I cannot recommend that anyone install the just released SP1RC for Vista.

Using a non-production computer running Vista Ultimate, I followed Microsoft’s instructions to the letter, adding the extra step of creating a restore point before beginning the installation process. The process first installs 3 Windows updates over a period of a couple of days, then it begins the Service Pack upgrade. The upgrades installed without a problem, but the installation of the Service Pack hung up at 0% completed. It stayed in that state for over 10 hours. There was no indication of an error, just no progress. Windows couldn’t load beyond the welcome screen. During this time I was unable to access my desktop or applications.

I’m not even linking to the SP1 update sites. If you really want to try it, you can find it. But I recommend you don’t bother.

This Sunday, March 11, is the new start date for daylight savings time.
If you haven’t updated your Windows operating system lately, go to the Microsoft knowledge base and read up on the DST update.

If you try to apply the patch and you’ve already received it via Windows updates, you’ll be notified during installation that the update already has been installed. So if you’re not sure, try the installation anyway.

Note: If you’re running Windows 98 or 98SE, no patch has been issued for that operating system. You’ll need to adjust the time Sunday morning manually.

Did you ever wonder what information is transmitted to Microsoft when you validate your version of Windows?

Here’s the list:
* Windows product key or product ID

* Windows service pack version

* PC manufacturer and model

* Operating System version

* SKU and Suite Mask

* Security ID

* PID/SID

* BIOS information (manufacturer, model, make, version, date)

* BIOS MD5 Checksum

* IP Address

* User locale (language setting for displaying Windows)

* System locale (language version of the operating system

When you install a version of Linux, here’s the information sent to the Linux developers:
*

I’m very careful about recommending software to others. But there are certain applications that I not only recommend to everyone I talk to but also install on every computer I work on.

TinySpell falls into that category, as does IrfanView. Both of these applications will improve anyone’s productivity.

Security applications, though, are another matter. It’s harder for me to recommend my favorites because they may either conflict with the security you already have on your computer or they may require specific configuration that’s beyond some people’s abilities.

One security program I have no hesitation in recommending, though, is WinPatrol from BillP Studios. There is a free version and a shareware version, and Bill has just announced the release of a beta version. I’d encourage you to try the free version, then install the shareware version, if for no other reason than to support the excellent work Bill is doing.

As a MULTI PURPOSE SUPPORT UTILITY WinPatrol replaces multiple system utilities with its enhanced functionality. Explore deep into your system and understand what programs are installed and why. WinPatrol PLUS provides easy to understand descriptions of over 12,000 programs.

As a robust SECURITY MONITOR, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol PLUS includes our unique, patent pending R.I.D. technology.

WinPatrol uses a heuristic approach to detecting attacks and violations of your computing environment. Traditional security programs scan your hard drive searching for previously identified threats. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. You’ll be removing dangerous new programs while others download new reference files.

continue reading "WinPatrolPlus"

The open-source Firefox Web browser is critically flawed in the way it handles JavaScript, two hackers said Saturday afternoon.

As reported in C|Net Newstoday:

An attacker could commandeer a computer running the browser simply by crafting a Web page that contains some malicious JavaScript code, Mischa Spiegelmock and Andrew Wbeelsoi said in a presentation at the ToorCon hacker conference here. The flaw affects Firefox on Windows, Apple Computer’s Mac OS X and Linux, they said.

“Internet Explorer, everybody knows, is not very secure. But Firefox is also fairly insecure,” said Spiegelmock, who in everyday life works at blog company SixApart. He detailed the flaw, showing a slide that displayed key parts of the attack code needed to exploit it.

The flaw is specific to Firefox’s implementation of JavaScript, a 10-year-old scripting language widely used on the Web. In particular, various programming tricks can cause a stack overflow error, Spiegelmock said. The implementation is a “complete mess,” he said. “It is impossible to patch.”

The JavaScript issue appears to be a real vulnerability, Window Snyder, Mozilla’s security chief, said after watching a video of the presentation Saturday night.

continue reading "Firefox Web browser is critically flawed"