ETC Blog, The Tech Resource
Fix for LNK Hole Coming on Monday
Normally I advocate caution in major patches. This hole however is so important that i am going to immediately patch and then workaround any issues this is going to cause. Again on mOnday htis patch gets released. PATCH IMMEDIATLY!!! Read the previous advisories I...
This is Why I Always Bang the Backup Drum
I had my server setup as best as i could. I had a RAID 1 mirror on both of my drives. Not only that I had shadow copies being made on the array. Finally I had everything being backed up to an external hard drive. Last night my server started acting funny. Putting...
Sometimes Virtualization ISN’T the Answer
After some internal testing and research i can honestly say that virtualization may not be the best solution except for larger deployments. For the same money(or less) than either upgrading one server to be able to host multiple vm's or the purchase of a new server...
Windows Security Issues Causing Increasingly Diffulcult Malware Removals
This is the primary reason Unix folks remove the computer, make an image for forensics, and then rebuild from a known good source. Windows folks have yet to figure this one out. I take the same philosophy towards malware that Unix admins do..nuke the box...because...
Third LNK Vulnerability Update
Steve Gibson talks about this issue in a very understandable manner. Look at my previous post at the bottom..aka update 3.
Second LNK Vulnerability Update
Well the vulnerabilities threat profile has expanded: http://www.f-secure.com/weblog/?p=00001994.html If the .lnk is inside a document windows will execute the code. Again..i hope this fizzles..if it doesn't I want folks to be aware. Well the vulnerabilities threat...
.LNK Zero Day Update
https://etc-md.com/?p=2421 The podcast software crashed so I was able to make a written update to the post with the help of Arstechnica.com. Go checkout the updated post.
New Zero Day problem with all versions of windows(High Potential for Mass Infections..Stay Alert)*UPDATED*
I am going to provide you with the summary from Ars Technica as it's the clearest explanation of the problem I have seen: The attack uses specially crafted shortcut (.lnk) files, which trick Windows into running code of an attacker's choosing. Any Windows application...
Cloud Computing is NOT immune to Microsoft and other vendor style lock-in
This is very good reading. IF you decide to go with a cloud solution the big question is..are you in control of your data or are you at the total mercy of the cloud vendor? This has significant ramifications for your business if the cloud vendor either fails to...
Power Management: Can Windows Mange power better now? Are new low power CPUs better?
5-10 years ago the answer was...yes to the first question as the second one didn't apply. As I have been watching the evolution of hardware over the years things of course are more complex. In a nutshell going with a low power server(or maybe a desktop CPU for...
Apple Continues to Show Microsoft type Arrogance
Of course it does. As long as folks accept lame excuses for their constant failings and don't walk away from Apple with their wallets Apple has no reason to care. DailyTech - Apple to Customers: Here's a Free Case, Live With iPhone 4 or Get Out.
The New York Times Goes Nuts, Says The Government Should Regulate Google’s Search Algorithm (GOOG)
I totally agree with SFGATE on this one..and the reasons given for opposition are totally accurate and standing within Constitutional principles. The New York Times Goes Nuts, Says The Government Should Regulate Google's Search Algorithm (GOOG).
Possible Security flaw May Compromise Many Websites
It's a long time issue in non internet applications but it was thought the latency of internet communications would protect users from this issue. While I'm not sure this is either a large issue now or even if it's going to be one it is one I will be tracking to see...
Widnows 2k(both server and desktop) and XP sp2 are now “dead”
If you are running 32-bit xp you can install service pack3 and continue with support. If you are running 64-bit XP this operating system is now "dead". No more patches of any kind. All versions of Windows 2000 are also now End Of Life. You need to move to Windows...
You need to get XP SP3 installed quickly.
If you are running xp 64 bit you are stuck at sp2 and your installation expires in less than a week. Time for a move to 7. You have less than one week to update Windows XP. Here’s how! - Microsoft SMB Community Blog - By Eric Ligman - Site Home - MSDN Blogs.
Software can’t fix badly designed hardware
Apple for a while built great looking products that worked very well. Now that they have a rabid fan base their exterior beauty is hiding some nasty shortcomings. I remember a company that continues to get somewhat humbled by this kind of behavior in the...
Apple shows it arrogance once again.
Apple is acting like Microsoft did before they got hit with all of their security bugs. I bet Apple is on it's way down to. Unfortunately Apple's arrogance will make BSD look bad when it's Apple's mis configurations that are to blame not the underlying OS....
Itunes accounts compromised
You need to log into your iTunes account and change your password. Once you do that go into the payment details and select none to clear out your CC or checking account information. There's more details Here, Here, Here. iTunes accounts hacking more widespread than...
Faulty Capacitors: See, They Knew! – The Market Ticker ®
I had forgotten about this story until my wife told me she is now having to replace the caps on optiplexes because of this issue. I wrote it off then until i saw this post from Dell where they say the charge3s in the lawsuit are settled because all of...
e-Banking Bandits Stole $465,000 From Calif. Escrow Firm — Krebs on Security
e-Banking Bandits Stole $465,000 From Calif. Escrow Firm — Krebs on Security. Marisco said that a few days before the theft, she opened an e-mail informing her that a UPS package she had been sent was lost, and urging her to open the attached invoice. Nothing happened...
PERC S300 – Another FAKERAID card
PERC S300 - can it be made to work?. I saw this on the Dell Linux mailing list. I did a bit of research and found this is a windows only FAKERAID product. What I mean by FAKERAID is the card fakes like it is a raid card but all of the work is done on the cpu....
Intel will ship x86 android 2.2 this summer – The Inquirer
Intel will ship x86 android 2.2 this summer - The Inquirer. Now this would be interesting. If this is actually true then instead of me having to get a smartphone with the high price of the cell carriers scamming built in I can get a netbook...
Synchronizing Roaming Profiles Between a V1 & V2 Profile
Synchronizing Roaming Profiles Between a V1 & V2 Profile. The news is..you can't. So if you want to move to server 2008 and keep your profiles you have to stick with either xp and below(not a good long term solution) or have all vista and above machines. Users...
Office 2010 Licensing changes… (Thanks sky-Knight)
Office 2010 Licensing changes... - Untangle Forums. This is interesting. Keep watching MS they want their fingers in everything.
A case for Linux on the Corporate Desktop
The author makes some great points here. Take a gander. Not using desktop Linux? You're wasting your money | Linux - InfoWorld.