Monthly Archives: May 2009

Exploiting covariance with LINQ to XML

In my last post I showed how the new contravariance feature in .NET 4.0/Visual Studio 2010 for type parameters of generic interfaces makes coding with LINQ to XML easier and more straightforward. In this post I will show how the covariance of the type parameter T of IEnumerable<T> also allows us to write LINQ to XML queries in a more straightforward way.


Let’s assume we have the following XML document:


<?xml version="1.0" encoding="utf-8" ?>
<root>
<!-- comment 1 -->
<foo>foo 1</foo>
<bar>bar 1</bar>
<!-- comment 2 -->
<foo>foo 2</foo>
<bar>2</bar>
<!-- comment 3
-->
</root>

and we want to transform that document into a second one with the same root element having the same child nodes, except where all ‘bar’ child elements of the ‘root’ element node have been removed. So the result should look as follows:


<?xml version="1.0" encoding="utf-8" ?>
<root>
<!-- comment 1 -->
<foo>foo 1</foo>
<!-- comment 2 -->
<foo>foo 2</foo>
<!-- comment 3
-->
</root>

A first attempt to achieve that with LINQ to XML could look as follows:


            XDocument doc1 = XDocument.Load(@"XMLFile1.xml");

XDocument doc2 =
new XDocument(
new XElement(doc1.Root.Name,
doc1
.Root
.Nodes()
.Except(
doc1
.Root
.Elements("bar"))));

doc2.Save(Console.Out);

So we create a new XDocument with a new root XElement having the same name as the Root of the first XDocument where all child nodes except of the ‘bar’ child elements are copied.


Looks nice and straightforward only if you try to compile that with Visual Studio 2008/.NET 3.5 you get the following error: “Argument ‘2’: cannot convert from ‘System.Collections.Generic.IEnumerable<System.Xml.Linq.XElement>’ to ‘System.Collections.Generic.IEnumerable<System.Xml.Linq.XNode>'”.


The problem is that the Nodes() call returns an IEnumerable<XNode> and then the following Except() call also needs an IEnumerable<XNode> as its argument while Elements(“bar”) gives us an IEnumerable<XElement>. With generic interfaces being invariant in .NET 3.5 we can’t pass that IEnumerable<XElement> in for an IEnumerable<XNode>, although XElement is a class derived from XNode.


As a workaround we can first cast the IEnumerable<XElement> to an IEnumerable<XNode>:


            XDocument doc1 = XDocument.Load(@"XMLFile1.xml");

XDocument doc2 =
new XDocument(
new XElement(doc1.Root.Name,
doc1
.Root
.Nodes()
.Except(
doc1
.Root
.Elements("bar")
.Cast<XNode>())));

doc2.Save(Console.Out);

That way it compiles fine and produces the wanted result with .NET 3.5, only it seems desirable that you would not need that Cast<XNode>() call.


The good news is that starting with .NET 4.0 the type parameter T of IEnumerable<T> is covariant meaning where an IEnumerable<T> of a certain type T is expected we can always pass in an IEnumerable<T2> where T2 is type derived from T, as in our example where XElement is a subclass of XNode (or subsubclass to be precise).


Thus with .NET 4.0 the following compiles and works fine:


            XDocument doc1 = XDocument.Load(@"XMLFile1.xml");

XDocument doc2 =
new XDocument(
new XElement(doc1.Root.Name,
doc1
.Root
.Nodes()
.Except(
doc1
.Root
.Elements("bar"))));

doc2.Save(Console.Out);


 


 


 

En once Meses : 63,261 visitas

Segun rezan estas son las estadisticas de este humilde Blog.


Estadísticas actualizadas 1 Jun 2009@06:55GMT: 63,261 visitas [?]
El conteo es actualizado cada 24 horas, pero las actualizaciones de los mapas son diferentes deliberadamente, como es explicado en las Notas y en FAQ.

Total desde 30 Jun 2008: 63,261. 24horas previas: 187.


Cuando empecé a introducirme en todo esto de los Blogs, me sorprendía mucho cuando alguien hacia volar estadísticas del tipo “1 millón de Visitas”… “30.000 Descargas diarias” sin duda son cifras de vértigo!


A mi manera de entender, me parecía poco menos que exagerado, pensar que tantas personas pudieran interactuar contra la vitrina o expositor que expresaba las opiniones, consejos y en definitiva las explicaciones de la bitácora de vuelo de un navegante más.


“Pensando en los millones de navegantes que hay por ahí, con un montón de cosas para explicar, mucho más interesantes que yo.” Siempre tenía la sensación que esas personas debían estar 24h pendientes de todo el meollo para poder atender ese frenético ritmo de “visitaciones”.


Pues mi sorpresa se hace realidad cuando después de 11 meses de Blog me encuentro con las inevitables estadísticas y hago realidad del hecho de haber recibido más de 63 mil Visitas.


Estoy convencido que un número tan modesto deja indiferente (o provoca una sonrisa insolente en el peor de los casos) a la gran mayoría de analistas en estadísticas web. Sin embargo reflexionando y pensando que quizás probablemente esos 63 mil accesos han sido provocados por las mismas personas (unos pocos miles) buscando una y otra vez algo que no encuentran y pensando que al final lo han encontrado y les ha sido útil; explicare que provocan el despertar de una sensación de satisfacción muy gratificante, de una sensación de agradecimiento, pues intentando servir y con la responsabilidad de sentirme leído, me renueva el compromiso y las ganas de continuar aquí dedicando esas escasas horas de ocio, mejorando desde la trastienda de la tecnología, con mi granito de arena y la única intención de acortar la distancias entre la cabeza de carrera, el pelotón y el furgón de cola (desde donde os escribo) J.


Cuidaros mucho y no olvidéis que estoy aquí por vosotros.
Pep Lluis,

More on optimization, HTTP 304s etc. – a solution?

In my last post Optimization, BLOB caching and HTTP 304s, I did a fairly lengthy walk-through on an issue I’d experienced with SharePoint publishing sites. A few people commented, mainly saying they’d noticed the same thing, but there have been further developments and findings I wanted to share!

Quick recap

Under certain circumstances some files in SharePoint are always re-requested by the browser despite being present in the browser cache (“Temporary internet files”). Specifically this is observed for files stored in the Style Library and Master Page Gallery, for anonymous users. Although SharePoint responds with a HTTP 304 to say the cached file can indeed be used (as opposed to sending the file itself again), we effectively have an unnecessary round-trip to the server for each file – and there could be many such files when all the page’s images/CSS/JS files are considered. This extra network traffic can have a tangible impact on site performance, and this is magnified if the user is geographically far away from the server.

A solution?

Waldek and I have been tossing a few development matters around recently over e-mail, and he was curious enough to investigate this issue for himself. After reproducing it and playing around for some time, Waldek discovered that flushing the disk-based cache seems to cause a change in behaviour – or in layman’s terms, fixes everything. To be more specific, we’re assuming it’s a flush of the BLOB cache which is having the affect – in both Waldek’s test and my subsequent validation, the object cache was also flushed as well:

FlushDiskCache

After the OK button is hit on this page, the problem seems to go away completely, so now when the page is accessed now for the first time as an anonymous user, the correct ‘max-age’ header is added to the files (as per the BLOB cache declaration in web.config) – contrast the ‘max-age=86400’ header on the Style Library files with what I documented in my last post:

AnonymousCorrectHeadersAfterFlushCache

This means that on subsequent requests, the Style Library files are served directly from the browser cache with no 304 round-trip:

SecondRequestNo304s

This is great news, as it means the issue I described is essentially a non-issue, and there is therefore no performance penalty for storing files in the publishing Style Library.

So what gives?

I’m now wondering if this is just a ‘gotcha’ with BLOB caching and publishing sites. I know other people have run into the original issue due to the comments on my previous post, and interestingly enough one poster said they use reverse proxy techniques specifically to deal with this issue. Could it really be that everybody who sees this behaviour just didn’t flush the BLOB cache somewhere along the way, when it’s actually a required step? Or is the testing that Waldek and I did flawed in some way? Or indeed, was my initial investigation flawed despite the fact others reported the same issue?

I am interested to hear from you on this – if you can reproduce the problem I’ve described with a publishing site you’ve developed, does flushing the BLOB cache solve it for you as described here? Leave a comment and let us know!

Good work Waldek :-)

[OpsMgr] DB Grooming – How it works

I came across this post on Steve Rachui's Manageability blog – ConfigMgr/OpsMgr : “ A while back I wrote up a blog post on how grooming works for the OpsMgr DB and the warehouse http://blogs.msdn.com/steverac/archive/2007/12/13/scom-2007-operational…(read more

Phishers Try MSN Worms to steal credentials

At the University of Alabama at Birmingham our Computer Forensics students are working on a large number of spam and phishing related projects. One of those includes tracking the Fast Flux nodes related to various botnets. As I was meeting with one of the students this week to talk about a particular phishing botnet we noticed that the hosts were doing something that seemed to be related to MSN.



In this particular botnet, computers take turns hosting the phishing websites for various banks. For instance at the end of this week, the botnet was hosting phishing sites like these:

www.mybank.alliance-leicester24.com
www.mybank.alliance-leicester39.com
www.mybank.alliance-leicester93.com
www.mybank.alliance-leicester01.cn
www.mybank.alliance-leicester98.cn

or these:

mibusinessonlinebanking.mibank.com.dir-27612.ffifjl1.com
mibusinessonlinebanking.mibank.com.dir-4712.fjfl1j.net
mibusinessonlinebanking.mibank.com.dir-7158.f1ifjl1.net

or these:

www.bankofscotlandbusiness.co.uk.session64016.sterrss.com
www.bankofscotlandbusiness.co.uk.session6297.vdsl1.com

or these:

www.bankofamerica.com.srv_28742.idfsre.com
www.bankofamerica.com.srv_1470.nfillil.com.sg
www.bankofamerica.com.srv_31682.fgtsssa.com
www.bankofamerica.com.srv_77000.nfillil.net.sg
www.bankofamerica.com.srv_67075.fjtiili.com
www.bankofamerica.com.srv_7688390.hftiili.be
www.bankofamerica.com.srv_07430.fgtsssa.co.uk
www.bankofamerica.com.srv_26497.nfillil.org.sg
www.bankofamerica.com.srv_92855.idfgtid.cz

The phishers are still doing that, of course, but as we were exploring the IP addresses being used by the botnet for hosting these phishing sites (more than 250 of them since Thursday afternoon), we found some domains that didn’t fit this pattern.

my-secret-gallery-download.com



First we checked out the WHOIS information . . .

Registered May 15, 2009 at XIN NET Technologies . . .

Using the nameserver NS1.MY-CHEERFUL-DNS.COM

And oh, look! Our old friend Pan Wei Wei!

Registrant:
Organization : Pan Wei wei
Name : Pan Wei wei
Address : BaoChun Rd. 27, No. 3, 1F, Apt. 1903
City : Bejing
Province/State : Beijing
Country : CN
Postal Code : 100176
Email: 127@126.com

Pan Wei Wei has been involved with this particular botnet since at least October, as others have noticed as well. For instance, see Dancho Danchev’s blog entry from December. Dancho follows the popular trend of wrongly calling this the “Rock Phisher”, but that’s a common misperception, and he certainly ACTS like the Rock phisher. We prefer the term “Rock-Like”, but that’s not the point here. Dancho and many others have good evidence on this guy.

Pan Wei Wei used to prefer his gmail address – escap3@gmail.com or clu3less@gmail.com – but apparently he no longer uses those.

After Googling around a bit and checking the UAB Spam Data Mine, we find that this domain is not being used in spammed email, but is rather being used in an MSN message worm.

Messages are received such as:

damn, saw naked pics of yours or maybe the one in pic is similar to you …. crazy lol http://my-secret-gallery-download.com/pic_gallery.html

or

phewww +o( unbelivable, is that you??? who ever is it…is really similar to you lol … http://my-secret-gallery-download.com/pic_gallery.html

The criminal needs to update his graphics on this one. What’s supposed to happen here is that a graphic is displayed from one of several random ImageShack locations. Above the image are the words:

Click on the image to download the party pictures gallery…
(Click Open or Run when prompted.)

Clicking on the image will actually run this file:

http://my-secret-gallery-download.com/pic_gallery.php

Which causes you to download this file:

image_gallery.scr

File size: 31745 bytes
MD5 : fa0e304fa4c11a89a2345e009ecebf1c

The detection of this file as a virus is actually quite high. 34 out of 40 anti-virus tools now detect this malware, including Microsoft who labels the malware

Microsoft 1.4701 2009.06.01 VirTool:Win32/Obfuscator.FI

Virus Total Analysis here




picy-pictures.com



The next interesting looking website was picy-pictures.com

A WhoIs check confirms that this domain was also created by Pan Wei Wei, although this is more recent – with a created date of May 28, 2009. It also uses the nameserver NS1.MY-CHEERFUL-DNS.COM (and NS2, NS3, NS4).



This one is a much clearer phishing attempt. Here we are asked right at the beginning to provide our MSN userid and password in order to view the 35 pictures in our Private Gallery.

Userids and passwords are checked immediately. If you provide fake data, you get “invalid login! please try again…”

If you provide real data, someone will need to tell me what it does, because I don’t have an MSN account that I would like to share with the criminals.

It was interesting to me that although they chose to host this site on a botnet, where each computer on the botnet is a potential host to help them anonymize the source, they chose to hard code an IP address of their stylesheets and javascript programs:

69.90.81.132

There are two domain names associated with that IP address:

hotmail-timeout.com

and

pictures-bucket.com

I wonder if those might be similar scams?

Given that they were also both registered by Pan Wei Wei using XIN NET TECHNOLOGY as the registrar, I feel that it might be a safe bet. Hotmail-Timeout.com was registered March 15, 2009. Pictures-bucket.com was registered April 24, 2009.

The last interesting domain we are seeing on this botnet is:

hotmail-live-inbox.com



Registered May 26, 2009 by Pan Wei Wei on XIN NET TECHNOLOGY using Name Servers NS1.MY-CHEERFUL-DNS.COM (and NS2, NS3, NS4)

We found a post about this one from Steve Swift at on a Vista Forum.

Steve had received a new email from Haris_Sheikh, which he knew because he had a link sent to him from an offline colleague:

You have received (1) new email from haris_sheikh.
http://www.hotmail-live-inbox.com/?user=haris_sheikh

Clicking on the link gave him a “System Notice” that read like this:

Your Live Account is about to get expired. For further details please visit,
http://www.hotmail-live-inbox.com/

If you’ve been a victim of any of these type of frauds, you may have bigger problems than you know. We’ve seen hotmail and live.com accounts used to try to scam the friends who send you email (see our blog article on Traveler Scams.)

For some of them, changing your live.com/hotmail password might help —

https://account.live.com/ChangePassword.aspx

For other support on your hotmail or live.com emails you can visit:

support.live.com

To report possible fraud on your live.com account, you can usethis live.com reporting form.

For others, you probably have malware running on your computer which is being used to send spam and steal your passwords!























http://my-secret-gallery-download.com/pic_gallery.html

Exploiting contravariance with LINQ to XML

Covariance and contravariance for generic interfaces are new features in C# and VB.NET in Visual Studio 2010 respectively the .NET framework 4.0. Generic interfaces like IEnumerable<T> or IEqualityComparer<T> in the .NET framework 4.0 use these new features. Starting with .NET 4.0 the type parameter T in IEqualityComparer<T> is contravariant. That can make coding with LINQ to XML easier, as the class XNodeEqualityComparer implements IEqualityComparer<XNode> where XNode is a common base class for other LINQ to XML classes like XElement.


Let’s look at an example. Assume we have the following XML document


<?xml version="1.0" encoding="utf-8" ?>
<root>
<items>
<item>
<foo>a</foo>
<bar>1</bar>
</item>
<item>
<foo>b</foo>
<bar>2</bar>
</item>
<item>
<foo>a</foo>
<bar>1</bar>
</item>
<item>
<foo>c</foo>
<bar>3</bar>
</item>
<item>
<foo>c</foo>
<bar>3</bar>
</item>
</items>
</root>

and we want to use LINQ to XML to extract distinct items where we use XNodeEqualityComparer to compare the ‘item’ elements in the XML document.


You could be tempted to try it as follows:


            XDocument doc = XDocument.Load("XMLFile1.xml");

var distinctItems =
doc
.Root
.Element("items")
.Elements("item")
.Distinct(new XNodeEqualityComparer())
.Select(i => new { foo = (string)i.Element("foo"), bar = (int)i.Element("bar") });

foreach (var item in distinctItems)
{
Console.WriteLine(item);
}

but with .NET 3.5 that does not compile, complaining “Instance argument: cannot convert from ‘System.Collections.Generic.IEnumerable<System.Xml.Linq.XElement>’ to ‘System.Collections.Generic.IEnumerable<System.Xml.Linq.XNode>'” on the Distinct(new XNodeEqualityComparer()) call. That happens because Elements(“item”) gives us an IEnumerable<XElement> and subsequently the Distinct method wants an IEqualityComparer<XElement> to be passed in while we only pass in an IEqualityComparer<XNode>.


With .NET 3.5 to work around that problem we first have to cast IEnumerable<XElement> up to IEnumerable<XNode> before we call Distinct(new XNodeEqualityComparer()) and then down again after the Distinct() call:


            XDocument doc = XDocument.Load("XMLFile1.xml");

var distinctItems =
doc
.Root
.Element("items")
.Elements("item")
.Cast<XNode>()
.Distinct(new XNodeEqualityComparer())
.Cast<XElement>()
.Select(i => new { foo = (string)i.Element("foo"), bar = (int)i.Element("bar") });

foreach (var item in distinctItems)
{
Console.WriteLine(item);
}

That compiles fine and nicely returns only distinct items:


{ foo = a, bar = 1 }
{ foo = b, bar = 2 }
{ foo = c, bar = 3 }


With .NET 4.0 however the type parameter T of IEqualityComparer is contravariant meaning if we have a method expecting an IEqualityComparer<XElement> it suffices to use a base type of XElement like XNode and thus with .NET 4.0 our original attempt compiles and runs fine:


            XDocument doc = XDocument.Load("XMLFile1.xml");

var distinctItems =
doc
.Root
.Element("items")
.Elements("item")
.Distinct(new XNodeEqualityComparer())
.Select(i => new { foo = (string)i.Element("foo"), bar = (int)i.Element("bar") });

foreach (var item in distinctItems)
{
Console.WriteLine(item);
}


 


 


 


 

Adobe Acrobat Stack Exhaustion DoS Vulnerability

Adobe Acrobat is prone to a denial-of-service vulnerability because the application fails to perform adequate boundary-checks on user-supplied data.   Attackers can exploit this issue to cause the affected application to crash, effectively denying service. Arbitrary code execution may be possible, but has not been confirmed.

Adobe Acrobat 9.1.1 is vulnerable; other versions may also be affected.

NOTE: This BID was previously classified as a buffer-overflow. Further analysis reveals that it is a stack exhaustion, and code execution is unlikely.

Vulnerable:
Adobe Acrobat Reader 9.1.1
Adobe Acrobat 9.1.1

PoC is available

http://www.securityfocus.com/bid/35148/discuss

Serie de Webcast de Exchange 2010

Gente les dejo un listado con la serie de Webcast de Exchange 2010, espero que les sirva


6/1/09 – 9:00am PT: TechNet Webcast: Exchange 2010 High Availability
Welcome to the future! The future of Exchange high availability, that is.  In this webcast, we reveal the changes and improvements to the built-in high availability platform in Exchange Server 2010.  Exchange 2010 includes a unified framework for high availability and disaster recovery that is quick to deploy and easy to manage. Learn about all of the new features in Exchange 2010 that make it the most resilient, highly available version of Exchange ever.
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416676&Culture=en-US


6/3/09 – 9:00am PT: TechNet Webcast: Exchange 2010 Overview
This webcast will introduce you to Exchange Server 2010, reviewing the major areas of investment for this release and highlighting marquee features.
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416679&Culture=en-US


6/8/09 – 1:00pm PT: TechNet Webcast: Exchange 2010 Management Tools
Exchange 2010 includes new capabilities that make the operation of your Exchange environment more efficient.   Learn how we’ve made the Exchange Management Console more powerful, extended the reach of PowerShell, and made it easier to delegate management tasks.
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416687&Culture=en-US


6/10/09 – 9:00am PT: TechNet Webcast: Exchange 2010 Archiving and Retention
This webcast will introduce new ways to address archiving and retention with Exchange Server 2010.
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416694&Culture=en-US


6/15/09 – 9:00am PT: TechNet Webcast: Exchange 2010 Outlook Web Access
Exchange 2010 brings new features and functionality to Outlook Web Access. See product demonstrations of the latest capabilities and understand how browser-based communication and collaboration gets better than ever in Exchange 2010.
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416702&Culture=en-US


6/17/09 – 9:00am PT: TechNet Webcast: Exchange 2010 Architecture
This webcast describes the overall architecture of Exchange 2010 and key considerations for the scalability and performance of each server role. This webcast will provide the background and framework for the other Exchange 2010 webcasts, serving as a bridge between the overview session and drill-downs in each product area. This webcast is a recommended pre-requisite for the Exchange 2010 transition and deployment webcast.
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416706&Culture=en-US


6/22/09 – 9:00am PT: TechNet Webcast: Federation in Exchange 2010
Federation is a key part of the architecture of Exchange 2010, powering new organization-to-organization sharing scenarios.  Learn how federation enhances the capabilities of Exchange 2010 and enables advanced coexistence between Exchange Server and Exchange Online.
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416724&Culture=en-US


6/24/09 – 9:00am PT: TechNet Webcast: Exchange 2010 Voice Mail enabled by Unified Messaging
Exchange 2010 Unified Messaging is Microsoft’s second generation unified messaging and voice mail solution. In this webcast, learn about the features, benefits, and architecture of  Unified Messaging in Exchange 2010. 
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416726&Culture=en-US


6/24/09 – 9:00am PT: TechNet Webcast: Exchange 2010 Information Protection and Control
This webcast will introduce you to new ways to address information protection and control with Exchange Server 2010. A discussion of the use of encryption and rights management in parallel with Exchange will be included as well as an introduction to new functionality in Exchange that supports information protection scenarios.
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416728&Culture=en-US


7/1/09 – 9:00am PT: TechNet Webcast: Exchange 2010 Transition and Deployment
In this session we will cover the migration planning and deployment path to move an organization from Exchange 2003 or Exchange 2007 to Exchange 2010.
http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032416708&Culture=en-US


 


Carlos Dinapoli

Desarrollar aplicaciones y servicios Web a gran escala

El equipo de Event Production de Microsoft MSDN & TechNet para América Latina, me invitó a dictar un webcast sobre la manera que Microsoft SQL Server 2008 y otros servicios de plataforma de datos le ayudan a crear su arquitectura y desarrollar sus aplicaciones para lograr gran rendimiento, baja latencia y alta disponibilidad, además de predecir el rendimiento y el costo total. Los interesados en el evento se pueden conectarse y compartir sobre los últimos adelantos en esta área.

Actualización:  Como el evento ya paso pueden bajar el video utilizando el mismo URL.

 URL del Evento: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032407066&Culture=es-AR

Fecha: el 2-jun-2009 a las 3:00:00 PM (GMT -5).

Antes de conectarse les recomiendo los siguientes sitios para asegurar que su computador tenga la configuración necesaria:

  1. Descarga cliente Live Meeting 2007
  2. Ayuda Live Meeting 2007 (Inglés)
  3. Recomendaciones con Live Meeting 2007  

Bing.com’s key areas and what it replaced/rebrand on Microsoft products?

Microsoft revealed the other day that Bing.com will be available next week (June 3 is the plan date to launch Bing).  If you are wondering what is Bing.com and what Microsoft products or services is replaced or rebrand by Bing:

Bing.com is a new Decision Engine:  This means you can use Bing.com to search (like what Live.com, Google.com, Yahoo.com is offering).  The difference is Bing.com will hopefully provide people a search engine that focuses on the following areas:

  1. Making a purchase decision
  2. Planning a trip
  3. Researching a health condition
  4. Finding a local business

The above four topics is the initial focus by Bing because….. see next topic why those are the initial focus.

Microsoft products or services replaced/rebranded by Bing.com:

  1. Virtual Earth is now rebranded as Bing Maps for Enterprise
  2. The acquired Farecast (also here – Farecast Live) is now part of Bing Travel (Note: Farecast was acquired by Microsoft on April 9, 2008.  See Microsoft’s Acquisition History webpage)
  3. The Cash Back program is now rebranded as Bing Cashback

So that is why the focus of Bing.com is to help people with their purchase decision (Cashback), travel plans (Farecast), local business finder (Virtual Earth/Bing Maps).  As to “researching health condition” in one of the key areas…. well, since they found out that shopping, travel and business information are the popular areas where people in the business and consumers spend time during a search, they also identified that people research about health so their upcoming decision search engine, Bing.com will cover that also by providing faster and relevant searches.  They noted the Ipsos 2009 survey results (over thousand of participants only) in identifying the said key areas on what people actually search:

66 percent of people are using Internet search more frequently to make complex decisions,* Microsoft identified three design goals to guide the development of Bing.

Anyway, so the above what I gathered after reading their Press Release on Bing.  If you go that page, you’ll see more links to read about Bing, if you are interested to know what Bing want to serve you but if you like to hear from Bing Team…. head over at their blog.

As to why they choose the name, Bing… I don’t know. They said it’s fresh and new approach but I have a friend name Bing.  She’s very aggressive person.  Let’s see if Bing.com is going to be aggressive :-D

Exchange 2010 sessions from TechNet & TechEd

The You Had Me At EHLO blog have a nice list of upcoming Exchange 2010 TechNet sessions:

TechNet Webcast: Exchange 2010 High Availability (Level 300)
Monday, June 01, 2009 9:00 AM Pacific Time
Event Overview:
Welcome to the future!  The future of Exchange high availability, that is.  In this webcast, we reveal the changes and improvements to the built-in high availability platform in Exchange Server 2010.  Exchange 2010 includes a unified framework for high availability and disaster recovery that is quick to deploy and easy to manage. Learn about all of the new features in Exchange 2010 that make it the most resilient, highly available version of Exchange ever.
Presenter: Scott Schnoll, Principal Technical Writer, Microsoft Corporation

TechNet Webcast: Exchange 2010 Overview (Level 200)
Wednesday, June 03, 2009 9:00 AM Pacific Time
Event Overview: This webcast will introduce you to Exchange Server 2010, reviewing the major areas of investment for this release and highlighting marquee
features.
Presenter: Angi Livermore, Tech Solution Prof – Core UC, Microsoft Corporation

TechNet Webcast: Exchange 2010 Management Tools (Level 300)
Monday, June 08, 2009 1:00 PM Pacific Time
Event Overview: Exchange 2010 includes new capabilities that make the operation of your Exchange environment more efficient. Learn how we’ve made the Exchange Management Console more powerful, extended the reach of PowerShell, and made it easier to delegate management tasks.
Presenter: Evan Dodds, US-Exchange Shared PM, Microsoft Corporation

TechNet Webcast: Exchange 2010 Archiving and Retention (Level 300)
Wednesday, June 10, 2009 9:00 AM Pacific Time
Event Overview: This webcast will introduce new ways to address archiving and retention with Exchange Server 2010.
Presenter: Harold Wong, Senior IT Pro Evangelist, Microsoft Corporation

TechNet Webcast: Exchange 2010 Outlook Web Access (Level 200)
Monday, June 15, 2009 9:00 AM Pacific Time
Event Overview: Exchange 2010 brings new features and functionality to Outlook Web Access. See product demonstrations of the latest capabilities and understand how browser-based communication and collaboration gets better than ever in Exchange 2010.
Presenter: Gary Danoys, Tech Solution Prof – Core UC, Microsoft Corporation

TechNet Webcast: Exchange 2010 Architecture (Level 300)
Wednesday, June 17, 2009 9:00 AM Pacific Time
Event Overview: This webcast describes the overall architecture of Exchange 2010 and key considerations for the scalability and performance of each server role. This webcast will provide the background and framework for the other Exchange 2010 webcasts, serving as a bridge between the overview session and drill-downs in each product area. This session is a recommended pre-requisite for the Exchange 2010 deployment and migration webcast.
Presenter: Ross Smith, ITOE Senior IP Tech Architect, Exchange, Microsoft Corporation

TechNet Webcast: Federation in Exchange 2010 (Level 300)
Monday, June 22, 2009 9:00 AM Pacific Time
Event Overview: Federation is a key part of the architecture of Exchange 2010, powering new organization-to-organization sharing scenarios. Learn how federation enhances the capabilities of Exchange 2010 and enables advanced coexistence between Exchange Server and Exchange Online.
Presenter: Paul Tischhauser, Principal Program Manager Lead, Microsoft Corporation

TechNet Webcast: Exchange 2010 Voice Mail enabled by Unified Messaging (Level 300)
Wednesday, June 24, 2009 9:00 AM Pacific Time
Event Overview: Exchange 2010 Unified Messaging is Microsoft’s second generation unified messaging and voice mail solution. In this webcast, learn about the features, benefits, and architecture of  Unified Messaging in Exchange 2010.
Presenter: Michael Wilson, Principal Program Manager Lead, Microsoft Corporation

TechNet Webcast: Exchange 2010 Information Protection and Control (Level 300)
Monday, June 29, 2009 9:00 AM Pacific Time
Event Overview: This webcast will introduce you to new ways to address information protection and control with Exchange Server 2010. A discussion of the use of encryption and rights management in parallel with Exchange will be included as well as an introduction to new functionality in Exchange that supports information protection scenarios.
Presenter: Harold Wong, Senior IT Pro Evangelist, Microsoft Corporation

TechNet Webcast: Exchange 2010 Transition and Deployment (Level 300)
Wednesday, July 01, 2009 9:00 AM Pacific Time
Event Overview: In this session we will cover the migration planning and deployment path to move an organization from Exchange 2003 or Exchange 2007 to Exchange 2010.
Presenter: Kristian Andaker, Principal Group Program Manager, Microsoft Corporation

Meanwhile, while reading Henrik Walther Blog, I noticed there are some cool sessions from TechEd USA that are now available to the general public:

The Technology Post for May 29th

If you are looking to follow this series, be sure to subscribe to my RSS feed at http://feeds.jasongaylord.com/JasonNGaylord or my Twitter account at http://twitter.com/jgaylord. This series can be followed by using the The Technology Post tag.
Series Post #22

Daily Joke – Dilbert (Suggested by J. Ambrose Little)

Alternate Languages – Java, Rails, and other Languages

Architecture, Design Patterns, and Testing

ASP.NET and ASP.NET MVC

Books

Desktop and Server Technology

Web Design, Layout, and Graphic Design

JavaScript and JavaScript Libraries

Podcasts and Videos

Silverlight, WPF, and RIA

Social Networking and Community Platforms

Miscellaneous Technology Announcements and News

Other Resources

Call For Speakers (Sorted by Date)

Upcoming Technology Events (Sorted by State) – Want something listed? Post your comments. Also, what’s the best way for me to list these events? By date order or by state, then city, then date?

var dzone_url = ‘http://weblogs.asp.net/jgaylord/archive/2009/05/29/the-technology-post-for-may-29th.aspx'; var dzone_title = ‘The Technology Post for May 29th'; var dzone_blurb = ‘The Technology Post for May 29th'; var dzone_style = ‘1’;

Zoller: Mozilla does not acknowledge DoS bugs

Thierry Zoller, a security researcher is not happy that Mozilla is not acknowledging Denial of Service bugs or security issues that are less critical.

I am tired of seeing the security/patch statistics where one browser is compared to another. When Microsoft doesn’t patch a DoS bug for 6 month it negatively impacts the statistic, Mozilla doesn’t acknowledge DoS bugs nor to they officially issue advisories. Go to bugzilla, search a bit and draw you own conclusion, there are DoS bugs that are 3 years old that have not been patched. Are these included in the statistics – no.

More at http://blog.zoller.lu/2009/05/advisory-firefox-denial-of-service.html

He’s referring to the security issue on Firefox v3.0.10.

Installing VisualSVN in a Virtual PC

I’m moving all of my development environment over to a few different VPCs so that way it’s easier to archive my environment when a new one is released. So, I setup a new VPC with Vista SP2 and installed Visual Studio 2008 (with SP1). I wanted to install a Subversion client, more specifically Visual SVN, which usually requires a base Subversion library. In my case, I needed to install Tortoise SVN. When I tried to install it, I received a dialog box in the Microsoft Installer that read:

Please wait while the installer finishes determining your disk space requirements.

After poking around on the web, it seems like many have suggested uninstalling the Virtual Machine Additions. That didn’t work for me, so I began to look into the switches I could use for msiexec. After fudging around a bit, I came up with some ideas, then validated those ideas when I found a post by Hai Ning. The final command was:

msiexec.exe /package MSIPackageName.msi /qr

Both Tortoise and Visual SVN installed fine. The switch suppressed the dialogs on the main package.

var dzone_url = ‘http://weblogs.asp.net/jgaylord/archive/2009/05/29/installing-visualsvn-in-a-virtual-pc.aspx'; var dzone_title = ‘Installing VisualSVN in a Virtual PC'; var dzone_blurb = ‘Installing VisualSVN in a Virtual PC'; var dzone_style = ‘1’;

Microsoft anuncia o novo Bing!

Bing é o novo buscador da Microsoft. E, com um site demonstrativo na rede, já tem data de lançamento prevista para funcionar: quarta-feira, 3 de junho.

A confirmação do nome foi dada por Steve Ballmer, no dia 28/05/2009, em conferência do “All Things Digital“, promovido pelo Wall Street Journal. O CEO, na apresentação, até brincou que a alcunha não deveria ser Kumo, como antes era previsto, nem Bing, e sim, “Boom!“, em alusão ao grande barulho que o lançamento causará.

O DiscoveryBing, que aparece relacionado a URL do site original (www.bing.com), tem a função de preparar os usuários para a ferramenta que está por vir. Não que ela seja de uso complexo, ou bem diferente dos outros sites de pesquisa, mas há uma série de vídeos explicativos e depoimentos da equipe que participou da criação desta nova ferramenta.

Visite http://www.DiscoverBing.com/ para obter maiores informações!

Linksys WAG54G2 Web Management Console Remote Arbitrary Shell Command Injection Vulnerability

Linksys WAG54G2 router is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data.
Remote attackers can exploit this issue to execute arbitrary shell commands with superuser privileges. This may facilitate a complete compromise of the affected device.
Linksys WAG54G2 with firmware V1.00.10 is affected; other versions may also be vulnerable.

Vulnerable:  Linksys Wireless-G ADSL2+ Gateway WAG54G2 1.0.10 (Firmware)

http://www.securityfocus.com/bid/35142/discuss

Vendor’s reaction / issue history
The research was performed in early 2009.
The vendor was notified on 18.03.09.
Quick response (within one day)
Quick confirmation of the issue (within few days).
No fix till now (15.05.2009)
15.05.2009 – public disclosure

http://www.securitum.pl/dh/Linksys_WAG54G2_-_escape_to_OS_root

El viaje más caro de mi vida .. hasta ahora

Como suele suceder para finales del primer cuarto del año, este año asistí al MVP Global Summit en la ciudad de Seattle, Washington.  Una reunión que a lo largo de los años me ha dejado experiencias personales y profesionales muy enriquecedoras.  Este año me dejó las experiencias y lecciones más inolvidables y dificiles de digerir.


Como parte de ese viaje decidimos, con mi socio, visitar la ciudad de Vancouver en Canadá.  Y como hacemos en algunas ocasiones llevamos nuestros portatiles, así como varias cosas de tecnología con nosotros.  Aunque generalmente somos muy cuidadosos, esta vez algo falló y nos robaron las maletas que teniamos en la cajuela del carro mientras almorzabamos.  Aparentemente esto es algo demasiado común en Vancouver, por el alto indice de drogadictos que buscan carros rentados, especialmente con placas de U.S. (algo que nos explicó la policia es que es mejor quitarles las etiquetas que van en los parchoques o en cualquier parte que dejen ver que es rentado), seguros que ahí encontraran cosas de valor (como tristemente fue en nuestro caso).


Aunque inicialmente pense que la situación iba a ser totalmente catastrofica porque recordaba que mi pasaporte con la VISA de Canada, la VISA de U.S., el formato I-94 se encontraban en mi backpack.  Por un golpe de suerte mi compañero puso los papeles por error en una guantera del carrro (definitivamente algo raro pasaba ese día porque yo nunca me separo de mi pasaporte…).


Al final, la situación se resumió en dos maletas menos con todo su contenido (laptops, GPS, una cantidad de discos duros externos, y todos los gadgets que solemos cargar los amantes de la tecnología…).


Pero ahí empezó también nuestro otro gran dilema: “Que hay sobre la información en todos esos medios?”


Aunque precisamente por el tipo de trabajo que hago apoyando a las compañias en buenas prácticas asociadas a la tecnología, esperaba que la situación no fuera tan crítica, una serie de eventos se confabularon para que al menos perdiera unas 3 semanas de trabajo:


  • Venia de dos viajes casi consecutivos de más de 10 días cada uno.
  • La política de backup semanal había fallado constantemente antes de los viajes por espacio en el disco de destino.
  • La política de backup diario estaba asociada a un disco portatil que también se perdió en el robo.
  • La noche antes de viajar intenté hacer backup pero fallo nuevamente por espacio .

Aunque el riesgo de que puedan acceder a la información (information disclosure) en este caso es mínimo (siempre habrá opciones de todas maneras), la pérdida del trabajo total no la hemos terminado de estimar.


Esto me lleva a hacerles un par de recomendaciones especialmente dirigidas a los usuarios de portatiles:


  • Establezcan políticas de backup que minimicen la cantidad de información nueva que no está protegida por periodos largos de tiempo.
  • Dispongan siempre de espacio suficiente para cumplir con su política de retención de backups.  En mi caso retengo solamente el backup inicial, el anterior y el que estoy realizando, pero un crecimiento explosivo en el tamaño de los archivos hizo que no se pudiera terminar el nuevo backup.  En este viaje ya llevaba una solución entre manos incluso antes de que nos robaran había comprado el Disco Maxtor OneTouch™ III Turbo Edition para solucionar mi problema de backups personales.
  • Los backups tienen múltiples objetivos, no enfoque sus backups con uno solo.  Bien sea para protegernos contra fallos de hardware, contra acciones involuntarias o malintencionadas sobre la configuración dle sistema operativo o las aplicaciones, o como en este caso ante la pérdida del equipo, al final lo que debe garantizar es tener la información disponible ante cualquier evento.  En mi caso cargar el otro disco con el backup diario en la misma ubicación con el laptop, fue un error grave, principalmente porque enfoque el backup solamente como un medio de protección contra fallos de hardware.
  • Utilicen diferentes tipos de backup.
  • Si va a viajar haga backup antes que cualquier cosa, no lo deje para último momento cuando algo puede fallar y no va a tener tiempo para solucionarlo.
  • Minimice el uso de tarjetas de almacenamiento portátiles (memorias USB, external H.D.D., SD, CF, etc), como medio de almacenamiento definitivo.  Estas tarjetas son principalmente para transferir información, no para guardarla definitivamente.  En mi caso se robaron un par de tarjetas, una SD (que solo usaba para ReadyBoost ), y otra USB que utilizo para transportar archivos, por lo que no tenia nada.
  • Proteja sus discos con mecanismos de autorización y encripción adecuados.  Windows Vista y Windows 7 permiten encriptar sus discos con BitLocker o por ejemplo herramientas como TrueCrypt, ambos permiten encriptar sus discos sin tener una disminución  apreciable en el rendimiento.  En el caso de Windows Vista la única limitación es que el equipo debe tener un dispositivo TPM (Trusted Platform Module), en Windows 7 uno de los cambios más importantes en esta área es precisamente que ya no se necesita un dispositivo TPM.
  • No almacene contraseñas, así sea en su propio computador.

Saludos, desde mi nuevo portátil.


 P.D.  Si alguién les ofrece un portatil Hp tx2022us de serie 13YL, no lo compren, por favor haganmelo saber (this is a small world, belive me).

Mozilla Firefox ‘keygen’ HTML Tag DoS Vulnerability

Mozilla Firefox is prone to a remote denial-of-service vulnerability.
Successful exploits can allow attackers to cause the browser to stop responding, thus denying service to legitimate users.

Vulnerable:  Mozilla Firefox 3.0.10 

http://www.securityfocus.com/bid/35132/discuss

Disclosure timeline

DD/MM/YYYY
14/12/2008 : Created bugzilla entry (security) with (the wrong) proof of concept file.

14/12/2008 : Attached the correct POC file (mea culpa) and a stack trace and details of memory corruption that repeatitly occured during testing the POC

24/12/2008 : dveditz@mozilla.com comments : "I can definitely confirm the denial of service aspect, and there’s a very minor memory leak (after 9 hours of CPU time memory use went from 60MB to 360MB). Haven’t been able to reproduce a crash."

27/05/2009 : The 4 month grace period [2] given is reached. Release of this advisory.

http://blog.zoller.lu/2009/04/advisory-firefox-denial-of-service.html

Massive ID fraud and cheque scam busted in NYC

A corporate identity theft ring that exploited the identities of local corporations, religious institutions, hospitals and even schools to run a cheque fraud scam has been busted in New York.

Investigators reckon the gang of 18 suspects made millions by impersonating workers from an estimated 350 New York-based organizations. Data purchased from corrupt bank insiders was used to lay the groundwork for the scam, which relied on cashing thousands of counterfeit payroll cheques. The fraudsters also plundered the bank accounts of individual victims, using data obtained from corrupt bank insiders to transfer funds to banks under the control of the gang.

http://www.theregister.co.uk/2009/05/29/corporate_id_theft_scam_charges/

Addressing binding issues with with Ivonna 2.0.0 using <dependentAssembly> in web.config

I have been having some binding problems when trying to use Ivonna 2.0.0 against a version of Typemock Isolator other than the 5.3.0 build it was built to run against. This is a know issue, if your version of Ivonna and Typemock don’t match then you have to use .Net Binding redirection to get around the problem.

So to track down the exact problem I used the Fusion logger shipped with the .NET SDK (via fuslogvw.exe). This in itself has been an interesting experience. A few points are worth noting:

  • You cannot alter the settings (as to what it logs) from fuslogvw.exe unless you are running as administrator (because these a really just registry edits in HKLMSOFTWAREMicrosoftFusion node). However you can use the viewer to view logs even if not an administrator as long as the registry entries are correct.
  • I could only get the Fusion log to work if I was running my ASP.NET application in Visual Studio 2008 running as administrator, if I was a standard user nothing was logged.
  • You have to remember to press refresh on fuslogvw.exe a lot. If you don’t you keep thinking that it is not working when it really is.

Anyway using the fusion logger I found I had two problem assemblies, not just the one I had expected. I had guessed I need to intercept the loading of the main Typemock assembly, but what the fusion logger showed me was I also needed to intercept the Typemock.Intergration assembly. Also I needed to reference the Typemock.Intergration assembly in my test project and make sure it was copied locally (something I had not needed to explicitly do when using Typemock 5.3.0 where it had found via I assume via the GAC)

Now it is important to remember that if using MSTEST and Ivonna you need to point the build directory for the Test Project to Web Application under test’s bin directory. This means that the .NET loader will check the web.config in the web application for any binding information, not just in the app.config in the test project as I had first assumed.

So all this means that I needed to add the following to my Web Application’s web.config and app.config

<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="TypeMock.Integration"
publicKeyToken="3dae460033b8d8e2"
culture="neutral" />
<bindingRedirect oldVersion="5.3.0.0"
newVersion="5.3.1.0"/>
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="TypeMock"
publicKeyToken="3dae460033b8d8e2"
culture="neutral" />
<bindingRedirect oldVersion="5.3.0.0"
newVersion="5.3.1.0"/>
</dependentAssembly>

</assemblyBinding>
</runtime>



Once this was done all my test loaded as expected

Recent Comments

Archives