|
|
Dear Blog Site:
Sent: Saturday, May 31, 2008 1:06 PM
Subject: Yahoo BrowserPlus Sneak Peek
Sent to you by Chris
McMillan, Federal Marketing Manager via Google Reader:
Earlier this week, Google renamed
its Google Gears technology simply to Gears in an effort to better position its
link between cloud computing solutions and the desktop as a general solution
anyone (not just Google) can use. And of course there are competitors (like
Microsoft, with Silverlight 2+) trying to bridge this gap as well. This week,
Yahoo entered the fray as well with a preview of something called BrowserPlus:
BrowserPlus is a technology for web browsers that allows developers
to create rich web applications with desktop capabilities.
Yahoo! BrowserPlus is software that extends the capabilities of your web
browser to make richer web experiences possible. Different websites can use
BrowserPlus to support things like drag and drop from the desktop, easier file
uploads, more efficient and secure acquisition of feeds and information, and
native desktop notifications. BrowserPlus is a technology designed to "extend
the web," so that developers can build more exciting web applications and so
end-users can get more done inside their web browser.
What can I do with BrowserPlus?
Today you can explore our demo applications which include an advanced
in-page Flickr photo uploader, a browser based IRC (chat) Client, and a
developer tool for exploring Web Services output. Developers can also explore
our APIs and test code samples. Given that this is only a "sneak peek" of our
capabilities and offerings, we encourage you to stop by again soon for
more.
Why did Yahoo! build this?
Yahoo! is interested in open, industry-leading platforms that attract the
most publishers and developers. An important part of that ecosystem includes
the client-side tools those developers use to develop content. Until today,
YUI has been primary offering to this audience. BrowserPlus is the next step
in providing solutions to browser-based web development.
How can I use BrowserPlus on my site?
During the "sneak peek," BrowserPlus can only used on sites owned by Yahoo!
or its partners. Our first full public release will make BrowserPlus available
for use by 3rd party developers.
During this preview phase, you can only see BrowserPlus in action by
navigating to one of the demo
sites, including a cool Flickr uploader and photo editor.
This is all very interesting. And it makes sense that Yahoo would get into
this game. But I'm nervous that a proliferation of browser plug-ins, all aimed
at furthering the ambitions of various computing giants, will lead to the same
incompatibilities on the Web (or "in the cloud," I guess) that we saw over the
past three decades with desktop-based computing platforms. (Not to mention the
annoyance of ever-updating browser plug-ins.) Obviously, this is something to
watch regardless.
Things you can do from
here:
With this free webinar, get a firsthand look at Microsoft Dynamics CRM Online , and find out from real customers how this innovative hosted technology has given them Microsoft Dynamics capabilities without increasing IT infrastructure or staff. You'll learn about Customer Relationship Management (CRM) importance and strategy from Martha Rogers, a recognized leader in CRM and founding partner of Peppers & Rogers Group, Carlson Marketing as well as an introductory look at Microsoft Dynamics CRM Online hosted by Brad Wilson, Microsoft CRM Division General Manager. Register today for your free Microsoft
Dynamics CRM Online webinar! 
Why Anti-Virus Is Dead: The Graylist Approach to Computer Protection Viruses, trojans, and other forms of malware persist only because anti-virus, the main defense against them, is terribly flawed. In this white paper, you'll learn about the failure of anti-virus solutions and the proliferation of a far more effective technique. Instead of trying to recognize malicious software, application whitelists focus on authenticating valid software. This approach enables whitelists to block a far wider variety of malicious software than AV products could ever hope to stop. Click here to RapidRequest this free paper! 
Atmy day job I've been working on integration between different systems through creating widgets. There are a few different avenues to take. My metric was the preceived integration with the site, so using the DOM ended up as the...
Dear Blog Site:
Be advised for users wanting to use Safari and Windows.
Security warning is posted as is.
Sincerely,
Christopher McMillan, CIO
CEEK Technology
Blog: http://ceektechnology.spaces.live.com
Web Site: http://www.ceektechnology.com
WM: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
E-mail: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
Date: Fri, 30 May 2008 17:16:42 -0700
Subject: FW: Security Advisory 953818 Posted
From: chrismmcmillan@gmail.com
To: christophermcmillan@hotmail.com
Sent to you by Chris McMillan, Federal Marketing Manager via Google Reader:
Hi,
This is Tim Rains.
Very quickly, I wanted to let you know that we’ve just posted Microsoft Security Advisory 953818. This security advisory talks about new public reports of a blended threat that allows remote code execution on all supported versions of Windows XP and Windows Vista when Apple’s Safari web browser for Windows has been installed. Safari is not installed with Windows XP or Windows Vista by default: it must be installed independently or through the Apple Software Update application.
If you run Safari on the affected platforms, we encourage you to review this advisory.
We’ve activated our Software Security Incident Response Process (SSIRP) and are working with our colleagues at Apple to investigate the issue. We have identified steps customers can take to protect themselves in the workaround section of the advisory.
We are currently not aware of any attacks and are monitoring the issue and are working with our MSRA partners to help protect customers. We will update the advisory and this blog as new information becomes available.
Tim
*This posting is provided "AS IS" with no warranties, and confers no rights.*
Things you can do from here:
Keep your kids safer online with Windows Live Family Safety. Help protect your kids.
Dear Blog Site
Sincerely,
Christopher McMillan, CIO
CEEK Technology
Blog: http://ceektechnology.spaces.live.com
Web Site: http://www.ceektechnology.com
WM: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
E-mail: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
Date: Fri, 30 May 2008 11:12:58 -0700
Subject: Handy, Dandy, FREE!
From: chrismmcmillan@gmail.com
To: christophermcmillan@hotmail.com
Some great networking tools posted on my MSDN blogs.
Sent to you by Chris McMillan, Federal Marketing Manager via Google Reader:
Like most IT professionals, you’ve got more to do than is humanly possible. We can help. Well, our utilities can. Every month the Utility Spotlight column presents a handy utility that can help you get your work done. We’ve compiled 10 of our most useful tools for accomplishing everything from advanced copy and paste to upgrading SharePoint. Even better, they’re free!
Here’s our guidance: take advantage of these free tools to free up your time.
Robocopy GUI Traditional copy and paste works well enough for simple tasks, but for advanced functionality, you need Robocopy. But what if you're not a fan of the command line? Enter Robocopy GUI.
ADMX Migrator With Windows Vista, the format for Group Policy templates has changed to an XML-based structure. The ADMX Migrator utility can convert your legacy ADM files into the new ADMX format, as well as help you easily create your own custom ADMX files.
Autoruns The vast number of apps that run automatically at system start up can be a source of endless headaches. But with Autoruns, you can investigate every app that runs automatically, letting you troubleshoot conflicts, track down malware, and free up system resources.
The Shared Computer Toolkit One of the most common requests at the Group Policy forum GPanswers.com is how to take machines and lock them down. People want to ensure their machines can’t be br  oken by Joe User or Harry Badguy.
WMI Code Creator As a systems administrator you’re surely no stranger to Windows Management Instrumentation, which gives you access to a wealth of management information and allows you to automate administrative tasks. This tool generates custom code that lets you can get the most from the myriad of computer management options WMI has to offer.
BGInfo Wouldn’t it be great if you could see everything you need to know about a PC—its name, IP address, gateway, free disk space, and so on—in a single place. You can, with this free tool from Sysinternals.
SyncToy Face it, most of the users you support just don't back up there data. SyncToy provides an unintrusive way to ensure your users' files are always backed up and ready to be easily restored.
Virtual Machine Remote Control Plus The Virtual Server 2005 interface is a Web application, offering the conveniences of Web-based management. But sometimes you want a rich UI that behaves like a Windows application.VMRCplus gives you an alternative UI that offers easy configuration management and remote control of virtual machines, all from within a single application.
Windows Easy Transfer Companion When it's time to migrate your users from their old Windows XP computers to new Windows Vista machines, the biggest chore is reinstalling your users' applications on their new PCs—and making sure those apps work.
Upgrade Toolkit for SharePoint Sites and Templates Upgrading to Windows SharePoint Services 3.0 can pose challenges if you use customized sites and templates. Explore a new Solution Accelerator that provides tools and guidance to help you get the job done. 
Things you can do from here:
E-mail for the greater good. Join the i’m Initiative from Microsoft.
Dear Blog Site
Sincerely,
Christopher McMillan, CIO
CEEK Technology
Blog: http://ceektechnology.spaces.live.com
Web Site: http://www.ceektechnology.com
WM: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
E-mail: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
Date: Fri, 30 May 2008 15:31:12 -0700
Subject: Resolve Issues with Windows Resource Protection using the WRPMitigation Shim
From: chrismmcmillan@gmail.com
To: christophermcmillan@hotmail.com
Sent to you by Chris McMillan, Federal Marketing Manager via Google Reader:
Every now and again, I bump up against a setup application (it's almost always a setup application) that tries to drop older versions of protected operating system files. It's fairly easy to mitigate, but I thought I would go through some of the mechanics, and some of the places where the mitigation can break down.
Let's take a walk down memory lane...
Introduced in Windows 2000 and brought over to Windows ME ... I'll pause for everyone to recover from the shivers in your spine ... we offered a feature called System File Protection. This feature is designed to protect the integrity of the operating system. This feature had a couple of issues, which I talk about here: http://blogs.msdn.com/cjacks/archive/2007/04/20/windows-resource-protection-wrp-and-activex-control-installation-on-windows-vista.aspx.
So now, things are better, except of course the applications that break, which is why we didn't just modify the ACLs in the first place. So, one by one, we just start applying our WRP shims to applications that need it, and this got us back where we needed to be for application compatibility. We automatically apply this shim if we detect that you are a setup. We apply this shim to regsvr32.exe. We throw it everyplace that we think we're going to catch people trying to write to protected operating system files.
So, how does it work?
Well, first we always try to run the original API. If that fails, then we check to see if you are a WRP protected file. We do that for performance - if what you are trying to do already works, we don't need to fix you, nor do we need to run code to determine if we ought to fix you. We just let you go on doing your thing.
But if the operation didn't work, then we'll check to see if the file is WRP protected. If so, then we'll pretend that things worked.
How do we pretend?
Well, if you're trying to delete, we can just return success. Move? Success. Change attributes? Success.
But what if you're trying to write?
In that case, we don't get very far by returning success, because we need to return a handle that is valid or the application could AV. So, we just create a temp file, and return a handle to this temp file.
Right now, I'm running an application attempting to update kernel32.dll, and I find this in %temp%: WRP112.tmp.
That's where I'll be writing when I write. My application continues to work, and we resolve the issue.
But let's back up a minute - what happens if I am trying to drop my file in a non-standard location and register it from there? Here, we can run into issues. Clearly, the application is intentionally trying to circumvent protection mechanisms. They drop the dll somewhere other than the location of the protected dll (which succeeds) and then call regsvr32.dll. (Some people think they're really tricky - I once saw an app drop some version of shell32.dll from Windows 2000, but they called it shell32.ico, then called regsvr32 on it.)
Our check to see if it's a protected operating system file says "no" because it isn't owned by Trusted Installer, and we don't fix it up.
With people trying to be tricky like this, I usually end up modifying the package to remove this drop. But I suppose I could CorrectFilePaths to hit my protected location... 
Things you can do from here:
E-mail for the greater good. Join the i’m Initiative from Microsoft.
Dear Blog Site
Sincerely,
Christopher McMillan, CIO
CEEK Technology
Blog: http://ceektechnology.spaces.live.com
Web Site: http://www.ceektechnology.com
WM: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
E-mail: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
Date: Fri, 30 May 2008 15:31:47 -0700
Subject: New Free Windows PowerShell Quick Reference Card
From: chrismmcmillan@gmail.com
To: christophermcmillan@hotmail.com
Sent to you by Chris McMillan, Federal Marketing Manager via Google Reader:
I've been working with the folks over at Developer Zone on a quick reference card for PowerShell, based on my book. The card is now complete and is available as a free download. (PDF, registration required.) 
This is an 8-page card that covers the PowerShell language, common commands and examples. The card was written primarily for developers (it is Developer Zone after all) and for people with existing scripting experience. Even so, if you're using PowerShell, it should be a handy reference to the environment.
Thanks -bruce
=============================== Bruce Payette [MSFT] Principal Developer, Windows PowerShell Team 
Things you can do from here:
E-mail for the greater good. Join the i’m Initiative from Microsoft.
Dear Blog Site
Sincerely,
Christopher McMillan, CIO
CEEK Technology
Blog: http://ceektechnology.spaces.live.com
Web Site: http://www.ceektechnology.com
WM: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
E-mail: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
From: christophermcmillan@hotmail.com
To: christophermcmillan@hotmail.com
Date: Fri, 30 May 2008 09:41:39 -0600
Subject: FW: Network Measurement Tool Detect Reset Packets
Message from NewsGator subscriber Christopher McMillan: Interesting tools created today.
Post from NewsGator.com:
Network Measurement Tool Detect Reset Packets
kickassweb writes "If you think your ISP is sniffing packets, or worse yet, sending reset packets to stop torrents, there's now a beta Network Measurement Tool to detect them, courtesy of Lauren Weinstein of the Net Neutrality Squad. It's released under the LGPL and runs under Win2K, XP, and Vista. Quoting: 'While the reset packet detection system included in this release is of interest, NNSquad views this package as more important in the long run as a development base for a broad range of network measurement functionalities and associated communications and analysis efforts.'"
Read more of this story at Slashdot.
Change the world with e-mail. Join the i’m Initiative from Microsoft.
Dear Blog Site
Sincerely,
Christopher McMillan, CIO
CEEK Technology
Blog: http://ceektechnology.spaces.live.com
Web Site: http://www.ceektechnology.com
WM: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
E-mail: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
Date: Fri, 30 May 2008 08:11:44 -0700
Subject: Ubuntu 8.04 on SBS 2003 network.
From: chrismmcmillan@gmail.com
To: christophermcmillan@hotmail.com
Sent to you by Chris McMillan, Federal Marketing Manager via Google Reader:
Disclaimer: This is not a Microsoft recommended step nor is it a wastepaper, yet. This is simply my attempt to learn. Ubuntu needs no introduction nor does SBS. :) What do you need? > SBS 2003 SP2. > Ubuntu 8.04, Updated! Ensure Network Connectivity: After you install Ubuntu 8.04, ensure that you have network connectivity and you have Internet connection. Check for updates, using Update Manager and install all the updates. On SBS, you don’t really need to do anything however you could...( read more) 
Things you can do from here:
Keep your kids safer online with Windows Live Family Safety. Help protect your kids.
Dear Blog Site
Sincerely,
Christopher McMillan, CIO
CEEK Technology
Blog: http://ceektechnology.spaces.live.com
Web Site: http://www.ceektechnology.com
WM: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
E-mail: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
-----Original Message-----
From: HumanWare [mailto:nicolas.lagace@humanware.com]
Sent: Friday, May 30, 2008 9:36 AM
To: chrismcmillan@earthlink.net
Subject: Travel Made Easy With "The Breeze": Tek Talk Monday, June 2, 2008
Travel Made Easy With "The Breeze": Tek Talk Monday, June 2, 2008
The Accessible World News Wire, Indianapolis, Indiana USA
"HumanWare is proud to present the most recent GPS Orientation tool: Trekker Breeze! This new, all-in one device , easy and simple tool will assist you in your daily travel, providing automatically most valuable information such as Where you are, What's around and Where to go next. The Breeze will allow you to record your favorite landmarks and routes, in the easiest manor. Only 9 buttons to give you all the security you need to enjoy outdoor travel in confidence. This device is small, smart and it's operation is yet so simple!
Come and join the Accessible World online world wide audience to learn more and see how the Breeze has simplified GPS for your convenience FROM Sam Adler, Market Development Manager for HumanWare.
Phone: 888-723-7273
Web: http://www.humanware.com
Email: sam.adler@humanware.com
Date: Monday, June 2, 2008
Time: 5:00 p.m. Pacific, 6:00 p.m. Mountain, 7:00 p.m. Central, 8:00 p.m. Eastern and elsewhere in the world Tuesday 0:00 GMT.
Where: TekTalk Conference Room at: http://conference321.com/masteradmin/room.asp?id=rsc9613dc89eb2
or
http://www.accessibleworld.org. Select the Tek Talk room, enter your first and last names on the sign-in screen.
All Tech Talk training events are recorded so if you are unable to participate live at the above times then you may download the presentation or podcast from the Tech Talk archives on our website at http://www.accessibleworld.org.
All online interactive programs require no password, are free of charge, and open to anyone worldwide having an Internet connection, a computer, speakers, and a sound card. Those with microphones can interact audibly with the presenters and others in the virtual audience.
If you are a first-time user of the Talking Communities online conferencing software, there is a small, safe software program that you need to download and then run. A link to the software is available on every entry screen to the Accessible World online rooms.
NOTE: The Accessible World Website now provides a software download that enables you to check your microphone before entering our rooms.
Sign up information for all Accessible World News Wires and discussion lists are also available at our website: http://www.accessibleworld.org.
Media Contacts:
Robert Acosta, Chair, Planning Committee
818-998-0044
Email: boacosta@pacbell.net
Web: http://www.helpinghands4theblind.com
Pat Price, Founder and Events Coordinator
The Accessible World Symposiums
Vision Worldwide, Inc.
317-254-1185
Skype: patprice1
Email: pat@patprice.org
Web: http://www.accessibleworld.org
This email was sent to chrismcmillan@earthlink.net.
You can instantly unsubscribe from these emails by clicking the link below:
http://hcamarketing.cmail1.com/u/422487/ol1d111l/
Dear Blog Site
Sincerely,
Christopher McMillan, CIO
CEEK Technology
Blog: http://ceektechnology.spaces.live.com
Web Site: http://www.ceektechnology.com
WM: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
E-mail: chrismcmillan@ceektech.com or christophermcmillan@hotmail.com
Date: Fri, 30 May 2008 04:46:40 -0700
Subject: Why Apple has to fix the Safari flaw
From: chrismmcmillan@gmail.com
To: christophermcmillan@hotmail.com
Sent to you by Chris McMillan, Federal Marketing Manager via Google Reader:
Remember me talking about Is Security Research Ethical? I made a statement in there when it comes to responsible disclosure of vulnerabilities: And then, what does the vendor do with it? Does the company act on it?
Now, we can debate on what a vulnerability is and what not. Personally I am convinced that a vendor should be transparent when it takes a bug as a vulnerability and when not. There is actually a good essay by Scott Culp about this called Definition of a Security Vulnerability.
Why am I telling this? Well, there seems to be a disagreement between Apple and the rest of the world whether Safari's Carpet Bombing flaw is a security vulnerability or not. Robert Hensing posted already last week on that ( Safari "carpet bombing" Fail Open Goat Award) and ZDnet took it up yesterday as well ( Why Apple must fix Safari 'carpet bombing' flaw immediately). And I quote: […]but when it comes to responding to legitimate security threats, Apple is light years away from living up to the messages in those commercials(they are referring to the statement Now you can enjoy worry-free web browsing on any computer. Apple engineers designed Safari to be secure from day one in the Security Tab of Apple's Safari Page)
Remember the days of the "Unbreakable" ads (I know it was not Apple but goes in the same direction).
These are exactly to kind of discussions which do not really help to address security as an industry nor to promote responsible disclosure…
Roger 
Things you can do from here:
Keep your kids safer online with Windows Live Family Safety. Help protect your kids.
|
Tools 
Help
