Summer is Here

Unfortunately, it’s felt like summer at my desk for the last three days. I swear the temperature in my section of the building has been at least 85 degrees and there’s no way to get comfortable. To make matters worse, I haven’t had any real excuses to get up and spend time in a cooler area (which is pretty much anywhere else). They were tinkering with stuff all day with no relief, so it would seem there are serious issues with the A/C in the building. My geuss, Epic would rather limp along trying to make small tweaks than spring to fix it. I’m sure the fact the building lease runs out at the end of the year has something to do with it.

In other news, we’ve started our first big landscaping project – a retaining wall in the front yard. We’re a little over halfway through with most of the hard part (the foundation) already finished. It’s looking nice, but I’m afraid it may eliminate our first choice of tree to put in that bed. We’ll have pictures soon.

The best part of summer, though, is definitely softball. Even though our team is not that great, we’re starting to come around. Tonight’s game actually felt like we were an organized team for the first time. Everyone was there early, we were all lined up playing catch for warm-up, we had our lineup in place ahead of time, everyone knew where they were playing. And then there’s the best part – our first win! We were playing a team that we beat in a walk off last year after we moved down a league. This time we kept it close with good defense and we finally found our bats for a late comeback and a 14-12 victory.

Assuming the weather holds, the long weekend ahead should bring BBQ, landscaping, some geocaching, and maybe our first Brat Fest. I’m looking forward to the extra day off.

Windows as a Hobby

Outside of work, I’ve almost completely stopped using Windows. Unfortunately there seems to be nothing worthwhile in the way of personal finance software for Mac, so I’m stuck running Microsoft Money in Parallels. I’ve been trying to get some financial data in order to use for our 2008 taxes, which gave me a good excuse to finally upgrade Money and go to Parallels 4.0. The new version of Parallels prompted me to try something new.

I got it installed on the laptop and setup a new virtual machine using the Windows 7 Beta. I wasn’t really sure what to expect, but most of the reaction has been pretty positive. I have to say, I would agree. I haven’t done a lot of tinkering or complex tasks, but I’m impressed so far. A few more days should give me a better idea of the whole package. I don’t know that I would actually buy Windows 7 if it were available now; I’d probably only pay for it it if we were getting a new computer (yes, Amber, I know this isn’t happening anytime soon). Still, the beta is a unique chance to play around with it for free, so I figured I’d take advantage.

Now for some Daily Show inspired thoughts….How do you rebrand stupid? Representative Steve King (R-Iowa) actually said that by closing Guantanomo Bay it would be possible for Khalid Sheikh Mohammed to be tried in a U.S. court, get off on a technicality, receive asylum, and get “on a path to citizenship.” I think Jon Stewart had the only appropriate response to such ridiculous speculation:

Then, let’s say Khalid Sheikh Mohammed runs for congress. He wins because he’s an expert on terror. Then a couple of years later, a crazy governor makes him a Senator. Then as Senator, he hypnotizes everyone and takes over the Army. Now he has access to Area 51, and here’s where it gets weird…He uses alien technology to seduce Scarlett Johansson and only Will Smith can stop him! Bruckheimer, are you listening?!

You know, sometimes crazy politicians actually lose their jobs. Farewell, Blago.

Update: This was too good not to share. If you don’t see the image, try turning off AdBlock.

New Stuff!

I decided to get ambitious this morning and I went through and added some cool stuff to the site. First, I’ve got a new contact form you can use to send me a message. I’m not really expecting much to come of it, but hey, it’s there. Thanks to One Woman Show for the plugin.

Next, you’ll notice there’s a section in the sidebar showing recent comments and trackbacks. This one is also kind of useless because no one actually leaves comments, but maybe that will change one day. Thanks to Krischan Jodies for this one.

The last and probably coolest change is that I’m now able to use Lightbox to display (some) photos. To see it in action, try clicking on one of the thumbnails in a post below.

Edit: I almost forgot – a little while back I fixed my flickr integration so you should be able to see all of that again at /photos/. (I lied – some combination of FAlbum and/or flickr is being a pain in the ass.) Eventually I’d like to put a button on my nifty toolbar up there, but since this is a part of my latest theme, I have to figure out how to hack it first. Also, this doesn’t use Lightbox; I’m not sure how complicated that will be.

Edit 2: I also wrote a few posts over the last year that I never posted for whatever reason. Their now sprinkled around in the archive on the appropriate dates, mostly from our honeymoon last February.

Some New Revolution Details?

Well, Revolution Report thinks it’s a possibility based on this patent filed by Nintendo. It definitely seems that this could be a big hint as to what Revolution’s Virtual Console will offer. The only thing that worries me at all is there is “no dedicated hardware for Virtual Game titles.” Does that mean that there will be nothing built into the unit to store the games on? Or does that simply mean that there will be no dedicated processing power for those games alone? Interesting nonetheless.

Catch Up

With all the extra work I’ve been doing from home I’ve gotten really behind on a lot of the news I usually follow. I haven’t been watching the Daily Show as much (there’s a new supreme court nominee, what?), and I’ve been missing out on some tech news stories I might otherwise have talked about. So here’s where I catch up.

  • It looks like Warner Brothers is going to offer classic TV for free. They plan to launch an ad-supported service called In2TV early next year. Almost 5,000 episodes will be made available in the first year with older shows like The Fugitive and Maverick to more recent ones like Babylon 5. Their saying the system may even use peer-t0-pear file-sharing techonology, acknowledging that it does indeed have legitimate, legal uses. I think this is a great idea. I only sort of understand the big three’s motivation to sell their current content after it airs, but I think there’s only a limited amount of people wanting to buy TV, when they can record it for free and oftentimes put it into whatever format they want (if they’re willing to work for it). Keeping it free allows people to enjoy the TV they want, when they want it, and get it delivered in a manner convenient to them.
  • Two teams of engineers decided to try to test the genius of Leonardo Da Vinci. We’ve all seen his drawings of a flying machine, but what about an 80-foot weapon designed to defend castles? Well these engineers set out to build these machines, staying as close to Da Vinci’s specs as they possibly could. The results are pretty sweet!
  • Every Playboy Centerfold from 1988-1997. It’s not what you think.
  • A portable Nintendo 64!
  • This is exactly why I want a Digital Rebel.
  • Sony:
    • First attempt to make up for their mistakes. This took entirely too long.
    • Sony apologizes. Wait, they call that an apology?
    • Here’s a pretty good article summing up the rootkit issue. It also goes into detail on how computer security companies have reacted (poorly). Interesting that tech blogs have done more to protect consumers than Sony, Microsoft, or antivirus software makers combined.
    • The company continues to have problems.
  • Marines get a new weapon. Just check out the photos.
  • Boeing is introducing a bigger and better 747 model. Check out the two interior pictures under Innovation. I like the site design but they overlooked some critical problems (zoom in on a picture and you can still click on the images under it).
  • AIM decided it was going to add some bots to my buddy list. It didn’t ask me if I wanted to add them now that they were available, it just did it without my permission. I deleted them immediately, because frankly I don’t need a bot to tell me when movie showtimes are. I know how to use the internet to find out on my own. This is just another example of why I’ll probably dump AIM soon and move to Trillian or some less annoying app for my instant messaging needs.
  • I saw this article while I was sitting in the waiting room at GHC, waiting to have the pressures checked in my eyes (a strange story for another time – ever had your vision bounce?). I was hoping to find it online because it’s a pretty cool story. A guy in Minnesota spent 11 years trying to make a colored soap bubble that won’t stain. It’s a fun (scientific) read.
  • A new iPod Shuffle may be on the way. I still think the shuffle is the most disappointing iPod to date, and I still wish they hadn’t killed the mini. It’ll be interesting to see if they can improve the shuffle or just succeed in capturing the low price flash market.
  • Newegg.com is now offering a Trade-in Program for your old computers and tech stuff. I’ve got some older stuff I want to get rid of. This could be really cool. Also, here’s an article about what makes Newegg succesful.
  • The next major update to Firefox may come before the end of the month. Sweet.
  • Here’s some bad news for the low lifes that create spyware and adware. The senate has passed a bill to make it illegal.
  • Record companies want Apple to change the flat rate pricing scheme of iTunes. Why? Here’s one idea; he makes an excellent point.
  • The first reviews of Xbox 360 are in and the results are so-so. I had a chance to play one the other day, and while it did look nice, I wasn’t overly impressed either.
  • A Zelda movie may be in the works! This is one game I think has enough backstory that it could actually make a good movie.

Whew! I hate getting so far behind.

Sony’s Rootkit Woes

For the most part, I’ve stayed away from this subject because it’s really complicated; much more so than the casual user or music listener really cares about. But it is important and it’s something everyone should have at least heard about. I wanted to have a better idea of what has really been going on before I tried to write about it. Most of the pages linked here are pretty technical in nature, but even if you gloss over the tech speak you can still get the gist. If I’ve misrepresented anything here, please let me know so I can correct it.

Starting some time ago, Sony started manufacturing CDs with new DRM software called XCP from First 4 Internet. The discs require you to install a special media player to listen on your computer, but there’s something more happening behind the scenes. This went generally unnoticed for quite some time, then F-Secure identified the software and finally Mark Russinovich made the problem well known. He ran a scan using some software he co-wrote and discovered evidence of a rootkit on his machine.

Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden.

This was a serious discovery, so naturally he started investigating. What he found was pretty scary. He linked a hidden process to the media player installed by a CD from Sony/BMG.

I closed the player and expected $sys$DRMServer’s CPU usage to drop to zero, but was dismayed to see that it was still consuming between one and two percent. It appears I was paying an unknown CPU penalty for just having the process active on my system. I launched Filemon and Regmon to see what it might be doing and the Filemon trace showed that it scans the executables corresponding to the running processes on the system every two seconds, querying basic information about the files, including their size, eight times each scan. I was quickly losing respect for the developers of the software.

If I read that correctly, it’s scanning active processes eight times every two seconds. What purpose could that possibly serve?

But wait, there’s more. Mark wanted to remove the software from his computer. Sony claimed it was possible, and yet it was nowhere to be found in the Add/Remove Programs list, there was nothing about it on the Sony site (this is no longer the case), no help to be found at all. He took matters into his own hands and found that the software loads even in Safe Mode, meaning if something went wrong, you’d have a hell of a time fixing it. He was able to get it off his computer, only to find that his CD Drive had been disabled.

In the following few days, things have only gotten worse. Mark has made many more interesting discoveries and catalogued it all for us: Dangers and Phoning Home, First 4 Internet Responds, and his Uninstall Experience. I’d include more details here, but he’s already done a great job of that.

I’ve put together a summary of the information I’ve gathered from Mark and other articles on this issue.

  • The EULA does not disclose the software’s use of cloaking and implies that it can be easily uninstalled (it cannot). It hides itself by modifying the Windows kernel without your permission. Sony denies the software poses a security threat.
  • This rootkit can hide the DRM files as well as anything else set up to take advantage of it (think trojans, worms, and viruses). Sounds like a hacker’s dream come true.
  • The hidden software scans your active processes constantly. 240 times per second. No one seems to know why.
  • If you do manage to get the software off your computer it will disable your CD drive.
  • Sony recently announced to the press that they were making an uninstall tool available, though they made no attempt to ensure their users knew about it. It is virtually hidden in the FAQ section of their website.
  • Sony’s “patch” can lead to system crashes and data loss because of the way it removes the cloak.
  • The rootkit has already been used to get around the World of Warcraft anti-cheat software and now new viruses are taking advantage of it.
  • The Sony CD player establishes a connection to Sony’s site and tells them each time you listen to your protected CD. This behavior could be used to record the ID of a CD and the IP address of the person who played it, though there is no evidence of this. However, simply by logging standard server activity this information would likely be collected. Sony says they don’t use it.
  • Uninstalling the software is a chore in itself with several hurdles to jump through. You have to tell them twice that you want to uninstall. Don’t forget the majority of users wouldn’t know they’d installed the software in the first place.
  • The CDs are trouble for more than just Windows users; they affect Macs, too, though the software comes from a different vendor called Suncomm.
  • This move by Sony likely breaks laws in many countries around the world. Sony claims the CDs have only shipped in the US, though this has already proven to be false.
  • A class action lawsuit against Sony has been filed in the state of California. Expect more to follow.
  • For now, Sony has halted production of the CDs but they have no plans to stop including it with their CDs.

Needless to say, this has people really upset for obvious reasons. I think it’s safe to say this takes the idiocy of DRM to a whole new level of “I can’t believe this.” I guess Sony figured that the only way to make DRM work was to hide it from the user. Maybe someday they’ll learn that you really can’t hide much from the public at all; there’s always a way around (a fundamental reason why DRM will never work). The worst part is that this software opens up a whole new issue with privacy and protection. The fact that Sony denies there is a problem is unforgivable. Their stories change each time new information is revealed which really leads me to believe they never thought anyone would figure out what they were doing. I’m not one to quickly start screaming about boycotts, but I will seriously think twice before I purchase another Sony product.

MySpace Worm

This is a step-by-step guide by “Samy”, the guy who created a MySpace Javascript worm that quickly made him the most popular guy around. This probably isn’t going to mean much to most people, but it’s pretty interesting how he got around all these hurdles. Basically, he created a worm so that anyone who viewed his profile would add him as a friend (and hero) without knowing it. Than anyone who viewed that person’s profile would add him as a friend (and hero) as well. The original story goes into more detail.

It’s official. I’m popular.

I have hit 1,000,000+ users. In less than 20 hours, I’ve hit over 1/35th of all myspace users.

As someone who’s worked with this stuff before, it’s pretty incredible how he accomplished it.

read more | digg story