December 13, 2003

Don't post Word docs!

Woody's Office Watch #8.50 has more examples of Word docs posted on the web with information stored in them that probably shouldn't be there. Docs from the Department of Homeland Security, the Speaker of the House, Newt Gingrich, the Chief Security Architect from Dell (!) (some of the links will probably be dead or lead to docs that have had the information talked about removed -- at least I hope so!). Names and ids of the folks who edited them are in there as well as the locations of the files on the users' drive, not to mention complete revision histories!

Be careful. Think about what you're doing. Pay attention.

Posted by tony at 09:04 AM | Comments (1)

Opera file overwrite vulerability

Secunia has released SA10425 which describes a vulnerability in Opera which allows a malicious website to overwrite a file with a simple download operation. The solution? -- upgrade to Opera V7.23.

It's interesting that we see a lot of exploits for non-Microsoft products posted after their solution is available.

Posted by tony at 08:14 AM | Comments (0)

December 10, 2003

On social networking

This posting to VentureBlog gives some insight into what (at least one) VC is thinking. Some excerpts:

"I frankly think that social networking is close to a zero sum game."

"Relationships are maintained through interaction -- we call, email, have lunch, etc."

"It is conceivable that technology could make us more efficient
and therefore increase our universe of relationships (...) But I
believe that increase is marginal."

In other words the free ride is over. Friendster, LinkedIn, and the others need to find some way to provide value or face extinction. This isn't uncommon. First-wave adopters have an advantage of being there (ahem) first but once the "ooo-ahh" has worn off, consumers will turn away unless they have a real reason to stay. It has begun. Within 3 months we'll see the 2nd generation and, hopefully, they'll actually have something to contribute.

Posted by tony at 08:16 AM | Comments (0)

Spelling's one of the things that goes ...

... when you cut back. I'm probably "two" hard on them but the editors at Microsoft apparently didn't check this KB article very carefully. For the "two" busy amongst us, read the CAUSE section carefully.

Posted by tony at 07:57 AM | Comments (0)

Online WiFi hotspot locator

Intel has an online WiFi hotspot finder at They say they're verified which is good. Wonder how long it'll last?

Posted by tony at 07:32 AM | Comments (1)

December 09, 2003

Excellent Linux site: LinuxPipeline

Another item from Scot's December 4, 2003 newsletter. He's launched a new Linux site called LinuxPipeline. News, info on applications and distributions. Bunches of stuff that professional Linux folks can use.

Posted by tony at 08:36 PM | Comments (0)

Another set of RSS references

Courtesy of the December 4, 2003 issue of Scot's Newsletter -- an excellent newsletter that, unfortunately, isn't published in RSS form.

  • Introduction to RSS - Webreference
  • What Is RSS? -
  • RSS Tutorial for Content Publishers and Webmasters - Mark Nottingham
  • Lockergnome's RSS Resource
  • All About RSS - Fagan Finder
  • RSS Feed Reader / News Aggregators Directory -
  • Top Aggregators - UserLand
  • RSS Readers - Weblogs Compendium

    Posted by tony at 08:30 PM | Comments (0)
  • Worm infects Windows-based ATMs

    ZDNet reports on this and you've probably already heard about it but it's one of my worst nightmares -- that an ATM gets infected by a worm. Of course, that begs the question of how the worm got to the ATM in the first place? Wouldn't a responsible bank have the ATMs on an isolated network, firewalled separately from everything else?

    Posted by tony at 08:07 PM | Comments (0)

    Oracle (?) warns of SSL vulnerability

    eWeek reports that Oracle has issued a High-Severity SSL vulnerability warning, a follow-up to CERT's Advisory CA-2003-26. Looks like there are no viable workarounds so the only option is to apply Oracle's patches from their MetaLink support website.

    Posted by tony at 05:52 PM | Comments (0)

    Anti-virus: Avast

    A long time ago I used McAfee's anti-virus product ... the retail one. Then a few years back I switched to the online version. Their ads and constant attempts to upsell me finally got to me so when it came time to renew this year, I didn't ... even when they said they'd cut the price in half. I went searching for a replacement, tried a couple and wound up with Avast! It's free for personal use and they post frequent updates. You 've gotta get over the fact that you're retrieving your AV updates from a Czech site, though :)

    Posted by tony at 11:24 AM | Comments (0)

    December 08, 2003

    Patch kernel and rsync!

    Linux users, listen up! The Debian site was compromised a little while back due to an exposure in the kernel. Secunia has issued this security advisory but it's very recent (as in, dated December 2) against kernels older than 2.4.23. Gentoo, SuSE, Mandrake, Red Hat, Slackware -- as near as I can tell, all of the Linux "vendors" have the problem and are addressing it.

    You should also update your rsync package while you're at it.

    Posted by tony at 07:43 AM | Comments (0)

    December 07, 2003

    Another good bargain site

    Saw this in a TechTV newsletter but, for the life of me, I can't find it anymore. Anyway, MoreStuff4Less is in weblog format. It joins eCost and TechBargains on my list of sites to visit for good deals.

    Posted by tony at 08:33 AM | Comments (0)

    Good info on mobile gadgets

    Saw a reference to MobileWhack in Dan Gillmor's December 6, 2003 weblog. Great site for information about mobile phones, organizers, etc. This is a tech-heavy site.

    Posted by tony at 08:30 AM | Comments (0)