Sunday, September 26, 2004
SANS has helpfully provided this tool as an alternative to the useless GDI vulnerability detection application provided by Microsoft.
Saturday, September 25, 2004
JPEG Exploit on the Loose
The Register has the story. It was only a matter of time, really.
A toolkit designed to exploit a recently-disclosed Microsoft JPEG vulnerability has been released onto the net. The toolkit makes it trivially easy for maliciously-minded attackers, however unskilled they might be, to exploit unpatched Windows systems and run malicious code.
The attack mechanism used here takes advantage of a recently discovered flaw in the way Microsoft applications process JPEG image files. Malformed JPEG files are capable of triggering a buffer overflow in a common Windows component (the GDI+ image viewing library), it was revealed last week. This behaviour creates a ready mechanism to inject exploit code into vulnerable systems. Windows XP and Windows Server 2003 make use of vulnerable library by default. Other Windows OSes might be vulnerable, depending on what applications users have installed.
Friday, September 24, 2004
Airbus abandons Microsoft as ally
Why is this story less than surprising?
Saturday, September 18, 2004
Is Blue Ray a Dead End?
Mark Cuban has thought-provoking things to say about the current efforts by the rival consumer electronics consortiums to get a high capacity successor to the DVD established as a standard. Do the ever-rapidly declining cost of hard drive storage per megabyte and the advent of broadband spell failure for such initiatives?
There's a great deal to Cuban's argument, but it seems premature to me to suggest that he's got it completely right; for one thing, at this moment broadband is hardly the choice of the majority even in countries like the UK and Ireland, let alone in poorer countries in the Third World, and not everyone can afford keychain devices and iPods. I think there will indeed turn out to be a market for a successor to the DVD, especially in the form of a burnable that can be used for backup storage, just not quite as large a market as the success of the CD and the DVD might have conditioned consumer electronics manufacturers to expect.
Wednesday, September 08, 2004
This is a quick test to see if the problems with publishing are Blog-specific or Blogger-wide.
Tuesday, September 07, 2004
Overpricing Does that to You
Via Slashdot comes some interesting news:
"In their 10-K filing, Microsoft says that Linux server units rose slightly faster on an absolute basis than Windows server units in fiscal 2004. To project the trends it is helpful to look at the percentages. Some Gartner Inc. statistics report Linux server unit shipments are up 61% giving it 9.5% of the overall market share. Windows has a much larger base, so it can get the same absolute unit growth with a much lower percentage. Gartner expects Linux to continue growing faster and have more than 1/2 of the new server shipment market by the end of 2008."If anything, I'd say that this is an underestimate of the momentum behind Linux, as it doesn't account for PC shipments for which a downloaded copy of Linux is used to transform some spare machine into a server. From a market share perspective, Microsoft would have been better off in the long run either pricing Windows Server 2003 a lot more affordably, or turning a blind eye to piracy by leaving it free of product activation: the product just isn't compelling enough to warrant paying such a premium for, and yes, price does matter, as I can well attest having slapped Linux and Apache on more than my fair share of aging PCs in my day.
Sunday, September 05, 2004
Thursday, September 02, 2004
Writing Firefox Extensions
A helpful HOWTO guide that walks one step by step through the process of extension creation.
Icaza on Avalon
Miguel de Icaza has interesting things to say about Avalon and Microsoft's decision to backport it to XP. Others have already given their two cents on what it all means from a business perspective, but Icaza looks at the issue from the viewpoint of a developer.