If Tyranny and Oppression come to this land, it will be in the guise of fighting a foreign enemy
James Madison (American 4th US President (1809-17), and one of the founding fathers of his country. 1751-1836)

Saturday, July 21, 2007

DD-WRT and wireless...

DD-WRT is to wireless what Firefox is to IE...something better than the alternative. least that is my perspective on it. For those that don't know what DD-WRT is...well it is as follows:
DD-WRT is a third party developed firmware released under the terms of the GPL for many 802.11g wireless routers based on a Broadcom chip reference design. For a list of supported devices, please see the Supported Devices page.

Which means that it is an alternative firmware for those Wireless Routers listed in it's supported device list. By replacing the firmware on said routers you can open up the offerings that the router has initially. There are so many tweaks and alternate uses that DD-WRT gives your router it is amazing. Personally, since I have been using DD-WRT on my routers I have managed to not only improve the performance of the router, but make signal improvements across the whole wireless network I have made. Most firmware will not give you the options to tweak out the router that DD-WRT does and NO firmware that I have seen allows you to change the purpose of the router (i.e. bridge, repeater, etc...). The latter benefits of DD-WRT really lets one expand their network without sacrificing performance throughout.

I can't recommend DD-WRT all means check it out!

- DD-WRT Hompage

Thursday, July 19, 2007

Mozilla came out...

Ok we have a new Mozilla update that came out yesterday and addressed the following issues:

- MFSA 2007-25 XPCNativeWrapper pollution
- MFSA 2007-24 Unauthorized access to wyciwyg:// documents
- MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
- MFSA 2007-22 File type confusion due to %00 in name
- MFSA 2007-21 Privilege escallation using an event handler attached to an element not in the document
- MFSA 2007-20 Frame spoofing while window is loading
- MFSA 2007-19 XSS using addEventListener and setTimeout
- MFSA 2007-18 Crashes with evidence of memory corruption

Having set my Firefox browser to auto update I got this in an expedited fashion with no problems. However, over the last 24 hours I have noticed a particular issue that has popped up post update that is annoying the crap out of me. Seems if I follow an image link I cannot hit the back button to get to the page with the original link. It acts as if I opened the link in a new window with no link history. Although...if you load the page again that contained the image link and click it the image link again...all is fine and you can hit the back button as you should be able to. Not a serious issue, but one I will report nonetheless.

Leave a comment if you too are having issues with this latest update to Mozilla Firefox

- "Mozilla Firefox v2.0.0.5 Final" @ MSFN
- "Mozilla Firefox v2.0.0.5" @ Mozilla

Wednesday, July 18, 2007

PDF Creation tools...

As any of you know that have visited my blog in the past...I am all about the FREE or Open Source goodies. So, when I discovered the various methods of making PDFs without having to use Adobe Reader I was ecstatic. Now mind you this road of PDF making has been a long one and over the years I have played with the many apps that have come and gone. However, more recently I stumbled upon two that I can't speak enough about, BullZIP and LOOP.

BullZIP is a PDF creator that substitutes as a printer...meaning that you send a print job to the BullZIP PDF Printer and BOOM you have a PDF of your document. I have found this particular tool helpful at those times that I did not have a printer handy and had to have a copy of whatever it was. It is a great utility with many features that I will list below and I highly recommend people check it out:

* Print to PDF from almost any Windows program.
* Supports 64-bit operatings systems.
* Direct output to the same file each time or prompt for destination.
* Control if the printer should ask if you want to see the resulting PDF document.
* Control output and prompts programmatically.
* Setup can run unattended.
* Graphical user interface.
* Password protect PDF documents.
* 128/40 bit encryption.
* Quality settings (screen, printer, ebook, prepress).
* Set document properties.
* Watermark text, size, rotation, and transparency.
* Supreimpose/background documents.
* Appending/prepending documents.
* User interface control.
* Command line interface to all settings.
* COM/ActiveX interface for programmatic control.
* Support for Citrix MetaFrame
* Support for Windows Terminal Server

The next PDF goodness on the list is LOOP...a Firefox plug-in that will create PDFs on the fly while you are browsing. LOOP doesn't generate the PDFs locally unfortunately, but it is in fact generated on the LOOP web servers. For those with privacy concerns this might freak you out, but I don't see the process as anything too concerning and I am paranoid about everything. You also have to enable it with a login w/ an email on their site. Worth a look anyhow!

I know I only mentioned the two...but I cannot talk about PDFs and not mention Foxit and Open Office. Foxit is the bomb of PDF readers and I highly recommend everyone go and snag that up...FREE. Also, for those of you who want to create PDFs right from your doc...or office suite...hit up Open Office...does everthing MS Office does...and then some...i.e. create PDFs.

- BullZIP
- LOOP *Amit Agarwal of Digital Inspiration also has an article on this.
- Open Office
- Foxit

Learning to develop...

I know that there are some readers out there that have an interest in developing and can attest to the benefits of learning through tutorials or labs. Well for those of you looking for more labs or tutorials the fine blogger at Somasegar's WebLog has laid out quite a few links to this very thing. Albeit that all of these labs and tutorials are specifically geared towards Microsoft's various is still pretty darn cool.

Now time for the link ya go:
BizTalk Server
Commerce Server
Connected Systems
Data Access and Storage
Internet Information Services (IIS)
JPlusN (J+N)
Microsoft Expression
.NET Framework 3.0
Smart Client
Soup to Nuts
SQL Server 2005
SQL Server 2005 Upgrade
TechNet Virtual Labs
Visual Basic
Visual C#
Visual C++
Visual J#
Visual SourceSafe
Visual Studio .NET 2003
Visual Studio 2005
Visual Studio Team System
Web Services
Windows Embedded CE 6.0
Windows Mobile
Windows Vista
Windows XP Embedded

- "Hands-on Labs - A great resource for developer learning" @ Somasegar's WebLog
- "Helping developers with "How Do I" information" @ Somasegar's WebLog
- "Welcome to the MSDN Virtual Labs" @ MSDN

Tuesday, July 17, 2007

Do you program or are interested in programming with Powershell

Well here is a book by Frank Koch that he has made available for free download:

Windows Powershell

This is an introduction to programming with Powershell...pretty cool...and FREE!

Cool Vista tweak...

Here is an interesting little tweak to get a little more out of you CPU under Vista. I found it while reading the Microsoft Technet Blog:

Get more performance out of Vista. The default power plan in Vista is set to Balanced. Changing it to High Performance will increase the CPU utilization up to 50%. That’s in Control Panel, Power Options.

- "Vista CPU performance" @ John Roller Blog

Monday, July 16, 2007

HTML ART...holy crap this guy can code..

Asus EEE PC701 Laptop

This is going to be the shizzy of laptops and if you ask why...well at $199-$250 it will be something cool to have. The last projected date of sale I saw was this August and I will be the first to say that I will be getting one. Granted this isn't going to be the type of laptop you are going to Game or do any hardcore crunching will still be a great laptop to do those mundane tasks and more. Check the specs:

CPU & Chipset: Intel mobile CPU & chipset
OS: Linux/ Microsoft Windows XP compatible
Communication: 10/100 Mbps Ethernet; 56K modem
WLAN: WiFi 802.11b/g
Graphic: Intel UMA
Memory: 512MB, DDR2-400
Storage: 4/ 8/ 16GB Flash
Webcam: 300K pixel video camera
Audio: Hi-Definition Audio CODEC; Built-in stereo speaker; Built-in microphone
Battery Life: 3hrs (4 cells: 5200mAh, 2S2P)
Dimension & Weight: 22.5 x 16.5 x 2.1~3.5cm, 0.89kg

This little laptop will be portable and fun...hit up the links below to read up more on it and by all means check out the ASUS slide show for this bad boy to get an idea on just how big it is.

- "The $199 computer from Asus" @ TGDaily
- "ASUS EEE PC 701 200-250$ NOTEBOOK" @ XtReview
- "Asus Eee PC First Thoughts" @ BrightHand
- "Asus EEE PC701 - Reviewed" @ GadgetTastic
- "Asus Eee PC First Thoughts" @ Notebook Review

PC-BSD Unix for the desktop...

I vaguely remember hearing about this project some time ago, but until recently I haven't done anything with it. The project in question is PC-BSD a Unix system based on FREE-BSD and being a BSD user...I had to check it out. I had no idea what to expect when I downloaded this alternative to the many Linux distros out there, but after reading up on their looked cool.

The installation was a breeze with its graphical menus and it even installed all my hardware without a hitch...yes even my wireless NIC. The only real problem I ran into in the initial setup was connecting to my home wifi network that is secured with WPA-PSK. Connecting to any WPA network seems to be a pain the butt for the many Linux why shouldn't it be for the Unix platform. It took a little work...but soon I was online and getting updates for this bad boy. After all the automatic updates were done I decided to hit up the PC-BSD website and see what packages they had. This is were this particular distro gets cool and I would imagine make installing things a lot easier for the novice.

The packages, PBI files, are similar to the exe, msi, and etc. files you use with Windows and the people at PC-BSD have done a great job of covering everything from Chat to Web Apps and everything in between. They have even made PBI files for games for goodness sakes...which under Linux can take awhile...but here it is just a single file. Now they don't have PBI's for everything just yet...but they are continually updating their library, which more recently includes viewers for MS WORD, Powerpoint, and Excel.

If you have a spare PC, Laptop, or even a spare partition...this little distro is worth a look.

- DistroWatch

Default password list...

I have been going to this site for sometime now and it really does make for a great tool to have in any techy arsenal. It is always good to have the default password for any number or kind of hardware when you want to troubleshoot a situation or something. matter how much you try to tell someone to change the default password on any of these devices...more times than not...they don' that situation there is fun to be had for all :P

Cool web chat...

The people over at ChatMaker have made a pretty cool web chat app using Ajax and WEB 2.0 design. You merely type in your room name and it will create the room, supply you with a link, and you can then chat away. I can see that this would be a great tool for those that want to hook up a chat on the fly.

I personally went with the "test" room name to check it out and well I ended up chatting it up with strangers for some time and from the number of folks that were in there at the time...I can only assume DIGG did it's job and informed many.

- "Make Chat Rooms On The Fly - (AJAX + Web 2.0)" @ DIGG

Been awhile...

Been quite awhile since my last post, but I am here today to say that I will be posting daily once again. So hold on to your socks as ctrl will be rockin' it out.

Tuesday, April 17, 2007

How much information is too much information when reporting flaws

I don't know, but that is an interesting dilemma. Whereas software companies want to do the responsible thing and let their customers know of a flaw, without disclosing the flaw itself, and provide a workaround until a patch is available, but it seems that there are a few people out there who take the workaround information and figure out what the flaw actually is. Outside of those that intend to do good with the exploit, pen testers and such, you still have that group of people that intend to do harm with an exploit. So this leaves what may have been an unnoticed flaw, until it was reported as such, a real security hazard for those that actually use said vulnerable software. Now they HAVE to do the workaround and the patch as soon as it is available, because X software company published in essence a "how to" expose' on it's own software.

It is a vicious circle this damn responsible disclosure, but I would take the software companies letting this information being known and speeding up the process of patching versus having something in the wild that is widely used but still an unknown hole.

Where do you stand on this debate?

- "MS Giving Exploit Writers Clues To Flaws" @ slashdot
- "Microsoft’s advisories giving clues to hackers" @ ZDNet blogs

Windows Media Plugin for Firefox

In reading the TechNet blog of "The Sean Blog" I found out that Port 25 has made a plug-in for Firefox that allows you to view Windows Media fiiles. Although I might add that I have not had an issue with this...don't know why...but it just hasn't been an issue...although I do think it is cool that there is a specific plug-in for those of you that do.

- "Windows Media now works on Firefox!" @ The Sean Blog
- "Windows Media Player Firefox Plugin - Download" @ Port 25


Don't is Oracle Patch day!

Today is patch Tuesday for Oracle admins and the like. Oracle will be releasing a critical Patch update today that will fix some 37 bugs in the following products:

* Oracle Database 10g Release 2, versions,
* Oracle Database 10g Release 1, versions,
* Oracle9i Database Release 2, versions,
* Oracle Secure Enterprise Search 10g Release 1, version 10.1.8
* Oracle Application Server 10g Release 3 (10.1.3), versions,,
* Oracle Application Server 10g Release 2 (10.1.2), versions -,,
* Oracle Application Server 10g (9.0.4), version
* Oracle10g Collaboration Suite Release 1, version 10.1.2
* Oracle E-Business Suite Release 11i, versions 11.5.7 - 11.5.10 CU2
* Oracle E-Business Suite Release 12, version 12.0.0
* Oracle Enterprise Manager 9i Release 2, versions,
* Oracle Enterprise Manager 9i, version
* Oracle PeopleSoft Enterprise PeopleTools versions 8.22, 8.47, 8.48
* Oracle PeopleSoft Enterprise Human Capital Management version 8.9
* JD Edwards EnterpriseOne Tools version 8.96
* JD Edwards OneWorld Tools SP23
* Oracle9i Database Release 1, versions, FIPS
* Oracle9i Database Release 2, versions
* Oracle Database 10g Release 2, version

The following are things that are fixed in the various components of the above products:

Oracle Database
* Advanced Queuing
* Advanced Replication
* Authentication
* Change Data Capture (CDC)
* Core RDBMS
* Oracle Agent
* Oracle Instant Client
* Oracle Streams
* Oracle Text
* Oracle Workflow Cartridge
* Rules Manager, Expression Filter
* Ultra Search
* Upgrade/Downgrade

Oracle Application Server
* Oracle COREid Access
* Oracle Discoverer
* Oracle Portal
* Oracle Wireless
* Oracle Workflow Cartridge
* Oracle WebCenter Suite - Secure Enterprise Search

Oracle Collaboration Suite
* Oracle Workflow Cartridge fix
* 1 new Specific fix for OCS; no name

Oracle E-Business Suite
* 2 of these vulnerabilities may be remotely exploited without authentication; no other specifics, but "may be exploited over a network without the need for a username and password"
* Oracle Application Object Library
* Oracle Applications Manager
* Oracle Common Applications
* Oracle iProcurement
* Oracle iStore
* Oracle iSupport
* Oracle Report Manager
* Oracle Sales Online
* Oracle Trade Management
* Oracle Workflow Cartridge

Oracle Enterprise Manager
* 2 fixes; "both of which may be remotely exploitable without authentication, i.e. they may be exploited over a network without the need for a username and password."

Oracle PeopleSoft Enterprise PeopleTools
* 1 new security fix for PeopleSoft Enterprise Human Capital Management
* 1 new security fix for JD Edwards EnterpriseOne and JD Edwards OneWorld Tools
* JD Edwards HTML Server
* PeopleSoft Enterprise Human Capital Management
* PeopleTools

* All information comes from the following Oracle Security Bulletin: Oracle Critical Patch Update Pre-Release Announcement - April 2007

- Oracle Downloads @ Oracle
- Critical Patch Updates and Security Alerts @ Oracle

Friday, April 13, 2007

IT Professional Step-by-Step Guides for Vista

Just cruising the web and found myself on the MS forums...where I stumbled on these little helpful how-to's for Vista. I haven't read them all...but in scanning the Netsh commands for a wireless network...I can see where they can be handy. Check 'em out!

- "Windows Vista Step-by-Step Guides for IT Professionals" @ Microsoft

Thursday, April 12, 2007

Death of XP!

Okay...I am going to go out on a limb here and say that maybe Paul Thurrott knew something the rest of us did not when we put out his comment about there being no Service Pack 3 for XP. If you are glassy eyed wondering WTF I am going on about...well read up here, "Service Pack wonders...when? and if ever?". Now onto what Paul might have seems that Microsoft has let out of the bag that it will be discontinuing the sell of XP starting during the first quarter of 2008 and with that announcement it has left more than a few wondering if that will mean that Microsoft will also shift some dates around with it's "Service Pack Roadmap" and cut that road short, while putting Vista in the express lane. up on some of these links and share your thoughts...kinda sucks if you ask me...the least Microsoft can do is have a viable alternative rather than something that is less than viable from the standpoint of software and driver compatibility. Something that most importantly will not force one to update the majority of their software library or find alternatives that work with the Vista OS.

- "Windows XP to be Phased Out by Year's End Despite Strong Demand" @ OS News
- "Windows XP to be phased out by year's end despite customer demand" @ APC
- "Microsoft to Discontinue OEM sales of XP by the End of 2007" @ Daily Tech
- "Time is Running Out for Windows XP" @ Yahoo News
- "Time is Running Out for Windows XP" @ PC World
- "Windows XP execution date set" @ The Inquirer
- "Service Pack wonders...when? and if ever?" @ CTRL Zone Blog

Symantec issues a patch for it's Enterprise Security many will do it?

Now...this is more of a wager post or is that a prediction of failure post...hrm? I am sure most remember the Time Warner screw-up!? If not, you can read up on one of my previous posts on the subject, "Geez talk about a slackin ass IT department...", in which it goes on to tell the tale of an IT department that didn't apply a patch from Symantec that was almost a year old and fell victim to a worm that exploited the very vulnerability that "should have" been patched. My guess is that some IT department in the future will not heed the warning today and let this patch fly on by and do a lot of finger pointing when it is eventually exploited on their network. So, don't be a bonehead and patch it now!

Well, now Symantec has found a vulnerability in it's ESM (Enterprise Security Manager) product that is susceptible to remote code execution. I am proud to say that Symantec found this in it's own testing and disclosed as such, which means a lot in this time when most would just sweep under the rug any vulnerabilities that may have been found under their own testing. Well done Symantec!

You can view the affected versions of ESM and get the patch on the Symantec link below, as well as read more on the vulnerability and related articles.

- "Symantec Enterprise Security Manager™ Signature Fix" @ Symantec
- "Symantec has closed critical hole in its Enterprise Security Manager" @ Heise Security
- "Symantec Patches 'High-Risk' Bug" @ Information Week
- "Geez talk about a slackin ass IT department..." @ CTRL Zone Blog

Peeps are jumping on the bandwagon and rightfully so!

Some may remember the article I wrote about the USBCell rechargeable battery, "Pretty cool battery...". Well, it turns out that Energizer is hopping on the USB rechargeable battery tech with it's own "Dock & Go" and "DUO Charger". I must admit that I actually like the fact that the market for this kind of product or technology is expanding to include the larger battery manufacturers, although USBCell is still the innovator IMO(In My Opinion).

I will include the links for this article after the Energizer pic posts of their two new products:

DUO Charger

DUO Charger

DUO Charger

Dock & Go

Dock & Go

Dock & Go

- "Pretty cool battery..." @ CTRL Zone Blog

AC troubles...DAMN and I really like their products!

For those of you that don't know...I am a huge Arctic Cooling! Anyhow...I have used AC CPU cooling exclusively for years, when I didn't think the CPU manufacture fan that comes in the retail box wasn't up to snuff. I even use their case it just seems they put out a quality product. Now...onto the seems that there is a power struggle over at AC between the founders of this company. Turns out the CEO, Magnus Huber, got a controlling interest of the company recently and decided to clean house, which includes '86ing co-founder, Gebhard Scherrer.

I hope this has no effect on the quality of products I have come to expect from AC, if it survives this struggle at all. Anyhow...WORK IT OUT GUYS...think of the children...err...the customers.

- "Company Information" @ Arctic Cooling
- "Police visit Arctic Cooling offices in Hong Kong" @ The Inquirer

Vista and backup data!

I am sure at this point with Digg and a few other sources catching onto the article "The Vista Backups That You Can't Have" over at PC Pitstop that most have heard about this backup issue that exists in Vista. If we go, if you own one of the Vista business versions (Ultimate, Business, or Enterprise) you have a utility known as "Shadow Copy" (a newer repackaged version of the "Volume Shadow Copy" technology used in XP to include user files), which allows you to restore a single file that you may have overwritten, accidentally deleted, or any other form of data loss/corruption. Sounds cool...the problem that some people are having is that...the key part of "Shadow Copy" is a tool known as "Previous Versions", which is included in all versions of Microsoft Vista, is backing up these changed files and you the user of those "Home" versions of Vista cannot restore or access this data without upgrading to Vista Ultimate for that "Shadow Copy" tool.

The biggest gripe is that if "Shadow Copy" isn't a part of the "HOME" versions, why then is "Previous Versions" still backing up this data? If half of the application is available then make the whole application available! If Microsoft insists on backing up this data regardless of the lack of access the user has to it, then we have an issue of a company holding YOUR data hostage and in my opinion...Microsoft has no right to duplicate MY data or to keep it in a form that I cannot access it. I am sure most will disagree on my proposed fix, but hey...I can take criticism. Microsoft needs to either add "Shadow Copy" to the "HOME" versions or it needs to stop these individual file backups, while retaining the Vista Restore functionality. From what I understand...Vista Restore and "Previous Versions" both utilize the "Shadow Copy" technology.

- "Shadow Copy" @ Microsoft
- "Recycle Bin not enough, Microsoft adds "Previous Versions" support on the file system level" @ ARS Technica (Old article...still applies)
- "Selected Scenarios for Maintaining Data Integrity with Windows Vista" @ Microsoft
- "Vista "Previous Versions" Feature" @ Realtime-Vista
- "Windows Vista "Time Warp": Understanding Vista's Backup and Restore Technologies" @ Channel9
- "Windows Vista File “Versioning” Feature a Security Threat" @ forever geek
- "Want Those Backed Up Files? You've Gotta Upgrade Vista" @ Gizmodo
- "All Your File Are Belong To Vista" @ Information Week
- "The Vista Backups That You Can't Have" @ PC Pitstop

Wednesday, April 11, 2007

This is the biggest WTF ever!!

OK...first let me say that I am about to quote an article, Firm's Personal Info Loss Just The Latest In A Proud Line Of Data Leaks @ Techdirt, and the odd part of that will be a big quote. After the "BIG" quote...I will give my take. Now onto the "BIG" quote:
Another day, another data leak: a CD containing the personal information of 2.9 million Georgia residents has been lost by a contractor, potentially exposing them to identity theft. Even such a big leak is hardly notable these days, except for one factor -- the disk was lost by Affiliated Computer Services, a company that's been responsible for several other data leaks. An ACS computer got stolen in Denver last November, and on it was personal information of between 500,000 and 1.4 million people in Colorado. A few months earlier, a glitch on a student-loan web site run by ACS exposed the information of 21,000 students, while earlier in the year, credit-card data from seven years' worth of customers was stolen from a system run by ACS at the Denver airport. Rounding out the list -- or at least the list of ACS-related incidents that made it into the media -- is the theft of two of the company's laptops with data on tens of thousands of Motorola employees in May 2005. This company clearly has a problem with protecting personal information, but it doesn't appear that there are ever any repercussions to these losses. It just accepts whatever minimal fines, if any, it has to pay, and paying for some credit monitoring, as a cost of doing business. The fact that these problems keep happening to ACS reflect how seriously many companies take the threat of identity theft -- which is to say, not seriously at all. But perhaps more distressing is that with the company's track record, government officials don't seem to have any problem passing ACS personal information with little to no oversight.

Now if you didn't utter the words or even think the words..."WHAT THE F(*K!" after reading are far more forgiving than me. How in the hell does this company stay in business with a track record like that. If my figures are correct in what we know, with the exclusion being that unnamed number in the 7 years of credit info and the tens of thousands number of the Motorola fiasco, they have subjected at least 4.3 million people's info to fraudulent activity or the potential of. I ask in the hell do they stay in business? I can assume that their customers care less about the security of their clients than ACS does about the data they were supposed to protect. You can't tell me that there isn't another company that can provide security for this information, as ACS has apparently failed miserably at doing so. I can't see how any other company could do worse with people's private information. For all those people that use this company for security...FIND SOMEONE ELSE, IT ISN'T WORKING AT ACS! Here I thought that you had to be competent to do something like security...apparently not...with that I might have a new career!

Tuesday, April 10, 2007

The AVG Free Anti-Rootkit...

AVG has become a more popular brand it seems in the past months. I am aware that they have been around a while and have been offering free versions of their anti-virus and anti-spyware for a while as well. More recently they have seen a growth of people using this software as people migrated to Vista...who can beat free and Vista compliant all in one fail swoop. Well, now it seems they have added yet another free tool to their the form of an anti-rootkit. Unfortunately as of my last check on the AVG Anti-Rootkit page...the system requirements do not list this tool as Vista compliant. So, for now...only Windows 2000 and XP(32-bit)users will be able to take advantage of this new application/tool.

Rootkits are defined as the following via Wikipedia:
A rootkit is a set of software tools intended to conceal running processes, files or system data from the operating system. Rootkits have their origin in relatively benign applications, but in recent years have been used increasingly by malware to help intruders maintain access to systems while avoiding detection. Rootkits exist for a variety of operating systems, such as Linux, Solaris and versions of Microsoft Windows. Rootkits often modify parts of the operating system or install themselves as drivers or kernel modules.

- AVG Anti-Rootkit @ AVG

Tuesday = Patch Day

Well another patch Tuesday is upon without further is the download list with what I hope will be a brief explanation of each:

April 2007 Security Releases ISO Image: Download
- ISO image that contains all the Windows updates that were released today. There are no other patches for any other Microsoft products are included in this ISO.
- ISO contains the following patches:
Security Bulletins:MS07-017MS07-019 MS07-020 MS07-021 MS07-022 Knowledge Base (KB) Articles:KB925902 KB931261 KB932168 KB930178 KB931784

Microsoft® Windows® Malicious Software Removal Tool (KB890830): Download
- Just a general update that is inline with this quote from Microsoft:
Microsoft will release an updated version of this tool on the second Tuesday of each month.

Update for Windows Mail Junk E-mail Filter [April 2007] (KB905866): Download (Requires Validation)
- This one is for Vista only!
- It is a definition update for the Junk E-mail filter.

Update for Windows XP (KB932168): Download
- This patch is for Windows XP Service Pack 2!
- This is a patch for the following vulnerability as described by Microsoft(more info HERE)
A remote code execution vulnerability exists in Microsoft Agent in the way that it handles certain specially crafted URLs.
Security Bulletins:MS07-020
Knowledge Base (KB) Articles:KB932168

There were also a few patches for the various language packs and a few other releases from yesterday. All of the released patches can be found HERE!

- Microsoft Security Bulletin Summary for April 2007 @ Microsoft
- Patch Tuesday: April 10, 2007 @ eEye

Monday, April 9, 2007

Service Pack wonders...when? and if ever?

It is amazing how the release of information can be related at times. In this case we first read about how Microsoft will not release a single large Service Pack for Vista, instead opting for smaller releases via the Windows Update Service. This whole issue was covered in a previous post here, Waiting to upgrade to Vista until the first Service Pack? Don't your breath!. Well now Paul Thurrott of WinSuperSite and News Editor for Windows IT Pro has made a claim in his Wininfo Short Update: Week of April 9 that states the following:
And What About Windows XP Service Pack 3?
...let's dredge up Windows XP Service Pack 3, which was delayed from 2005 to 2006 to 2007 and now to 2008. If you were looking for any glimpse into the mind of Microsoft, this is it: The company has completely abandoned Windows XP, and it has absolutely no plans to ever ship an XP SP3. My guess is that Microsoft will do what it did with the final Windows 2000 Service Pack: Claim years later that it's no longer needed and just ship a final security patch roll-up. This is the worst kiss-off to any Microsoft product I've ever seen, and you'd think the company would show a little more respect to its best-selling OS of all time.

There is I suggest you go read it...and while we are on the subject and having mentioned is Paul's take on Vista SP1:
The Truth About Vista SP1
I'm tired of Microsoft's insane posturing about Windows Vista SP1. I've written about this before, but it bears repeating. Every single time Vista SP1 comes up, some representative from Microsoft--all the way up to CEO Steve Ballmer, by the way, who has done this twice in public--acts as if the company has no idea when it will ship SP1 or what features it will include. That is not true. Microsoft will ship Windows Vista SP1 concurrently with Longhorn Server in Q3 2007 and SP1 will include a major kernel update for Vista that will bring the client OS up to speed with the version of the Windows kernel in Longhorn Server.

Again there is a lot more to this as go read up on his posts. Now both of his takes on each service pack kind of surprised me as I always assumed that Mr. Thurrott was a fanboy of Microsoft...the type that could see no wrong in anything that Microsoft does, but alas this is not the case and I thank him for saying what he has. Sometimes it takes someone with some standing in such cases as this to say something and get the majority of readers worked up to demand more from a company such as Microsoft.

As far as I am concerned, as a new fanboy of Paul Thurrott, is that he hit the nail on the head in regards to Microsoft's support strategy, the heal dragging on SP releases, and outright lying about the status of things they clearly know everything about, but deny any knowledge of these items. Why no say...yes we are releasing an actual SP1 for Vista that will have X,Y, and Z in it...and to expect this at some future date! Hell...with all those people that are waiting for this almighty service pack to Vista...why wouldn't they want to do it? I always assumed sells figures were what MS was all about? and with SP1 equaling money it is baffling this stale mate they want to promote. I might be the naive one now that I think of it...maybe they are trying to build a buzz around it...with the hopes of praise to follow just as soon as it is released. I feel kind of used all of a sudden...but we will see how this turns out on the Vista front.

Onto the XP comment by Paul...and one that I could not agree with more. Why...OH WHY...would you keep postponing the release of a much awaited service pack as the one for XP? Being the most popular, the most used around the world, and that which has so many more options in regards to working software and drivers than that of Vista...there is no sense in the heel dragging, postpones, and possible killing off of...this OS. I surely don't hope that Microsoft is wagering on muscling people into Vista...granted you would have a mass migration, but I am sure those in the migration will opt for pirated versions vs forking out the dough for a legit copy. I can also state assuredly that the backlash might be more than Microsoft would expect. Then again...this might also be another ploy of Microsoft to build up a buzz...I do hope this is the I intend to keep XP on a few machines for a while to come.

I took the benefit to post the Service Pack Road Map from Microsoft's site and the Microsoft Support Lifecycle for the various OS'.
Service Pack Road Map

Operating SystemPreceding Service PackCurrent Service Pack and Date of AvailabilityNext Update and Estimated Date of Availability
Windows NT Workstation & Windows NT Server 4.xx SP5SP6a and SP6a SRP1 November 30, 1999Windows NT 4.XX is now out of support and Microsoft is no longer producing public monthly security updates or service packs.2
Windows 2000 Professional & Windows 2000 Server, Advanced Server and Datacenter Server 3SP3SP4 June 26th 2003 Update Rollup #1 for SP4June 28, 2005No further updates planned. Customers must be running SP4 to continue to receive monthly security updates. Microsoft recommends updating SP4 machines to Update Rollup #1 (KB891861).
Windows XP Home EditionSP1SP2 August 6, 2004SP3 for Windows XP Home Edition is currently planned for 1H CY2008. This date is preliminary.
Windows XP ProfessionalSP1SP2 August 6, 2004SP3 for Windows XP Professional is currently planned for 1H CY2008. This date is preliminary.
Windows Server 2003SP1SP2 March 13, 2007To Be Determined

Microsoft Support Lifecycle

Products ReleasedGeneral Availability DateMainstream Support RetiredExtended Support Retired
Windows Embedded for Point of Service24/05/200513/07/201014/07/2015
Windows XP Embedded30/01/2002Review Note(1)Review Note(1)
Windows XP Home Edition31/12/200114/04/200908/04/2014
Windows XP Media Center Edition 200228/10/200214/04/200908/04/2014
Windows XP Media Center Edition 200427/10/200314/04/200908/04/2014
Windows XP Media Center Edition 200530/12/200414/04/200908/04/2014
Windows XP Professional31/12/200114/04/200908/04/2014
Windows XP Professional x64 Edition25/04/200514/04/200908/04/2014
Windows XP Service Pack 111/07/2002Not Applicable(3)Not Applicable(3)
Windows XP Service Pack 217/09/2004Review Note(2)Review Note(2)
Windows XP Tablet PC Edition11/02/200314/04/200908/04/2014
Windows XP Tablet PC Edition 200525/08/200414/04/200908/04/2014

**(1):Mainstream support will end two years after the next version of this product is released. Extended support will end five years after mainstream support ends.
**(2):Support ends either 12 months after the next service pack releases or at the end of the product's support lifecycle, whichever comes first. Visit the Lifecycle page to find the support timelines for your particular product.
**(3)Service Pack 1 for Windows XP was retired 10/10/2006

- "Lifecycle Supported Service Packs" @ Microsoft
- "Microsoft Support Lifecycle" @ Microsoft
- "Windows Service Pack Road Map" @ Microsoft
- "Paul Thurrott: Windows XP Service Pack 3 Not Coming" @ Neowin (comments)
- "WinInfo Short Takes: Week of April 9" @ WindowsITPro (article and comments)
- "No Windows XP Service Pack 3!" @ Keznews Forum
- "With slip, concerns that XP SP 3 will be cut" @ Network World* Great article inline with what Paul Thurrott said by Robert McMilan and was amazingly written October 26, 2006...great read!
- "Windows XP SP3 To Be Canceled" @ Softpedia (another SP3 article from last year)
- "XP SP3 canceled? Who cares!" @ IStartedSomething This dude has never had to patch several hundred machines; and doesn't understand that most corporations wait for Service Packs for the most part...aside from the major security patches.

Sunday, April 8, 2007

Asus C90...upgradeable laptop...ABOUT TIME!!!

Well folks...FINALLY...a laptop manufacturer has jumped onto the bandwagon of making it easier for people to upgrade their laptop components themselves vs getting a new one. It seems that for years I have wondered why laptop manufacturers haven't made it so "joe user" could upgrade components in laptops, as the alternative solution of buying a new laptop is just not really an option for the majority of folks that are cash strapped or just can't afford to buy a new laptop as technology changes. However, these people might be able to afford an upgrade on the component level...a processor, video card, etc...and thus still have a somewhat current machine. Way to go Asus...I wish you much success with the C90.

Now onto some of the specs on this bad boy (specs as per the article at Notebook Review "Asus C90 Customizable Notebook Hands on at Asus Headquarters (pics)"):
* Supports Intel Conroe desktop processor platform, 1.86GHz - 2.66 GHz (E6700)
* 15.4" screen
* 2.0 Megapixel camera built-in
* Bluetooth
* TV-Tuner integrated
* 8-in-1 media card reader
* 802.11n
* Graphics: NVidia (???? -- we can't tell)
* Finger Print reader
* HD-DVD and Blu-Ray drive capable
* 3 USB ports
* Piano gloss finish with inlaid pattern

Notice the first spec..."Desktop Processor Platform"...which translated means this little lady must get pretty damn hot. However, if you check out the pics in the Notebook Review article you will see that this laptop has a ton of freakin' ventholes and an obscene looking exhaust port. I am sure this dude will stay cool with everything listed before and the heatpipe cooling it appears to be using for the video, cpu, and chipset. The only drawback apparently is the battery...seems this joker will give you only 14 minutes up time under max load when it isn't suckling power from the socket. I would love to get a hands on of these things...but for now I will be content with the pictures. Check the jumps for more info!

- "Asus C90 Customizable Notebook Hands on at Asus Headquarters (pics)" @ Notebook Review
- "Hands on: Asus' Core 2 Duo-powered C90S notebook" @ Maximum PC
- "Asus C90 Will Be First User Upgradeable Lappie" @ Gizmodo

Tuesday, April 3, 2007

eEye patches Vista animated cursor flaw, much to Microsoft's dislike.

Some of you may have heard about the animated cursor flaw in Vista...which in the wrong hands can leave your machine in a crashing-restart loop. If not, here ya go...more info on the "Animated Cursor Flaw" brought to you by Betanews and the official release by Microsoft on the matter here "Microsoft Security Advisory (935423)/
Vulnerability in Windows Animated Cursor Handling
". Now that we are up to date on the is more info on the eEye fix for the ANI vulnerability and for the is the link to the patch(scroll to the bottom part of the page for the download)! Alternately...eEye has also added the patch or fix for this vulnerability in their Blink Security Software. These patches by eEye have left Microsoft in a precarious position...which ultimately is...saying they don't recommend using these 3rd party patches.

Now that we have all that googly doo out of the way...this whole issue has brought up an interesting possibility in the whole "Responsible Disclosure" debate and overall issue between security firms and software companies. Now the main problem between the two is how long do you wait until you publicly disclose a vulnerability after it has been discovered and reported to the devoloper or company. Also, there is the issue of how do you reimburse these flaw finders in an attempt to keep flaws from being traded or sold on the undernet, however that is a whole other issue. Now...on to my point...what is really keeping these security firms, other developers, or Joe Good from making their own patches for these flaws? Thus circumventing any wait, which can be exceedingly long, and closing the door on such flaws. The length of time between when a flaw is disclosed and when it is ultimately fixed is the big issue...when it can take some patches months, if not years to come to fruition. IMO...good for eEye for doing it has apparently gotten Microsoft off their ass to get this done ASAP. Funny how one companies good deed has spurred another company to actually do the right thing and fix something quickly.

- "3rd Party Patches Critical Windows Flaw" @ Betanews
- "Microsoft to Fix Critical Vista Flaw Early" @ Betanews
- "Microsoft knew of Windows .ANI flaw since December 2006" @ ZDNET BLOGS

Now the U.S. wants the keys to the Internet...WTF?

I stumbled across this article on Digg...yes I Digg...and well it was very concerning to me that the U.S. wants the keys to the Internet or put precisely as per the article entitled "Department of Homeland and Security wants master key for DNS" @ Heise Online:

"(The DHS; The Department of Homeland Security)wants to have the key to sign the DNS root zone solidly in the hands of the US government. This ultimate master key would then allow authorities to track DNS Security Extensions (DNSSec) all the way back to the servers that represent the name system's root zone on the Internet. The "key-signing key" signs the zone key, which is held by VeriSign."

This just sucks...especially when you think of the track record of the U.S.'s snooping on phones, mail, and god knows what think that they also want to have control and the ability to snoop what people are doing...well that just doesn't sit well with me. I mean if the purpose was to get the bad people in world, which equates to just about anyone by DHS standards, I would be cool. However, on the other hand...I just want to government to keep it's nose out of my business and anyone elses', which is ironic as the Internet's whole purpose was a government minded one.

In any event I do hope this gets out and through public outrage this doesn't come to fruition.

- "Department of Homeland and Security wants master key for DNS" @ Heise Online
- "Homeland Security wants master Key for the Internet" @ Digg FOR COMMENTS
- "Homeland Security wants master key for the Internet" @ Infowars

Monday, April 2, 2007

Waiting to upgrade to Vista until the first Service Pack? Don't your breath!

I came across an interesting article at Information Week entitled "Microsoft Nixes 'Big Bang' Service Pack For Windows Vista". Now don't get the title wrong...there will be a service pack...albeit a lite one...with an undetermined date, but since Vista will rely heavily on using the Windows Update service to get it's fixes in increments through time. Vista will not rely on a huge service pack to fix a huge number of problems all at once. This does make sense as seen from someone in the tech support field, as when XP had both SP1 and SP2 released there were quite a few issues when applied to a lot of machines at once...leaving the support team scrambling from pc to pc fixing any variety of issues, whereas with the trickle patching you can opt out for specific fixes that may cause issues. Windows Update is not a new service by any means...but apparently Vista will be relying on it more heavily to reduce the size of the "lite" service packs in it's future.

So, if you are one of the hold outs for the first Service just might wait a year or so and surrender the dreams of an SP1 upgrade track for that of "I am upgrading on January 30th, 2008!

As a side note...I have hammered Vista, but overall it is a nice OS...albeit I still hate UAC and some of the other security crap that is easily replaced with an open source equivalent or superior. DO IT!

- "Windows Vista Service Pack 1 Canceled?" @ Softpedia
- "There may be no point in waiting for Vista's Service Pack 1" @ Houston Chronicle
- "Forget big service packs, Vista "high quality right out of the gate," says exec" @ ARS Technica

Cool HDR picture!

This has got to be the coolest HDR pic I have seen! Check this link out for another variation on a black background!
Image hosted at Flickr and taken by Stuck in Customs
Here is another wicked HDR photo by the same photographer! Also...another version on black background here!

Image hosted at Flickr and taken by Stuck in Customs

Guess what? Another themed laptop!

Well it appears there is yet another comer to the car themed is HP and it's Maybach. I am guessing this is another PC manufacturer trying to capitalize on a market of car enthusiasts, but how many real enthusiasts are there for a freakin' Maybach. The car isn't sporty...more designed for luxury than anything...but when you are looking at the Maybach price tag...why not go ahead and get a Rolls or something. I guess the same can go for this beast...if you can pay for this with it's $4,000 price tag...then why not go with something proven...get an Alienware or a Falcon? In any event...this was stumbled upon over at Gizmodo in the article "HP Maybach Laptop Follows in the Skidmarks of Ferrari and Lamborghini".

Monday, March 26, 2007

Your suing for what?

Okay...imagine if you will...a time...when you go and make a purchase and well...the main competitor of the brand of item you bought...SUES YOU...for the reason that "you didn't make the RIGHT choice"?! Well, if you are like did the your inner voice as well...maybe out loud if you were shocked enough.

I came across this article at entitled "Voting device pact at issue/Firm sues over snub by state". I wasn't quite so shocked when I read that Diebold was doing I am suspicious of any manufacturer of voting machines that isn't totally transparent in the quality of said product or code. Hehe...had to get that out! In any event...Diebold is suing Massachusetts for its choice of devices that will aid in the handicapped voting...appears they chose the competitor as the best fit and it doesn't sit well with Diebold. Yeah...WTF! Although it has already been deemed as a frivolous still makes ya wonder.

It makes you wonder if this might be the wave of future lawsuits from large corporations against competing smaller companies...with the premise being you product doesn't compare...cease and desist. Could it be a future tool of business to sue a companies choice of product or contract...because it is "not as good" as the other. It does seem like a scary path...that I do hope we will never see. Great article though...jump it!

Monday, March 19, 2007

Fun in IT of old...compared to what it has become today

I really enjoyed this article and just had to share it. At eWeek they are running the article "How to Stop the Dilbertization of IT" and in this article it gives a little insight in how the IT field has changed and what we need to do in order to bring back some of the fun in IT.

I personally remember the days of BBS' and how you actually had to work in order to get on to some of these boards. I still have my notebook that is full of numbers to various boards around the world and how you had to have some phone phreaking skills to get around long distance charges. The days when working in a support team was actually something to look forward was fun and that has been lost in so many ways in todays field.

Damn Scammers take Blogger now...

We all know them...those jackass' that hijack damn near everything by creating an account and blasting visitors with junk advertisement or in this case malware. This tactic of advertising or using social networks for more malicious purposes has made Myspace into something of a shooting gallery for these low lifes. seems they have now moved into the realm of Google's Blogger network. PCWorld covered this topic in a recent article entitled "Google's Blog Software Hijacked by Scammers", which tells tale of this latest Blogger tactic.

"MySpace-hosted malware exploits QuickTime flaw" @ The Register
"Hackers Promise Month of MySpace Bugs" @ PCWorld

UAC gets slammed...

Yeah that is right...UAC gets slammed at the CeBIT show in Hanover by Kaspersky's Cheif Executive, Natalya Kaspersky, much to Microsoft's chagrin. You can read more about this at ZDNET Australia in the article "Microsoft partner: Vista less secure than XP"

In any event I have been bitchin', for the lack of a better word, about UAC and Vista for sometime. How effective can UAC be if you have to tweak it out of existence or worse disable it all together. As pointed out in the article it seems that by disabling UAC you are leaving your self less secure than you would be on XP, which is kinda scary.

On top of the UAC issue is the whole Patchguard issue that security companies have been gong on about for as long as Vista has been in the news. The primary complaint being that PatchGuard restricts security software from doing those things they need to in order to protect a system.

More link on PatchGaurd and UAC below:

"Thoughts on PatchGuard (otherwise known as Kernel Patch Protection)" @ Nynaeve
"Microsoft Modifies PatchGuard Technology" @ PCWORLD India
"Symantec offers mixed grades for Vista security" @ InfoWorld
"An Introduction to Kernel Patch Protection" @ Windows Vista Security Blog
"Vista's UAC Issues Extend to Security Policies" @ Softpedia
"Real UAC Nightmare! / Huge UAC Problems!" @ Microsoft Forums (Real UAC Issue; Disablig UAC was an option)
"Symantec: Vista UAC Is Still Too Chatty" @ eWeek
"UAC Security Hole in Vista" @ Schneier (great read...follow the links in the short article)

Thursday, March 15, 2007

Vista Ultimate is Bull$h%^!!!!

More Vista Bull$h%^!!!!
I don't know why Microsoft would sell so many damn versions of Windows and save all the cool goodness for those that have the ability to fork over the exuberant cost of Vista Ultimate. I was checking Microsofts Download Center and came across a little application called DreamScene and after doing some research on this bad boy, especially via YouTube, I think I NEED to have this. However, I I am a lowly Vista Home Premium user and as not deserve to get my grubby little hands on this. I also can't believe I missed talk of this prior to today...I read A LOT of stuff on tech everyday...yet missed this cool app.

I do hope that Microsoft will change it's plans on what versions of Vista they will release this too...uhh...including Home Premium. Grrrrr!

Okay...after doing a lot of reading and so on about Vista Ultimate, DreamScene, and some other things. I felt I needed to retract my article from yesterday. I did manage to find a alternative DreamScene solution for Vista Home Premium that even works with XP. I figured that I had managed to shoot down "The Man" and find an alternative...but ya know...after using it for even a little bit...I was actually annoyed by the animated desktop. So, I cannot imagine that DreamScene is actually worth it...or the hype it has is a toy or eye candy as most of those "extras" are for Ultimate. I guess where I am going with this is...I feel that in my neurotic way...I made the right choice in selecting Home Premium over Ultimate from a financial standpoint and that of optimal use for me.

In the future I will do a little more research before I go off on a rant. I will link at the bottom the page that has the alternative live desktop GUI/application for those of you who want a little bling on the desktop.

Official Page at WinCustomize
YouTube DreamScene Videos
Animated Desktop @ WinMatrix (Alternate animated desktop)

03-13-2007 Microsoft Patches released

Even though there were no "OFFICIAL" releases of anything...there were a freakin' ton of goodness to be downloaded from the Microsoft Download Center on March 13th. Microsoft also released Service Pack 2 for Windows XP Professional 64-bit. Links are below with a brief description.

XP Professional Service Pack 2 64-Bit Dowload
EXE Package
ISO Package

Vista Update:
There is actually a great number of software compatibility issues fixed for quite a few programs as laid out in their Knowledge Base article KB932246 for both 32-bit and 64-bit versions.
Vista Update (32-BIT)
Vista Update (64-BIT)

Outlook Junk Email Update for 2003 and 2007 versions:
Outlook 2007 Junk Email Update
Outlook 2003 Junk Email Update

Windows Malicious Software Tool Update:
Malicious Software Tool Update

Windows Defender Update for Windows XP Professional (32-BIT/64-BIT):
Windows Defender 32-BIT
Windows Defender 64-BIT

The saga continues...

As with my previous post, It is like a soap opera with all these damn Vista hacks!, there is yet another "SUPER" crack for Vista...or at least that is what Keznews is reporting in their article "Windows Vista All Versions x86 OneClick Activator by CLoNY". They are saying that the cracking group, CLoNY, has made a oneclick activator that like the Paradox crack it takes advantage of a "Royalty OEMs" hole in Vista. This hole is used to circumvent the product activation of Vista by emulating hardware-embedded BIOS ACPI_SLIC license information. However, unlike the Paradox does not use the vstaldr Grup multiboot boot loader and instead is a software that runs within Vista.

Good read!

Saturday, March 10, 2007

The cost of upgrading to Vista... I sit...the one who stated that he would not upgrade to Vista until after the first service pack...well...I am now here to tell you that I have gone the Vista route, as cautiously as possible, and boy do I have a story for you. Let me start out by saying to Microsoft:


I was fortunate enough to get two copies of the OEM version of VISTA HOME PREMIUM, yes they are legit and yes I got irritated peeling off one of the security stickers off one end of the little white cardboard sleeves. After slipping the clear plastic DVD case out of the sleeve I was pretty excited to see what this little gem had to offer...after all the Vista hype and so on. Little did I know this cursed little platter would have served a better purpose fertilizing mushrooms...but I digress. Anyhow, being one to not go and ruin a perfectly fine machine, XP PRO(tweaked the way I like it), I opted to use my newest test box for this "upgrade" (a term I will use loosely throughout this post). The hardware was as follows:

ABIT KN8 SLI Motherboard
AMD FX-60 Processor
2GB OCZ Performance PC3200 (DDR400) RAM
120GB Western Digital 1.5gb/s SATA Hard Drive
Plextor DVD RW Drive
EVGA NVIDIA 7900GS 256MB Video Card

Nothing on the hardware side is overclocked...all of it is working as it should...and I must say it isn't a slackin' machine by any means for Vista. I did however debate on whether I wanted to "upgrade" from XP or do a clean install. Well, I opted for a clean install, via the install once with no code and again with a code, however this seems like a waste of did work, albeit I had a "WINDOWS.OLD" folder that ate up 10GB worth of space. This kind of left me wondering whether or not Vista would have just installed straight up after entering the product key. I will have to investigate that further at a later I am sure to '86 this install in the near future.

The install left me no real options...I booted from the had an option to upgrade or do a custom install. The upgrade option was grayed out and unavailable, so I had to opt for the custom install, which just consisted of picking the disk and performing any advanced functions on the drive selected (format\partition\etc...). Other than was pretty straight forward and beyond putting in my locale info (time zone, keyboard type, language) along with an ID and password information...I was pretty much done with actually installing Vista and now it was time to FIX VISTA to work with my hardware.

The first major issue that has yet to really be rectified is the fact that my video card is having issues. It all started with Vista substituting the Microsoft version of the Nvidia driver...that was beautiful...text was alternating between light and dark (regular and bold font size) no matter what resolution or refresh rate I used. I updated the driver to the EVGA\Nvidia v.100.65 driver, which cleaned up the drastic difference in the font and left me with a red halo around bold fonts. Then I found a newer EVGA\Nvidia driver v.101.41, all of which are beta drivers, which I installed and much to my disappointment...still a damn red halo around bold text. At this point I figured I might be just too anal in my expectations, so I figured I would look past the font issue and just toss a game on to see if it effected that in the same way as the font. After installing BF2...well...with the colors going crazy and the screen flickering...I figured that yes...there is still alot to be desired in the area of EVGA\Nvidia drivers working under Vista. I concluded that this problem would have to wait until there was a suitable driver for my card in Vista.

The second issue was the integrated sound card on my motherboard, RealTEK AC'97 Audio. Yeah...I know a few of you are laughing your asses off with are probably the jackasses who can tell a difference of a bird chirp on my gear and the $200 card you have :P Anyhow...after getting Vista up it found this audio card as a RealTEK, but with an unsuitable driver? What the hell is that? I go in search for a would think that ABIT would have Vista drivers for it's products on their website...then you would be wrong. I think the last time they updated the downloads on their site was 2005, so I had to go in search on RealTEK's site...and EURIKA...they had a Vista driver that worked flawlessly. Although Vista's UAC service made it clear that I would not be able to use the HD Audio function of Vista with this card. Thanks Vista for letting me know that!? PFT!!

Third issue is kind of related to the first...the Nforce network adapter wasn't recognized by Vista. Heading over to the Nvidia site, as ABIT is severly lacking in updated drivers, I found the Nforce4 driver I needed and business.

Fourth issue...revolves around my wireless Edimax Wireless Turbo Card...great card with a tethered antennae that works like the BOMB! Now like ABIT Edimax doesn't have a driver for the card on their site, but they are nice enough to point you to a link of the chipset manufacturer for the driver...and wasn't for Vista and didn't work in Vista. So, I remembered that previously this card used the RaLink utility to connect in XP...soooooo...I headed over to the RaLink site to find the latest Vista ready app. There it was...and as it turns out this utility has an equivalent driver that works great.

Finally on the hardware AG Neovo 19" had a generic driver and that just bothered me...along with the whole font issue with the display driver. I opted to change the monitor driver only after the previous graphic card drivers failed to resolve any of the problems I was having, so I figured it might be that. AG Neovo had a driver for this monitor, but again it wasn't for Vista and I could not find ANY other means to get one. However, the XP driver seemed to work it was recognized without issue.

The hardware issues weren't so bad really...something you would expect with any upgrade, but it is the lack of driver support that really irks me. This is not a new issue either, but in the graphics area in would expect one of the top graphic card manufacturers to have a damn updated driver for their product ready for the release of THE major OS of the world. This problem is totally in the hands of Nvidia and in my opinion is one hell of a fumble. Fumble or not though...I, as well as other, are loyal or die hard fans of Nvidia and would rather wait than go to the other side. However, you need to get off your asses Nvidia and get this fixed...for the sake of my Vista experience and I NEED TO GAME! The other hardware manufacturers mentioned before, ABIT and EDIMAX, you guys are ridiculous. You make the sell the product, but you don't support the product...and this is just in reference to keeping the drivers updated on your site. How many average users are going to know to go and search out for the chipset or component manufacturer for a driver. I would guess far less than you would expect, so get on the ball guys...provide a service with your at very least keep updated drivers on your site(s).

Now it is time for probably the biggest pain during my whole experience with Vista thus far, UAC. UAC was behind every damn prompt to install or do anything that was beyond what the average user would do and yes I did disable it. I found it funny that when I was researching exactly what UAC was...almost always the description was followed by the various ways to disable or tweak it to be more friendly. However, most sites that dealt with "tweaking Vista" in particular would go on to have "disabling UAC" in one of there 10 top tweaks or as the very first thing to disable. All of these sites would go on to say how they don't recommend it, but continue right on to instruct one on how to do so. Yeah...UAC does Defender...and the Firewall. I will use my own apps for these least those that work with Vista, which leads right into the whole point of this article aside from the upgrade process I went through.

That point would be...what is the real cost of Vista? The cost is in fact alot more than the sticker price for the OS itself when you consider what hardware upgrades you need and what software upgrades you need to have the system you had before without sacrificing performance. In regards to hardware...if you are a gamer or someone who does alot of media projects...well you are gonna want a system that rates on the MS rating system somewhere between 4.2-5.0 or higher, which will most definitely mean an upgrade in CPU, VIDEO, RAM, or Motherboard. One of these items will have to be upgraded to attain such a rating. The other side of this money pit is the software. In my day of installing all my software on Vista...I became all to aware of what wasn't working...and after visiting some of these software developer sites...well...they either just did not support Vista yet or the version of their software I had did not work with Vista and I would have to upgrade. I added up the software I would have to have in order to be both productive and entertained as I was on XP and it came out to a staggering $1200. I personally do not have that kind of cash to throw at software just because Microsoft wanted to develop an OS that refuses to work with software that isn't NEW. However, I don't feign to think that Microsoft gives a shit about my or anyone elses financial inability to keep up with the Jones' or this upgrade track that Microsoft has set for everyone.

In any event I took the jump and although I don't like seems we will all have to do it eventually. That is "IF" you want to be technologically viable in your knowledge of an OS that will take roots in most companies and offices eventually...not to mention your homes as PC manufacturers adopt this OS. I do not for a minute like the fact that Microsoft put out an OS that is not backward compatible with older software, but what are you gonna do if your hands are shackled to this beast known as Vista. I know...there are those that say go to Linux or use a Mac...well there is no guarantee that my software will work with those either. I do wish I would have waited and saved myself a little bit of frustration and I do most definitely suggest to those of you who have not upgraded yet to do just that...WAIT. Let the bugs get worked out...these bugs such as driver support, software support, and those geniuses out there that figure out the best tweaks and such. You will save yourself alot of stress in doing so.

I also want to add...if you do upgrade feel free to share with everyone that visits. I get A LOT of emails and not alot of comments...comment please...that is what it is there for. Thanks!