GotDotNet Workspaces
GotDotNet Workspaces is an online collaborative development environment where .NET developers can create, host and manage projects throughout the project lifecycle.
What sort of tools are available to make all of this happen? Check out the About Workspaces page for details on all the features. Still don't have the answers to all your questions? Try looking in the FAQ.…
For those of you unaware of this application, the Workspaces are an open source community written and provided free by Microsoft. Yes, you heard right. I did say open source, free, and Microsoft in the same sentence.
If this surprises you, you obviously haven't seen the ASP.NET Starter Kits, Web Matrix, TaskVision, Terrarium, or the Application Blocks. But before you start comparing Workspaces to something out of the movie Antitrust, Microsoft has a very clearly defined user agreement that states your source code will only be stored and not viewed.
http://www.gotdotnet.com/community/workspaces/docs/about.aspx
http://www.gotdotnet.com/community/workspaces/docs/faq.aspx
http://www.gotdotnet.com/community/workspaces/default.aspx
Saturday, September 27, 2003
Friday, September 26, 2003
Microsoft Bloggers
Microsoft folks are blogging about
everything from their favorite martini recipes, to marketing
challenges, to the guts of the Common Language Runtime
inside the .Net Framework. And now Microsoft is planning on
making some public noise about its support for RSS 2.0,
according to Empire Blog Watcher Mary Jo Foley.
http://www.microsoft-watch.com/article2/0,4248,933657,00.asp
Microsoft folks are blogging about
everything from their favorite martini recipes, to marketing
challenges, to the guts of the Common Language Runtime
inside the .Net Framework. And now Microsoft is planning on
making some public noise about its support for RSS 2.0,
according to Empire Blog Watcher Mary Jo Foley.
http://www.microsoft-watch.com/article2/0,4248,933657,00.asp
Thursday, September 25, 2003
Sobig.f proves why focusing on commercial spam is a mistake
One of the biggest mistakes being made on the anti-spam front by vendors, service providers, lawmakers, and lawyers is the focus they are placing on technological and legal solutions that attempt to define, in one-size-fits-all fashion, what spam is.
Many of these solutions start with the notion that spam is unsolicited commercial e-mail. They leave alone other types of unwanted e-mail --- worms, viruses, surveys, political messages, chain letters, etc ---- that are equally empowered to destroy the Internet's e-mail system.
Perhaps now, with the latest variant of the Sobig worm wreaking havoc on the Internet, these misguided anti-spam fighters will realize that defining spam is a waste of time. Tracing Sobig's footsteps and side effects,… shall reveal that focusing on any one type of unwanted e-mail leaves the Internet's e-mail system vulnerable to an irretrievable breakdown. The same industry-wide standards that could help in the battle against spam can also relieve the Internet's e-mail system of the life-threatening congestion caused by worms like Sobig.…
To cover their tracks, senders of unwanted e-mail prey on this weakness --- the ability to "spoof" an e-mail header --- in the Internet's SMTP standards. Even worse, this weakness is often exploited to make an e-mail look to the recipient as though it's coming from someone they already know. This technique increases the likelihood that the unwanted e-mail will get opened by the recipient. .
To a recipient, the Sobig worm and a spammer look very much the same. They're both the source of a tremendous amount of unwanted e-mail. They both forge the originator's credential information to cover their tracks. They both flood the Net with unnecessary traffic. They're both a drain on the recipient's (or receiving organization's) time, money, and productivity. But where they differ is in their distribution. Whereas a spammer will often send transmissions from a single or small number of addresses, Sobig works like a Distributed Denial of Service (DDoS) attack. First, it finds vulnerable systems on the Internet and then, via its payload, it deputizes them into originating more worm-laden e-mail.
The result is very spam-like. An enormous amount of e-mail traversing the Internet, all bearing forged credentials that not only aren't traceable to the originators of the worm itself, but aren't even traceable to the deputized system. But it gets worse.…
http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2914521,00.html
One of the biggest mistakes being made on the anti-spam front by vendors, service providers, lawmakers, and lawyers is the focus they are placing on technological and legal solutions that attempt to define, in one-size-fits-all fashion, what spam is.
Many of these solutions start with the notion that spam is unsolicited commercial e-mail. They leave alone other types of unwanted e-mail --- worms, viruses, surveys, political messages, chain letters, etc ---- that are equally empowered to destroy the Internet's e-mail system.
Perhaps now, with the latest variant of the Sobig worm wreaking havoc on the Internet, these misguided anti-spam fighters will realize that defining spam is a waste of time. Tracing Sobig's footsteps and side effects,… shall reveal that focusing on any one type of unwanted e-mail leaves the Internet's e-mail system vulnerable to an irretrievable breakdown. The same industry-wide standards that could help in the battle against spam can also relieve the Internet's e-mail system of the life-threatening congestion caused by worms like Sobig.…
To cover their tracks, senders of unwanted e-mail prey on this weakness --- the ability to "spoof" an e-mail header --- in the Internet's SMTP standards. Even worse, this weakness is often exploited to make an e-mail look to the recipient as though it's coming from someone they already know. This technique increases the likelihood that the unwanted e-mail will get opened by the recipient. .
To a recipient, the Sobig worm and a spammer look very much the same. They're both the source of a tremendous amount of unwanted e-mail. They both forge the originator's credential information to cover their tracks. They both flood the Net with unnecessary traffic. They're both a drain on the recipient's (or receiving organization's) time, money, and productivity. But where they differ is in their distribution. Whereas a spammer will often send transmissions from a single or small number of addresses, Sobig works like a Distributed Denial of Service (DDoS) attack. First, it finds vulnerable systems on the Internet and then, via its payload, it deputizes them into originating more worm-laden e-mail.
The result is very spam-like. An enormous amount of e-mail traversing the Internet, all bearing forged credentials that not only aren't traceable to the originators of the worm itself, but aren't even traceable to the deputized system. But it gets worse.…
http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2914521,00.html
Wednesday, September 24, 2003
Why Verisign's Wildcard DNS is a Bad Idea
Verisign, owners of what was once Network Solutions, have introduced a new wrinkle to the web. By adding 'wildcards' to their domain name settings, any domain name not found will be redirected to their 'helpful search portal.' This is because, in reality, an address was found: Verisign's wildcards match anything not found elsewhere. If the domain is found, but not the page, that domain's 'not found' page will be displayed. I'll leave it to others to discuss the technical details if they choose to.
Why is this a bad idea? Not because it annoys me personally. If that were a valid argument it would deny fans of certain television sitcoms and certain styles of music their rightful enjoyment. Verisign had a Bad Idea from a business perspective, and from a web perspective. It's a bad business model, it violates the spirit of the web, and it confuses and potentially alienates customers.
A Bad Business Model
Network Solutions was once a government-sanctioned monopoly. Not the open-to-debate type of monopoly Microsoft is accused of being, but a true monopoly. As the only vendor for domain name registration, they could essentially make their own rules.
Those days are gone. Now, domain name registrars can be found on any virtual street corner. Verisign, as the new NetSol, is trying to recover from that loss of monopoly. Let's briefly compare these two alleged monopolies, Microsoft and Verisign/Netsol. Microsoft develops (or purchases) tools that are useful to me, and which I usually have a hard time finding elsewhere for a fair price and the same quality. (I realize that's a subjective statement, so if you disagree, feel free to write your own article and make your own subjective statements to the contrary.) Microsoft has done a world-class job of marketing, making their tools the de facto standards of the software world, as far as the average end-user is concerned.
Verisign provides no services which can't be found elsewhere, at a better value for the same or superior quality. Their marketing has done nothing compelling to cause me to desire their services. Although they have lowered prices on extended domain name registration, their first-year price is exactly what it was during the days of their monopoly. This makes bad business sense when equal or better registration services are commonly available for less than one-third the cost. Higher prices, in a good business model, must be offset by some compelling reason for the customer to pay them. Verisign has not provided that reason.…
http://evolt.org/article/Why_Verisign_s_Wildcard_DNS_is_a_Bad_Idea/25/60224/index.html?format=print
Verisign, owners of what was once Network Solutions, have introduced a new wrinkle to the web. By adding 'wildcards' to their domain name settings, any domain name not found will be redirected to their 'helpful search portal.' This is because, in reality, an address was found: Verisign's wildcards match anything not found elsewhere. If the domain is found, but not the page, that domain's 'not found' page will be displayed. I'll leave it to others to discuss the technical details if they choose to.
Why is this a bad idea? Not because it annoys me personally. If that were a valid argument it would deny fans of certain television sitcoms and certain styles of music their rightful enjoyment. Verisign had a Bad Idea from a business perspective, and from a web perspective. It's a bad business model, it violates the spirit of the web, and it confuses and potentially alienates customers.
A Bad Business Model
Network Solutions was once a government-sanctioned monopoly. Not the open-to-debate type of monopoly Microsoft is accused of being, but a true monopoly. As the only vendor for domain name registration, they could essentially make their own rules.
Those days are gone. Now, domain name registrars can be found on any virtual street corner. Verisign, as the new NetSol, is trying to recover from that loss of monopoly. Let's briefly compare these two alleged monopolies, Microsoft and Verisign/Netsol. Microsoft develops (or purchases) tools that are useful to me, and which I usually have a hard time finding elsewhere for a fair price and the same quality. (I realize that's a subjective statement, so if you disagree, feel free to write your own article and make your own subjective statements to the contrary.) Microsoft has done a world-class job of marketing, making their tools the de facto standards of the software world, as far as the average end-user is concerned.
Verisign provides no services which can't be found elsewhere, at a better value for the same or superior quality. Their marketing has done nothing compelling to cause me to desire their services. Although they have lowered prices on extended domain name registration, their first-year price is exactly what it was during the days of their monopoly. This makes bad business sense when equal or better registration services are commonly available for less than one-third the cost. Higher prices, in a good business model, must be offset by some compelling reason for the customer to pay them. Verisign has not provided that reason.…
http://evolt.org/article/Why_Verisign_s_Wildcard_DNS_is_a_Bad_Idea/25/60224/index.html?format=print
Tuesday, September 23, 2003
Microsoft PowerToys for Windows XP
They're back! PowerToys are additional programs that developers work on after a product has been released to manufacturing. They add fun and functionality to the Windows experience.
Note: PowerToys operate as they should, but they are not part of Windows and are not supported by Microsoft. For this reason, Microsoft Technical Support is unable to answer questions about PowerToys. PowerToys are for Windows XP only.
Important Notes
You must uninstall your old PowerToys before installing the new ones.
PowerToys will only work with US-English regional settings.
Just look at your PowerToy choices:
http://www.microsoft.com/windowsxp/pro/downloads/powertoys.asp
They're back! PowerToys are additional programs that developers work on after a product has been released to manufacturing. They add fun and functionality to the Windows experience.
Note: PowerToys operate as they should, but they are not part of Windows and are not supported by Microsoft. For this reason, Microsoft Technical Support is unable to answer questions about PowerToys. PowerToys are for Windows XP only.
Important Notes
You must uninstall your old PowerToys before installing the new ones.
PowerToys will only work with US-English regional settings.
Just look at your PowerToy choices:
http://www.microsoft.com/windowsxp/pro/downloads/powertoys.asp
Monday, September 22, 2003
Patch issued for critical Sendmail flaw
A critical vulnerability has been found in Sendmail, the most widely used mail server software.
The vulnerability allows attackers to take control of servers using Sendmail, which is commonly used on Linux, Unix and BSD systems.
The discovery and subsequent disclosure of the security flaw comes one day after serious security problems in the OpenSSH secure shell server software were disclosed.…
It's the third time this year that a serious vulnerability has been found in Sendmail software, and the second reported by Michal Zalewski, the researcher that posted the most recent bug. The earlier bug was found by Internet Security Systems in early March.
Users can upgrade to version 8.12.10, which is not affected by the glitch, or apply a patch.
http://zdnet.com.com/2100-1105_2-5078601.html
A critical vulnerability has been found in Sendmail, the most widely used mail server software.
The vulnerability allows attackers to take control of servers using Sendmail, which is commonly used on Linux, Unix and BSD systems.
The discovery and subsequent disclosure of the security flaw comes one day after serious security problems in the OpenSSH secure shell server software were disclosed.…
It's the third time this year that a serious vulnerability has been found in Sendmail software, and the second reported by Michal Zalewski, the researcher that posted the most recent bug. The earlier bug was found by Internet Security Systems in early March.
Users can upgrade to version 8.12.10, which is not affected by the glitch, or apply a patch.
http://zdnet.com.com/2100-1105_2-5078601.html
Sunday, September 21, 2003
Don't Let Your PC Become a Porn Zombie
More than a thousand Windows PCs were hijacked recently, unbeknownst to their owners, to send spam and distribute pornography. This was done via a Trojan known as Migmaf (migrant Mafia) that turned their machines into proxies, or relay points, which hid the real servers involved. (For more information, see the article at www.wired.com/news/print/0,1294,59608,00.html.) The victim machines, controlled from afar, are often called zombies. Here's how to keep your PC from becoming a zombie in the service of spammers, pornographers, and malicious hackers.
It's important to understand that although mainstream news coverage of such exploits is a recent development, these activities have been occurring practically since the general public was allowed to use the Internet in the early 1990s. Back then, hackers who wanted to cover their tracks would take control of machines running certain programs that let Windows-based PCs share Internet connections (before Microsoft built Internet Connection Sharing into the operating system). They'd then use these machines as proxies for their attacks on other systems. When investigators tried to trace the break-ins, they would find only the Windows machine, which kept no record of the hacker's whereabouts.
Pornography and spam make for good headlines, but the purposes for which most compromised machines are used are not nearly as sensational. Most often, machines are used as repositories for warez—pirated software—or as rendezvous points for IRC sessions among hackers. They're also commonly used as soldiers (or zombies) in distributed denial-of-service (DDoS) attacks, in which large numbers of computers focus a barrage of network traffic on a single company or computer system. In most cases, users whose machines are compromised never know that their systems are being used for nefarious purposes.
You can protect your machine by learning to recognize the signs that your computer is being invaded. Are the lights on your cable/DSL modem, or network hub flashing wildly when you're not doing anything on the Net? Is your hard drive seeking frantically when the system ought to be idle? Does your system seem sluggish? While none of these symptoms are sure signs that your computer has become a zombie, they merit investigation.
If you're running Windows, try typing netstat-a in a command window. Do you see established connections to other machines, even when your browser and e-mail programs are closed? If so, your computer could be compromised. (For helpful information on the ports Trojans generally use, as well as the free PestPatrol Port Checker utility, check out http://pestpatrol.com/Support/About/About_Ports_And_Trojans.asp#advice.)
http://www.pcmag.com/article2/0,4149,1268110,00.asp
More than a thousand Windows PCs were hijacked recently, unbeknownst to their owners, to send spam and distribute pornography. This was done via a Trojan known as Migmaf (migrant Mafia) that turned their machines into proxies, or relay points, which hid the real servers involved. (For more information, see the article at www.wired.com/news/print/0,1294,59608,00.html.) The victim machines, controlled from afar, are often called zombies. Here's how to keep your PC from becoming a zombie in the service of spammers, pornographers, and malicious hackers.
It's important to understand that although mainstream news coverage of such exploits is a recent development, these activities have been occurring practically since the general public was allowed to use the Internet in the early 1990s. Back then, hackers who wanted to cover their tracks would take control of machines running certain programs that let Windows-based PCs share Internet connections (before Microsoft built Internet Connection Sharing into the operating system). They'd then use these machines as proxies for their attacks on other systems. When investigators tried to trace the break-ins, they would find only the Windows machine, which kept no record of the hacker's whereabouts.
Pornography and spam make for good headlines, but the purposes for which most compromised machines are used are not nearly as sensational. Most often, machines are used as repositories for warez—pirated software—or as rendezvous points for IRC sessions among hackers. They're also commonly used as soldiers (or zombies) in distributed denial-of-service (DDoS) attacks, in which large numbers of computers focus a barrage of network traffic on a single company or computer system. In most cases, users whose machines are compromised never know that their systems are being used for nefarious purposes.
You can protect your machine by learning to recognize the signs that your computer is being invaded. Are the lights on your cable/DSL modem, or network hub flashing wildly when you're not doing anything on the Net? Is your hard drive seeking frantically when the system ought to be idle? Does your system seem sluggish? While none of these symptoms are sure signs that your computer has become a zombie, they merit investigation.
If you're running Windows, try typing netstat-a in a command window. Do you see established connections to other machines, even when your browser and e-mail programs are closed? If so, your computer could be compromised. (For helpful information on the ports Trojans generally use, as well as the free PestPatrol Port Checker utility, check out http://pestpatrol.com/Support/About/About_Ports_And_Trojans.asp#advice.)
http://www.pcmag.com/article2/0,4149,1268110,00.asp
Subscribe to:
Posts (Atom)
Posts
