rudis dot net

If you haven’t heard about Microsoft bidding for Yahoo by the time I’ve posted this entry you are either not paying attention to “normal” news or have taken a tech-news sabbatical.

My first reaction was commenting on how ironic it is seeing a giant monopoly in one area whine about other giant monopolies in other areas and using that as an excuse to try to become a giant monopoly in that other area.

My second reaction was: “No! They can’t have Flickr! No!”.

I *really* like Flickr, so much so that I even have a Pro account. Their API’s make integration a snap and the iPhoto FlickrExport plug-in makes backing up our photos simple and quick. While I have not done much with the community photo sharing part of Flickr, some of our snaps have been found & used by others and I have taken advantage of the Creative Commons tagging to use various third-party images. It has also been a great place to store screen captures.

The MS-Yahoo! combination is by no means a done-deal. Many factors will come into play, but recent moves by Yahoo! (re-structuring, layoffs, etc) suggest that they want to be bought and my neighbors in Redmond do have the cash. The assimilation of Yahoo! into the “Live” mind also does not necessarily mean the end of all the goodness that is Flickr, but it’s a solid bet that the culture of Flickr will not carry over too well with the bottom-line program management-types which do Ballmer’s bidding.

So, Flickr is my main concern and I’m looking at alternatives including SmugMug (suggested by @chriswebb). For those also seeking a candidate list of sites to jump to (in the event Microsoft does do something really stupid with Flickr), Scott Klettke has a great comparison post on his blog.

Yahoo! is integral to so many services (note the prominent spot on the iPhone) and has provided some truly innovative tools (their new Maps!, for example and their commitment to OpenID) over their short life as a leader in Web/Internet services that it is sad to think that all they’ve built will be for naught once they get absorbed.

I’m not even close to being through digesting the issue and the ramifications, but I *am* interested in your thoughts on what impact this merger could have to the larger Internet community (business & stock prices be darned!).

Technorati Tags: 2008 internet Microsoft Array

UPDATE: Now up on TAB (Josh is teh cool) with good discussion in the comments on the efficacy of the executable.

[NOTE: Once/if Josh posts this to TAB, I’ll be modifying the entry to just link over there…only posting it now in the interest of time (since it’s after 1AM on the right coast). It needs to be on TAB so the widest audience gets the security fix info.]

For those that have installed Office 2008, you may have seen some news floating on the internets about improper permissions — that were created by the installer — potentially allowing another local user to access your documents. It’s not a remote exploit issue and most folks are probably not vulnerable (you only need to be concerned if you’ve created another user on the system).

Erik Schwiebert posted instructions for a temporary fix over at Mac Mojo and Microsoft will be issuing an official patch/update to address the issue as well. Erik’s instuctions require some Terminal-fu, so I wrapped them into an executable – Fix Office 2008 Permissions.

Just download/extract the archive and run the executable. You will be prompted for your password since the fix requires elevated privileges.

If you have any issues with the executable or following Erik’s instructions, post them in the comments and I’ll see if your particular install requires any tweaking.

Technorati Tags: 2008 Apple Microsoft office 2008 os x security tab the apple blog

I fixed myself some Earl Grey yesterday (Tue) morning thinking (despite the hints in the advance notice e-mails last week), “Ah. It’s 2008 and the first patches from Microsoft are on their way. I’m glad those mega-worms of 2006 are behind us. We are finally free from the anonymous network vector.”

But, as I carefully looked over the January patch list and gazed in awe and fear of MS08-001, I wondered what to make of Microsoft’s claim of enhanced security in Vista (supposedly built from the ground up) and pondered what real changes were made when they took time off and scoped out the code of XP. What of Writing Secure Code? It’s 2008 and we’re still susceptible to PING attacks?! (Granted, that one will just make your system unusable rather than give the malcontents full access to it)

This remote, anonymous (potential) exploit should turn many heads in corporate America. It’s time for executives and IT staff to seriously consider getting rid of the monoculture of Microsoft. You could at least split the difference and run half OS X and half Windows (50% of your staff could get work done in a crisis, either way).

This initial patch of the year will also give pause to 2000→XP and 2000→Vista migrations (or it should, anyway) since you wouldn’t have needed to worry if your organization happened to still be on the old, clunky OS. Just what Microsoft and soon-to-be-outsourced IT teams needed.

And, all this happens just when you were beginning to think you had a handle on at least one part of desktop security.

Keep those signatures updated on your firewalls & IDS system, maintain a watchful eye on your alert consoles and, most of all, patch those systems (including all those virtual machines you have such tight control over).

Technorati Tags: 2008 denial of service DoS Microsoft patches remote code execution windows

Microsoft is set to release their new Office 2007 for Mac later this month and if you didn’t have the opportunity to take advantage of some of the decent discount programs offered at the end of the year, here is your best bet for an inexpensive way to get the full monty of Mactopia goodness.

Rather than go directly for the whole bundle of Microsoft Office 2008 for Mac Special Media Edition— which includes support for Microsoft Exchange and an illustration program — at a cost of almost $500.00 (USD), consider grabbing Microsoft Office 2004 for Mac Student and Teacher instead. It will set you back around $130 (USD) and you will be eligible for a full upgrade [PDF] for just the cost of shipping.

If you bought an iPhone as an early adopter and still have store credit, you can also purchase Office 2004 at the Apple store and potentially get Microsoft’s newest offering almost free.

While it is required software if you need full compatibility with its Microsoft’s Windows counterpart and despise Rosetta (as I do), Numbers, Pages and Keynote are all great alternatives.

Technorati Tags: 2008 amazon Apple Microsoft office os x

MacNN purports that the iPhone is in the top five of e-disappointments this year. Part of their argument relates to the problems folks faced after they deliberately cracked the security of their device to load unsupported apps and then tried to keep up with official patches. That’s just silly.

I’ve written some poor posts, but that author really needs some time off to find that lost clue.

The Zune isn’t exactly a wholesale failure or disappointment either (tho the iPod Touch wins with a KO in round #1 of any battle between it and the Zune).

Technorati Tags: 2007 Apple e-pundit iphone iPod Microsoft Technology vista zune

Not sure how I missed this, but Microsoft released their Remote Desktop Connection Client for Mac 2.0 (Beta 2) on October 30^th. While there were definitely improvements in the first beta (and being Universals is always A Good Thing), this release adds:

• Multiple Sessions – Improvements to File menu commands and connection files let you connect to multiple Windows-based computers at the same time.
• Network Level Authentication (NLA) Support – Helps provide greater security when connecting to computers running Windows Vista.
• Auto Reconnect – Supports automatic reconnection when a network connection to a remote session is lost (this one is especially nice for me since I wind up using 3G connections more oft than not these days)
• Wide Screen Support – Supports optimal resolution settings for wide screen displays.

Technorati Tags: 2007 Microsoft Array

PowerShell was a huge improvement over CMD.EXE and the features in 2.0 seem to provide even more functionality. Not enough hours in the day to look at all of these shiny new toys…

Windows PowerShell : The Community Technology Preview (CTP) of Windows PowerShell 2.0: “This CTP release helps developers to more easily layer their runtime or GUI on top of PowerShell, leveraging its cmdlets and remoting infrastructure.  It includes APIs to create and use a pool of Runspaces (engines) to run cmdlets.  This release also presents very early looks at Restricted Runspaces (the ability to declare a script, cmdlet or variable public or private) and the Graphical PowerShell (a script editor and a Unicode-enabled console).  These are just a few of the new features I think are interesting in Windows PowerShell 2.0 CTP.  Additionally this CTP includes some simple updates… like new parameters to select-string (Context, AllMatches, NotMatch and Encoding) and new operators like –split and -join!”

Technorati Tags: 2007 IT Microsoft Programming windows Array

Hey folks. Just testing a post from Microsoft’s new Live Writer beta. It’s pretty decent and has recognized my TypePad MCall blog and Drupal setup fairly well so far. It pulled in all my Drupal categories, figured out which node type to use and even managed to grab the necessary templates from the current theme and let me do an accurate preview of what the post will look like.

I still - for the most part - use the web interface in Drupal to post and have been trying to discipline myself to use ecto, but Live Writer is giving me reason to consider trying to get it to work under CrossOver (I’m using it now under XP via Parallels 3 beta).

If all goes well with an actual post, I’ll try a few more from it and report the results.

Technorati Tags: 2007 Drupal Microsoft sofware Array

Well, a little bird told me today that Forefront Client Security (FCS) would be out this week, and sure enough it is (Passport/Live registration required)

It’s a whopping 153MB ISO and almost a a full MB of documentation in a separate download.

Hopefully there are some enhancements from the public beta release and hopefully the docs are better.

FCS aims to be an enterprise replacement for your favourite anti-virus/malware/spyware vendor’s offering. It’s very fledgling at this point, but should not be discounted if you’re a Microsoft shop that runs the latest versions of their infrastructure components.

I’d wait for full a/v certification and SP1 if you have the choice, tho.

Technorati Tags: forefront Microsoft security software windows

From the Slashdot story:

“In a move that will be good for Redmond but may have consequences for the rest of us, Microsoft has acquired Winternals and Sysinternals. This gives them well-known developers Mark Russinovich and Bryce Cogswell as well as dozens of well-loved and much-praised utilities, both commercial and freeware. Though Mark says on his blog that the Sysinternals site will remain ‘for the time being,’ this would be a good time to download the latest version of essential Windows tools like Process Explorer before they can go mysteriously missing or be locked up behind the wall of Windows Genuine Advantage.”

Who is going to watch the watchers now? Mark will clearly be muzzled when it comes to reporting bad things, and I’m not sure how long the free tools will available without a Windows Genuine Advantage check embedded in the download process.

Grab the source & binaries while you can!

You can keep an eye on what the community is saying about this via the slashdot story link and technorati.

Technorati Tags: Microsoft Technology