September 2004 - Posts
Just discovered this news... the TeAmZ USA Hacking Group yesterday for the second time has hacked the terrorist's official site, giving an alert also to the hosting provider. Now the site is back up but the alert is launched: provider must close the site!!
The defacement image is this:
Really nice! 
The last GDI+ bug discovered in these days and published freely on the net by someone that defines himself "hacker" can be the base of a new dangerous worm that could attack your system via email.
The GDI+ bug can be exploited not only bu surfing web pages, but expecially by receiving emails with images as attachments or (more dangerous) embedded on the email body in HTML format.
Disabling the HTML mail feature of your mail client is not the way to do (personally, I don't like HTML emails but I know than lots of people loves them). So, what you can do to avoid this problem?
Not too much at the moment I think, but a patch is extremely recommended.
From yesterday on Windows Update you can find a GDI+ discover tool. Install it and check if on your system there are possible points for attacks. If yes (Microsoft Office could be one of this) patch your system with the suggested feature.
The GDI+ scanning tool from MS is not a great product, but is a point to start and is extremely recommended. A better scanning tool is the GDI Scan that you can find HERE. I know that most of you prefer always an official Microsoft product, but this tool works better than the MS tool.
However, a check up of your system is a must to do soon!
Great to see that the new Microsoft movements to the Open Source world are growing...
After the release under the Common Public License (CPL) of its Windows Installer XML (WiX) to SourceForge.net and next the Windows Template Library (WTL) project, now Microsoft is releasiong to the Open Source world the code for FlexWiki, a nice software for creating "Wikis", the collabourative web pages.
I hope that this direction will continue... these are projects that under the Open Source movement could grow a lot and I hope that on the future we could see more biggest projects released at the same way (why not for example something about the Office Family?).
One of the feature that lots of times ago I was asking to the IE Team was to add an FTP feature to Explorer. Obviously, I've never see something like this on IE.
Now, after the switch to Firefox, I've found the tool I was asking for: fireFTP. This is an FTP client that works like a Firefox plugin and provides easy and intuitive access to FTP servers.
The project is really on an early stage but seems working good... I recommend to try it!
The story:
I've a PC at home with Windows XP Professional SP1, always patched, connected to Internet via an ADSL Line. All is worked good until the installation of XP SP2. 3 days ago 've installed the XP SP2 from Windows Update and the big problems are started... 
In summary:
- The PC is terrible slow now, always, connected or not connected to the net. :(
- Internet Connection via USB Modem are automatically disconnected after a time of inactivity. I've solved this problem by going to Settings, Control Panel, System Menu, Hardware, and on the Device Manager selecting all the USB Root Hubs and disabling the Power Saving option (the XP SP2 enable it and this caused the disconnection).
- My Internet connection stops working after some minutes... this is a strange problem... the connection is alive (I'm not disconnected) but I can't surf anything. I've not found solution to this.
After all these problems, the big slow down of the system after the patch, I've found the best solution for the moment: uninstalling the SP2. Now the system works good, performances are better and... I'm really very happy!!
Sometimes I'm asking what could be the philosophy of an hacker... finding flaws to see that he's the best? Exploiting systems for business? All is possible...
What really I don't know is why some hackers decide to publish their exploit code on the net. why this? Pubblicity? Do you want that someone says that you're the best? 
Can you think what could be the danger to publish on the net an exploit code? Too many times we can see stupid young boys that surf the net to find exploit code to try. An exploit code on the wrong hand is like a bomb...
I want to see to the hacker that in these days has published the MS JPEG Flaw Exploit Code that his action is really stupid. I've tryed to find the code simply by searching it on traditional search engines and I've found 3 places where you can download the exploit (4464 byte).
Congratulation... you're the best... of stupids!
A German telecommunications company said on Tuesday it is developing the first mobile phone that will alert users when their breath is bad or if they are giving off offensive smells. HERE the details. 
Amazing!
Really happy to see this... 
The forthcoming version of Mono (2.0), due to ship next March, will implement a native Visual Basic .NET compiler, native Windows Forms (WinForms) support and an update to the .NET API. Also big improvements on the performance side are on charge... the time to see a total migration of a standard Winform application from a Windows to a Linux environment is coming?
I'm really fascinating to read today lots of news that talks about the possibility for a Google enter on the browser world (examples here and here).
This news was on the air from a lot of time but, will really be true? I think that a traditional browser "made in Google" could not be a great success for the company, expecially in this period where lots of good browsers (Firefox ) are out and widespread.
But, if Google (according to its tradition) will do a revolution also on the browser world? What could happen? If a day the way to surf the network will change?
Do you remember the terminology "network computer"? Google could be the jump for this project... a Google browser with built-in searching and Instant Messaging features, a connection to Internet ready to run, Gmail as storage system and a Google Web OS ready to run. Fantasy...
Today the news I was waiting for is arrived... I will be to the WPC 2004 in Milan in November!
Special thanks to my boss for the opportunity given (with sincerity, to be there by myself was too much expensive! ).
5 interesting days are waiting me, and I'm really happy to have the opportunity to meet some friends... C U there...
In these days I'm working on a personal project with DotNetNuke and I can see that sometimes DNN (2.1.2) is slow at startup, expecially if you have lots of modules loaded.
I've personally tested that the startup performance can be increased by going to the Site Configuration settings and disable the Logging feature (by setting Logging to "0" in Site Settings or Host Settings)... obviously, this could be done if you don't need a logging feature (and I don't need it).
But... are there other way to increase performances on DotNetNuke startup? Ideas?
Today I was searching on Google some documents for my work and the fortune (??) has given me the chance to see an old document appeared on TheRegister 2 years ago. The title is "Microsoft MCSEs are bogus boffins, say Canadian engineers".
After reading it, I've decided to take in evidence again the article because its argument was the source of a discussion on my work team some times ago.
In summary, the article says that the professional engineers association in Canada is dismayed that Microsoft Certified System Engineers (MCSEs) are calling themselves "engineers".
In Canada (and I think in all over the world) only licensed professionals (that have taken an official course of study of 5 years on an Engineering University) can call themselves engineers, not people who have an IT certification with 5 exams (like MCSE). Unfortunately, expecially if you can go to public IT events, there are lots of MCSE certificate holders that take advantage of their status by saying that they are "an engineer".
This is terrible incorrect... Engineer is a global brand, an official title recognized on all the world for a certain course of study, there's an official Engineering Order that protects the title, so the title must be respected and not used only for "the sound of the words".
Unfortunately, you can see lots of MCSEs that, on their card presentation, signs them as "engineer". This is an inappropriate title and an incorrect way to do.
I read on the article that Microsoft planned to modify the name of the MCSE certification after the Canadian Engineering Order segnalation, but now I can see that nothing has done. What could be happen if all the Engineering Orders sent segnalation to Microsoft?
However, I'm an "official Engineer", I've taken a regular course of study of 5 years on Computer Engineering at the Politecnic of Turin, personally I've never against the MCSE certification name, but seeing that some MCSEs call themself "engineers" hurst me a bit!
I know that maybe an MCSE is more expert than me on certain products, but he's not an Engineer, it's an IT certificate people. I hope a clarification about it could be done in the future...
The update process is started...
This Update for Windows XP Service Pack 2 (KB884020) helps resolve an issue on computers running Windows XP Service Pack 2. Programs that connect to IP addresses in the loopback address range may not work as expected and you may receive an error message indicating you cannot establish a connection.
Take it!
I've just read the post by Fritz Onion about the news on IIS7 (be quit, it will be available only in 2006 or later ).
It will be focused about a total integration with the .NET Framework... good news that there will no longer be any difference between specifying IIS security settings and ASP.NET security settings and that all configuration settings in IIS can now be manipulated through the web.config file.
In particular, this last feature gives me thinking... will be totally secure this, or a possible danger?
If this story has something true, it's really one of the biggest flaws on a Microsoft product.
On Warp2Search has appeared a security alert, that in summary said this: your new Windows XP SP2 save your pc agains trojan horses, hackers, viruses and other intruders but it opens the door for everyone if you share files for your local area network. If you have an internal file sharing for your local LAN activated, your File and Printer sharing function is worldwide visible despite the active firewall functions.
I've no words... I can only say that it's really terrible if it's confirmed. Where is the XP SP2 security?
However, for my personal choice, during my XP SP2 installation I've chosen not to enable the built-in firewall, but continue to use my ZoneAlarm Firewall... I can monitor not only my incoming traffic, but also the outgoing traffic and this is really important.
I'm waiting to see what happens after this segnalation...
UPDATE September 18, 2004: news about this bug can be found
HERE.
Yesterday evening I've tryed to download some plugins for my new release of Firefox (1.0SR), in particular the Macromedia Flash Plugin and the updated skins available (updates from my previous Firefox release).
I've never had problems with the automatic update feature of Firefox but yesterday was impossible for me to download any updates.
Someone has found the same problem? Maybe a little incompatibility with XP SP2 (that I've installed on my machine)? Curious...
Some days ago I had lots of problems with an HTML form inserted on my blog, simply to have a quick way to do some searches with Google on DotNetJunkies.
The problems was caused by the GET method of the form, that on .Text caused the block of all the buttons (feedback and contact)... was impossible to send me feedback and contacts via email.
Today I've found a solution... my idea to perform this task is using an <IFRAME> tag for inserting the form on the blog. The <IFRAME> tag is used to insert an inline frame into the body of an HTML document and seems working really good (as you can see).
This is exactly what I've done:
I've written an HTML file (GoogleSearch.htm) where I've placed the Google Form code:
| <html> <head>
<title>Google Search</title>
</head> <body> <FORM method=GET action="http://www.google.com/search" target="new">
<A HREF="http://www.google.com/" target="_blank">
<IMG SRC="Logo_40wht.gif" border="0" ALT="Google" width="128" height="53"></A>
<INPUT TYPE=text name=q size=15 maxlength=255 value=""><br>
<INPUT type=submit name=btnG VALUE="Search">
<input type=hidden name=domains value="dotnetjunkies.com">
<br>
<input type=radio name=sitesearch value="dotnetjunkies.com" checked>
<font size="3">On DotNetJunkies</font>
</FORM> </body> </html> |
and I've placed this file on my website, to have an url to launch it.
After that, I've inserted on my .Text Blog (under Admin section --> Options --> Configure --> Static News/Announcement fields) the code below:
This code place my GoogleSearch form on an IFRAME that has the size equals to the 80% of the left column of the blog (where it's inserted).
Results? The GET method of the form is called by another page and don't interact with .Text.
A new release for this interesting tool is out today...
Java Language Conversion Assistant 3.0 (Beta) adds support for J2EE 1.3 functionality, including JDK 1.3, EJB, JAAS, JCE, JMS, JNDI, and RMI and also adds enhanced support for migrating Swing-based applications (cool! ).
This is a curious fact signalled to me by Andrea Boschin... it's really curious and I'd like to know if someone know something about it.
There's an Oracle (version 9 and 10) process called nmupm.exe that, if you've the .NET Framework SDK installed on your machine, hogs the CPU (100%) and never quits. This seems to be caused by an incompatibility between the .NET SDK and Oracle Enterprise Manager. The suggestions given on forums are to uninstalling the .NET SDK (not a good choice).
Someone have news about this? Really interesting to know how to solve this...
If you're a Firefox (or Thunderbird) user and you're not sure to update to the last releases (expecially for Firefox, the 1.0SR release number could appear not to be totally stable but it's not true), this fact can you change your ideas: Secunia (great people ) has a new advisory about some buffer overflow exploits in the Mozilla and Thunderbird code.
What is curious is that one of these exploits takes advantage of a unchecked buffer in the bitmap parser, very similar to the recent Microsoft JPEG vulnerability discovered in these days. The good news is that if you have installed one of the last releases (Mozilla 1.7.3, Firefox 1.0PR, Thunderbird 0.8) you won't be affected by these explois!
What are you waiting to update your browser?