Wednesday, March 31, 2010

Apple delivers record monster security update

Apple's recently released (March 29) Security Update 2010-002 has patched 92 vulnerabilities in Leopard and Snow Leopard (the only two currently supported releases of OS X) breaking the record held prewviously by Apple for patching 67 vulnerabilities back in March 2008!  This is the third major update to the Snow Leopard OS, and with this number of bug fixes now makes it Apple's least secure release of OS X.

Unfortunately, the recently discovered Pwn2Own attack that successfully exploits a Safari vulnerability is not patched in this release - Apple users will need to wait until Apple releases their next Security Update (no eta as yet) until this critical vulnerability is patched.

Even without the Pwn2Own patch, this update weighs in at 719.23MB for current Snow Leopard 10.6.2 users (and 784MB for older Snow Leopard versions), which also updates the OS to 10.6.3.  If you're running Snow Leopard Server 10.6, the update size is 897.32MB.

Having 9 critical QuickTime vulnerabilities fixed, this also makes sure that the iPad is being released with a somewhat updated (even though Safari, due to the Pwn2Own attack, has a known critical vulnerability) base version of OS X.  Is the latest iPhone update due out soon, thanks to this massive OS X patch?

Have a read of this Computerworld post for more information on this Security Update.

Regards,

The Outspoken Wookie

Tuesday, March 30, 2010

Live (sic) Meeting

Well, I'm back in the office now - I arrived home about 9:30 last night after heading down to Sydney for last weekend's SMBiT Pro Security and Optimization workshop.  The workshop went well with both Dana Epp and Susan Bradley managing to deliver presentations from their offices over Live (sic) Meeting, before Live (sic) Meeting (notice the word "Live" here...) went offline for its regularly scheduled 6 hour weekly maintenance that occurs each Saturday at 10:00 AM AEST - smack bang in the middle of the most popular conference day in Australia.

Now, after a long 3-way conversation with 2 Microsoft folks in the US about the status of Live (sic) Meeting and their 6 hours a week of scheduled offline maintenance (which makes this online service have an availability of around 96%), I was told that "Apparently there is no scheduled downtime, so you are good to go as per last time" so I believed Microsoft.  "Last time" refers to the last Sydney session that I confirmed was not going to be affected by the weekly scheduled offline maintenance window, and wasn't affected - that scheduled maintenance window went unused.  This one didn't.

Well, after Susan's presentation ended we had a coffee break whilst the Trend guys prepared for their presentation, and during this period, Live (sic) Meeting went offline.  Both Singapore and US data centers were unreachable.  During our lunch break the servers came partially back online and I was able to get *most* of the remaining content recorded locally (as the "Record to Service" option wasn't available - that part obviously hadn't come back online as yet).

Remember that Live (sic) Meeting is a part of BPOS which stands for Business Productivity (sic) Online (sic) Suite.  And Microsoft wants to have us move our clients into their cloud and live with not only 96% uptime, but downtime of 6 hours right through the middle of every Saturday here in Australia.

Well, as I could build a half dozen crappy white box desktops, call them servers and offer a much, much better uptime than Microsoft seems to be able to with all of their resources, I don't know how many of our clients will accept the appalling and unacceptable downtime that BPOS and Live (sic) Meeting offer.  Not that I'd do that with crappy white box desktops acting as servers, but I'm just proving a point.

And Steve Ballmer said Microsoft is "all in" with BPOS.  If this is "all in" then we'd better all start looking elsewhere for our future OS, application and data hosting providers!  :(

Now, to add salt to the wound, Microsoft recently told us all how they were Maintaining High Availability for Microsoft.com.  Well, maybe someone from their Microsoft.com team needs to talk to their BPOS team and share some of their secret sauce, as this sort of performance is **DESPERATELY** needed if BPOS is to be taken seriously.  96% uptime for a cloud data and application provider is an utter, utter joke.  This is worse than a particular cloud backup provider who didn't understand that RAID isn't a backup technology and lost a significant amount of their clients' data because they didn't understand much about what they were doing.

We'll be looking to Goto Meeting, Goto Webinar, WebEx, DimDim or something else in the future as those applications all have the reliability that Live (sic) Meeting is sadly lacking.  if anyone has some suggestions other than these, or has had good/bad experiences with these options, please feel free to comment in here and/or email me privately with your thoughts and experiences.

Also, have a read of Susan's thoughts on this issue...

Regards,

The Outspoken Wookie

Thursday, March 25, 2010

The Freakiest Thing...

Yesterday morning as I was driving from Brisbane to Wyong and was nearing the new Tweed bypass tunnel, I noticed the weirdest thing - as I was continuing southward, the Sun jumped what I estimated to be about 15 degrees to my right (to the the West). I've never seen anything like that before and was more than a little concerned until I realized I just passed into NSW and that they have Daylight Saving Time.

Now, in Queensland we know better than to go playing with the Space-Time continuum and we don't take part in the unnatural practice of Daylight Saving. Causing the Sun to move in this manner by unnaturally altering time can only lead to warps in Space-Time, leading to all manner of serious, possibly life threatening and even species terminating problems.

It truly would deserve humankind right if some predator from a parallel universe were to slip through such a rent in the fabric of space-time caused by Daylight Saving and wipe us all out.

Regards,

The Outspoken Wookie

Microsoft WPC 2010 Registration Opens

Microsoft's Worldwide Partner Conference 2010 in Washington D.C. on July 11 - 15 has just opened for registrations.

Regards,

The Outspoken Wookie

Friday, March 19, 2010

Windows 7 OEM Downgrade Rights

If you buy Windows 7 Professional or Ultimate OEM now, you have downgrade rights not only to the worst OS to blight the computer industry since its inception (F^HVista), but also back to Microsoft's last decent OS - Windows XP Professional.  But will this last forever?

Well, according to the Downgrade Rights Chart that can be found alongside a number of other Licensing Briefs, no, you won't be able to do this forever:

Can I downgrade my OEM version of Windows 7 Professional to Windows XP Professional?


For a limited time of 18 months after the general availability of Windows 7 or the release of a Windows 7 Service Pack, whichever is earlier, the OEM license of Windows 7 Professional and Windows 7 Ultimate will include downgrade rights to Windows XP Professional. After that period the OEM license will enable downgrade rights to Windows Vista Business.

So, as Windows 7 was available as of 22 October, 2009, that would mean that until April 2011 (unless a Windows 7 Service Pack is released in the mean time), you'll be able to downgrade your Windows 7 Pro/Ult OEM license all the way back to XP Professional.  You'll always also be able to downgrade it to F^HVista, but that's more like a brain extraction than even a lobotomy - I don't think the term "downgrade" is really even appropriate here as it is way, way too mild.

Now, having said this (and thanks again to Mark Ritchie for pointing out that people may not know about this limitation), we've not yet found a reason to downgrade any Windows 7 Pro/Ult OEM that we've sold back to XP Pro - especially considering the availability of XP Mode (and if you read my previous post, you'll know that XP Mode no longer requires Hardware Assisted Virtualization).  We most definitely wouldn't be downgrading anyone to F^HVista - that's for sure!  :)

Regards,

The Outspoken Wookie

XP Mode No Longer Requires Hardware Virtualization Support

Good news - it seems that Microsoft has finally realised that not every SMB has kickass machines on/under their desks. When XP Mode was initially released, Microsoft made VT support a requirement - if your motherboard, BIOS and CPU didn't all have Hardware Assisted Virtualization support available and enabled, you were unable to run Virtual PC on Windows 7, which meant that you couldn't run XP Mode.

Now, as I posted on March 7, 2010, you could have XP virtualization on Windows 7 without needing hardware virtualization support if you were willing to look to the industry leader in Virtualization - VMWare and use their VMWare Player product, or even Sun's VirtualBox.

It seems that Microsoft has seen people moving from native Microsoft Windows 7 tools to their big competitor in Virtualization and decided that this isn't good for business, so they have now released an update to Virtual PC that removes the Hardware Assisted Virtualization prerequisite.

Regards,

The Outspoken Wookie

Wednesday, March 17, 2010

Netbook Screen Resolution

First, let me preface this by saying that looking at *any* LCD monitor at a resolution other than its native resolution means that you'll feel like you've had a little too much bourbon for breakfast, so I don't recommend you do it.  Neither of those, actually.

Liliputing recently made mention of a new Intel GMA 950 driver for the graphics chip in the majority of Netbooks to "increase" their screen resolution from the native 1024*600 to 1182*864.  This is a software increase, aka "let's resize all of the pixels and jam all this information into a smaller box" which will result in distorted text and wonky lines/borders for everything on the screen.

It won't look great, but it *will* allow you to use those applications that require a higher screen resolution.  If you're going to use it, I'd suggest changing the screen res for that particular application and then getting it over and done with and changed back before your eyes start to pop out of your head.

Liliputing also published a Registry hack to enable downscaling, adding both 1024*768 and 1152*864 resolutions for you to use.  I recommend the same as for the updated driver.

Thanks to Mark Ritchie for bringing this to my attention.

Regards,

The Outspoken Wookie

Friday, March 12, 2010

McAfee to Kill SnapGear

After a long and illustrious life, starting off as SnapGear, then being bought out by Secure Computing and then eventually by McAfee, the SnapGear product line is being killed off.  That's right - our worst fears about McAfee's intentions regarding SnapGear have come to pass!  :(

In an email from McAfee, this is what they had to say:

Dear McAfee SnapGear Customer,


In an effort to streamline McAfee channel offerings and expenses, McAfee has made the decision to no longer continue the McAfee SnapGear appliances. Due to the product being primarily an OEM technology, moving forward, the SnapGear appliances will be following McAfee’s EOL policy. This notification is to inform you of this decision and the associated end of life schedule.

The policy is intended to provide our customers and partners with information and time to plan the evolution of their environment and migrate to replacement technologies. As the multifunction firewall market continues to grow both in size and profitability, McAfee’s strategy includes alternative technology for the midmarket and branch office segments leveraging the McAfee Firewall Enterprise line, which will be providing a new offering in the second quarter of 2010. Additional information on the new offering will be made available in the coming months.

The SnapGear appliances will continue to be sold until the end of sale (EOS) date specified below. There will be no change to support services offered to ensure all customer issues are addressed and renewals for add-on subscriptions and support will be fulfilled as usual until the EOL date specified. Again, McAfee is committed to supporting current customers and products. Details on McAfee’s EOL plan can be obtained from the McAfee.com Web site.

SnapGear appliances will be entering a maintenance mode, which will provide issue resolution at McAfee’s discretion, but no product enhancements will be made moving forward. McAfee recommends customers contact their reseller for advice on replacement technology and a migration path when needed.

The following list details the EOL schedule for the SnapGear product line. NOTE: Support, Web filtering, and TrustedSource services can continue to be renewed. Support and subscription end dates cannot extend past the EOL date.

SnapGear Model: SG300
Appliance EOS: April 26, 2009
Appliance EOL: April 26, 2012

SnapGear Model: SG310
Appliance EOS: July 11, 2010
Appliance EOL: July 11, 2013

SnapGear Model: SG560
Appliance EOS: October 12, 2009
Appliance EOL: July 11, 2013

SnapGear Model: SG560U
Appliance EOS: July 11, 2010
Appliance EOL: July 11, 2013

SnapGear Model: SG560D
Appliance EOS: July 11, 2010
Appliance EOL: July 11, 2013

SnapGear Model: SG565
Appliance EOS: July 11, 2010
Appliance EOL: July 11, 2013

SnapGear Model: SG580
Appliance EOS: July 11, 2010
Appliance EOL: July 11, 2013

SnapGear Model: SG640
Appliance EOS: July 11, 2010
Appliance EOL: July 11, 2013

SnapGear Model: SG710
Appliance EOS: December 1, 2006
Appliance EOL: April 15, 2010

SnapGear Model: SG710+
Appliance EOS: December 1, 2006
Appliance EOL: April 15, 2010

SnapGear Model: SG720
Appliance EOS: July 11, 2010
Appliance EOL: July 11, 2013

This schedule is also currently published on McAfee.com. To reach this page you must navigate to:
McAfee.com-->Medium Business-->Support-->Supported product versions-->Appliances-->UTM Firewall (SnapGear)

You can also access the KnowledgeBase article, KB68423 at https://kc.mcafee.com/corporate/index?page=content&id=KB68423

QUESTION: Does McAfee provide any alternative solutions to provide some or all of the features available on the SnapGear appliances?

a. McAfee Firewall Enterprise offers both entry level appliances and virtual solutions for the Mid-Market and Enterprise.

b. McAfee EWS has both appliance and virtual solutions for SMB/Mid-Market mail and web security.

c. McAfee SmartFilter provides web filtering on a wide variety of platforms.

d. McAfee Web Protection Service provides Web Filtering and Antivirus/Antimalware in the Cloud (SaaS).

e. McAfee SaaS Email Protection & Continuity is a great Cloud solution for SMB messaging.


If you have further questions, please contact your McAfee reseller, or you may also email questions to: utmfirewallsales@mcafee.com.
So, with that, a good product has been killed off by McAfee in a very, very similar way to the Shitas Touch that Symantec has been known for over the years.

Thanks, but I'll be looking elsewhere (and not to SonicWall, thanks all the same) for a decent replacement to SnapGear.  Maybe Cyberoam or FortiGate or even Tech-Eye if you can fight their website to find out what they actually have/sell.  We'll be using the Mikrotik range of products through Duxtel in Melbourne where they are suitable - they are great products, but don't have the UTM abilities that SnapGear had.

Obviously, some of this UTM functionality, such as spam filtering, to be truly effective needs to be out in the cloud so that not only does the malicious junk not actually reach your office network, but also so that the bandwidth this spam consumes doesn't choke your (relatively) small office Internet connection and I'm looking at a cloud-based web proxy solution, too, to replicate what cloud-based spam filtering of email does, but for web browsing.

Regards,

The Outspoken Wookie

Tithe Repayment

Thanks to Steve Riley who brought this to my attention, there's an ex-parishioner who's been deconverted from false beliefs in a mythical/supernatural creator who has asked for his former church to return some of his tithes and has been granted his wish!

This is not like changing your mind and no longer liking the Haiti relief project, or the Chilean relief project, or any other project that had a goal based in reality.  It is realising that you've been mislead and told that to achieve some mythical goal you were indoctrinated to believe was true, you needed to give money.  That's fraud, people, plain and simple.  And all he was asking for is a return of some of this fraudulently obtained money.

Regards,

The Outspoken Wookie

Thursday, March 11, 2010

Android Increases 4%, WinMo Decreases 4% and iPhone Treads Water

According to Gizmodo, it seems that while the iPhone treads water, gaining a mere 0.3% market share in the quarter Nov 09 - Jan 10, the big loser is Windows Mobile with a 4.0% market share loss.  Google dained 4.3% market share whilst RIM (Blackberry) gained 1.7% at the expense of Palm losing a further 1.7%, placing them now below Google's Android and at the bottom of the SmartPhone pack.

Regards,

The Outspoken Wookie

Sunday, March 07, 2010

XP Mode Without Hardware Virtualization

Thanks to Tony Albans for the info, here's a couple of links that show how to get the Windows 7 Pro, Ultimate and Enterprise "XP Mode" running on older computers that don't have hardware assisted virtualization.

First is a link on how to get this running with VMware Player.  Now, I've beein using VMware since 1.0 was released and it is a very solid virtualization platform.  The instructions here show you how to use VMware Player, a free virtualization client, to access the XP Mode install and integrate it with Windows 7.

The second link shows how to get this running properly with Sun's VirtualBox.  VirtualBox is free for personal and evaluation use as well as academic use, but not for use in any commercial situation.  There is a commercial license available and also an Open Source version, however the OSS version doesn't support USB pass-through.  Using the VMLite plugin allows XP Mode to integrate with the Windows 7 desktop.

So, out of these methods, I'd first suggest using new hardware with inbuilt hardware assisted virtualization as it will ensure a better experience.  Failing that, I'd recommend the VMware Player method, purely because it is a rock solid virtualization platform and it is licensed for use in all scenarios.

Finally, XP Mode is really only designed to be used for that one XP application from a LOB vendor who is so far behind the times they don't support Windows 7.  It isn't really designed for continued, production use.  However, it does work rather well!

Regards,

The Outspoken Wookie

Saturday, March 06, 2010

Microsoft Kills EBS

Well, it is now official.  Microsoft has killed EBS.  Although it was almost a good product, and with EBS version 2 looking like they had addressed some of the major shortcomings of the EBS 2008 release, Microsoft has blamed "new IT trends" for killing off EBS.

That's not quite right.

The totally and utterly abysmal Hands On Labs that were released as training for EBS, in which 100% of the 9 attendees in Brisbane has 100% of the labs fail went a long way to ensuring that none of us were actually interested in selling the product.  And after I reported back to both Microsoft (who wrote or at least commissioned the HOLs) and Excom who were the poor suckers who had to deliver them, the HOLs were pulled worldwide pending a rewrite.  A rewrite that never came, that is.  Microsoft didn't seem to want people to learn about EBS.

In addition to this, EBS wasn't really designed with a reseller channel in mind.  The Enterprise guys would only ever scoff at it because it was Wizard-driven and the SMB channel scoffed at it because it included System Center Essentials, an extremely heavy, slow system monitoring and management tool that didn't allow for remote monitoring and management in the way many of the MSP tools that we were already using did, meaning that if an SMB partner was to sell EBS, then they'd lose their MSP tool revenue stream and have a client stranded using SCE.

Yes, we mentioned this all to Microsoft when they first introduced the product.  But it was too late - the product was developed internally and then they needed to find a channel through which to sell it.  It shows that Microsoft not only doesn't really know their SMB channel all thatw ell, it shows that they don't know their larger SMB clients all that well, either.

So, with all the development that's gone into EBS version 2 up until now, Microsoft has decided to pull the product from sale as of 30 June, 2010.  The one thing that EBS clients will seriously miss when they take the offered upgrade to full products is Remote Web Workplace - the one other thing that EBS admins will miss is the Administration Console.

As to pricing, well, back during the waste of 2 days that was the EBS HOL, we as a group sat down and looked at Australian EBS pricing versus WS2K8 Ent + Exchange + SQL + an MSP product + a firewall that we're used to and EBS didn't stack up all that well back then.  Now with WS2K8R2 Ent being available as a base, and with either Exchange 2007 or 2010 being able to be run on it, EBS, at the price it was, is even less of interest.  Especially with the functionality that RDS on WS2K8R2 offers as a replacement (lame one, admittedly) for RWW.

Anyway, as it stands now, a product that wasn't really all that well thought out to start with, that was pushed through a channel who wasn't really all that interested in it because of both its FTMG and SCE components, that had an utter failure of a HOL released for it, that wasn't followed up by a functional HOL, that was under some serious development which was looking *rather* promising is being pulled by Microsoft because of "new IT trends".  Yeah, right - it is being pulled because it wasn't built nor targetted correctly in the first instance, because despite the feedback, it took Microsoft ages to address the big issues, and because, despite the fact that the version 2 is looking nice, the product didn't bring enough return, so the accountant running the once good technology company has pulled the product.

That's what you get for letting an accountant run a tech company!  :(

Regards,

The Outspoken Wookie

Friday, March 05, 2010

Office 2010 Tech Guarantee

If you buy Office 2007 Full Packaged Product, Upgrade, Academic or OEM/MLK edition between 5th March, 2010 and 30th Sep 2010 (and it *must* be activated by 30th Sep, 2010), then you're likely eligible for the Tech Guarantee, as can be seen here.

Regards,

The Outspoken Wookie

Kiva Christians Reach US$1m Loaned

Congratulations to the Kiva Christians lending team on reaching the US$1m loaned milestone.  As a member of the AASFSHNR lending team, we are glad that you can join us as only the second lending team to reach this milestone (so far).  I did find it interesting that as you reached your US$1m milestone, we're closely approaching our US$1.666m milestone!  :)

I'm also pleased that the Church of the Flying Spaghetti Monster lending team is leading the "Religious Congregations" category (ahead of the Kiva Mormons), is on the second page of all teams and is making its way steadily towards their US$250k milestone on the way to the US$1m milestone.

All up, this friendly rivalry is benefitting the borrowers, allowing them to make their lives better - which is the real reason I'm an active Kiva lender.

Regards,

The Outspoken Wookie