Sunday, January 06, 2008

GSD Bowl: With more links than a your average bowl-game!

Confession:  I don't normally watch Pro NFL football games.

I will watch them now we are in playoff season, but that's the only time.  I might watch the Super Bowl...but only for the commercials (which last year were disappointing).

I do LOVE to watch the college bowl games, however.

And have been staying up much too late all this past week watching the prime-time college football games.  (I prefer college football over professional any day. Go Cougs!)

So, I've been hard at collecting links of note while they have been moving the sideline marker sticks.

Be warned, however.

I have a bunch of Christmas decorations to take down today...so this will be a fast and furious scramble

Vista Tips, Tweaks and Solutions

Three ways to reset a Windows Vista admin password - (Tip) - via 4sysops - Because I am a sysadmin, I have authorization to break into our own desktop system's passworded user profile accounts.  Surprisingly it's not too difficult to do if you know how.  I never considered how one would approach the task for Vista (or if it was as easy).  Luckily (or unluckily) I find in this post..it still is.

Here are those and a few more options

  1. Create a Vista Password Reset Disk -  RamanNathan blog (probably easiest for home users) -

  2. Reset Your Vista Password with Your iPod - ITsVISTA blog derivation on the first one with awesome screenshot walkthrough.

  3. Get Petter Nordhal-Hagen’s NT Password & Registry Editor - Wicked awesome, now supports Vista. My favorite tool. Freeware.

  4. Get the commercial Password Changer - Not freeware but is supposedly easier to use (for non Linux/command-line folks) than Petter Nordhal-Hagen's freeware disk.  For more details see the product page and ITsVISTA Tip 50: Reset your lost Vista password without a reset disc.

  5. Trinity Rescue Kit - See this video for a walkthrough process on using it. Freeware solution.

  6. ERD Commander - If your organization happens to have a copy of Winternals (now Sysinternals) ERD Commander floating around, it contains a tool called Locksmith which I understand still works, even on Vista systems.

(Note, all these should work with XP as well.)

Vista4Experts - (freeware) - Yet another advanced Vista tweaking utility that allows making certain registry changes to the system that impact UAC, Windows Defender, and other user interface modifications in a nice simple GUI interface.  Nothing earth-shattering or can't be done with other programs or methods, but this one is very simple and fast. Probably a good thing to keep handy for making quick mods to your Vista system.  Written by Daniel Pistelli...who appears to be a brilliant guy.

Disable UAC Prompt for an Application - (Tip) - Don't want to disable UAC on your entire system?  Then check out Ryan's post on how to disable it on a per-application basis based on Microsoft KB946932.  It does require download and installation of the Application Compatibility Toolkit. And it is defiantly "advanced-level" workaround stuff, but certainly a nice option for some users who need a more granular approach to UAC control with applications.

Speaking of Vista and UAC - 4sysops ran a poll that found 67% of it readers who responded to the poll have disabled UAC entirely.  Granted, as they admit, their audience is highly tech savvy.  The post goes on to consider the implications of what this means and the UAC security model in general.  I still have UAC enabled, but have disabled the elevation prompts.  That to me is the best of both worlds.  I still think it is good to leave enabled for most home users.

Vista’s UAC: 8 ways how to elevate an application to run it with Administrator rights - (Tip) - if using TweakUAC isn't your thing, then 4sysops has (9-now) alternative methods you can use to elevate an application to run with Administrator rights.

Windows Vista Tip: Return the Menu Bar to Vista Explorer - (Tip) - Lifehacker has noticed that the traditional "menu-bar" is now missing in Vista.  If you just really miss having it handy, they show you how to quickly and simply add it back: click "Organize" --> select "Menu Bar".  Done!

Windows In General

Xtra Windows Stability - (freeware) - Little application that is supposed to force Desktop, Explorer and Internet Explorer into running as separate processes. This way, if IE or Explorer crashes, your desktop doesn't get wiped out and have to be rebuilt (by itself or at a reboot).  Recommended by downloadsquad.  Standalone application...no installation required. so run as needed or desired.

Protect your PC while Running Suspicious Programs - (Tip) - MakeUseOf.com reminds us that in XP you can right-click a file and select "Run As" then launch it in a protected-mode.  I had forgot about this feature (using it only for elevating some of my admin programs to Administrator while working under one of our PowerUsers profile accounts).

What does this do exactly?  Well, Aaron Margosis nicely points out in his post Running restricted -- What does the "protect my computer" option mean?

The net effects

The bottom line is that the app runs with a “restricted token” that basically has these net effects:

  • Group membership: If you were logged in as a member of Administrators, Power Users, or certain powerful domain groups, the app runs without the benefit of those group memberships.
  • Registry: The app has read-only access to the registry, including HKEY_CURRENT_USER and HKEY_LOCAL_MACHINE. The app has no access to HKCU\Software\Policies.
  • File system (assuming NTFS): The app cannot access the user’s profile directory at all. That includes “My Documents”, “Temporary Internet Files”, “Cookies”, etc.
  • Privileges: The app has no system-wide privileges other than “Bypass traverse checking”.

In that post, Aaron cleverly recommended using this mode to run Internet Explorer in "restricted-mode" as it prevents malware or other web-surfing activity from writing to the registry or the user's profile folder.  Awesome...although some IE stuff doesn't work when used this way as his post goes on to explain.

For more details, see this additional post by Aaron: "RunAs" basic (and intermediate) topics

Aaron's "Non-Admin" Weblog quality is pretty great although it hasn't been updated for quite some time.

I was shocked and humbled by the back room tech's Julie linking to a recent post of mine on Secunia PSI and speaking kindly of my blog posting.  I really get a wealth of information and tips from Julie, especially the refreshing Novell tips she shares.

She recently posted a how-to on Reinstalling System Restore on Windows XP - (Tip) - which outlines how to fix a busted System Restore on your XP systems.  Granted, this will wipe out all the previous System Restore points, but it is a darn-clever tip to keep handy.

Offered Up for Consideration

You may or may not have heard, but Adobe is now offering a method of injecting advertisements into PDF documents.  Yuck!  You can avoid them by using an alternative PDF viewer if you wish, something I highly recommend for other reasons (speed, expanded features, etc.).  But, downloadsquad does post on how to disable the ads in the document.  It's an optional feature that appears to be set by the PDF creator...if they don't want ads to appear they can disable the option when they make the document in Adobe Acrobat.  Still, it seems like one more nail in the Adobe Reader coffin to me.  You be the judge.

Wired.com is one of my favorite lazy-weekend stops for tech-related news.  Good articles, wide scope of coverage, interesting perspectives.  Good stuff.

So when I saw a wired article for Vote for the Sexiest Geeks of 2007, I was curious.  Sure there was the obvious "What am I about to see" curiosity, but what I discovered were there are a bunch of women who are doing great work in technology fields who might not be getting their due. 

Good for them and their admirers! 

Where photos are present, the ladies look professional (in a corporate way).  Being the father of a daughter, I am very, very aware of the current body-image and career-image issues facing Alvis.  It is such a challenge standing in the supermarket checkout lane with her and having Vogue, Cosmo, and all the other magazines right there seemingly presenting the only options for women today to be pretty and fashionable, or be an world-class athlete.  So it's hard for me to find and discuss positive female role-models my own daughter can look to to see it is cool and wonderful to be both attractive, smart and and successful in technology, business, or whatever she aspires to do.

1943 Steel Penny - Retro Thing - Dad was quite the coin collector. As a kid I would pour over his collection books.  I never got bit by the bug, but my brother has..hard.  Of all the coins in the collections, it was the steel penny that fascinated me more than all of the rarest coins he had.  They were just so different from what I was used to.  Retro Thing's post offers some information on the  rare (but not priceless) coins.

Freeware Finds

PST Import XPI - (freeware) - Nifty little tool that allows you to import Outlook PST email files into Thunderbird.  Not a common need for most users, but nice to have when you need it.  Spotted via Lifehacker.

Window Clippings - (freeware) - Screen capture utility supporting XP and Vista.  Single EXE file so no installation needed.  What's nice is that it fully supports Vista's transparency and shadow effects on windows.  Spotted via CyberNet News.  Although I am still a fan of the last freeware version of FastStone Capture (v 5.3).

Free SnagIt 7.2.5 & Camtasia Studio 3 Downloads - (freeware) - SnagIt is another screen-capture utility worth noting.  Camtasia is a tool to make and edit video web casts.  TechSmith has newer versions but they are ($) and for a limited time (until 1-7-2008) they are offering free downloads of older versions of both applications.  Even if you don't think you want/need them I wouldn't hesitate to go grab these now before the free-offer expires.  At least you can have them handy.

IZArc - The Ultimate Archive Utility- (freeware) - Yes, I know, do we really need yet another file compression program?  Goodness knows I've already picked up a small list of favorite freeware ones. IZArc provides a nice user interface with a host of compressed file format supports for unpacking.  It also opens ISO, BIN and other CD image files.  It supports most A/V scanner integration, secure encryption of files, integration with the Windows right-click context menu, and may be able to repair broken or damaged archive files. Oh yes, it also comes in a Portable "IZArc2Go" version as well as a command line add-on and "standard" installable version.

NTCore - Explorer Suite - (freeware) - Daniel Pistelli's suite of tools which includes a process viewer and a PE editor called CFF Explorer.  Not only can you view and examine running processes but you can also dump PEs or memory regions.  Could be useful in reverse-engineering malware samples. Really full featured application.

NTCore - PE Detective - (freeware) - Another handy program of Daniel Pistelli.  This one is a standalone element from the Explorer Suite above.  It scan scan a single PE file or entire directories and generate a report.  Again, not tools for the common user, but useful for examining code in programs and files of interest.

Over at Sysinternals

Some more goings on at Sysinternals.

First, AutoRuns got updated to version 9.01. This version "fixes a bug in the way that it handles certain shell extension points and adds awareness of several additional shell extensions."  Always happy to have the latest version of this gem.

TCPView for Windows got updated ot version 2.52. This tool shows which processes are running network connections on your system.  Good for seeing if a malware file is attempting a network connection, or finding the source of a network connection on your system. This version "fixes a bug that causes partial display of UDP endpoints on Windows XP. "

Mark's Blog : The Case of the Missing AutoPlay - Mark Russinovich takes us on an investigation on why the "AutoPlay" dialog box suddenly stopped appearing on his Vista system.  It's a quick tutorial on how to use Process Monitor to tease out the solution.  Spoiler: It was a change in a registry key setting set by Microsoft's own internal Group Policy.

Malware Watch

TechBlog: eStarling's Wi-Fi-enabled photo frame is a hit - is a great post by guest TechBlog blogger John Whiteside on his new Wi-Fi enabled digital photo frame. Cool stuff.

So when I saw this post by ISC-SANS security Digital Hitchhikers Part Two, I paid attention.

Seems that some folks are finding some malware installed on some other digital photo frames.  While there is no link to the eStarling product, it does slam home an important warning.

Don't forget good security practices in your excitement to get your new digital product unboxed and loaded up and connected!  If it contains drivers, software, or accessible memory space and you can hook it to your Windows system, be sure to run your anti-malware/anti-virus scanners over it first.  Otherwise you might just get bit.

Reminds me of an event that occurred one summer when I was a kid.  My parents were on an overseas trip and we were staying at the neighbor's house.  I had worked hard to save up my $ and had made a mail-order (Sharper Image?) purchase of a cool Casio digital dive watch. One afternoon we were playing in our yard when I spied the box sitting under the welcome mat on our front door.  It was the watch!  I ran to the neighbor's house, grabbed a knife and cut into the box, and nearly cut my thumb off when it slipped in my haste to get the package open.  Bummer.  Kind of took the fun out of the moment.

Don't make the same mistake when it comes to your electronic/software supported gadgets.  Especially if they are "off-brand" names you grab while in the checkout lane of Kroger's or a dollar store.

You received a fax message asking you to use remote desktop? - Donna's SecurityFlash - Social Engineering hack at it's best (or worse).  Seems some hackers are faxing businesses a message that "helpfully" offers tech-support advice.  It basically instructs users to configure Remote Desktop support for Windows to point and allow access by a specific IP.  Well of course, that's what the hackers want!  Don't give them a key to your door.  It seems incredible that people fall for these things, but it never fails that making just such request using a "non-standard" message delivery system seems to fuzz the logic cells in some folk's brains.

Now...if I could only fuzz my brain and forget about the decorations that need to come down....

--Claus

No comments: