I was going through the log files on my firewall server today when I saw something odd: my PC was trying to send outbound traffic on port 6667 every 30 seconds. At first I thought that this was for my IRC client, but it wasn’t. Instead, it’s a legacy of the “Sky by Broadband” service that I signed up for last year.
Following up on my recent post about computer security (and my comment about phishing scams being cross-platform), Bruce Schneier has posted an entry about “Drive-By Pharming”. It has a stupid name, and it’s nothing to do with wireless access; there is also some doubt about how feasible the attack vector actually is. Still, it’s worth reading about, because the general principle is important.
Since my email address is public, I get a lot of spam: typically 100 messages per day. The Outlook 2003 Junk E-mail filter does a decent job of catching most of it, but there are still some that slip through; I also keep an eye on the spam folder itself, in case of false positives. Generally speaking, these messages fall into three categories:
a) Direct sales for dodgy stuff, e.g. pirate software and viagra pills. (I have no idea whether they actually send the relevant goods to people who type in their credit card details, or just take the money and run.)
b) Phishing sites, e.g. “this is your bank/PayPal/Ebay, please log in via this link to confirm your details”. (If you log into their fake site, they can then impersonate you at the real site.)
c) Viruses, typically either an attachment or a link to a website with dodgy pop-ups. Sometimes there are messages which try to exploit security bugs (by effectively being a web page themselves), but these seem to be rarer.
Today I’ve been copying a database from one SQL Server machine to another: specifically from SQL 2000 to SQL 2005, for testing purposes. Unfortunately this didn’t go as smoothly as I would have liked, so here are a few notes for anyone else who does this (e.g. my future self).
I see that there’s now a UK version of the “PC vs Mac” adverts. These are pretty similar to the original American versions, although there are fewer UK ones so far. Still, I think that they’re quite funny, and I actually prefer the UK ones, mainly due to the actors involved (Mitchell and Webb); the “I’m a PC” guy is very enthusiastic about his stupid ideas. Sample quote: “Eye of the tiger! Claw of the eagle! Tentacle of the octopus!”
As a counterpoint to the “Viruses” advert, there’s a Ctrl+Alt+Del strip which offers an alternate theory, and I think that’s also quite funny. (I read that before I’d seen any of the adverts, which may have coloured my opinions a bit.)
More generally, while I found all these things amusing, and I’m sure that there are plenty of valid reasons for choosing a Mac, I wasn’t particularly convinced by any of the technical arguments involved, particularly when it comes to security. Basically, I think that a lot of this comes down to the way you configure your system, rather than the choice of system.
A few years ago (August 2002), my home server got hacked. I dealt with it fairly quickly, but it took me a while to really understand what had happened, because I was more naïve about security in those days.
Two weeks ago I went off to a Microsoft event in Reading: “Ready for a New Day: Microsoft’s Launch of Exchange, Office and Vista”. That was quite interesting, and I came away thinking that there are enough useful features to justify an upgrade. They gave me a freebie copy of Windows Vista and Office 2007 for attending; that’s quite a nice touch, especially since the event itself was free. Now that I’ve been doing some presenting myself, I could sympathise with the people at the front when their demos didn’t quite work properly, and I particularly liked the heartfelt cry of “Thank you, demo gods!” when something went smoothly.
Speaking of Vista, I recently received an email from Microsoft, offering me a place on a beta certification exam. I passed the MCDST exams for Windows XP a couple of years ago and Microsoft are now preparing the equivalent MCITP qualification for Windows Vista. The idea of the beta exam is that they can get an idea of whether the questions are too easy/difficult by trying them out on people with a (roughly) known skill level. Anyway, I’m flattered to be invited, and it’s a free exam, so I’ve signed up for that on 5th January. The only snag is that there aren’t any study guides etc. available yet (the people who write them will probably be doing the beta exams too), so I’ll need to prepare for it on my own. Still, I’ve passed all my previous Microsoft exams on my first attempt (8 so far), so I’m quietly confident about this one.
Vista won’t be available as a retail product until January 27th, and Microsoft haven’t sent out any DVDs to business customers yet, but companies with volume licencing deals can download it. I’ve been playing with it on my home machine, so that I can get a feel for it before I do any big deployments at work; here are my thoughts so far.
People often approach me about IT problems (either at work, or friends/relatives outside work). However, sometimes I find out about these problems by chance: I’ll see something odd, and the person will say “Oh, yeah, that always happens”.
I was chatting to someone recently, and while I was there I saw that they had a problem with their printer. Whenever they printed something it said “Insert paper and press GO” before every page. (The printer tray had plenty of paper in it.) On this particular occasion, they were printing out a 62 page document, so they were stuck standing next to the printer so that they could keep jabbing this button. I enquired further, and they said that it had been like this for months. I admire their patience – I would have been tempted to throw the thing out of a window after a week of that! Anyway, I went away to do some digging through the manual, and discovered that the printer settings include “Manual feed = ON”. I changed this to “OFF”, and they can now send documents through which print out all the pages without any button pressing required.
I installed some extra memory in a PC this evening, which turned out to be a bit more interesting than I’d expected.
The initial status was that it had 128Mb of RAM. I had a 256Mb chip, which would increase it to 384Mb. Windows XP was running very slowly, so I figured that tripling the memory should help.
The machine turned out to have four chips in there already, so I figured that they were probably 32Mb each. I took one of them out, and replaced it with the 256Mb chip, and booted back up again. It now reported 224Mb altogether. Something’s not right there… It turns out that the existing chips were: 1 x 128Mb, 1 x 64Mb, 2 x 32Mb. Given this odd combination, I’m guessing that someone tried to upgrade it piecemeal in the past, rather than it arriving from the manufacturer like that. Admittedly the chips weren’t clearly labelled, so I had to go digging on the web for the serial numbers, but I think that kind of effort is worthwhile rather than just sticking them in and hoping for the best.
On closer inspection, I discovered that the 32Mb chips were only PC-66 rather than PC-100 (i.e. they run at 66Mhz rather than 100Mhz), so the motherboard didn’t support them, and they in fact seemed to be crippling the memory banks overall, effectively sabotaging other chips. So, I could have boosted the memory just by removing them, even without the new chip; this would have taken it from 128Mb to 192Mb. Anyway, the upshot of this is that the machine now has 448Mb of RAM, so it should run significantly faster now.
This is actually the first time I’ve encountered this problem, so it’s something to be careful of. It’s ok to use a higher speed, e.g. PC-133 chips in a PC-100 motherboard, although it’s a bit of a waste since the chips will still only run at 100Mhz, but you can’t get slower chips to run at a faster speed. (If you’re buying new memory, I strongly recommend Crucial – they’re a bit more expensive than some other companies, but they will tell you exactly what you need for your motherboard, and I’ve never had any of their chips failing on me.)
Today I got my copy of Visual Studio 2005 through the post, so I’ve been having a play with that, by upgrading some of my VB.NET 2003 projects. Unfortunately, I got a rather confusing error message from them, and I couldn’t find much info on the web, so I’m documenting it here for other people’s benefit.
The error is something like this:
‘FMain’ is a type in ‘Presentation’ and cannot be used as an expression.
where FMain is the name of my startup form and Presentation is the name of the project. However, there’s no line number given, and I can’t find any code that refers to the form.
If I then go to Project Properties, and check the box for “Enable application framework”, that displays an error message that says “Startup object must be a form when ‘Enable application framework’ is checked.” In my case, the startup object is a form (i.e. it inherits from System.Windows.Form), but if I find a different form that the framework checkbox will accept then that also fixes the compilation error.
You can create a new form, set that as the startup object, then enable the application framework, and this is pretty much guaranteed to work. Once you’ve done that, the “startup object” dropdown list is renamed to “startup form”, and it is filtered to what VB considers to be a valid list.
It turns out that the “Sub New” method in the startup form has to be Public (rather than Friend). That’s the default for new forms, but I’ve been changing that for all of mine in the past, to improve security (“don’t expose any more info than you need to”). Similarly, this Public constructor can’t take any parameters.