Web kiloseven.blogspot.com
www.arrl.org www.eham.net

2006-12-30

Vista su and IE7 sploit security risks

The NY Times has a habit of removing articles two weeks after posted, so don't dawdle to read this article on security exploits within Windows Vista.

A sploit for IE7 is also cited, as well as the elevation insecurity risk within the Vista beta.

Not having Vista myself, I can't comment on this exploit; the one 30-day beta I did try this summer was attractive, yet plagued (as early betas often are) with hindrances (as First Blogger Jerry Pournelle noted, it required user permission, annoyingly, far too often).

2006-12-19

Polonium, l'affaire du Litvinenko and its Londonesque implications

Charlie Stross, most excellent author of the unthinkable and unspeakable, has a weblog article deserving of your consideration. Here's a snippet:
The point is, someone with access to fresh Polonium 210 (read: less than a year old, hot from the reactor) decided to use it to bump off an enemy.

And the terrorism alert status hasn't risen a notch? Pull the other one.

Anyway, to the point: this wasn't simply an assassination. There are any number of poisons out there that would do the job painfully well but much more rapidly, and without the same scope for a diplomatic incident. Likewise, a bullet to the back of the head would have worked just as well (as witness the assassination of Anna Politkovskaya).

What this is, is a warning: "we have the capability to detonate a dirty bomb in central London any time we feel like it, so don't f*ck with us". (Just take Polonium and add a little TNT.) (Ed. note: Or, ANFO.)

Who the warning is from, and who the intended recipient is, are another question entirely. I don't think it's any accident that the COBRA committee was convened the day after Litvinenko's death (on a Saturday, no less). And I don't think it's any accident that the British press have been very carefully pretending the phrase "dirty bomb" is not part of their vocabulary for the past week.


Now, children, run along and go watch BBC's Dirty War. And think.

Then build one of these, else you will wish you had built one of those.

Merry nightmares to you all, and to all a good night.

2006-12-08

Got Earthlink? Got Mail? No, They Lost it.

Robert X. Cringely, doyen compu-columnist for PBS, reports on a hidden e-mail problem at Earthlink: They're losing up to 9 messages out of 10, found as a result of a friend's testing:

He sent messages from other accounts to his Earthlink address, to his aliased Blackberry address, and to his Gmail account. For every 10 messages sent, 1-2 arrived in his Earthlink mailbox, 1-2 (not necessarily the SAME 1-2) on his Blackberry, and all 10 arrived with Gmail.

Swimming upstream through Earthlink customer support, my buddy finally found a technical contact who freely acknowledged the problem. Since June, he was told, Earthlink's mail system has been so overloaded that some users have been missing up to 90 percent of their incoming e-mail. It isn't bounced back to senders; it just disappears. And Earthlink hasn't mentioned the problem to these affected customers unless they complain. (Emphasis mine.)


Gee, you don't suppose they expect we actually want the e-mail service we paid for, eh?

2006-12-07

Got M$ Word? Got Virus?

Pending the availability of a security fix, Microsoft advises users
"not [to] open or save Word files that you receive from untrusted sources or that you receive unexpectedly from trusted sources."

Can Micro$oft be considered a 'trusted source' any more?

Here's the advisory from Micro$oft they own selves and from The Register.

Meanwhile, want security? Download and use OpenOffice, which is free and virus free.

2006-12-06

James Kim's Body Found

UPDATE 2: SF Chronicle final story with the best graphic of the area yet seen.

UPDATE: C|Net's obit.

Sadly, the body of James Kim was found today. SMS text transmissions to his cellphone were traced to the search area, which led to finding his wife and their children where their car had crashed. However, the cellular reception in that remote area was so poor that it would not sustain a voice call.

Wilderness experts advise you, do NOT leave your vehicle when lost. This was a sad example of that wisdom.

For more on how SMS will work, when cellphones don't work for voice, see this explanation. I've used it to communicate with folks out on the tundra near Barrow whose satphone batteries were running down, and knowing how it works could save you.

2006-12-05

Kim search photos


A photo set showing the area where James Kim is lost, including a searcher lowered from a helicopter to see better, dangling from a rope in mid-air. Panel two, if you zoom in, shows the helo from afar.

Photos courtesy the Oregon State Police.

Kim Update: Did Google Send Them?

This morning, when I Googled the route from Glendale off I-5 to Gold Beach, it sent me over the same unplowed road the Kims were lost on. See photo, below.

Folks, NF means National Forest, BLM means Bureau of Land Management, and Oregon is NOT the place to take those roads, except during high summer, unless you've got a ham radio transceiver and you've filed a 'drive plan' with someone reliable who know where you're going and when you will check in. Period.

Don't count on a cellphone, despite the USA Today clueless suggestion, for the majority of Oregon's land has no, repeat, no cellular coverage. Don't rely on the low-power, crippled-design FRS or GMRS handy-talkies; get a real radio with real range, and learn how to use it (no more Morse Code requirement for your first license!).

Here's an update and another on the Kims:
James was reported by his wife to have left their car Saturday, December 2nd, at 7:45 a.m. in attempt to obtain help. He failed to return at the pre-determined time of 1:00 p.m. About 100 individuals are involved with the search efforts focusing on the Big Windy Creek Drainage about 30 miles of Grants Pass north of Bear Camp Road. Elevation in the area is about 3,000 feet. According to Josephine County Sheriff's Office, the section of focus is a 5 mile long canyon and is about five miles from where the car was found.


2006-12-04

C|Net editor's family found, search for him continues

The Kim family and vehicle, minus Kim himself, were found this afternoon, and airlifted out. If I read the press releases correctly, somewhere between Merlin and Agness. The search for James Kim continues.

2006-12-01

C|Net editor missing after trip to Portland

BoingBoing reports former TechTV product reviewer and current C|Net editor James Kim is missing along with his family while on vacation in the Pacific Northwest. James, his wife and two children left last week on a road trip. They were last seen in Portland on Saturday November 25th, where they visited with friends, before driving off in a silver Saab 900 wagon, California vanity plates DOESF as per Red Dixon's blog.

OSP released photos of their type of silver Saab 900 wagon and have another press release with details posted at PDXINFO.NET.

A SAR (Search and Rescue) mission is now underway.

A tip center has been set up at 1-800-452-7888, and the San Francisco PD is also taking calls at 415-558-5508 during normal business hours and at 415-553-1071 after hours.