Scammers take advantage of Oslo with virus [ July 25th, 2011 ] Posted in » Virus

To show that some people have no regard for human life, shortly after the Oslo bombing a scam appeared which purported itself as a security camera showing the blast.   They are also tricking users into sharing it with their friends.

Here is some more information by the Sophos bloggers:

ActiveX Filtering for Java

We had a strange issue today where a third-party site that requires Flash would work under one user and not work under  a different user.  We first attempted all sorts of uninstall/reinstall, which did not fix the issue.

See blue icon showing that something was blocked

Eventually we found out that ActiveX filtering was turned on.  This is a new feature in Internet Explorer 9.  Supposedly it is off by default so the user must have turned it on somehow.  You can either click on the little blue icon and turn it off for that website, or go into Safety Options and turn it off altogether.

Option 1: Turn off ActiveX Filtering on current website

Option 2: Turn off ActiveX Filtering on all websites

This is one of those UI issues where Internet Explorer should let the user know a little more obviously that a control has been blocked (similar to a popup blocker notice).  I don’t like any of the notifications that IE does, the URL bar is too hidden and it’s frustrating to have the bottom of my browser taken up by a hovering notification bar.  Bring back the top notification bar!

The other issue I have is that the popupbox makes it sound like you are turning off all filtering when you are actually only turning it off for a particular website.

Here is some more information from Microsoft on ActiveX Filtering:

How to use Tracking Protection and ActiveX Filtering in Internet Explorer 9

About ActiveX Filtering

July 25th, 2011 | Leave a Comment

The inevitable death of Windows XP

Microsoft reminded us this week that there are now (less than) 1000 days left of extended support, expiring on 4-8-2014.  It truly is amazing that Microsoft has had such a stable operating system with Windows XP (after a few service packs), which I believe is one of the main reasons why businesses are hanging on so tightly to it.

The other big reason is our economy.  It is difficult to rationalize purchasing new equipment when the budget is tight.  Many companies hold on to the “if it ain’t broke don’t fix it” line as well.  Unfortunately, there is also plenty of third party software applications that do not officially support Windows 7.

However, the wake-up call is here.  You do not want to be running a computer that is running an operating system that will not be supported by Microsoft anymore.  While many will argue that they should continue to support it, we are talking about a 10 year old operating system that will be at least 3 versions behind the current operating system come 2014.  It is unreasonable to expect a company, no matter the size, to support a product in perpetuity, the cost is too high.

Many small businesses do not have a computer refresh cycle.  Now is the time to visit this concept to avoid having to purchase all new computers in one year.  Start your cycle this year if you can and break it up into thirds.

The reasons are not all doom and gloom, either.  You should see an added benefit of increased employee productivity with a faster computer.  Newer computers can be configured to be much more power efficient.  We also have a greater ability to keep the computers secure.

July 15th, 2011 | Leave a Comment

Dropbox issue not about encryption

I’ve been reading a lot of blogs and stories related to the dropbox security issue and am surprised at the amount of energy being spent on a different topic, file encrpytion.

A post at wired stated:

The bug was made possible because of the security architecture choice that Dropbox made, where encryption and decryption happen on Dropbox’s servers, rather than on individual’s computers.

Wuala’s blog states:

…problems like these wouldn’t be possible if the files were encrypted already on the client, like Wuala does.

The issue is not encryption, the issue is poor programming and even worse QA.

It is more likely that your computer is infected by spyware that has a keylogger builtin than for your SAAS host to get hacked.  Yes, if the SAAS storage host is hacked or broke their authentication it is a major widespread issue.  However, if your computer is hacked (again, more common) even that precious client-side security is broken.

Something else to think about, if you rely solely on client-side encryption then you will lose some great benefits like web-based access to files in the cloud, device sync (phones/tablets), collaboration, integration with a business network (active directory), etc.

Don’t get confused on the main issue that dropbox had. The issue with dropbox was a lack of mature protections on code updates.

June 21st, 2011 | Leave a Comment

Dropbox drops authentication

What a disaster for dropbox yesterday when their authentication system broke and allowed users to use any password to login.  I am shocked that a major SAAS host would have such a major bug that would allow complete access to any of their accounts.  This is a lot worse than the previous PR issue where they were promising things that they could not due to U.S. law.

This speaks to a very large issue with QA testing on new code.  As one of our network admins here pointed out, it is similar to an anti-virus vendor releasing an update that detects system files as a virus, thus rendering Windows unusable.  There is no excuse when you are that large to not have sufficient testing in place.  We need to expect better from the supposed mature SAAS companies out there.

It looks like Dropbox took a page from the Google PR team stating, “A very small number of users (much less than 1 percent) logged in during that period…”  That just speaks to arrogance and attempts to put some sort of positive spin on a big disaster.  Plus 1% of your customers is around 250,000 users.

This will also be another reason to be very cautious when picking your SAAS vendors.  Make sure you have a balance of security, flexibility, total cost, and recovery.  If your data needs to be secure you need to pick a vendor that matches that security.

Remember, nobody will care more about your data than you will.

June 21st, 2011 | Leave a Comment

January release of KB2412171 is still causing problems in Outlook

Microsoft released a patch in December for Microsoft Outlook that caused serious issues with Outlook’s responsiveness, switching folders was very slow, auto-archive broke, and other possible errors.  They pulled the update a few days later, then re-released it on January 11th.

This new version of the patch will now cause many people to have continuous password prompts.  Some computers can’t get into Outlook at all, some can hit cancel and get in, while others have to enter domain\username to get it to work.  I tried to work in IIS and get permissions to a point where Outlook would not complain, but then that would break other items.  Finally we just decided that this update was still not primetime.  We removed it from those networks that got it installed, and have advised all customers to not install it.

Common threads are Exchange 2007, SBS 2008, Outlook 2007 & 2010

January 25th, 2011 | Leave a Comment

Trend Micro – Unmasking Fake Anti-virus

Here is some interesting information that Trend Micro has put together on how the fake anti-virus programs trick a lot of people to not only install it, but to think it is legitimate AV.

http://esupport.trendmicro.com/Pages/Unmasking-Fake-AV-For-Small-and-Medium-Businesses-SMB.aspx?location=hotissues&seg=smb

January 25th, 2011 | Leave a Comment

Restoring Exchange 2003 database

We had a number of issues on an SBS 2003 server where a server was hard shut off (Battery backup was accidentally shutoff by the client) during an automatic RAID rebuild.  The main issue was Exchange failed to come back up when the server was turned back on.

It looked like the failure was due to the latest Exchange log not existing. Using eseutil it showed that both the private and public databases were in a Dirty Shutdown state.  I figured it would not work, but I first tried a soft recovery.  It failed because the log was missing.

I was not sure which process would be faster among a database repair or a database restore, but we chose the repair first, unfortunately.  After it appeared the database recovery would be about 16-20 of more downtime, we cancelled the repair and began restoring the backup from the previous night.  We had Backup Exec 10d at this client and can happily report that the restore was successful.  A 30GB private store took about 4.5 hours to restore off a USB-based backup.  One issue why it took so long is that this server does not have USB 2.0 ports. 

Big UGH, but we were back up and running the next day.  Another big reason to have something like Backup Exec System Recovery, the restore would have been a lot quicker.

August 22nd, 2009 | Leave a Comment

Windows 7 BETA: Adobe Reader 9 does not install

Attempted to install Adobe Reader 9 today on my machine, but it would never even start installing.  A popup would come up about ROSSO(R) crashing.

I downloaded Adobe Reader 8.1.3 and it installed without problems.

January 12th, 2009 | Leave a Comment

Windows 7 BETA: Disk usage

So far I am happy with disk usage.

I have a 20GB partition on my C: drive.

  • The windows directory currently is using almost 8GB of space.
  • I had to turn off hibernation to recover 2.5GB of space (Run CMD as administrator, then type “powercfg -H off”)
  • The computer automatically configures the pagefile at over 3GB since I have 3GB of RAM.  I can tune that down if I need to reclaim more space.
  • When I installed iTunes I accidentally moved my music (~4GB) back into my profile.  I moved this back to another partition.
  • I moved my outlook OST file (was 4GB on my Vista machine) to another partition as well.

Currently have more than 8GB free.  Let’s see how that holds up.

January 10th, 2009 | Leave a Comment

Powered by WordPress | Blue Weed by Blog Oh! Blog | Entries (RSS) and Comments (RSS).