http://www.entmag.com/news/article.asp?EditorialsID=5877
Microsoft has alerted people to a critical flaw in Windows Server 2003, which was supposed to offer unprecedented security. The Remote Procedure Flaw could allow someone to take over another, remotely located, Windows machine. This does not enhance Microsoft's reputation for creating secure OSs.
https://gtoc.iss.net/documents/summaryreport.pdf
A downloadable report covering the current state of risks on the InterNet, suggesting attacks and their effects are both on the upswing, while also touting, naturally, the originating company's services.
http://www.wired.com/news/culture/0,1284,59650,00.html
Article describing "Friendster": a social-networking service which now has a million users. In effect, this networking service allows the local grapevine to bear fruit across the whole Net. This is another service having particular attributes which can be defined ab initio while having the potential to morph radically into something else.
Friendster is the technological equivalent, I think, of yeast working to make wine, and looks strongly analogous to blogging itself. This is something which is just starting, with implications taking some time and analysis to work out. We can nevertheless bet, with some confidence, that the full range of this service's effects will be major, impossible to predict, and productive of further rich "bottoms up" change.
http://www.cert.org/advisories/CA-2003-15.html
A vulnerability in many Cisco routers could lead to the device requiring a reboot to clear a potential exploit. Full details at the CERT advisory referenced above.
Another free ACM resource worth bookmarking -- a weekly online magazine [with classified archives] containing articles about information technlogy's impact, with specific reference to educational issues.
While others have suggested there is a turn in the tunnel, after which some light can be seen insofar as IT employment is concerned, the latest results of earning statements from major IT companies suggests it was just a wandering firefly. Some strong fundamental indicators suggest that we will not experience any substantial IT upswing before the end of 2003.
http://news.com.com/2010-1071_3-1025304.html?tag=fd_nc_1
The monopolistic tendency of the USA telecommunications industry is a major factor explaining why broadband penetration in the USA is about 1/4 of that in Japan. Current regulatory decisions seem to be harming here, rather than helping.
http://cda.mrs.umn.edu/~mine0057/fs.pdf
A short paper ["New Advances in the Filesystem Space"] on the drawbacks of current file systems, particularly as these relate to POSIX, and what advances are being made in this area. It is worth keeping an eye on this area for new metaphors underlying a changed way of doing things.
http://entmag.com/news/article.asp?EditorialsID=5873
The Next Generation Secure Computing Base Microsoft is proposing has certainly gotten some people worked up -- and for what seem like perfectly valid reasons. As explained here, however, this ado may be about not very much -- and the rebuttals suggest that the author is talking through his hat, if he is saying anything at all.
This is a serious issue, and once again one where benefits and costs need closer examination than now seems possible.
http://www.evolt.org/article/Browser_Wars_II_The_Saga_Continues/25/60181/index.html
A somewhat astringent article on the current state of browsers, and what is likely in the future, along with copious feedback which itself is interesting. The main point being made, that the Microsoft IE platform has reached the end of its natural code life and cannot be further updated, makes a lot of sense.
The contention that users do not care about browsers, however, misses the key element which brought the InterNet information highway up to everyone's driveway. Without the [relatively] easily used GUI to the Net that browsing represents, the whole infosphere phenomenon would have been critically delayed. Moreover, the current state of browsers, of all types, is close to deplorable -- both bug-ridden and vulnerable to exploits, they are starting to become a liability rather than an effective tool.
If general user sense of this becomes widespread, it could signally defeat further penetration of networked technology into people's lives, and in the long run, it is hard to see this as otherwise but detrimental. Alas, it is also hard to see that there will be any good solution any time soon.
http://www.acmqueue.org/modules.php?name=Content&pa=showpage&pid=46
An article, " You Don't Know Jack about Disks", which provides a quick explanation of how hard drives work, together with the past, present, and future of disks. One thing is sure -- capacities will keep getting bigger.
DNS is so powerful and important that any tool which advances its understanding is worth considering. Here is an online site where you can find common DNS problems, and do live timing testings for DNS server response [record type is selectible], WHOIS loolup and search, deobfuscate URLS, do IP testing right down to CIDR/Netmask lookup, and implement hostname tests.
Since it can be reached through the Net, it is an excellent resource for at-home DNS exercises.
http://news.com.com/2100-1019_3-1023934.html
http://www.wired.com/news/privacy/0,1848,59565,00.html
Two opposite takes on the desirability of Radio Frequency ID tags: in the first, Wal-Mart abandoned plant to implement this technology in each item sold in the store, enabling exact determination of who bought what, following extensive protest from privacy advocates. In the second article, the Euro may have RFID tags embedded in each item of currency.
The privacy implications of the second initiative is staggering, since in theory it would mean that private cash transactions are impossible -- organized crime in particular must view this with disfavour. It brings new meaning into the concept of "money laundering".
However regrettable such "intrusions" into our privacy might be, I suspect we will continue to be unwilling to sacrifice the benefits of the privacy-threatening technology. In any case, the question of "costs" in this case is sufficiently complex to preclude discussion in this entry.
In a related article, research firm IDC reported on the prospects and economics related to RFID:
http://news.com.com/2100-1008_3-5136650.html
http://whitepapers.comdex.com/data/detail?id=1049470987_680&type=RES&src=KA_RES
When you are penetrated, your network is at grave risk, if not already compromised or damaged. This white paper discusses how penetration tests should be part of the security armoury: "Penetration Tests - The Baseline for Effective Information Protection".
http://whitepapers.comdex.com/data/detail?id=1057250074_206&type=RES&src=KA_RES
IP V.6 has been coming longer than a blockbuster sequel, and it is still just inching closer, rather than leaping upon us like a startled rabbit. V6 will be necessary at some point in the near future, not least because it provides superior security, to which this white paper, "Security Implications of IPv6", provides a guide.
http://www.osafoundation.org/desktop-linux-overview.pdf
A downloadable .PDF file taking a look at how Liux has progressed as a desktop competitor to Windows. The conclusion is reasonable and not particularly startling: Lunux is increasingly suitable as a desktop OS, and will make inroads on the Microsoft monopoly, but is not going to produce any sort of revolution in this area over the short term.
http://whitepapers.comdex.com/data/detail?id=1056985790_547&type=RES&src=KA_RES
With a title like "Ten Tips You Can Use to Secure Your Active Directory", the purpose and value of this white paper needs no further commentary from me. I could give more commentary, of course, but it would be redundant and even superfluous. When a tour guide takes up so much of your attention that you no longer look at the gorgeous scenery, a fatal inversion of priorities has resulted, one which I am firmly determined to resist.
So without any further commentary, and eschewing all extraneous verbage, I will direct you to the URL to seek out the particular pearl of wisdom just quivering to be found.
http://linuxshop.ru/linuxbegin/win-lin-soft-en/
A somewhat rough-around-the-edges resource grammatically, but nevertheless useful, source for Linux software which is functionally compatible with the Windows equivalent [think "Office"]. In addition to those programs which can work on more or less a 1:1 replacement basis, Windows applications which can run under WINE are also covered.
http://www.youdzone.com/cryptobooks.html
An annotated guide to nearly 150 books on cryptography, divided into functional areas, with 7 of the books being downloadable, and many of the rest available for online purchase, is obviously a useful security resource.
http://www.washingtonpost.com/wp-dyn/articles/A23689-2003Jul7.html
The tension between what can be known and what should be known is exemplified by the example of a PhD student, whose dissertation has mapped every part of the USA economy to its connecting fibre-optic network. Since all the data were gathered from public information, no direct security breach resulted from their compilation and interpretation.
Both corporations and the government, however, are eager to suppress these research results, and the university involved will only allow publication of the most general information about this topic. This is a major problem, in that suppression is antithetical to the benefits which open research generates, so we may have a bad precedent here.
It is equally understandable why those in authority should object to vulnerabilities being easily known, although ultimately the only justification for continued censorship here is to give the responsible parties the time to cure the identified defects. Previous examples in this regard do not give rise to undue confidence that those in control will "do the right thing".
To the extent that the defects are not capable of correction, a posture of public ignorance is at least questionable and at worst, objectionable.
http://saintaardvarkthecarpeted.com/linux_vs_sco_matrix.html
The welter of claims and counterclaims made by participants and guilty bystanders in the SCO/Linux case needs some straightening out, and this matrix not only provides a list of alternatives and possibilities, but also an outcome set [which, oddly enough, is the same for all cases -- no effect on Linux]. In addition, links to supporting material for the citations in each matrix cell are provided.
An article with the details about something which may appear self-evident to those of us who daily wash our psyches in the ever-flowing InterNet information stream: that information is addictive -- we tend to access it far beyond any capacity for rational use, even to our detriment in terms of a wider range of activities.
As someone who regularly buys 1.347 books for every one that he reads, I can have considerable sympathy for this position -- the only salvation is if you so enjoy your non-data-gathering activities that their continued neglect impels you to lift your muzzle from the bit trough to occasionally gaze at the stars.
This is another of my "tip-of-the-iceberg" phenomena.
http://www.acm.uiuc.edu/sigmil/RevEng/
A work-in-progress, admitted warts and all, representing an online book covering reverse engineering in both Linux and Windows, built along general approaches. One of the follies of current IP litigation is to outlaw reverse engineering, which can be a most valuable form of education and discovery for those involved in computer programming and IT applications. The long-term pernicious effects of such a narrow stance can only be expressed by forebodings, but the learned opinion with which I am familiar suggests strongly this IP stance is Not A Good Thing [nor it is, contrariwise, A Good King, either].
So here, perhaps, are Things Man Was Not Meant To Know.....
http://www.wired.com/news/privacy/0,1848,59495,00.html
One of the pervasive fears of IT has been the potential for '1984' -- complete totalitarian observation of the governed. What this article notes is that Net technologys allow anybody to be watched and information published -- hence a project to provide detailed information about what is going on in the government, analogous to the Terrorist Information Awareness provisions for citizens.
http://www.versalaser.com/english/index.html
OK -- so it costs $10K, and is thus prohibitive for the home user. But I feel in my bones is that here is a portal to a new and changed future, made possible by "desktop" manufacturing. This device is a laser tool of sufficient power to engrave, emboss, cut, slice, and dice most non-metallic materials under PC control, just as if it were a printer.
George Gilder predicted something like this less than a decade ago, as part of his perception that value was moving from the tangible to the ideational. Now it is actually coming true -- yet another techological/economic iceberg seeming no bigger than a man's hand. If so, we had best not be on the Titanic.
http://www.corsairmicro.com/memory_basics/153707/index.html
Accepting the fact that there is some sponsored content in this online slideshow, it still provides an easily-grasped and well-grounded overview of computer memory basics. Since this topic is rife with acronyms, and has no moving parts which can be observed and learned, something like this is a useful educational supplement.
Microsoft's Windows Server 2003 Resources:
- Windows Server 2003 Home:
http://www.microsoft.com/windowsserver2003/default.mspx
- Top 10 Windows Server 2003 Benefits http://www.microsoft.com/windowsserver2003/evaluation/whyupgrade/top10best.mspx
- Versions:
http://www.microsoft.com/windowsserver2003/evaluation/features/compareeditions.mspx
- Evaluation Kit http://www.microsoft.com/windowsserver2003/evaluation/trial/default.mspx
- Pricing, Licensing http://www.microsoft.com/windowsserver2003/howtobuy/default.mspx
- Windows Server 2003 Facts: http://www.microsoft.com/presspass/features/2003/apr03/04-23WinServerFacts.asp
- Upgrading from Windows NT 4.0 to Windows Server 2003 http://www.microsoft.com/windowsserver2003/evaluation/whyupgrade/nt4/default.mspx
- Windows Server 2003 VPN Setup:
http://www.microsoft.com/windowsserver2003/technologies/networking/vpn/default.mspx
- Index of Windows Server 2003 Articles on Microsoft.com:
http://www.microsoft.com/windowsserver2003/techinfo/overview/articleindex.mspx
MCSA/MCSE on Windows Server 2003 Resources:
- New MCSA Requirements:
http://www.microsoft.com/traincert/mcp/mcsa/windows2003/
- New MCSE Requirements:
http://www.microsoft.com/traincert/mcp/mcse/windows2003/
New Windows Server 2003 Exams Objective Guides:
- MCSA/MCSE Core (Networking Systems)
70-290: http://www.microsoft.com/traincert/exams/70-290.asp
70-291: http://www.microsoft.com/traincert/exams/70-291.asp
- MCSE Core (Networking Systems)
70-293: http://www.microsoft.com/traincert/exams/70-293.asp
70-294: http://www.microsoft.com/traincert/exams/70-294.asp
- MCSE Core (Design)
70-297: http://www.microsoft.com/traincert/exams/70-297.asp
- MCSA/MCSE Upgrade
70-292: http://www.microsoft.com/traincert/exams/70-292.asp
- MCSE Upgrade
70-296: http://www.microsoft.com/traincert/exams/70-296.asp
http://eletters1.ziffdavis.com/cgi-bin10/DM/y/eUkJ0CyMye0HX60vzK0An
http://eletters1.ziffdavis.com/cgi-bin10/DM/y/eUkJ0CyMye0HX60v8e0A8
A special report on Windows 2003 Server as it is rolled out, together with an article indicating that the hackers went after the new release like sharks after a baby whale, along with a pointer to Microsoft's official security guide.
As a professional stick-in-the-mud who yearns for the glorious days of steam computing, when bits were bits and servers knew their place, the idea of a server upgrade is low on my list of high priorities. However, this short column suggests there are lots of good reasons for moving to 2003 Server:
http://www.infoworld.com/article/04/02/27/09enterwin_1.html
http://www.scotsnewsletter.com/forums/index.php?act=ST&f=6&t=376&hl=&s=
Well, if you want some really bad advice, here's the place from which to get it. Brought to you by Scot Finnie's excellent newsletter, which is well worth checking out, subscribing to, and actually paying for.
http://cl.com.com/Click?q=2a-CNeWIrIpIgSGgf3AiLQP8WnjjdRR
The persistent mismatch between bus and CPU speeds [which has become about twice as severe as it was some half-decade ago] has been addressed, to some degree, by Intel's latest "Canterwood" chipset. The article reviews two systems based on the chipset, and shows what works and what does not.
http://www.net-security.org/index.php
You may find yourself overwhelmed by security issues, but even if not, it helps to have resources to consult. This proprietary page offers reviews, white papers, notification of exploits, and a listserv e-letter in a cleanly laid-out searchable site.
http://www.infopackets.com/hacking+hackers+hack.htm
Here is some simple and basic information on how to prevent the majority of hack attacks. It is ideally suited to those who are just getting started on the subject, since it won't overwhelm them, but will give them a good sound start.
http://www.cpu.lu/~gkes/pcrepair/
I know that the phenomenon of computer enthusiasts spending insane amounts of cash and time to create visually appealing (or appalling) system cases and peripherals is indicative of something, but I'm hanged if I can figure out what. At any rate, here is a site with a wealth of ideas of what to do (or not!).
What makes me wonder is this: with operating computers on their hands, and so much to see and do on the Web, let alone the fun you can have loading programs and devastating operating systems, where do these people find the time to even think about doing this, much less actually doing it?
http://www.arstechnica.com/guide/building/bios/bios-1.html
Most computers today come with just an explanation of where the off-on switch is, a guide to the switch positions ["Off" if you do not want to use the computer for anything other than an ornament; "On" if you really want to mess things up!] plus a picture showing how it all gets put together. Ah for the days of the little IBM ring-binders full of documentation, most of which made no sense to anyone except the author, his mother, and the occasional goat.
Still, there are lots of settings and issues relating to the BIOS, and for many computer users, this is a forbidding and mysterious territory. But you do not need to abandon all hope, if you are armed with the trusty guide to which the above link leads you.
http://www.techwarelabs.com/reviews/memory/memory_timings/
http://www.dewassoc.com/performance/memory/memory_speeds.htm
http://www.rojakpot.com/showBOG.aspx?bogno=116
Three articles of great interest to those concerned with PC memory speeds, the elements of which are often more obscure than would appear at first blush.
The first link leads to an article on memory timings analysis as these are affected by BIOS settings [I suspect at least one computer fan not too far away from this keyboard is operating one or more machines with incorrect BIOS settings].
The second link provides an explanation of how some memory speeds are determined.
The third link points to an article on SDRAM bank interleave, and what settings make the most sense.
A free online tool for testing how well your computer can stand up to external attack, and, indeed, if it is even "visible" on the Net at all.
http://eletters.wnn.ziffdavis.com/zd/cts?d=75-1-1-1-618817-13-1
Linux kernel v. 2.6 is still undergoing the throes of birth, but promises to add a number of desirable improvements. Here is an article about the state of play in the kernel development.
http://entmag.com/news/article.asp?EditorialsID=5869
The poor performance of Intel's Itanium CPU on 32-bit processes has hindered its adoption, slnce little software is being written which is optimized for the new capabilities of the 64-bit chip. This short article indicates that Intel and Microsoft have joined together to introduce a SP1 beta for Server 2003 which allows 32-bit applications to run on the Itanium without penalty.
http://documents.iss.net/risksolutions/X-Force_CRI.pdf
A single page downloadable list of the most dangerous threats to which networks are currently exposed. What is interesting about this is the near-unanimous representation of buffer overflow exploits: 27 of the 31 in the list. Yet a buffer overflow, according to those knowledgeable about programming who have discussed this with me, is a relatively easy condition to prevent. Which of course leads to questions why, with depresssing answers usually forthcoming.
http://www.corante.com/ebusiness/redir/25728.html
Whatever optimism there might be about an upturn in the high-technology market, the fact appears that depressed attitudes are leading to depressing action. CIOs are just not spending, and if they don't spend for long enough, the computer/IT industry could be in serious trouble, especially when the employment ripple effects of this are considered.
After all, if it becomes too hard to make a buck in IT, a large number of people in the industry will find some other way to keep hard drive and program together, such as selling insurance.
http://www.pcworld.com/news/article/0,aid,111420,00.asp
IP v6 has blown hot and cold over the past few years, with many taking the position that the need for this version was rendered moot by the use of NAT and private addressing. Now the USA DOD is taking an interest, by making contractors to its Global Information Grid support IP v6.
There is surely something worth looking at here -- the common joke that IP v6 would enable everyone on Earth to have a separate IP address for each of the cells in their body looks a lot less funny when you link this to military support for sensors the size of dust motes -- because there could be "billions and billions" of these in operation at any one time, and IP v6 might be the only way to actually address them, should such addressing become necessary.
In the meantime, we can comfort ourselves with the realization that while hex representation of bit values in IP v6 makes subnet masking much more complex, it also renders it a lot less necessary....
http://whitepapers.comdex.com/data/detail?id=1057071058_868&type=RES&src=KA_RES
Title: The Evolution of Networked Storage - Landscapes, Issues and Solutions
IP Storage Area Networks certainly are a major theme in high-end site development, and this paper looks at what is happening now and what this means for the future.
http://whitepapers.comdex.com/data/detail?id=1057071073_438&type=RES&src=KA_RES
Title: Implementing Network Configuration Management
A look at a number of vexatious network configuration issues providing guidance towards effective solutions, with some emphasis on complex networks.
http://www.itworld.com/WhitePapers
An annotated list of about 3 dozen white papers from major vendors in the computer/IT industry, covering topics relating to inter alia security, network operations, and applications.
AMD and Intel Ship 64-bit Chips: http://eletters.wnn.ziffdavis.com/zd/cts?d=75-28-1-1-618817-1171-1
Red Hat, Dell and Others Support Intel's 64-bit Madison: http://eletters.wnn.ziffdavis.com/zd/cts?d=75-28-1-1-618817-1171-1
Does the G5 Really Matter: http://eletters.wnn.ziffdavis.com/zd/cts?d=75-28-1-1-618817-1174-1
The whole bandwagon towards 64-bit computing seems to have sprouted afterburners. In part this results from the ease with which Linux/UNIX variants can support 64-bit processors [they've been doing it for years], and Apple's venture results from the fact that OS X has BSD UNIX roots. Given all that, Intel simply could not afford to hold back from the fray, and the more progress and support that is given to hardware and software developments relating to this, the sooner we all will have supercomputers on our desktops.
Then the question to answer will be: "What do we need these for?" -- which, when you think about it, is really a pleasant position in which to be.
http://www.pcmag.com/category2/0,4148,415483,00.asp
An index page to 20 short articles about up-and-coming technologies in IT and related fields. Even if only some of these come to pass, it is worthwhile considering what it would mean if, for example, we do get wide-scale implementation of biosensors for medical purposes.
One thing does appear certain -- the pace of rapid change seems to be slackening not one whit.
http://www.usatoday.com/usatonline/20030625/5271878s.htm
Quantum mechanics does not make sense to even the above-average layman -- indeed it is hard to say if "making sense" can even be used as a criterion in looking at this field. However wierd, in theory it would be possible to create a computer based on quantum state elements, which would give new meaning to the term "speed". To the extent that I understand it, a quantum computer processess all the solutions to a given problem simultaneously, and then resolves to the correct solution.
This is about as big a deal as it is difficult to understand -- the point behind this short newspaper article -- a VC firm is actually funding a quantum computer development, despite the fact that short-term developments in this area are discussed in terms of 30 years.
http://www.devx.com/Intel/Article/16246?trk=DXRSS_LATEST
For anyone still wondering "Why Itanium?", this article presents the highlights of the technical argument for 64-bit processors. Given that backwards compatibility issues have hampered the Itanium in contrast to AMD's 64-bit offering, the indications of speed [superior to equivalent RISC chips] noted here may help the Itanium make inroads in the server market. But the desktop will just have to wait another few years....
http://www.viperlair.com/articles/techreport/input/bsmembrane.shtml
While the thrust of this article is to lament the passage of the good ole' IBM keyboard, the point it makes is amply confirmed in my experience. The humble keyboard is, after all, the main input interface for most of us, so its construction, quality, and arrangement should matter.
I am a backspring return technology enthusiast myself, and some measure of my dedication to my favourite NORTHGATE "OmniKey Ultra" programmable keyboard is reflected in the fact that when I damaged it during an ill-starred cleaning, I paid enough in repairs to buy four membrane-switch boards, without even batting an eye.
http://www.msnbc.com/news/929152.asp?cp1=1
Another pointer towards the blurring barriers between users and IT equipment -- in this case, clothing containing wires which can broadcast messages to receivers for action [such as turning on the lights as you approach a house at night]. The key elements here are "action at a distance", and "no manual required". This technology will be one of the major underpinnings of the infosphere.
Tielhard de Chardin may turn out, in a way that I think he probably would have rejected with a passion, to be right about the "noosphere" after all.
http://www.newsfactor.com/perl/story/21823.html
http://securityfocus.com/columnists/169
Here is another facet in the development of small autonomous sensors, which I am convinced will have transformative powers far beyond their apparent utility. A radio transmitter so small that a sneeze would hurl it several feet, which is independently powered ["Look Ma, no batteries!"], can provide an ID report for whatever it is attached to.
The privacy implications are sufficiently absorbing, but the power of more extensive and proactive maintenance and repair that such devices could enable is also something worth careful consideration.
Not only have we not seen nothing yet, but if this all comes to pass in its most powerful format, we won't see nothing later, either -- but it will still be there.
Not least of iterest about this item is the fact that two quite different report references landed in my e-mailbox within hours of each other.
This plain page of links provides an entry to a host of uesful resources connected with Usenet news, which needs no introduction. Tutorials, information, downloadable news clients, Web based news, newsfeeds, newsgroups, PDA use, a list of reference resources, tools, security issues, and client/server utilities are all covered by this site.
http://news.com.com/2009-1081-898741.html?tag=nl
Blogging represents an activity which, on first blush, seems susceptible of a clear definition circumscribing what it is, does, and means. This article suggests that blogging can provide valuable intellectual resources achieving "goodness" though the ranking of use. If true, this simply represents another instance where the actual implementation of blogs seeps through the definitional boundaries in such a way to manifest previously unrealized potential.
Traditional diaries and documents are invaluable windows into history -- if blogs have utility as the record of experience, it is worth considering what unique properties they bring to this mix.