Removing unused device drivers from Windows XP
Did you know that unused device drivers in Windows XP never go away unless you explicitly remove it? Unused drivers hang around on your system, sucking up resources.
Good article.
Tuesday, January 31, 2006
How to Fix a Dead Pixel on an LCD Monitor
I don't know if this works, but it's worth a shot. This Wiki gives a procedure that *may* fix a dead pixel on an LCD monitor. If anyone tries this, and it works, please post a comment on this blog entry so the rest of us know if we should try it or not.
Unfortunately (or fortunately!), I don't have this problem at the moment...
I don't know if this works, but it's worth a shot. This Wiki gives a procedure that *may* fix a dead pixel on an LCD monitor. If anyone tries this, and it works, please post a comment on this blog entry so the rest of us know if we should try it or not.
Unfortunately (or fortunately!), I don't have this problem at the moment...
Thursday, January 26, 2006
TrueCrypt
This is freeware open source disk encryption software that runs on Windows and Linux. This is interesting because it encrypts an entire disk or volume, and is supposed to be extremely secure. Similar to PGPDisk, except that it does the entire drive, and of course it's free.
This could be very useful for encrypting the contents of USB thumb drives.
This is freeware open source disk encryption software that runs on Windows and Linux. This is interesting because it encrypts an entire disk or volume, and is supposed to be extremely secure. Similar to PGPDisk, except that it does the entire drive, and of course it's free.
This could be very useful for encrypting the contents of USB thumb drives.
Tuesday, January 24, 2006
The Road to Know Where: FREE Microsoft Software for Download
Great source that consolidates all of the various free Microsoft downloads
Great source that consolidates all of the various free Microsoft downloads
Monday, January 23, 2006
Disney buys Pixar for $7B
It's about time--Disney has been paying Pixar so much in license fees, it probably could have easily paid for the company many times over by now. Of course, it was in Steve Jobs' interest not to do so--he is now the single largest shareholder in Disney!
It's about time--Disney has been paying Pixar so much in license fees, it probably could have easily paid for the company many times over by now. Of course, it was in Steve Jobs' interest not to do so--he is now the single largest shareholder in Disney!
Six Noises That Dying Hard Drives Make
These are the six noises most likely to strike fear in the hearts of geeks everywhere--the noises that dying hard drives make. While it may not do any good, I suppose it's good to know when your hard drive is likely hosed.sys for good!
So...if you hear any of these noises, you'd better have a good backup of your data!
These are the six noises most likely to strike fear in the hearts of geeks everywhere--the noises that dying hard drives make. While it may not do any good, I suppose it's good to know when your hard drive is likely hosed.sys for good!
So...if you hear any of these noises, you'd better have a good backup of your data!
11 Myths of Surge Protection
A really good treatise on surge protectors, uninterruptible power supplies, and line conditioning.
A really good treatise on surge protectors, uninterruptible power supplies, and line conditioning.
From TVs to toys, the best time to buy everything
Really good article; tells the best time to buy things, such as airline tickets (Wednesday), TVs (Spring beginning in April), houses (winter), and so on.
Really good article; tells the best time to buy things, such as airline tickets (Wednesday), TVs (Spring beginning in April), houses (winter), and so on.
NASA's Solar System Exploration: Multimedia: Our Top 10
These are really cool pictures...worthy of a look.
These are really cool pictures...worthy of a look.
Friday, January 20, 2006
Free VPNs and Wireless Security
I was listening to a podcast this morning by Steve Gibson (it's called Security Now! and I highly recommend it for anyone that's interested in security), and the topic of discussion was some of the new VPN software that's hitting the 'Net; specifically, Hamachi, iPig (awful name!) and OpenVPN. I should also mention that this was an old episode--from December 2005 (the 22nd, I think).
I have been using Hamachi now for about a month, and it's great--it allows you to install a small VPN agent on your PCs and establish a secure VPN "tunnel" between them. For me, it means that I can access my home network from just about anywhere--for moving files back and forth, troubleshooting the PC (via VNC), and even remote printing. The best part is that it's free, and a variety of security experts have thoroughly analyzed it and have pronounced it secure.
One nice side effect of Hamachi that was pointed out on the podcast (and that hadn't occured to me) is that when you have a Hamachi VPN established, your entire connection is secure, regardless of what type of Internet transport you're using. This is particularly valuable when you're using an unsecured connection, such as at a hotel or a WiFi hotspot. By simply establishing the connection back to your home network, you've also secured your WiFi connection. Cool!
Two other VPN alternatives that were mentioned on the podcast (both of which are free) are iPig (stands for iOpus Private Internet Gateway, BTW) and OpenVPN. iPig actually goes one better than Hamachi by providing a free server (end point) to connect to, which is very handy if you don't want all of your traffic going through your home ISP connection. iPig has a 5GB total transfer limit, but you can always sign up for another free account if you exhaust the first one. There are also plans in the works to offer an annual subscription ($30 range) that would give you much more bandwidth. Steve Gibson has spent some time sniffing the iPig protocol, incidentally, and believes that it is very secure. It apparently passes the user ID in the clear, but exchanges a 256 bit token (it uses 256 bit AES, which is extremely hard to crack), along with a pre-shared key (much as Hamachi does).
OpenVPN is similar to Hamachi and iPig, except for one key advantage: it's open source, which means that the various security experts can pick apart the code to make sure it's truly secure (and if it isn't, they can fix it!). The other huge advantage of OpenVPN's being open source is that people have ported it to jillions of platforms already (including Linux, of course). That means that you could easily build up a recycled commodity PC with Linux on it, and combined with OpenVPN and a decent firewall, have a really nice, really cheap security appliance.
One other advantage of these new VPN solutions that I should also point out is performance. Some older VPN solutions were very slow due to the fact that they tunneled TCP inside of TCP, which is very inefficient as TCP tends to fight with itself. The new solutions use UDP instead of TCP, getting around that problem--and the performance over these solutions is really good. I believe that all three VPNs mentioned in this blog entry are using the UDP tunnel mechanism.
I'm planning on trying both iPig and OpenVPN in the next few weeks; I'll be sure to post an update with my findings.
I was listening to a podcast this morning by Steve Gibson (it's called Security Now! and I highly recommend it for anyone that's interested in security), and the topic of discussion was some of the new VPN software that's hitting the 'Net; specifically, Hamachi, iPig (awful name!) and OpenVPN. I should also mention that this was an old episode--from December 2005 (the 22nd, I think).
I have been using Hamachi now for about a month, and it's great--it allows you to install a small VPN agent on your PCs and establish a secure VPN "tunnel" between them. For me, it means that I can access my home network from just about anywhere--for moving files back and forth, troubleshooting the PC (via VNC), and even remote printing. The best part is that it's free, and a variety of security experts have thoroughly analyzed it and have pronounced it secure.
One nice side effect of Hamachi that was pointed out on the podcast (and that hadn't occured to me) is that when you have a Hamachi VPN established, your entire connection is secure, regardless of what type of Internet transport you're using. This is particularly valuable when you're using an unsecured connection, such as at a hotel or a WiFi hotspot. By simply establishing the connection back to your home network, you've also secured your WiFi connection. Cool!
Two other VPN alternatives that were mentioned on the podcast (both of which are free) are iPig (stands for iOpus Private Internet Gateway, BTW) and OpenVPN. iPig actually goes one better than Hamachi by providing a free server (end point) to connect to, which is very handy if you don't want all of your traffic going through your home ISP connection. iPig has a 5GB total transfer limit, but you can always sign up for another free account if you exhaust the first one. There are also plans in the works to offer an annual subscription ($30 range) that would give you much more bandwidth. Steve Gibson has spent some time sniffing the iPig protocol, incidentally, and believes that it is very secure. It apparently passes the user ID in the clear, but exchanges a 256 bit token (it uses 256 bit AES, which is extremely hard to crack), along with a pre-shared key (much as Hamachi does).
OpenVPN is similar to Hamachi and iPig, except for one key advantage: it's open source, which means that the various security experts can pick apart the code to make sure it's truly secure (and if it isn't, they can fix it!). The other huge advantage of OpenVPN's being open source is that people have ported it to jillions of platforms already (including Linux, of course). That means that you could easily build up a recycled commodity PC with Linux on it, and combined with OpenVPN and a decent firewall, have a really nice, really cheap security appliance.
One other advantage of these new VPN solutions that I should also point out is performance. Some older VPN solutions were very slow due to the fact that they tunneled TCP inside of TCP, which is very inefficient as TCP tends to fight with itself. The new solutions use UDP instead of TCP, getting around that problem--and the performance over these solutions is really good. I believe that all three VPNs mentioned in this blog entry are using the UDP tunnel mechanism.
I'm planning on trying both iPig and OpenVPN in the next few weeks; I'll be sure to post an update with my findings.
Wednesday, January 18, 2006
The Sony Rootkit
Now this is interesting news. Sony BMG have apparently added a "rootkit" to some of their CDs which is ostensibly a digital rights management (DRM) system--in other words, to keep people from copying the CDs. The software is supposed to ensure that the person playing the CD is doing so only on the original CD, and to allow at most 3 PCs to play it. Aside from the Machiavellian aspects, this is ridiculous in today's times IMHO. Unfortunately (for its customers), this software actually installs itself on the PC, hides itself, and then exhibits disturbing behavior that can actually comprimise the PC. The rootkit was allegedly developed by a company called First4Internet (http://www.first4internet.com).
The first behavior is that the design of the rootkit is such that it allows other people to distribute code (generally as an attachment in a SPAM message) that takes advantage of the Sony code--to take over the PC and pretty much do anything they want with it. That's bad...especially since these hacks are already appearing.
The second behavior that's disturbing is that the rootkit actually "phones home" back to Sony when a user is listening to the PC, ostensibly to let them know when a user is listening to the CD. Interestingly, Sony has denied this behavior, although a number of security experts have confirmed this through network monitoring. Interesting--Sony is distributing spyware and denies doing it.
Detecting the Rootkit
There is an easy way to tell if you have the rootkit installed on your system. One of the behaviors of the rootkit is that it automatically hides all files that have $something$ in the name; for example, $canary$.txt . So, you can create a file that conforms to that naming standard, and if it disappears, you've got the rootkit. Some anti-spyware vendors claim to be able to detect it, but I don't have a definitive list of which do and which do not.
You can also try RootKitRevealer, which is a free utility that purportedly can detect rootkits.
Removing the Rootkit
Apparently the only way (at this time, anyway) to remove the rootkit is to go to Sony's website and request the removal software; they will then email a removal link to you. There is, however, a problem--the removal tool, which actually installs yet another program that stays resident on your system (written by the same stellar programmers at First4Internet, it's called CodeSupport) leaves a gaping hole by allowing virtually any Website to download and install software on the PC...and it doesn't verify the source of the program that's being downloaded. Doh! There is a great writeup on the problems with the Sony removal tool here.
Further Reading
There is an interesting blog posting on the subject that goes much deeper than mine here, and you can also just google 'sony rootkit' to find reams of further information on the subject. You also might check out the Security Now! podcast, which is how I first found out about the problem.
Now this is interesting news. Sony BMG have apparently added a "rootkit" to some of their CDs which is ostensibly a digital rights management (DRM) system--in other words, to keep people from copying the CDs. The software is supposed to ensure that the person playing the CD is doing so only on the original CD, and to allow at most 3 PCs to play it. Aside from the Machiavellian aspects, this is ridiculous in today's times IMHO. Unfortunately (for its customers), this software actually installs itself on the PC, hides itself, and then exhibits disturbing behavior that can actually comprimise the PC. The rootkit was allegedly developed by a company called First4Internet (http://www.first4internet.com).
The first behavior is that the design of the rootkit is such that it allows other people to distribute code (generally as an attachment in a SPAM message) that takes advantage of the Sony code--to take over the PC and pretty much do anything they want with it. That's bad...especially since these hacks are already appearing.
The second behavior that's disturbing is that the rootkit actually "phones home" back to Sony when a user is listening to the PC, ostensibly to let them know when a user is listening to the CD. Interestingly, Sony has denied this behavior, although a number of security experts have confirmed this through network monitoring. Interesting--Sony is distributing spyware and denies doing it.
Detecting the Rootkit
There is an easy way to tell if you have the rootkit installed on your system. One of the behaviors of the rootkit is that it automatically hides all files that have $something$ in the name; for example, $canary$.txt . So, you can create a file that conforms to that naming standard, and if it disappears, you've got the rootkit. Some anti-spyware vendors claim to be able to detect it, but I don't have a definitive list of which do and which do not.
You can also try RootKitRevealer, which is a free utility that purportedly can detect rootkits.
Removing the Rootkit
Apparently the only way (at this time, anyway) to remove the rootkit is to go to Sony's website and request the removal software; they will then email a removal link to you. There is, however, a problem--the removal tool, which actually installs yet another program that stays resident on your system (written by the same stellar programmers at First4Internet, it's called CodeSupport) leaves a gaping hole by allowing virtually any Website to download and install software on the PC...and it doesn't verify the source of the program that's being downloaded. Doh! There is a great writeup on the problems with the Sony removal tool here.
Further Reading
There is an interesting blog posting on the subject that goes much deeper than mine here, and you can also just google 'sony rootkit' to find reams of further information on the subject. You also might check out the Security Now! podcast, which is how I first found out about the problem.
Saturday, January 14, 2006
Friday, January 13, 2006
Thursday, January 12, 2006
Subscribe to:
Posts (Atom)