Here’s a thought

I’ve been pondering the ramifications of Facebook of late and have come up with something novel I believe.

Let’s say that everyone in the future has a Facebook style site/portal on the Internet. This site contains all their personal and business details. For arguments sake I’m going to skip over the security and privacy ramifications because I’m only considering a “perfect” world here. (Mine is isn’t yours?). So much like Facebook each user determines who else has access to their information and to what level they have access. So let’s say your family has access to you home and mobile numbers, while your friends only have access to your mobile number.

Now let’s say that in your personal profile you subscribe to a number of online software applications (in the future I don’t think we’ll be accessing anything locally, it will all come from the net). So let’s say you have access to online versions of Microsoft Office all the time but maybe you need access to Adobe Photoshop in a weeks time for 5 days so you simply pay a fee for the required access time. Once the application access time is up the application no longer appears on your space. The great thing about online applications is they are always up to date and always work, since you don’t need to maintain them. Your personal profile also has all your personal contacts, emails, bookmarks and what not.

Ok, now lets say that you go to work. When you log into the terminal at the office you still access your own profile but now it knows you are at work and allows you access to the business applications of the company where you work. Also, it restricts you from going to certain web sites and running “non-business” personal related applications. This policy depends on the settings that your employer has decided on and they are applied to each employee as they logon. Some companies may not have any restrictions but by simply logging in at the office the network knows who you are what you can access. You can still get access to your personal stuff at all times, just as you do now.

If you change jobs then the business you were at just tells the network you no longer work there and when you log into to your profile page at the new business all the old applications have been removed and all the new business applications and policies are applied.

When you login from home after work you get access to all your personal stuff as usual but unless you are approved for after hours business work then the business applications are no longer available in your profile. When you return to work tomorrow they are back again, so you can’t use the office copy of Photoshop to edit your images (unless the business approves you to do that).

There are lots of advantages for businesses and user here. Businesses get a central location to manage all their employees and applications. All the software is up to date and adding new staff members is a breeze. If they want access to other software applications the business simply subscribes and allocates them out to employees. For an individual, all your stuff is stored in one place, backed up and you can access it whenever you need. You are able to choose what you want to share and with whom and like the business if you need access to a specialized piece of software you simply subscribe for as long as you need access.

I think most of what I’m talking about here could be easily accomplished already. It all sounds good in theory doesn’t it?

Latest news on new version of SBS

Here’s some more information about what is coming down the pipeline with SBS Cougar. Seems like the Premium edition will allow the installation of 2 server to split applications like SQL and terminal services.

On that score David Mackie raises some interesting questions and issues with the Premium installation in his blog, especially given the new virtualization technology that will be available in Windows Server 2008.

I’m sure that we’ll hear more about all this as the product near launch (June 2008 time frame) and I’m sure things will change and I wouldn’t be surprised if some MAJOR things change! Time will tell.

Outlook Business Contact Manager and detached network user

Strange to find someone wanting to remove a server from their network these days but in our times of downsizing it does happen. Everything was going swimmingly, I had removed all the workstations except for the last one which had Outlook Business Contact Manager installed. I didn’t expect any issues but received a nasty surprise when the user tried to fire up Outlook Business Contact Manager as a stand alone user.

When Outlook loaded it said that the login to the Business Contact Manager database was incorrect and that I had to attach to an existing database or create a new database. Hmmm…ok so I’ll try and attached to the existing database – no go, so I elect to create a new database. Problem is that the client uses Business Contact Manager extensively so they needed the old database back. With a new Business Contact Database Outlook loads but there is no Contact Manager data.

Thinking, thinking, thinking….why would the login details be wrong? Ah ha, because the previous login was on the network (ie domain\user) and the login now is just user (ie localmachine\user). This would still be the case even if the user names and passwords were identical – different privileges between a domain and a workgroup. So now I knew why the login was failing, trick was how do I fix it?

The first thing was to check that the original Business Contact Manager database files were still on the system. By default the database is installed in c:\documents and settings\\local settings\application data\microsoft\business contact manager. The database is probably called msbusinesscontactmanager.ldf and msbusinesscontactmanager.mdf. In this directory I clearly had 2 sets of databases an old (prior to removal from network) and a new (after removal from network).

Next step was to go into services.msc and locate the local SQL service called MSSQL$MICROSOFTSMLBIZ and right mouse click on it and select stop. With that done I returned to the directory and renamed the existing business contact manager out and the old database to what the name of the existing database had been. so existing -> save then old -> existing. I then returned to the services.msc screen and started the MSSQL$MICROSOFTSMLBIZ service, then I restarted Outlook.

When Outlook started I saw a dialogue box saying that the Business Contact Manager was initialising after which Outlook loaded. When the client checked all the information he had stored using Business Contact Manager was back. Phew.

It would have been nice if Business Contact Manager would have warned me that I might have an issue logging into the database if I detached from the network but you can’t cover every eventuality can you? At least it wasn’t too hard to fix but I certainly had to do some testing beforehand since I couldn’t find much on the web. Sometimes it is quicker to run up a Virtual machine and try it for yourself.

When a blue screen of death can be helpful

Got a call from a client who was having regular BSOD (the dreaded Windows Blue Screen of Death), basically meaning they had no option but to reboot their system. Did a quick Windows Update and virus scan remotely but the problem persisted, so an onsite visit was the next option.
The next step was to do some analysis of the actual memory.dmp file that is created when Windows crashes. So I copy this file onto my laptop and run The Windows debugger that you can download from Microsoft to analyse these files. The results did produce something interesting :

Now the lines that I’ve highlighted are errors with files kallenylab4-4db6.sys, kirkjtkkd174f-3545.sys and ortyeras37cd.sys. The final line of the debugger says that the crash was probably cause by kallenylab4-4db6.sys.
Now I don’t know about you but when I see files likes these I sorta know that it is a virus/trojan/malware. So I went searching for the files but couldn’t find them using a normal file search (and yes I had display the hidden and system files options turned on). I know the files are there so I did a bit of googling and found some information that indeed confirmed the files were trojans and had to be removed in safe mode. Even better, this trojan had implemented some cloaking or root kit technology so the files weren’t displayed under normal Windows, but the good old crash dump told me they were there.
Seems like this trojan comes from an “greeting card” email that asks the user to download a file happynewyear2008.exe from a web site. Once the user has downloaded the file the trojan installs. Now I go back to the user and query them about downloading this file from a web site and they confirm they did that because it looked like something fun. Ah, ok, that little bit of fun has just cost you a few hours of my time.
When will users realise that they SHOULDN’T download something they don’t know about? You have the most sophisticated security software in the world installed but if the user overrides this then it is all to no avail. The people who write these trojans know that and that’s why this sorta stuff is always going to be a problem. It is a human problem, not a technology problem.
However, the moral of the story is that sometimes a Windows Blue Screen of Death can be of benefit, especially when it indicates you have a trojan on your system!

Russian Roulette

Seems that everywhere I go these days I hear users saying that they are going to convert to a Mac because Windows is such a pain. Even scarier is that they believe that with a Mac they won’t need anti-virus or patching! Ah, hello, who told you that? Ah those Apple ads is their reply.

Firstly, those Apples ads are exactly that, advertisements to get you to buy the product. They are paid for by the people supplying the stuff not some independent third party. Of course they are going to tell you want you want to hear. They want you to buy the product. So even before we start credibility from these ads = 0! (but they are funny – see the latest ones here. Especially check out the one called Podium in light of my previous post on Vista)

Next, all hardware and software is developed by human beings. Yes, they are generally smart than the average human being but they are still humans. They can’t foresee every ramification and variation that their product will be exposed to. So no matter what is that is developed by humans, it is subject to flaws and these flaws need to be addressed with updates and patches (Mac included).

Next, the bigger the market share the bigger the target. If you only have 10% of the market why, as a bad guy, would I bother writing something to attack you? I get much greater chances of return if I attack the other 90% of the market. However, as that market share increases then I begin to reevaluate my strategy. This is even truer if you propose that the more uninitiated users are moving towards something like the Mac. As a bad guy if more uninitiated users are there then my potential return is even greater so I am going to devote more time to attacking that segment.

I could go on and on. I also acknowledge that in many ways Macs are better for users BUT don’t believe for a second that they are not vulnerable and shouldn’t be protected in a way a PC is protected. If you don’t believe that then you are playing Russian roulette, because it is only a matter of time before you get hit.

For a good article on the overall issues of Mac security click here.

One little check box

So having recently installed Windows Server Service Pack 2 on a client’s SBS 2003 R2 box over the Christmas/New Year break (yes, I know but they were too busy to allow it any other time) it was only upon their return did I strike the following strange problem.

A shared HP printer on the server was showing offline. Strange, all the other HP printers off the server were fine. When I attempted to print a page to the offline printer the job just sat in the queue. I killed all the print jobs and restarted the Print Spooler service and then a test print worked. However, when I asked a user to try and print again the printer was offline again. Did a quick Google and couldn’t find anything so rather than muck about I thought that I’d call HP since surely they had seen this before.

After being accidentally hung up on by the first technician I told the next technician in great detail what I had done and that I suspected the issue to be something related to Windows Server Service Pack 2. He suspected a corrupt driver. Ok, that is possible I suppose. So I deleted and recreated the shared printer on the server (resetting all the page sizes to A4! Why oh why doesn’t this happen immediately??). Guess what? same problem. Next he got me to create a new printer on a workstation to see if I had the same problem. Ah yes, same problem. Next he wanted to delete the printer, restart the server and start hacking the registry.

At this point I had to put my foot down and say that there were users on the system and I believed the real issue was linked to Service Pack 2. He told me to wait on hold while he checked something. Fine, while you’re doing that I’ll Google some more. Guess what? I found the issue! Guess what? It is related to Windows Service Pack 2. Here’s the solution :

Apparently Windows Server 2003 SP2 has some changes in the way SNMP is handling printer queues. It now does multiple SNMP threads for the printer queues instead of 1 round robin.

To resolve this, check if your printer’s SNMP is working properly.

To workaround, in the Printers and Faxes folder,

File > Server Properties
Goto Ports Tab > Click the offline Port > Configure Port
Uncheck “SNMP Status Enable”
OK
This will turn off SNMP querying and set the printer to always Online.

Anyway, after making the changes and checking that the printers work from the clients workstation my HP friend comes back from hold and I tell him that I’ve solved it. Oh, he says, yes Windows Server Service Pack 2 can cause those issues. Arrrggh… If you knew that why didn’t you tell me up front?

Support is never easy is it?

Re-enabling older file types in Office 2003 after SP3

Here’s a post that should help you if you need to implement older Office file types after installing Office 2003 Sp3 :

http://blogs.msdn.com/david_leblanc/archive/2008/01/04/office-sp3-and-file-formats.aspx

In the post you’ll find some handy .reg files that will re-enable the older file formats without having to go in and hack the registry (always a good move).

Here are the closing comments from the post (from Microsoft of course):

In closing, I want to emphasize that we’re not removing support – we’re making the default safer. If you’re among the users who do need to be opening these formats, we will continue to support you. We also recognize that we have not made any of this as usable as we’d like, and we apologize that this hasn’t been as well documented or as easy as you need it to be. We’re also going to take a hard look at how we can do better in the future.

Now I know that Microsoft is screwed no matter what it does but don’t you think Microsoft, that a warning dialog box during the install of the Service Pack might have been a good idea? Hmmm? If there was one then I could understand your ‘making it more secure‘ claim BUT keeping this thing hidden or as you euphemistically put it “hasn’t been as well documented or as easy as you need to be“, then I gotta say that my BS detector is flashing big time, since it appears more likely you are trying to force people into the new versions of Office. Now while that in itself is not a bad thing and necessary to ensure we are all safer, one would again tend to think that the way this has been conducted is more along the lines of benefiting stockholders rather than users. Maybe?

You’re watching

We’re happy to announce a couple of milestones for our YouTube videos. Firstly, our total views has now exceed 40,000! Wow, that means that 40,000 people have looked at what we have placed online. Secondly, our most popular video, about getting started with Microsoft Virtual PC, has now been viewed over 6,000 times. Remarkable.

If you have watched our videos then we thank you for taking the time to view our content. As always we encourage people to send us feedback (good and bad) on our offerings. Regular viewers will be happy to know that we have recently purchased Camtasia Studio Version 5 and all our new videos will be using this fantastic product. At the moment we are just working through the product tutorials so we understand how to get the most from the product. With all the new features of Camtasia we hope to make what we present much slicker and more professional.

A recent comment on one of the videos raised an interesting point. We were asked why we solicit for donations in our recent videos. The answer is that these videos are not generally done as part of our normal business, they are done we get a few spare moments. Unfortunately, these days we have to put priority on work that provides us with revenue that pays the bills. If we were to get some revenue from these videos (no matter how small) then we could spend more time developing more videos, improving the number and content of what we provide. So if you like what you see and want to see more then we would appreciate a donation via http://donation.saturnalliance.com.au and help us. It doesn’t have to be much, even a few bucks does help.

We also have be toying with the idea of sponsorship on our videos, again to raise some capital to improve our offerings. If you know a business that may be interested in sponsoring one of our productions please contact me (Robert Crane – director@ciaops.com).

The bottom line is that the videos we do will continue to be produced and placed online for free but they will continue to be done as they have been, in an ad hoc manner, when we have time. However, to everyone who has taken the time to view our videos, provide comments, ratings and feedback we thank you very much and hope that you’ll keep watching.