Saturday, September 30, 2006

Pleasant Windows installation experience, two of them, one vista and plain old XP.

David Nielsen at The Gnome commentary have gone through vista RC1, SUSE 10 and Plain old XP installation for a friend. I share his frustration as I am also forced go through the same experience due to one or other reason. Anyway you can laugh or cry after reading his article. I liked it :) If you are a true windows fan, ignore the fact that his blog is hosted on lovesunix.net!!

Friday, September 29, 2006

Google reader goes further

Google comes out with a new google reader, with new interface, that I feel much better than the earlier one. The old interface will face retirement pretty soon, as soon as it is evident that the new interface will provide what users need. If you have a feature that was in the old interface and would like it also in the new interface, send an email to reader lab team via feedback. You might get that feature.
The new interface gives us;

  • Expanded view and list view
  • Simplified sharing functionality
  • Improved read-state management
  • Infinite scrolling
  • Unread counts
  • Mark all as read
.. To name a few. But there is much more. Also there is keyboard shortcuts displayed on the front page as you login, but disappears when you start browsing. I have to find out how to keep it on.
Here is a screen capture of the tips and tricks;



















Another feature is that now you can catch feeds on your phone! According to the reader blog;
Google Reader can now be placed in your pocket, your handbag, your backpack, or thrown from person to person in a game of "keep away". We've just released a mobile-friendly interface for Google Reader.

Thursday, September 28, 2006

QUAD Processor introduced by Intel at IDF fall 2006

Intel has informed us in its Fall developer's forum (IDF Fall 2006) in San Francisco, the release of the world's first quad-core processor for its desktops and servers.

The Intel Core 2 Extreme quad-core processor, is set to be released in November and is aimed at gamers and content creators. The quad-core Intel Xeon processor 5300 series, aimed for servers, will also ship this year.

The company will release its mainstream quad-processor called the Core 2 Quad during the first quarter of 2007. Also being shipped during the first quarter of 2007 is Intel's new low-power 50-watt quad-core Intel Xeon processor called the L5310 for blade servers. How about my notebook?

Youtube has a video no its two (I like the second one better) well a bunch of videos depicting the capabilities of the processor in a game environment. I did like what I saw.


DIGItimes reports;

Intel plans to launch its second-generation quad-core processors - the Yorkfield series–as replacement parts for the upcoming Core 2 Quad (codenamed Kentsfield) CPUs in the third quarter of 2007, motherboard makers familiar with Intel's latest roadmap revealed. Intel is on track for a roll-out of its Kentsfield series on November 16, according to the makers, adding that the first-generation quad-core lineup may be considered a transitional product segment due to insufficient design capability.

Since Kentsfield appears to have two separate L2 caches, shared separately by each pair of processors, bus bandwidth consequently increases, the makers said. In contrast, Yorkfield will have one L2 cache shared directly by each pair of chips, enabling more efficient quad-core operation, with less FSB bandwidth, the makers noted.

Intel's Yorkfield will be paired with the next-generation Bearlake chipset family, which will support a 1333MHz FSB and a PCI Express 2.0 interface, according to the makers. The first Yorkfield-based systems, which will utilize the Bearlake X chipset and DDR3-1333 memory, will target the high-end gaming market, said the makers.

Intel's Yorkfield will be manufactured on 45-nanometer (45nm) process technology, the makers indicated.

validity of GPL upheld in German court

District Court in Frankfurt-on-the-Main has for the first time confirmed the validity of the GNU General Public License (GPL) within the framework of leagal proceedings that included a hearing of evidence. Harald Welte, co-developer of the netfilter firewall code in the Linux kernel and founder of the project gpl-violations had filed a lawsuit against the hardware manufacturer D-Link. The court's opinion(in German) (google translation of the news article is here.) and the details of the ruling can now open for public. Albeit it is in German.
Welte said in a statement published at GPL-Violations.org that a D-Link lawyer's statement could be translated as "Regardless of the repeatedly-quoted judgment of the district court of Munich I, we do not consider the GPL as legally binding."
Now, the German court has found otherwise.
As the District Court in Munich had done in 2004 when upholding a temporary injunction against the router manufacturer Sitecom, the judges in Frankfurt-on-the-Main also confirmed the fundamental validity of the GPL: "In particular, the provisions of the GPL cannot be read as a relinquishing of copyright or copyright-law legal positions," the judges wrote in their opinion. The court explicitly confirmed as valid paragraph 4 of the license, which prohibits distribution of any kind in the event of any GPL clause being violated. D-Link had therefore did not have the rights to market the GPL-licensed software without abiding by the GPL license, while Mr. Welte for his part is entitled to send the warning notices and state his claims for reimbursement.
D-Link, which already back in 2004 had had a run-in about a router with gpl-violations.org, argued that the GPL violated antitrust law because it featured a price fixing provision and imposed upon the licensee conditions affecting his/her/its contracts with third parties. These arguments the judges found to be irrelevant: If the GPL as a whole violated antitrust law, they observed, then any right of use to GPL-protected software would be null and void.
finding that D-Link is not entitled to dismiss the GPL's legality on the one hand while at the same time enjoying the use of code licensed under it, a practice it reportedly termed "expropriation of the author," according to Heise.

Tuesday, September 26, 2006

Firefox playing fox with Debian







(Windows users, I still think it is great application and you can get it with google tool bar to make it easy in your day to day browsing.)

It seems now firefox is bent on fighting with other OSS namely debian and it's derivatives, rather than beating IE. It is all because of the firefox logo. Unlike Firefox, firefox logo is not free. The root of the cause is that debian uses alternate logo and calls it firefox, not Mozilla Firefox.
There are some discussions on the net already and I'd hate to see this flair up to be a major issue. That said I do not have a solution to the problem. I think I will watch the following discussions and do my commenting.

Debian vs Mozilla by Peter (Sounds like an old Japanese movie!) discusses and puts his thoughts on his blog, here is the start of it and if you visit the site you can read the rest of it and some links to other discussions on the same subject.

"Basically, the Debian Free Software Guidelines state that Debian can't use the Firefox logo (as it'’s not under the same license as the Firefox code and the license isn't considered Free). So for some time, Debian (and derivatives, such as Ubuntu) have been using Firefox with a custom icon and calling it ‘Firefox, not ‘Mozilla Firefox."

Code Chunk does another article that explains the reasons behind the squabble. Basically it is Mozilla want to either see and approve all the changes Debian make to Firefox, or see that Debian and derivatives stop using the Firefox name.

from Code Chunk;

Firefox has an on/off compile-time switch:
ON: Firefox branding
OFF: Custom branding

The problem is that Debian has it on OFF, but has part of the Firefox trademark in there. Mozilla wants all or nothing. At some point in the discussion the Mozilla developer said it would be okay for Debian to have it ON, only if they used both the name AND the logo, AND they would have to run by patches to the Mozilla developers. The same in general terms applies to Ubuntu.

I think this is crazy. How can this be helping OSS software if we start fighting among the communities?! If Firefox is removed from Debian aderivativesvatives, as peter said, "then it's not exactly going to be easy to convince potential Windows switchers that Linux is better if they can't use Firefox on it (that they might use on Windows already)!"

Hey guys, grow up and find a solution or we have do develop another browser that is completely free.


Monday, September 25, 2006

ZERT has VML patch out! I tested and it works

I was browsing Spamhuntress' (She is a huntress!, check out her banner and articles on her site!) site when I noticed her post about the ZERT's release of VML patch. I am glad for the post, since I was able to go to ZERT site and get the patch and apply it.

To all the Microsoft IE users, (Why aren't you using Firefox? Keep IE for windows update! And the rest you can do very well with Firefox) First go to this page on ZERT's site where you can test if you need the patch.
Warning! If you visit the above test page with an unpatched version of Internet Explorer it will crash.

I needed to patch mine and I did by downloading the patch and tested again. I am fine now!
My only question is, if four people could do this (Thanks ZERT), why M$ is spending time depending it's inability to provide a patch. M$, I know you are busy with VISTA!, but we all are still on XP!


The team who did it!

Got Skype? Then learn how to ... Remove skype, stop skype or detect skype with skypekiller

There is a interesting post about skype problems and removal of it on VOIP IP Telephony blog. It carries you through uninstall process of skype, from your computer or entire network. It can also detect the skype users on your network even if you don't want to remove it. You can keep a tally of users and when boss asks you why your WAN connection is slow, give an instant report!
VOIP IP Telephony: Remove skype, stop skype or detect skype with skypekiller

Sunday, September 24, 2006

New Vista release (5728) released and Hurry up!

Various Blog sites are reporting and I have verified that Microsoft has made available another interim release of Windows Vista. This release is a post RC1 which was made available to download a few weeks ago.
Microsoft is still awaiting user feedback on Vista's interface, this new build does include some "Fit to Finish" work that was recently performed. It also includes the usual handful of bug fixes. The most important feature of this release is its build number which is in the 57xx range. According to Microsoft's Sven Hallauer, any release that begins with "57" is a member of the Release to Manufacturing (RTM) code base.

Microsoft has made available both the x64 and x86 versions of Build 5728, and it is for a short while. So go get it while it lasts, if Vista is your piece of cake.

Friday, September 22, 2006

VOIP IP Telephony: Microsoft ZUNE kicks voip, sorry ! iPOD butt!

Zune wth rumored VOIP is set to kick iPOD butt, according to some bloggers
VOIP IP Telephony: Microsoft ZUNE kicks voip, sorry ! iPOD butt!

Thursday, September 21, 2006

Vista RC1, Hyperlink problems and You still got to reboot for a small change in system setting!

Got Vista RC1, Installed and got it to work. It much better than the Beta release. I like it better than XP but I still got my reservations.
I also installed the Office Suite 2007 and the integration is super. I could integrate outlook with Share Point server and find some gems that I did not have with XP + Outlook 2003 combination. I like the office 2007 in general.
everything worked fine for a few days! And suddenly links from within outlook stopped working. Tried some changes did not work. What did I do to break Vista behavior? None! I was just using the system. Oh wait I did install Firefox! And it works.
I gave up on solving it until I landed on sunbelt blog. I went there for another reason, to get info on VML Zero day exploit that is the exploit of the day now. But I stumbled on to " Sunbelt Weekly TechTips" and there was the solution for my problem. Apparently he/she too had the same problem and has a solution for it;

How to fix hyperlink problem in Vista RC1/Office 2007
I installed Vista RC1 on my computer and installed Office 2007 beta. For the first few days, everything worked fine, but now I can't open links in Outlook email messages or in Word documents. When I click on a link, I get a message that says "The operation has been canceled due to restrictions on this computer. See your system administrator." Of course, I am my system administrator (and yes, I was logged on with an admin account).

Based on recent mail, I'm not the only one who had this problem. It seems that sometime after those "first few days," I installed Firefox. That's when my links stopped working, and after much weeping and wailing and gnashing of teeth, I found out the solution. Even if you have IE set as your default browser, installing Firefox changes your default program settings. You'd think you could just go into IE's options and select it as your default browser, but that doesn't work. Here's what does:

1. Click Start | Control Panel.
2. If Control Panel is in Classic View, click Control Panel Home in the left pane to put it back in Vista default view.
3. Click Programs | Default Programs
4. Click Set Program Access and Computer Defaults
5. Click Yes to continue or enter admin credentials when prompted.
6. Click the little down arrow for Custom.
7. Under "Choose a default web browser," click Internet Explorer, and check "Enable access to this program."
8. Click OK.
You'll have to reboot the computer to apply the change. Now your links in Outlook and Word should work again.


Thanks Sunbelt

Vista RC1, Hyperlink problems and You still got to reboot for a small change in system setting!

Got Vista RC1, Installed and got it to work. It much better than the Beta release. I like it better than XP but I still got my reservations.
I also installed the Office Suite 2007 and the integration is super. I could integrate outlook with Share Point server and find some gems that I did not have with XP + Outlook 2003 combination. I like the office 2007 in general.
everything worked fine for a few days! And suddenly links from within outlook stopped working. Tried some changes did not work. What did I do to break Vista behavior? None! I was just using the system. Oh wait I did install Firefox! And it works.
I gave up on solving it until I landed on sunbelt blog. I went there for another reason, to get info on VML Zero day exploit that is the exploit of the day now. But I stumbled on to " Sunbelt Weekly TechTips" and there was the solution for my problem. Apparently he/she too had the same problem and has a solution for it;

How to fix hyperlink problem in Vista RC1/Office 2007
I installed Vista RC1 on my computer and installed Office 2007 beta. For the first few days, everything worked fine, but now I can't open links in Outlook email messages or in Word documents. When I click on a link, I get a message that says "The operation has been canceled due to restrictions on this computer. See your system administrator." Of course, I am my system administrator (and yes, I was logged on with an admin account).

Based on recent mail, I'm not the only one who had this problem. It seems that sometime after those "first few days," I installed Firefox. That's when my links stopped working, and after much weeping and wailing and gnashing of teeth, I found out the solution. Even if you have IE set as your default browser, installing Firefox changes your default program settings. You'd think you could just go into IE's options and select it as your default browser, but that doesn't work. Here's what does:

1. Click Start | Control Panel.
2. If Control Panel is in Classic View, click Control Panel Home in the left pane to put it back in Vista default view.
3. Click Programs | Default Programs
4. Click Set Program Access and Computer Defaults
5. Click Yes to continue or enter admin credentials when prompted.
6. Click the little down arrow for Custom.
7. Under "Choose a default web browser," click Internet Explorer, and check "Enable access to this program."
8. Click OK.
You'll have to reboot the computer to apply the change. Now your links in Outlook and Word should work again.


Thanks Sunbelt

Wednesday, September 20, 2006

Just Do It! for extra Lives in games, Nike says!

If Nike has its way, we'll have to start working physically for our in-game extra lives, The Guardian reports.
Just do it. One of the most successful marketing slogans of all time, the phrase conjures up images of young titans in Lycra running, jumping, hitting, kicking and splashing their way through life, all with a strange tick shape on their shoes.

Yet look for the champions of tomorrow and, we are told, they prefer to Just Sit, eat crisps and play video games. Especially the video games. The average school pupil fiddles with them for two hours every day and scientists have blamed this for the explosion in childhood obesity. Increased "screen-based entertainment" was highlighted as a pitfall of modern British childhood in a headline-grabbing letter signed by more than 100 experts last week.
Nike has filed a patent on the invention, which it calls "a system for promoting physical activity for video game players". The technology relies on a pedometer, pressure sensors or GPS tracking to record the amount of exercise, and a detachable memory chip to plug into the game console. Slackers and those tempted to cheat by driving their shoes round the block a few times should beware - the patent says the game pod chip could be configured to measure increased heart rate or even blood oxygen content instead.

In a neat twist on survival of the fittest, sweaty activity could be rewarded with on-screen changes to a user's video game character, with extra "virtual strength, endurance or speed" on offer. And games could be made impossible to play until the chip registers a specified level of activity.
So gamers, Just Do It!

Monday, September 18, 2006

Microsoft tries to stop FairUse4WM, sends C&D email

Dugged via digg;
Ars Technica reports that " Last month, Ars reported that Microsoft's Windows Media Audio (WMA) digital rights management protection had been cracked, and a program called FairUse4WM had been written that would strip DRM data from purchased audio files. Microsoft was aware of the workaround, but did not seem too concerned, merely stating that "we designed the Windows Media DRM system to be renewable, so that if such events occur the system can be refreshed to address them." Now it seems that the company has gone a little further than that, sending out cease and desist orders to web sites hosting the FairUse4WM program. According to the owner of the web site BG4G, the orders came in via e-mail."
There is are discussions going on at two locations, Arstechnica and the original forum thread at DOOM9.ORG.
Visit and find out more....

Friday, September 15, 2006

Are you Using PDF? Then close these Backdoors!

One reason I an still stuck on Acrobat 5.0 is as versions went up Adobe products became too snoopy like and started to snoop into users affairs. There are enough Open Source PDF utilities that I rarely use Adobe Acrobat.
But this is not to say how I utilize Acrobat but to inform that there are multiple vulnerabilities on Adobe PDF, not bugs but legitimate features could be used as backdoors in to a system.
I learned this via /. And ended up on eWeek site. According to the article, A British security researcher has figured out a way to manipulate legitimate features in Adobe PDF files to open back doors for computer attacks. Then I ended up at a blog entry that provides proof of concept ideas and demos. I did try them and they do what they say at least for one demo. My security stopped the other!
The first back door (PDF), which eWEEK confirmed on a fully patched version of Adobe Reader, involves adding a malicious link to a PDF file. Once the document is opened, the targets browser is automatically launched and loads the embedded link.
A second back door demo (harmless) (PDF) presents an attack scenario that uses Adobe Systems' ADBC (Adobe Database Connectivity) and Web Services support. Kierznowski said the back door can be used to exploit a fully patched version of Adobe Professional.
"The second attack accesses the Windows ODBC (on localhost), enumerates available databases and then sends this information to 'localhost' via the Web service. This attack could be expanded to perform actual database queries. Imagine attackers accessing your internal databases via a user's Web browser," David Kierznowski said.

In response, A spokesperson from Adobe's product security incident response team said the company is aware of Kierznowski's discovery and is "actively investigating" the issue.
Then why did you not fix the issues? Or did you just let it be?
"If Adobe confirms that a vulnerability might affect one of our products, details of the security vulnerability and an appropriate solution [will be] documented and published," the company, headquartered in San Jose, Calif., said in a statement sent to eWEEK.

Microsoft Does Something right! Right? Right!!

According to PUBPAT (Public Patent Foundation) 's blog, Microsoft has done something right. It has made an irrevocable promise yesterday to not assert any of its patents against the implementation of some web based standards. In drafting the promise, MS sought input from several folks within the Free / Open Source Software community,
"[T]he text of the OSP gives sufficient flexibility to implement the listed specifications in software licensed under free and open source licenses." is the response by REDHAT's Mark Webbink.
This is a solid evidence that M$ (my usual reference to Microsoft) is trying to flow with the tide. It is well known that the company is built and bent on hoarding rather than sharing.
It was also well known and accepted that patent restraints on standards are not good for businesses involved with that standard or the public in general.
Welcome to the real world, M$, You still will benefit from the standard that you promise to keep open as well as the rest of the world.

Zune give more info and sings to Music bloggers!

Here are some better photos of Zune, White, Brown and Black!





But have you seen the Samsungs Sensa?


last week Microsoft flew a bunch of music bloggers out to Seattle for an all-expenses paid first-look at the new device. Here's a roundup of some initial reactions:

* Glenn over at Coolfer thinks it feels a little heavy, but that the navigation is intuitive and simple. He likes the brown-colored Zune best, saying that it looks better in person than in pics (which we sure hope is the case).
* Amrit from Stereogum wishes it were thinner, but thinks the Zune's wireless capability is "pretty hot." He concludes that the "Zune is long on ideas, but may be short on time."
* MOKB discovered the one confusing feature about the Zune right off the bat -- the "scroll wheel" which turns out to be a directional pad, but actually liked the navigation once they got the hang of it. What they weren't digging so much was how "big and clunky" the Zune is compared with an iPod. They say that Microsoft danced around questions about combining the Zune and the Xbox into some sort of portable gaming console.
(news from engadget)

Thursday, September 14, 2006

Segway recalls all it's vehicles, personal transporters

BBC reports;
Segway, which launched the self-balancing scooter it said would "sweep over the world and change lives", is recalling all its vehicles.
our earlier article here;Geemodo: Lean to steer a segway's new i2 PT (Personal Transporter)

A glitch in the device's software means the machines, which cost up to $5,500 may unexpectedly change direction, causing riders to fall off.All 23,500 personal transporters - formerly known as human transporters - are being recalled.
Segway has had reports of six accidents causing head and wrist injuries. The repairs will be carried out at service centres around the world.

George W Bush once fell off a Segway, while Tony Blair was given one by the King of Jordan.

Zune is out and comes with a Music service, like itunes.

Previously posted article Geemodo: Where what and why Zune, is bringing more news,

Microsoft this morning officially unveiled Zune, its entry in the portable digital music and entertainment market dominated by Apple Computer's iPod and iTunes.

The Zune, manufactured by Japanese electronics maker Toshiba Corp, will come with a 3-inch (7.6 centimetre) liquid crystal display screen and wireless connectivity that allows users to send, receive photos, songs and albums with nearby players, Microsoft said.

"The digital music entertainment revolution is just beginning," J Allard, who is leading the Zune effort at Microsoft, said in a statement. "With Zune, we are not simply delivering a portable device, we are introducing a new platform that helps bring artists closer to their audiences and helps people find new music and develop new social connections."

By the holidays, Microsoft expects to have a 30-gigabyte digital media player available in black, brown or white with FM tuner, wireless connection and 3-inch screen. A complementary music service, Zune Marketplace, is billed as "the foundation for an online community that will enable music fans to discover new music."

The wireless connectivity will allow users to share full-length songs, play lists, pictures and other content from device to device. Users will be able to listen to a shared song for up to three times over three days.

But will that be enough to take on Steve Jobs and company? Time will tell, but most bloggers aren't optimistic.

The iPod holds more than half of the digital media player market, according to research company NPD, while iTunes accounts for over 70 percent of U.S. digital music sales. In the United States, the iPod has more than 75 percent of the digital music player market, according to NPD.

Monday, September 11, 2006

Second Life or SL dealt a security blow in real Life!


MMORPG.blog Reports that the Linden Labs is forced to build a fortress around their real life servers, after a hackers compromising SL's servers.
The article state that "The security breach hit their databases, "which potentially exposed customer data including the unencrypted names and addresses, and the encrypted passwords and encrypted payment information of all Second Life users," according to their security bulletin. Credit card information remained protected, fortunately, and they've made the affected system more secure. One other effect of the attack was the resetting of passwords, which also opened up additional ways for users to remember their passwords, just in case."
MMORPG.BLOG site further have published to FAQ issued to all Second Life users. If your Email is lost to your spam gulping software, the head over to MMORPG site and read the FAQ together with comments or go directly to Second Life blog to read the security bulletin, state of the investigation.

Sunday, September 10, 2006

Spyware Attacks on the rise! Are you taking care of your PC?

If not, you might be in the 89% percent of PC's that are infected by one or the other spyware component. I was at the site of one of my favorite columnists, Suzi Turner, spyware researcher and consultant, When I noticed the article and link to the report. She always has some good articles on security tools.
All in all it is a good report but I tend to believe it is biased against free anti-spyware tools.
It attributes on of the factors to increase in infections to Free anti-Spyware tools. Well I use two free anti-spyware tools and they are doing very fine and even better than some of the paid for software used by my clients. Namely I use SpyBot Search & destroy together with Lavasoft Ad-Aware SE personal. Between both of them, My PC/PC's are clean and Spyware free. Support and updates outstanding and have been free since I started using them a few years ago. I also use Avast Anti-Virus Home, which is also free with great success. I have used and removed well know solutions by famous software makers. Why you may ask, yes you may. And I would say, they are memory hogs, processor hogs and most of the time inefective. I have run Spybot S&D on a few systems that were protected by a well known Security software producer, and found and cleaned alarming number of Spyware. So those are the reasons that I do not use any of the paid for security software. Many instants these software pieces behave worse than spyware and rootkits themselves.
Want an example, Just google for "rootkits and Symantec" or click here
Then again I read that McAfee has come out with a inaccurate report (according to well laid out article by Security Curve) that put th blame squarely on open source community. According to Darknet's article blaming Open Source, is a load of sh*t.
Webroot says in it's report about the report,
"During the second quarter of 2006, Webroot researchers found that 89 percent of consumer PC's were infected with an average of 30 pieces of spyware – a slight increase from the first quarter of 2006 when infection rates returned to alarmingly high levels after a supposed lull in spyware infections during the second half of 2005. According to the report, new distribution channels, advanced spyware technologies and a reliance on free anti–spyware programs are all contributing factors to the startling increase."
Webroot, how accuratete are you? May be I would better read the whole article! Anyway Thanks to Suzi for bringing this up. I think I will write an article about all the free security software I am using to protect my PC's.

Thursday, September 07, 2006

BlackBerry Pearl or Blackberry 8100, You can have it now!


Mobilewhack reports that the long awaited BlackBerry Pearl 8100 is slated to be released nextweek.
The Blackberry Pearl 8100 is a quad-band GSM / EDGE phone which is just about half an inch think, almost the size of a RAZR phone and features an even smaller version of the SureType keyboard.RIM BlackBerry Pearl. Originally known in rumors as the 8100, the Pearl is the first BlackBerry to include a camera and other multimedia features.

Other features of the Pearl are:

* Compact size, just 4.2×1.97x .57" with a 3.1oz weight
* EDGE high-speed data
* 1.3 megapixel camera
* 240×260 display
* Media player, MP3/AAC/MPEG4/H.263
* SureType QWERTY keyboard
* Bluetooth 2.0
* 64MB memory plus microSD slot

The Blackberry Pearl also has a front-facing trackball. Previous BlackBerry models were all had a side facing scroll wheel. The BlackBerry Pearl will begin shipping from T-Mobile on September 12th. Pricing is to be arround $199 with a 2-year service contract.

Friday, September 01, 2006

Sophos anti rootkit software! It is free to download

I have been following the rootkit problem since the Sony DRM rootkit issue mentioned in an earlier post, Geemodo: Sony DRM ROOTKIT, Suncomm, EFF new removal tool, yet the consumer problems don't go away..
Lately I found that Sophos has released a anti-rootkit and downloaded it. I did not test against known root kits but I did check my computers. Alas did not find any valid root kits, that is because I have been vigilant. Not a fault of Sophos anti rootkit. I advise that anyone careful about their computer to download and scan the computers for rootkits as it is gaining popularity in the malware and virus scene.
The user manual is here if you want to read before downloading.


From the read me file that states some feature and other issues;
1. Key features
---------------

* Scans running processes, windows registry and local hard drives for
rootkits.

* Identifies known rootkits and selects, by default, files for removal
which will remove the rootkit component of the malware without
compromising OS integrity.

* Allows users to remove unidentified hidden files, but does not allow
removal of essential system files when hidden by an identified
rootkit.

* Once the user has run a scan, the screen prompts the user through
the necessary steps until every rootkit has been removed.

* Users can switch between the GUI and command-line functionality.

* Both context sensitive and command-line help are available.


2. Known issues
---------------

* Sophos Anti-Rootkit will work on a Terminal Services or Remote Desktop
environment but may produce this warning which can be ignored:
'Unable to flush drive C: (already open by another process)'.

* If the scan is performed while the computer is in use, false positives
may appear in the scan results. This is caused by files or registry
entries being deleted, including temporary files being deleted
automatically. We suggest you close non-essential applications and
re-run the scan.

* It may not be possible to clean up files on a removable drive or USB key.
This is because the clean up component runs before the device drivers
are loaded in the boot sequence. If this occurs, remove the removable
drive or USB key. Next, restart the computer, plug the key back in,
and scan with anti-virus software, such as Sophos Anti-Virus.

* When specifying the location of the clean up log on the command line
(sarcli -cleanlog=...), it must be on a local drive rather than a network
share. This is because the clean up component runs before the network
drivers are loaded in the boot sequence.

* The sarscan.log is cumulative and each entry is timestamped. The
sarclean.log only contains the results of the last cleanup operation
and there is no timestamp apart from the one on the file itself.

* If rootkit components are found on a drive which uses NTFS compression,
it may not be possible for SAR to identify them. In this case they will
be reported as "Unknown hidden file". This situation is not currently
supported by the product.

* Unidentified hidden files cannot be removed via the command line.
Please run the graphical user interface (sargui.exe) and refer to
section 3 of the Sophos Anti-Rootkit User Manual.