Houston IT Professionals (HIP)

The Diva has a fairly comprehensive piece, published over the weekend, that goes over DNS forwarders and root hints in light of the recent DNS vulnerability. Which are better to use? Well, if were using root hints instead of forwarders lo these past years, you were more safe from the vulnerability!

But not for Windows XP. For Windows 3.11.

- Mike

Network Performance Daily has published an extensive investigation (that word again) on the law that reportedly requires Texas computer professionals to acquire a Private Investigator's license. If there's a point to be had from the three-part piece, it's that the recent hoopla is mostly hoopla. Mostly.

Both the bill's initial author and the Texas Private Security Bureau clearly wrote the bill without a full understanding of what terms like "investigation" might mean to an administrator or technician. What you or I might consider "investigative work," may or may not fall under the scope of the law. The language, indeed the answers given in interviews NPD conducted, is fuzzy.

What's worse is the Institute for Justice's lawsuit is likely to fail, according to NPD.

Network Performance is very cautious in their summary to say there's some smoke/little fire, instead opting to comment that the law is sloppy and will probably not mean much to anyone until some unsuspecting technician runs afoul.

-Mike

As always, there is some fallout from Patch Tuesday.

The biggest to-do has to do with ZoneAlarm and MS08-037. In essence, install that patch and ZoneAlarm stops working and your Internet go buh-bye.

Here's the fix.

- Mike Whalen

So, you may have heard about the DNS patch that was rolled out yesterday (Tuesday 7/8/08). This was an effort, kept fairly hush-hush, that patched up a problem in most DNS servers which would allow a website to pose as another. This is apparently a problem with the protocol itself. Microsoft and over 81 other vendors patched yesterday. You can find most of the technical details in a CERT advisory published in a Word document here.

But *you* need to make sure you apply MS08-037 on your servers. If you simply want to check your name servers, you can run a tool here. Please note that this will use whatever nameserver you have set up in your current configuration will be tested.

--

In other patch news...

MS08-038 Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)

MS08-039 Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)

MS08-040 Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)

Fuller details at the MSRC.

- Mike

Apparently, there are reports of trouble...

Disk thrashing be darned, Microsoft wants you to know that you can move from XP to Vista with CONFIDENCE! (And, yes, the capital letters are apt.) You can have CONFIDENCE that your Vista machine is going to fit nicely into your SMB environment. CONFIDENCE that workers will see an increase in their productivity. CONFIDENCE that the new graphics will mesmerize CEOs into a catatonic state from which they may NEVER recover!

Ok, I made up the last. Still, Microsoft really wants you to buy Vista. Please? Details on what YOU get should you take the CONFIDENCE-inspired plung are here...

The Schlog
Partner Blog

- Mike Whalen

More and more announcements are coming out of Houston this week. For one, MS has introduced its pricing schedule for the upcoming Microsoft Online Services. There are several tiers and, of course, pricing to go along with them. (I love the so-called "Deskless Worker Suite!" "Hey, where's my desk?" "Why, it's in the clouds!"

ReadWriteWeb is a full write-up.

If you have no fear -- and you shouldn't -- of open source products and projects, then you just might thrill to the news that TrueCrypt 6.0 is out.

TrueCrypt, for those of you who do not know, does an awful lot of things, many of which can be found in commercial packages. It can encrypt virtual disks, whole partitions, and even full drives (pre-boot). The new version includes improved multi-core performance, the ability to use a hidden operating system, and new support for Mac OS X and Linux.

- Mike

Oh HERE WE GO!

Now Laptopmag says that SSD drives actually do offer better battery life, albeit only a small amount. Is 30 minutes more on your battery (and faster access times) worth the extra costs?

I don't know who to believe now.

via Gizmodo

- Mike