if you use any of these browsers for a week, you'll come to prefer it to IE. Not only is IE riddled with unfixed and unfixable security holes, it hasn't been updated significantly for years. Any of these modern alternatives provides functions like tabbed browsing that you'll soon find yourself unable to do without. And you'll be a lot safer.


Update: Despite earlier patch announcements on 7-02, it seems Microsoft still doesn't het it when it comes to actually fixing IE, as there's still another problem yet unresolved.