Yahoo News is reporting about 7 new Internet Explorer exploits that were found by a Chinese researcher. Since the article was posted, there have been exploits available on the Internet for these particular holes. So just in the past week, that makes 12 new security vulnerabilities for Internet Explorer. Fantastic. Oh .. BTW — as of this post, Microsoft has not released a patch.
November 2003
Monthly Archive
Sat 29 Nov 2003
Wed 26 Nov 2003
Well apparently there is yet another set of security issues with Internet Explorer. Secunia released an advisory that states 5 new security issues pertaining to the web browser. I think I read somewhere that just this year alone there has been over 35 security issues .. so with these 5, that is 40 .. Boy that averages out to just about one new security issue (most critical) per week … and thats just Internet Explorer .. doesn’t even count Windows XP, Outlook, Outlook Express, Media Player ….
For anyone out there that is STILL using Internet Explorer — please, do yourself a favor and use Mozilla. Not only is it significantly more standards compliant, but it supports pop-up blocking, tabbed browsing, mouse gestures, windows skins, tab bookmarks (open one bookmark to see all your “regular sites”) and a myriad of other great features.
Mon 24 Nov 2003
In the Decmeber 2003 edition of Maximum PC, they did a shootout between the 2.2ghz AMD Athlon 64, Dual G5 2.0Ghz Macintosh and a 3.2Ghz Pentium 4 Extreme Edition machine.
The bottom line is all three had a few victories in the various benchmarks. As a result, all three are able to compete head to head on a pure speed basis and other considerations such as application availability, usability, cost, vendor preference, etc should take a roll in the decision making process.
I would have thought that the G5 with dual processors would have smoked in Photoshop. However, in the test, two scripts were used — one with all filters and one with MacAddict specified filters (generally those filters that are used on a regular basis by design professionals) — The all-filters test was won by the P4EE @ 266 seconds with the Athlon 64 trailing by only 3 seconds. The G5 trailed by over a minute, posting a time of 330 seconds.
The more “design professional” tuned script had all three machines neck and neck. The G5 actually won this test at 37 seconds with the Athlon posting at 38 seconds and the P4EE at 41 seconds.
Perhaps the most shocking test was with Mathematica 5.0 .. the Athlon won this test with a time of 572 seconds .. the P4EE timed in at 639 seconds and the G5 trailed, posting at 997 seconds. YIKES.. almost twice as slow.
What is very interesting is the fact that most (all?) of the software was 32bit. It will be very interesting to see some of these applications run again when they have a 64bit port to see what the performance difference is.
Mon 17 Nov 2003
Comdex is once again here … and well … needless to say, it just started and the fun has already begun!
Bill Gates, doing his 20th consecutive keynote at Comdex, showed an interesting Matrix paradoy where he was Morpheous and Steve Ballmer (CEO of Microsoft) was Neo. Who was “The Matrix”? None other than IBM/Linux.. 
Other highlights of his keynote included addressing spam filtering, increased security, and increased mobility (”seamless computing”).
Its funny .. the FOSS community has already created a huge array of solutions to fight spam, and quite frankly, works very well — this includes services such as spamhaus which provides mail server level spam control (blacklists offending mail servers), spamassassin- a heuristics based filtering tool (either run on a mail filter or local mail client) and finally a bayesian filter that will use advanced algorithms to determine the likehood a piece of email is spam.
Security? heh.. FOSS has had this covered for a LONG time. Sure Microsoft says they will work on Security and “make our software more secure” but if you want secure today, get some FOSS software.
Increased mobility? I am not sure what depth Microsoft is going to with this. The simple fact of the matter is FOSS (BSD, Linux, you name it) is the most portable OS on the planet. The SAME EXACT OS AND APPLICATIONS can generally run on everything from cell phones to PDAs to desktops to tablet PCs to macintosh to low, medium and high end servers, mainframes, infrastructure equipment, game consoles and more.
So I am not sure what this future is that Bill is dreaming up, but it seems like where he wants to go, Linux is offering today. Interesting.
As Microsoft touts “the future”, it appears that China has decided to get “the future” today …. Sun Microsystems announced a 1,000,000 desktop Linux deployment contract with China. Over the next year, China will deploy one million desktop Linux machines. China has pledged to deploy 200 million copies of open standards-based desktop software.
It will be interesting to see if any other large Linux/FOSS deployment announcements are made at Comdex. With the Kolab groupware server (Microsoft Exchange replacement) and the Kontact PIM (Microsoft Outlook replacement) and the OpenOffice.org suite coupled with the beautiful and fully functional KDE desktop, the business desktop IS here. I have a feeling that the announcement by Sun/China will be the first in many large Linux deployment announcements made in the next year.
Thu 6 Nov 2003
We all get it… we all dislike it .. but what can we do about it?
Spam is one of those things that no matter how safe you try to keep your email account, sooner or later, spam starts coming … and coming .. and coming… infact, for people with email accounts that are over a year old, it is not uncommon to have spam emails outnumbering legitimate emails.
So what has been the solution on this “war against spam”? Well it has been a war fought on many fronts. Centralized registries on the Internet have been setup to tag specific Internet providers as supporters of spammers. These registries are automatically used by thousands of other mail servers to determine if an email is coming from a “spam source”. While this works to an extent, it is next to impossible to stay up to date with spammers (after one service is tagged, they move to another service…..).
In addition to this type of outright ban against spammer-friendly hosts, many ISPs offer spam filters on their own mail servers. One of the most popular of these spam filters is SpamAssassin. This particular tool will evaluate the contents of an email based on an extensive list of tests. The tests are weighted and a final score is talleyed for each email. Depending on a user-defined value, an email will be deemed spam or not spam if the score is above or below the arbitrary number. Unfortunately, this technique, while generally effective at tagging what the makers of SpamAssassin deemed “SPAM”, it does a poor job, especially when people receive email on a regular basis that might have a lot of keywords that also appear in Spam. As a result, the emails are tagged as such.
That brings us to the latest offering of Spam-fighting tools: Bayesian filters. Bayesian filters, generally run inside a mail client, allow the receipient of the mail to determine what is and is not spam.