September 06, 2003

Good introduction to PHP online

Not much to say about this article other than it's a good, basic intro to PHP.

Posted by tony at 12:04 PM | Comments (0)

September 03, 2003

5 new Microsoft Security bulletins issued

I wouldn't do anything about these yet. Only one is an OS bug (the first one). 2 are Office specific, 1 is Microsoft Access and one is in Visual Basic. Note that the 2003 version of Office seems to be unaffected. Don't do any patching yet ... let's let them age. I'll let you know when it's time to do something. I would make sure I know who's me any Word documents and make sure the content's important if I'm going to open it. Basically, I'm just going to try to reduce the number of documents
I open that haven't been under my control. I don't think virus scanners will necessarily be able to help us on these.

The end-user bulletins are pretty helpful.

MS03-034 - 824105 - NetBIOS Information Disclosure vulnerability. Technical security bulletin. End-user technical bulletin.

MS03-035 - 827653 - Flaw in Microsoft Word Could Enable Macros to Run Automatically. Does not seem to affect Office 2003. Technical security bulletin. End-user technical bulletin.

MS03-036 - 827103 - Buffer Overrun in WordPerfect Converter Could Allow Code Execution. Does not seem to affect Office 2003. Technical security bulletin. End-user technical bulletin.

MS03-037 - 822715 - Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution. Does not seem to affect Office 2003. Technical security bulletin. End-user technical bulletin.

MS03-038 - 827104 - Unchecked buffer in Microsoft Access Snapshot Viewer Could Allow Code Execution. Microsoft Access only. Office 2003 version seems to be unaffected. Technical security bulletin. End-user technical bulletin.

Posted by tony at 09:13 PM | Comments (0)

Secure as the NSA can make it

Quoted from the Sept. 2 edition of WinXPNews:

Make your XP System as Secure as the NSA's

The National Security Agency has released a set of guidelines for configuring Windows XP Pro securely. These guidelines are used by government agencies to secure their machines, but you can download them and peruse their recommendations. The guidelines apply to Professional Edition only, and primarily to machines that belong to a Windows 2000 domain (although some of the info is also relevant to standalone computers), so this document is most helpful to those who support business networks. The download gets you a 141 page PDF document along with some .inf files that can be used if you're really brave. Even if your computer isn't a domain member, you'll find a lot of helpful background information about how XP security works in this document, but be sure to read it carefully and follow instructions exactly if you decide to make any of the changes recommended:

Posted by tony at 08:40 AM | Comments (0)

September 01, 2003

Miranda : Universal IM client

Don't recall where I heard about this but my new favorite universal IM client (i.e. able to connect to most, if not all, IM services like Yahoo!, MSN, ICQ, AIM, etc.) is Miranda. It's another open source effort with forums for support. Its forte is plug-ins. More than just skins, you can download plug-ins to provide what most other clients include in their basic functionality (like user status tooltips). The basic download comes with support for AIM, ICQ, IRC, Jabber and MSN; if you want support for Yahoo (you guessed it!) you download a plug-in.

Documentation's sparse but it's a good, free client and it's under active development. To get started, download:

* the client -- currently version 0.3.1 at about 600K
* the Yahoo! protocol if you're a Yahoo! user.
* Smiley-Add to add support for familiar, protocol-specific smileys.
* MultiWindow -- trust me, you'll want this.
* Oli's Yahoo Smileys for a good set of smileys that look like the original ones

Posted by tony at 07:47 AM | Comments (0)

August 31, 2003

Eclipse: an Open Source general-purpose IDE

From their FAQ:

Eclipse is an open source software development project dedicated to providing a robust, full-featured, commercial-quality, industry platform for the development of highly integrated tools.

Posted by tony at 08:05 AM | Comments (0)