David Hibbeln pinged me this morning that Robert Hensing started a blog.  Who?  You ask?  Security Dude at Microsoft. That’s who.  Good stuff.  Subscribed!  He does the Security Incident Response stuff at Microsoft.  Talk about a “been there, seen that” kind of job.

He starts off with passphrases and getting rid of LMhash.  Start reading… and then go change your password to a passphrase.

I’m down in Los Angeles visiting with my girlfriend and her nine year old little boy is demonstrating his UC Irvine Tech Camp project.  He worked on MAC computers to do digital photography and then worked on developing a game.  The camp runs about a week and each child does a project and then presents it on the final day.  We’ve come down to also go to a baby shower for another girlfriend, but will be going to the Tech Camp presentation tomorrow. 

When I was his age, we didn’t have computer camps…. for that matter my first introduction to computers was in high school.  My goodness.. when Nathan grows up… can you imagine how much technology he will have absorbed as just “normal”. 

I had to laugh though.  On Michael Howard’s blog he talked about how he was talking to game designers on how to code more securely in the gaming industry. That’s one thing that hopefully will occur “as Nathan grows up”.  All developers will think about security.  For now, I’ll let Nathan off the hook and just sit here amazed at what a 9 year old is being introduced to. 

My sister was talking to my Dad about our city’s new natural gas/hybrid busses that have global positioning units on them so that they can track the bus locations at any point in time, have cameras on board to ensure that the driver is okay and electronically counts how many get on and get off the bus. 

Look what we now take for granted…. as I sit here typing on my laptop connected wirelessly to my friend’s computer system….and replay/tivo TV in the living room. 

Here’s to the next generation.  My hat’s off to you Nathan.

Update – photos from the “Family presentation“ at IDTechCamp are online here.

327644 – How to configure licensing on an additional Windows server in an SBS network:

324958 – How To Block Open SMTP Relaying and Clean Up Exchange Server SMTP Queues on SBS:

838183 – How to turn on the Exchange writer for the Volume Shadow Copy service in Windows Small Business Server 2003:

 830360 – Default picklist value in an opportunity is not set if the opportunity is created from lead conversion in Microsoft Business Solutions CRM:

832319 – Vertical scroll bar not visible when you add columns to a view in the Microsoft Business Solutions CRM version 1.0 Sales for Outlook client:


Office 2003 sp1 just hit the download site today

Office 2003 sp1 – http://www.microsoft.com/downloads/details.aspx?familyid=9c51d3a6-7cb1-4f61-837e-5f938254fc47

Visio – http://www.microsoft.com/downloads/details.aspx?familyid=afca0578-e1fb-4540-b0cc-ff83def61cc6

Outlook BCM – http://www.microsoft.com/downloads/details.aspx?familyid=d21f3d89-46ac-4a27-b4c7-be05723d53e5

Outlook Junk mail filter – http://www.microsoft.com/downloads/details.aspx?familyid=d8ded71e-89ed-4473-9640-13a2b799564e

Office update inventory tool – http://www.microsoft.com/downloads/details.aspx?familyid=37822f41-f749-4b7c-b4df-b052d255a1b8

Infopath toolkit – http://www.microsoft.com/downloads/details.aspx?familyid=7e9ebc57-e115-4cac-9986-a712e22879bb

Office 2003 – Office web components – http://www.microsoft.com/downloads/details.aspx?familyid=7287252c-402e-4f72-97a5-e0fd290d4b76

Project Server – http://www.microsoft.com/downloads/details.aspx?familyid=5dea5862-d534-4f17-ab08-7c9b790c5b15

OneNote – http://www.microsoft.com/downloads/details.aspx?familyid=07408348-26c9-43bb-9e7e-6151cf15d415

I saw that they announced the name of the next Star Wars movie “Revenge of the Sith”.  Just putting everyone on notice now.  I will be in Newport Beach at the Big Newport movie theater with a bunch of my friends next May.  Oh and I should also warn you that I’m known for making folks that go with our group wear matching shirts.  This photo of me was taken in line at the Big Newport before Star Wars I and beleive it or not, someone else there brought that Yoda.  For the record I wasn’t the only one who took my picture with him.  😉

If you know me, you’ll know that I quote Yoda when talking about the Small Business Server platform. 

“Size matters not. Look at me. Judge me by my size, do you?”

“Try not. Do. Or do not. There is no try.”

Personally, I think there’s a little green guy inside every SBS box.

[now back to your regularly scheduled SBS blog]
P.S.  Click on the link for Multimedia on the Big Newport link to see some photos of the “tent city” that crops up before each Star Wars showing.  I’d also recommend that you try to watch it on an IMAX screen but NOT the domed one in San Jose… find a flat IMAX instead like the one in Las Vegas in the Luxor Hotel

…with Google being affected by the Mydoom virus.  Must have Google… can’t live without google…. can’t newsgroup without google…. can’t GOOGLE without google!!

While last weeks bagel was a real “stupid computer user” virus [like a normal paranoid computer user couldn’t look at the bagel emails that had no body message, a stupid subject line and an attachment that SCREAMED “I’m a virus!  Stupid Computer User click here” and STILL click that attachment and get themselves infected, today’s MyDoom was way more believable of an email.

This Mydoom one of today was a lot more into social engineering.  I got an email this morning from my ISP that said my account had been sending out a lot of spam this weekend and that I’d better check my system with the attached file… yeah… right…I said… fat chance.  But it was still enough to trick possibly most not so paranoid folk.

This is why proactively BLOCKING these attachments is key.  The virus companies were scrambling to get the dat files out.  Don’t even let these files into your network, either using the SBS file attachment blocking wizard or using Trend [or your Antivirus] to block these.

Also on a paranoid note…I was in Macy’s tonight [a department store in my city] and I honestly do much of my shopping online and have not been in the store in a long time.  So it was pretty obvious that they were updating their database when they swiped in my Macy’s card, asked to see my Driver’s License [swiped it in], wanted my address, phone number.. and get this… asked me to enter my Social Security number on the sign-on-the-screen thingamabob.  As I entered in the Social Security number, the numbers were in plain view on the screen of the device that normally you just sign your name on. 

Okay … I think I’m getting paranoid because entering in the Social Security number freaked me out especially the fact that it was not even blocked on the screen while I was entering it…..I mean HIPAA rules are there to protect my privacy and electronic health information but what about my rights on my personal data.  I just gave Macy’s and their IT department, my credit card number, my signature image, my address, my phone number AND my Social Security number.  I have no idea if their network system is patched, scanned, and if that transmission of my Social Security number is encrypted while in transmission…I assume it is… but I really don’t know, do I?   Okay so maybe being a little too geeky and a little too paranoid is not a good thing?  😉