Everything, Everything

The media seems to have gone crazy over the fact Britain has made its final repayment to Washington, and one person I know wrote:

Over the last 60 years they have, on numerous occasions, hampered our economic development ('50s, 60's and 70's all saw defered payments as we couldn't make ends meet...)

So does this mean we can finally stick two fingers up at our friends across the pond, and tell them where to jump?

Well I think it's probably best not to burn our bridges with America, as you never know when they might come in useful. But more importantly, I don't think they hampered our economic development. If they hadn't given us the loan 60 years ago, we probably wouldn't have had a decent economy to struggle with over the decades.

In 1945, Britain needed money to import food and for reconstruction to help us through the consequences of post-war adjustment, rather than the war itself. The post-war loan was part-driven by America's termination of the Lend-Lease scheme (which replaced the Cash-and-Carry scheme, which saw straight payments for material). Since 1941, the US had effectively donated equipment for the war effort, but anything left over in Britain at the end of hostilities and still needed would have to be paid for. This seems pretty fair to me, but to make things even better, the US only wanted one-tenth of the production cost of the equipment and would lend the money to pay for it (which was useful as we couldn't afford to pay for the equipment, but we couldn't afford to give it back). The terms of the loan were extremely generous, with a fixed interest rate of just 2%, so it should come as no surprise that the UK chose to keep this low-interest loan going rather than pay it off early. Even if you can afford to pay it off early, you should invest it and pocket the interest.

This isn't the only debt that Britain's had/has, there are some that predate the Napoleonic wars, because it is better value for taxpayers to keep paying the low interest. Britain still appears to owe ?866m from WWI (?40bn when adjusted by RPI), but we're also owed ?2.3bn by other nations (?104bn adjusted). The UK Government's position on these loans is: "Neither the debt owed to the United States by the UK nor the larger debts owed by other countries to the UK have been serviced since 1934, nor have they been written off".

Which is why it seems crazy that the media are making such a fuss over Britain and its "war debts", or why people seem to think it was such a bad thing to have accepted the loan 60 years ago.

Over at Slashdot, geek minds are apparently grappling with the notion that home electronics are not as bad as we're lead to believe: the average coffee maker uses enough power to equate to 8 dual core laptops, a wireless router, a DSL or Cable modem AND a dvd player and plasma TV!

I was just listening to them on BBC 6 Music, they were playing Calimero at the 2006 Summer Sundae, and - it sounds like it's a regular thing - ended the song singing "I feel like chicken tonight". I kinda lost interest in them a few years back, I think when they went very quiet, so I should really check out their newer stuff sometime.

I've done a fairly major update to my UK Radio Player Gadget for the Windows Vista Sidebar. Basically, I've fixed all the quirks I've come across, and I've drastically redone the look and feel.



The interface can be dragged more easily, now that the onClick event is only on the two icons in the bottom corners, for those of you that want it to sit on your Desktop instead of the Sidebar (like all sane people hehe). It also uses transparency ever so slightly, as can be seen below:



(EDIT: The image above is from the 1.1.2 version before I tweaked a couple graphics for 1.1.3 - I still want to redo the stop/start icons though)

So where can you grab the latest version of my Gadget? Well I've overwritten the original gadget (as it was pretty crude, to be honest), so you can grab it from the same place as before, but it's probably easier to get it from here: http://gallery.live.com/LiveItemDetail.aspx?li=95a0543b-0183-43eb-8d6c-411d42d596b8.

I'll probably sort out the Gadget's icon so it has transparent corners (you'll need good eyes to spot it), and I plan on replacing the stop and play buttons in the next version. I may even do the background image on the Back and Forward buttons, to make it look more like IE7, for example. After that, it's probably a case of getting as many URLs and images as possible. And perhaps try and decide how I'll present them in the drop down list (I may keep popular ones at the top). And then I might look into the Next/Now information from other sites, and I'm sure there's something else I was going to do. It'll come to me eventually.

I know, it's a little unfair to compare them, but a quick glance at Secunia's website currently reveals:

Microsoft Windows Server 2003 Enterprise Edition
Affected By 111 Secunia advisories
Unpatched 9% (10 of 111 Secunia advisories)
The most severe unpatched Secunia advisory affecting Microsoft Windows Server 2003 Enterprise Edition, with all vendor patches applied, is rated Less critical

Linux Kernel 2.6.x
Affected By 107 Secunia advisories
Unpatched 18% (19 of 107 Secunia advisories)
The most severe unpatched Secunia advisory affecting Linux Kernel 2.6.x, with all vendor patches applied, is rated Moderately critical

To be slightly fairer, at least when things are wrong with the Linux Kernel 2.6.x they're not usually as bad as Windows.

It seems Linux problems typically result in DoS, while Windows is more likely to have remote execution.

Mainline Linux since version 2.6.12 has included the Exec Shield code for address space layout randomization* (ASLR); I suspect with things like ASLR - and if people turned DEP on for everything, the default is just Windows and its services - Windows Vista will be a lot harder to get remote execution (although only for binaries which are linked to be ASLR enabled). ASLR is not a replacement for insecure code, but when used in conjunction with other technologies, it is a useful defence.

When you boot into Windows Vista, system code is loaded into different locations in memory. This helps defeat "return-to-libc" attacks, where exploit code attempts to call a system function, such as the socket() function in wsock32.dll to open a socket, or LoadLibrary in kernel32.dll to load wsock32.dll in the first place. The job of ASLR is to move these function entry points around in memory so they are in unpredictable locations. In the case of Windows Vista, a DLL or EXE could be loaded into any of 256 locations, which means an attacker has a 1/256 chance of getting the address right, which makes it a lot harder for exploits to work correctly.

What are the other layers of defence in Vista? There's "/GS", a compile-time option in Visual C++ (on by default) that adds stack-based buffer overrun detection. It also juggles around some of the function arguments and the function stack variable to make some classes of attack harder to pull off. Virtually all Windows Vista binaries are compiled with this, and it's now in its fourth iteration. When /GS is triggered, the application is terminated. This should make it very difficult to do anything with buffer overruns in Vista.

There's also "/SafeSEH" (which I won't go into, as it's quite boring) and Data Execution Protection (aka AMD's NX or Intel's XD). Data Execution Protection, often simply referred to as DEP in Windows, requires CPU as well as operating system support. Buffer overruns come into a vulnerable application as data, and then that data is executed. DEP can prevent the exploit working by marking data segments as no-execute so it can't be run. This means that even if the Vista binary wasn't compiled with "/GS" it should be stopped by DEP. When this happens, it immediately terminates the application, which is why I had trouble running World of Warcraft on Vista x64 when I changed it from the default setting to the non-default setting to check everything (I've had to add wow.exe as an exception), and the application would stop dead without any error messages appearing.

And, finally, there's "Function Pointer Obfuscation". Long-lived function pointers are targets for attack because they hang around for ages (hence "long lived") and they point to functions that are called at some point by the code (so you know they're going to be used at some point in the future). In Windows Vista, numerous long-lived pointers are encoded, and only un-encoded when the pointer is actually needed. This is also a bit boring to explain properly, I like to think of it as a clever magic trick where the card you picked is put back into the deck, shuffled around a bit, and then - when you ask for it - the chosen card is pulled back out to be revealed first time.

* I know, it's "randomisation" here in the UK, but I'm sticking with the American spelling for now as it's part of the popular acronym ASLR

The graphics are temporary, I assure you, but I think my Gadget for Vista's Sidebar is pretty functional now (it can also be dragged to the Desktop, but I keep mine on my Sidebar). It's hopefully good enough to reveal to anyone that has Windows Vista and lives in UK (okay, not many of you) as I think some of the streams are limited to UK listeners (based on IP, presumably, so a UK based proxy would probably get around such restrictions *cough*).



http://www.everythingeverything.co.uk/files/ukrp.gadget

(right click and save this file with a .gadget extension, then open it. This server defaults to .zip as a gadget file is a zip file with a different extension. I might see if I can get Jonathan to configure the server so it serves gadget files correctly).

There's a slight issue where the "on next" information for the BBC Radio stations may occasionally flow outside of the window, and I plan on fixing that sometime, probably by counting the number of characters and either chop the end off and append "..." or perhaps use a div tag with a fixed height and automatic scrollbar.

It is based on the BBC Radio Player Gadget, but I have modified a lot of the code. The "flyout" is now a webpage with div tags, unlike the original scrolling version that essentially recreates the background image every second. I've also changed it so the "flyout" only appears if you click on the status or station labels. And if you're already playing a station and change station it will automatically start playing the new one (and if you cancel out of the settings window or select the current station it won't restart the audio stream). I've also redone all the graphics (except play and stop and the station images), which is why they look a bit crap. Sorry... functional.

There is no user manual, just click on things and see what happens.

For Internet Explorer 7, the default HTTPS protocol settings was changed to disable the weaker SSLv2 protocol and to enable the stronger TLSv1 protocol (IE6 users can manually configure these stronger settings by using Internet Explorer?s Tools | Internet Options | Advanced menu). By default, IE7 users will negotiate HTTPS connections using SSLv3 or TLSv1. Generally, IE users will not notice any difference in the user-experience due to this change; it?s a silent improvement in security. Microsoft's research indicates that there are only a handful of sites left on the Internet that require SSLv2. Adding support for SSLv3 or TLSv1 to a website is generally a simple configuration change.

So it came as quite a surprise to read on The Register that BT broadband customers are unable to change their password if they've upgraded to the latest web browser versions. The browsers refuse to connect to what they consider to be an insecure version of SSL which the site is using. Attempting to visit BT's password changing site using IE 7 just gives a blank page, while Firefox 2 offers some explanation: Firefox can't connect securely to register.btinternet.com because the site uses an older, insecure, version of the SSL protocol. Opera 9 is the most helpful, with instructions on how to enable the insecure protocol. BT appeared unaware of the problem when we spoke to them, but has now said it's working on a fix. Funnily enough, register.btinternet.com was specifically mentioned to the Mozilla team back in 2002 for only supporting SSLv2. I guess they haven't updated their servers much in the last 4 years?

Developed by Netscape, a stable SSLv3 was released over a decade ago in November 1996, which later served as the basis for TLS version 1.0. The TLS Protocol Version 1.0 was published in 1999 and Version 1.1 was published earlier this year. I was glad to see that IE7 disabled SSLv2 support by default, bringing it in line with Opera and Mozilla (who, I think, both removed support over a year ago), as SSLv2 is cryptographically weak. People really should be using SSLv3 or TLS by now.

How did I ever put up with them? After spending so long in my big double bed at the flat, I'm finding it very difficult to sleep in this single. The duvet's too small to wrap myself up in a cocoon to keep warm, my toes keep wanting to poke out at the end.

I read a comparison of games played on Vista and Windows XP, and at first glance Vista looks shocking. The review suggested it was down to poor drivers, and it kinda is, but it's far more complicated than simply optimizing them for Vista. It's all because of OpenGL, which works fine on Windows XP, but is a little more tricky on Vista.

There are three choices for OpenGL implementation on Vista: an application can use the default implementation, which translates OpenGL calls into the Direct3D API and is frozen at OpenGL version 1.4 (this is why most games on Vista currently suck, and run about 1/3rd of the speed of their XP counterparts - having said that WoW seemed to play okay once I'd disabled DEP for wow.exe, but the default DEP setting just covers Windows and services, so it shouldn't affect most people); or an application can use an Installable Client Driver (ICD), which comes in two flavors: legacy and Vista-compatible. A legacy ICD, the kind already provided by independent hardware vendors targeting Windows XP, will disable the Desktop Window Manager, noticeably degrading user experience under Windows Aero (for those of you that haven't seen Aero in action, be prepared to be amazed as games and video play flawlessly as they move around the screen). A Vista-compatible ICD takes advantage of a new API, and will be fully compatible with the Desktop Window Manager. At least two primary vendors, ATI and NVIDIA, are expected to provide full Vista-compatible ICDs in the near future. And once they do, I imagine framerates will be comparable to Windows XP.

Don't blame Microsoft, blame the hardware vendors for not providing drivers quickly enough. Or in some cases, at all. I'm still finding Vista x64 a pain because of the signed driver requirement, but in the long run it should mean a more stable system.

To begin with, here's a Dilbert joke I came across and thought about sharing: dilbert2006121018016.gif.

If you've got Java installed, it's worth checking if your system is fully patched, using Secunia's Software Inspector. It's free, it picks up those old versions of Java and Flash (etc.), and if you bother to update or remove vulnerable versions, it might even stop your machine from being compromised. Hopefully your system is full of green ticks like my work laptop:



Bluetooth. It's a bit scary. But I've tried it out using a cheap Bluetooth adaptor and my mobile (once I enabled Bluetooth and then paired the devices with a passcode). The good news is I can grab photos off my mobile without having to lug the USB cable around. It also means, if the drivers are signed, I might be able to use my mobile with my main machine (running Vista x64)! Worst case scenario, I might install a virtual machine running Windows XP in order to use my old devices.

Hmm, for some reason I can't get my playlist to update on this site. I've looked at the code and it should work fine, it's not like I've changed the code either, it's just broken for whatever reason. Grrr. I hate not knowing why things stop working.

EDIT: I figured it out, for some reason I hadn't read one of the first lines of code properly. I changed the code about a month ago so it'll only update the database if the updated track listing comes from certain specific IP addresses (in addition to the other measures). I've added my parents' current IP address and it seems fine now. At least I was right that it wasn't the code that was broken, it was simply that my machine was connected to the internet from another location - and the IP checking bit of code was clearly doing its job properly. Ah well, at least I know it works.

It's not a great photo, but I've taken a quick one of my monitor near a can of Dr Pepper that I happened to be drinking at the time. It should give you an idea of scale, in case you're hopeless with measurements in inches, and can't picture my 30" monitor in your head. The stand goes higher, but I lowered it as far as possible in order to get the can close to it in the photo.



And finally, bringing it back to the whole playlist topic, this plugin is what I use with Winamp to get Windows Live Messenger's "What I'm Listening To" feature to work.

Why did no one tell me it has Anne Hathaway in it? Emily Blunt looks hot in the movie too. They both look nice together. I don't know what annoys me more, the fact she's younger than me and famous, or the fact she's dating Michael Buble *cough* tosser *cough* when she could be dating me (seeing as she only lives in London). I think Holly's mentioned My Summer of Love (for obvious reasons, she seems to enjoy anything that involves gay or bisexual women), perhaps I'll watch that too someday. Or perhaps I'll stick to pining over Anne Hathaway. I just noticed she was in Brokeback Mountain too, maybe I'll get around to watching that someday (even if it is about gay cowboys... that still reminds me of a South Park quote). Perhaps I'll watch Havoc first, as she's got a much bigger role (oh, and she gets topless too). She's younger than me too. *sigh* I think I'll get back to watching The Devil Wears Prada now.

I mentioned in a previous entry that I'd explain why some machines add a random question mark when you send emails through Outlook Web Access (OWA).

The annoying thing is that they only appear after you send the email, so you don't know if it's going to happen until after you send it. I did some digging and some people claim it's an S/MIME problem. Assuming that KB 883543 has been applied on the server, go to Options, and look for E-mail Security. There should be a button marked Download, which lets you install the latest version of the S/MIME Control.

If that doesn't fix it, I've read that it might be issue where you have to re-register some files (usually after SP2 has been applied).

Going back to what I said in the entry, it seems there is now a KB article (911829) explaining why I had trouble composing email with Vista:

SYMPTOMS
When you access Microsoft Outlook Web Access by using Microsoft Internet Explorer 6 or a later version of Internet Explorer, you experience one of the following symptoms.

Symptom 1
On a computer that is running Microsoft Windows Vista, you cannot perform any editing tasks that you typically expect to perform. For example, you cannot perform the following tasks:
- Compose a new e-mail message
- Reply to an e-mail message
- Create a new contact, task, note, journal entry, or appointment
- Change any configuration in the Outlook Web Access options folder

...

CAUSE
Symptom 1
This behavior occurs because Windows Vista no longer includes support for the ActiveX control that is used for HTML editing in Outlook Web Access.

...

RESOLUTION
This Microsoft Exchange Server hotfix resolves the three issues that are mentioned in the "Symptoms" section. This hotfix enables a new editor for Internet Explorer. The new editor uses an Internet Explorer "iframe" instead of an ActiveX control. After you apply hotfix 911829, you are not required to first click in the compose frame in Outlook Web Access before you edit text.

Important For this resolution to work, you must apply the hotfix to both the front-end server and to the back-end server.

...

Several design changes are introduced in Windows Vista that are based on the Microsoft Secure Windows Initiative program. The version of Internet Explorer that is bundled with Windows Vista helps protect users from dangerous Web sites. Additionally, this version of Internet Explorer runs with limited user rights even if the user is logged on as a member of the local administrators group. The new editor that is introduced in this version of Internet Explorer complements this design change.

I knew I wasn't doing anything wrong. It looks like I'll have to bug work to install the hotfix on their server.

I just bought a nice shiny new Dell 3007WFP. I'd been thinking about it for ages, but I could never justify the cost. But then Aria put it on offer and dropped the price by £117. And offered the zero dead pixel check for £10 less that usual. Well it is my birthday coming up, as well as Christmas. Instead of the staggering £1,079.83 inc VAT that Overclockers (and most other places, Scan is £1,050.45) have it for, Aria are/were selling it for £700.24 inc VAT. That's £380 cheaper! Bargain.



Dell 30" Widescreen Digital Flat Panel Display 3007WFP offers uncompromising front-of-screen performance; UltraSharp 30" Widescreen, fast response time (11ms), high contrast ratio (700:1) and ultra-resolution (WQXGA 2560 x 1600). It is ideal for CAD-CAM, 3D modeling, pre-press editing, video editing and both consumer & professional photographers. This good looking, clean-cut flat panel display is the only 30" widescreen that has comprehensive flexibility of height adjustability, swivel and tilt. Dell-branded monitors are designed to our exacting quality standards and manufactured by the world's foremost suppliers, who must pass Dell's stringent quality audit. All Dell monitors meet or exceed all relevant industry standards. Dell-branded monitors undergo exhaustive testing for performance, reliability, durability and compatibility with Dell systems. Under our H.A.L.T (Highly Accelerated Life Cycle Testing) regimen, Dell engineers push our monitors well past specified tolerance limits for heat, cold, vibration, shocks and drops, to ensure that they can withstand real-world conditions. Dell's enormous buying power and direct business model allows us to offer the highest quality monitors at low prices. Dealing with Dell, the world's largest Flat Panel provider, means a single point of contact and accountability, and the peace of mind of purchasing from a stable and reliable technology partner.

- 30" Widescreen
- 2560 x 1600 (WQXGA) Optimum Resolution
- 16.7 Million Colours
- 700:1 Contrast Ratio
- 14ms Response Time (11ms Grey-TO-Grey)
- 400 cd/m2 Brightness
- One DVI-D Input with HDCP support
- Height adjustable stand (100mm travel)
- VESA mounting compatible / Security slot : Yes (100mm) / Yes
- Integrated powered USB 2.0 hub : 4 downstream / 1 upstream ports
- Integrated powered 9-in-2 Card Reader: Compact Flash 1&2, Secure Digital, MMC, Smart Media and Microdrive

Believe this guy, Roger Grimes, he knows his stuff on Vista (and so does Jesper Johansson).

To try (maybe) on Vista RTM:

Change Aero's colour
Enable Aero/Glass on compatible hardware

I wish I could enable Aero on my work laptop, but it only has a GeForce 4 card, which is only a DirectX 8 chip, not DX9.

For Aero:

DirectX 9 class graphics processor that:
Supports a WDDM Driver.
Supports Pixel Shader 2.0 in hardware.
Supports 32 bits per pixel.
Adequate graphics memory.
64 MB of graphics memory to support a single monitor less than 1,310,720 pixels
128 MB of graphics memory to support a single monitor at resolutions from 1,310,720 to 2,304,000 pixels
256 MB of graphics memory to support a single monitor at resolutions higher than 2,304,000 pixels

Yes, shocking, I know. A third new vulnerability has been found in Word. Again, it doesn't affect Word 2007 (I just tested it myself). Bad news for Microsoft, but good news for Office 2007. There's a rumour that Microsoft might release patches for Word out of cycle. I didn't expect them to as the first couple were targetted attacks, and that doesn't appear to have changed (yet). But this third one has been disclosed with an example document, so it'll be interesting to see if attacks become more widespread.

Monster admits monstrous error. It mistated results since 1997 until 2005, and exaggerated profits by a total of $272m.

Two weeks ago there was a nice Dilbert joke that I don't think I ever got around to mentioning, but it seems apt now:

dilbert2002221261129.gif

Holly posted this on LJ, and I found it hilarious: for my fellow music geeks alike (NB particularly cellists!)

I miss playing the cello, I doubt I could still play at a grade 6 standard anymore.

Okay, maybe not all of them, I'm sure Ian and Joe are quite sensible, but definitely the ones without lights. On my way home I've (barely) seen numerous idiots on bikes without lights. It seems I'm not the only one, and the police did a crackdown in Bucks, Berks and Oxfordshire. The enforcement campaign during November saw 220 £30 fixed-penalty notices issued to cyclists. Of those, 140 fines were cancelled (boo! hiss!) because riders showed they had bought lights and 67 payments are pending.

The computer may respond very slowly as the Phishing Filter evaluates Web page contents in Internet Explorer 7 (Vista, perhaps unsurprisingly, isn't affected).

SYMPTOMS
When you use Windows Internet Explorer 7 to visit a Web page, the computer may respond very slowly as the Phishing Filter evaluates Web page contents.

CAUSE
This problem occurs when one or more of the following conditions are true:
- The Web page contains many frames.
- You browse many frames in a short time.
Internet Explorer 7 evaluates the whole Web page when you browse a frame. Therefore, CPU usage may be very high.

This may explain why Outlook Web Access makes IE7 grind to a halt. I tried OWA on Vista earlier this afternoon, but I couldn't compose a reply as the ActiveX control didn't seem to want to load. I tried adding the site to trusted sites and lowering ActiveX permissions slightly, but it didn't seem to work. I might try again later, as it'd be annoying (and embarrassing for MS) if OWA doesn't work on Vista. It's bad enough that some machines add a random question mark, but that's a whole other issue that I'll write about later if I haven't already posted it.

I should point out that their FAQ says the minimum system requirements for Winamp are "Windows 98 SE, Windows ME, Windows 2000, Windows XP, Windows 2003" so I shouldn't have been too surprised when the Program Compatability Assistant appeared, but many programs that work on Windows XP will install and work fine on Vista (like my old version of Paint Shop Pro 7).



So I ignored it, seeing as I've used Winamp pretty much all my life, and because I use a plugin to update my playlist on my website (although the latter is far less important).



Well so far I've played the sample track, and Vista hasn't crashed on me yet. But I have noticed one quirk, which might be what Microsoft were referring to. When I click the "Switch between windows" button (and see all the windows lined up in 3D, or hover over the taskbar to see a thumbnail of the window, I see the old style window! I also can't see any other windows, such as the Video window when playing videos. I normally display Winamp in the "Notification Area" (in Vista speak, Winamp calls it the "System tray", which is what I've always called it), so again it doesn't really matter that much to me.



Seeing as I've used the Winamp Classic skin for the last year or more, it's not really a problem. Winamp appears okay in the mixer, and I can fiddle with the volume controls without any issue, so the music side appears to be sorted. Fullscreen video doesn't look right, a bit too pixellated for my liking, but I use Windows Media Player 11 to watch videos. I'm fairly certain "Drag and Drop" didn't work the first time I started Winamp, which is a slight issue when I access content from network shares, but when I finally get around to mapping the drives it should be okay. But now it's behaving fine! Even if I switch skins or restart it (although switching skins will stop the video playing - I can't remember if it did that before, I'll check next time I'm using XP). Video playback appears to play just like in WMP (i.e. moving it about the screen, the video remains perfectly inside the window, playing without any problems), and the Aero interface blurs the video correctly.

Verdict? It's definitely not entirely Vista-friendly, but it's stable and it plays music, and that's all I'm asking of it right now.

Oh, and for those wondering how easy it is to associate .m3u files with Winamp instead of WMP? It's dead easy with Vista's new "Open With" window (right click the file, select "Open With" -> "Choose Default Program"):



My wishlist*? A gadget. Something that can either sit on my desktop, maybe sit in the top right corner of my screen like normal, or sit on my Sidebar (like the BBC Radio Player gadget by Thomas Pleasance, which I love BTW - make sure you're using "Beta 1.0.10" not "1.0.1" like I initially used). Or is that asking for too much?

Just as I was about to post this, I came across Bodyrox featuring Luciana - Yeah Yeah on Radio 1. You can hear a sample on their myspace page, and you can probably find the full video on YouTube. Probably.

* other than existing feature compatability with Vista

Why do Microsoft appear to use a transparent pixel image to communicate on Microsoft Update?



It seems like a nasty cludge to me. I'm sure there could be a more elegant way of doing it.

I'm not quite sure how this works, but Kristin has revealed that Paul McCrane will play Jack's brother on 24. The reason why I'm not sure how, is because we've already seen Paul as some kind of bad guy (Graham) last season. Graham's family will be met during the course of the day, including his wife (Marilyn, played by Rena Sofer) and son. Graham first appeared in Episode 19 of Day 5 of 24. Graham is introduced as the leader of a group that orchestrated the Sentox Nerve Gas conspiracy, as well as the murder of David Palmer

James Cromwell (who will probably kill me for saying he's famous for playing Dr. Zefram Cochrane in Star Trek: First Contact, and the farmer in Babe - well he was nominated for an Academy Award for Best Supporting Actor) will also be seen playing Jack's father (Phillip Bauer). Talking of Star Trek, Alexander Siddig is meant to play Hamri Al-Assad, one of the "Evildoers Behind the Big Season 6 plot".

A 10 minute prequel for season 6 is available on the season 5 DVD (only in America? I only have 1-4 on R2 DVD), and FOX will release a "Season 6 Premiere" DVD on January 16 in the United States and Canada. The DVD will include all 4 opening episodes and a twelve minute preview to the fifth episode. Although I suspect most people will prefer to watch the HDTV broadcast, which will be a higher resolution. For those of you interested in teaser trailers, try this site, and here's a short clip of Jack and Graham.

Eddie Izzard was announced to appear on the show as villain Darren McCarthy but was later replaced by David Hunt after scheduling conflicts, after only one day of filming. :( Stephen Merchant will make a cameo appearance in the premiere, his writing partner Ricky Gervais has recorded a spoof.

Last Wednesday, Microsoft posted an advisory for a targeted "zero-day" attack using a Microsoft Word vulnerability, which McAfee are now referring to as Microsoft Word 0-Day Vulnerability I. They analyzed a Word Document sample for MessageLabs and Microsoft confirmed upon their request that it was Microsoft Word 0-Day Vulnerability II.

McAfee previously mentioned that non-executable file formats being a popular vector in recent years; and believe that this is a trend that will continue into 2007 and deserves to be given ample consideration in planning for security resources, policies and user education programs. I agree that non-executable file formats are becoming more popular, and that the trend will continue, but I also think that Office 2007 might be more resilient to such attacks.

Want some proof? Well the Microsoft Security Response Center Blog stated that "Our initial investigation has discovered that Word 2000, Word 2002, Word 2003 and the Word Viewer 2003 are affected, but Word 2007 is NOT affected by the vulnerability". It's not entirely clear whether Word 2007 is not affected by the Word 0-Day Vulnerability 1, but the advisory only lists "Word 2000, Word 2002, Word 2003, Word Viewer 2003, Word 2004 for Mac, Word 2004 v. X for Mac, Works 2004, 2005, and 2006" (which is the same as those listed for II) so I presume Word 2007 isn't affected by either of these 0-days.

Sadly, this means that attackers will go for the next best thing: anti virus software, third party drivers, popular file formats such as playlist files, graphics, and possibly - and this is just my personal belief - container files (the type used to store multiple audio, video, images, subtitles).

I don't know why, but my site is being accessed quite a lot from random IPs with random HTTP Referers, but the browser is always PycURL/7.15.5. It makes it easier to filter, but it's still mildly annoying.

I'm not sure why, but after turning my computer back on (I had set it to hibernate), Windows pointed out that my anti virus software wasn't working. So I checked Sophos, and the service had indeed stopped. When opening the main interface it told me and the service was restarted, but the Windows Security Alert won't go away. Also, the "Turn on now" button is disabled, presumably because Sophos don't have a mechanism for starting it up that way. Seeing as this one has been around for a while (since XP SP2 came out in August 2004?), I'm again surprised that Sophos bitched so much about access to APIs and can't manage to write something as simple as this. In the end I had to run services.msc and restart the "Sophos Anti-Virus status reporter" service to make the little red shield go away. I still don't know why the service had stopped, but I now have AVG and Microsoft OneCare setup files, and will give them a try the next time something goes wrong. Anti Virus software shouldn't cause processes (msfeedsync with NOD32) to die with DEP errors, or have their services (Sophos) randomly stop. I'll give Sophos the benefit of the doubt for now, but the last thing I want is AV software that stops working for no good reason.

On Vista x64 I've noticed that the msfeedsync program crashes all the time, so I decided to search on Google and see if anyone else had come across it. I only found one reference, which suggests that NOD32 (the anti virus software I decided to try, as I didn't want to try Trend and I thought I'd keep away from Symantec and Sophos for a bit) is at fault. It said it's not compatible with Windows Vista RC2 and causes the MSFEEDSYNC process to crash with a DEP error. Which appears to be what I'm getting.

The author added: I will try using it with the Pre RTM Build (5840) and see if the problem persists. But so far there's been no reply. I think I may try Sophos, as it's meant to work with Vista x64 (despite their complaints against Microsoft), and a free trial version is available.

I know, I know, it's not as good as an ethernet cable, but I was getting fed up of pulling the long cable out of the fileserver whenever I wanted to use my laptop in my bedroom. So I've enabled the wireles access point in my router, and I now have an encrypted connection. The signal's fairly low, but 11MB is fine for chatting over MSN and browsing the web (and still a lot faster than my ADSL connection). If only the battery life was a bit better on my laptop, then I really could go completely wireless!

Stolen shamelessly from the Windows Vista Team Blog:

Imagine you are on a plane writing a document or reading email using Microsoft Office while listening to music stored on your laptop using Windows Media Player. You are listening to your favorite tunes at high volume and suddenly you make a mistake which causes Windows to give you an error sound. On Windows XP, there wasn?t really much you could do about it since there was a single volume control for all sounds generated on the PC - whether they came from Microsoft Word or Windows Media Player. This is just not a problem on Windows Vista because we have replaced the old Volume Control with the new Volume Mixer. To bring up the Volume Mixer, click on the "speaker" icon in the right side of the tray and select "Mixer," and you will not only see the master volume control for each output device, but also a volume control for each software application - in this case each application is treated as its own input. The best part is that you can mute the sounds from each application to suit your needs.

This is a cool feature, I looked into it at home the other day, I believe I was adjusting the audio so that Windows Live Messenger wouldn't deafen me when I was playing a very quiet video. I think if I had been playing the video fullscreen, WLM would have muted itself automatically (and not show popups), as it's designed to do that so it won't interrupt presentations if you forget to sign out.

Listening to Radio 1 briefly before going to bed. Such a cool song by Green Day.

A recent post by Emily said:

So my life plan has just suffered a two-year set back. The Dr is no longer moving to London this summer. He will be in Edinburgh for the next two years first.

Big Grrrrrr.....

I totally understand his decision (it is his career afterall, plus London was only offering him one of the required two years placement and the second could have been anywhere on the south coast INCLUDING the channel islands. Plus the fact that we aren't together, just being filthy regularly.)

Still, he knows how to keep me onside, concluding the text-exchange in which he broke the news by highlighting the speed with which both trains and planes can convey one to the others city for naughty weekends.

How many naughty weekends make up two years? Think I need to get a loan...

Well I knew she wasn't interested in me anyway, but now I'm not as interested in her. It seems she has her heart set on this doctor that she can't be with for at least two years (if it even works out), but is quite content to have casual sex with anyway. Which kind of agrees with my earlier point that women want older men, men with security, and although she's not in a relationship already, it does sound like she's only interested in this guy and isn't looking to meet anyone else. So I don't really stand a chance.

Oh, and I've just read something terrible that Tania's left on LJ. It confirms that most men are bastards. I'll add more details later, I want to write to her first when I get home.

Tom came across this problem after installing IE7 at work. It seems that all the user profile bits and pieces (e.g. the Quick Launch toolbar) were being stored on another server that holds the user's profile, so any attempt to click on a shortcut (*.lnk file) resulted in a big Security Warning box appearing in the middle of the screen, stopping the user from clicking anywhere else. It's the one with a yellow shield icon in the bottom, complaining about the Unknown Publisher and asking "Do you want to open this file?".



Well I looked into this to see how I can stop this from happening, as it could get quite annoying for users on a corporate network like Tom's.

It appears that only one setting needs to be changed to stop this behaviour, but rather than change it on the "Internet" zone, it's best to add it to the "Trusted sites" zone. As I'm accessing the file using UNC, I really expected the server to be part of the "Local intranet" zone, but the setting is already enabled there, so for whatever reason it's not picking it up. If you can get this trick to work under "Local intranet" then it's probably best to do it there. I had to resort to using "Trusted sites".

Add the server name to Trusted sites, don't forget to uncheck the HTTPS box at the bottom. In my case, while I was testing this, I was accessing a shortcut (*.lnk) file on "\\\\silentbob2\\f$", which meant I had to add "silentbob2" as the trusted site.



Then you need to enable the following setting:



If you enable "Launching applications and unsafe files", you should be able to leave the rest of "Trusted sites" on the default (Medium) settings.

I should point out that all trusted sites will no longer prompt when launching applications or unsafe files, and this is a bit of a potential security hole (but better than setting it for the "Internet" zone!), so do be careful. If you're using this workaround to avoid the annoying prompts when user profiles are held on another server, you will hopefully be on a domain and you should be able to use group policy to deploy IE's settings and - this is quite important - stop users from adding their own "Trusted sites" too.

There was very little traffic on my way to work (although it did take me a couple minutes just to get around the first roundabout - some cars clearly don't understand the phrase "KEEP CLEAR"), if I'd known that I'd have ironed my jeans, as they're looking quite crumpled.

And where is my mouse? Okay, I know where it is, it's still plugged into SilentBob. Oops.

I thought I was going to be in love with MagicDisc, a free tool from the makers of MagicISO, but despite their nice claim of supporting x64 versions of Windows, they forgot to mention that the driver isn't signed so it's a bit useless for Vista x64 RTM. I'm about to take a look at elby CloneDrive, which is also free and meant to work, but I get the feeling it won't either (EDIT: the setup file complained about me using Vista). I may have to resort to a recent version of Daemon Tools or something. Sigh. Vista is proving a pain as no one is ready for it. And it seems there's still a lack of (signed) 64-bit drivers.

I've been looking into RSS 2.0 and XHTML as I want to dump the XHTML output into the RSS 2.0 feed, just like I do with my Atom 1.0 feed, but it seems that RSS 2.0 is a bit crap, to put it bluntly. Other people have written good comparisons of the two formats, and I'm fairly certain that Atom is a much better choice. This means I won't bother rewriting my RSS 2.0 feeds, if you want the full content then use the Atom 1.0 feed. Sorry, but it's not my fault that RSS 2.0 sucks.

I'd already grabbed the ISO for the x86 version already, but couldn't get it to install under VMWare - I suspect I needed to burn it to DVD-R to make it happy with the drivers. I've also finally downloaded the x64 version of Vista RTM. Seeing as I haven't had my main machine for too long, I'm thinking of installing the 64-bit version of Vista as my CPU has EMT64 extensions (so does the Core 2 Duo machine, but I'm going to stick with 32-bit Vista on there for now) and it'll be interesting to see how much of a difference 64-bit is to the 32-bit editions. I don't have any legacy software, I also need to investigate 64-bit anti virus software, as I gather some aren't too reliable (Trend recently made Susan's box BSOD after 37 minutes, I hear good things about NOD32, which - despite the title - is meant to work well on 64-bit systems). If I do that I'll probably need to grab a screwdriver and spare hard disk (I think I have one left here) as I like to do clean installs on separate hard disks (that way if it all goes wrong, I just have to slip the old disk back in for a working system again). It'll be a bit of a hassle, but I don't have much else to do this weekend. At least I have my Core 2 Duo machine to use MSN/watch TV/check mail etc. while I'm rebuilding the other.

This was apparently on Radio 1, although I don't know when it was mentioned. I've started listening to Radio 1 again, but today I listened to Goldfrapp on the drive home from work.

And then I accidentally fell asleep all evening, which is why I'm wide awake right now. Oops.

Notice how, during the entire video, they never mention how to compensate for differences in height. Up to a couple of inches isn't going to make much of a difference, but when you're looking at 4-6 inches (or even more for some people), "tilt your head slightly to one side to avoid clashing noses" isn't going to cut it.

I've fought it for ages, but after installing Office 12 the default font in a few places have changed, and I can't see an easy way of changing them back (e.g. IE7's RSS Feed, and the "There is a problem with this website's security certificate" warning page, now appear to use Calibri, I'm fairly certain they used Tahoma before). So, for now, I've turned ClearType on everywhere and it's made those fonts look a lot nicer. But Courier New looks a bit blurry. I'm sure I'll get used to it. I've fought it for a while, but now that I only use TFTs it's probably about time I made the jump. I doubt I'll even notice the difference on my 20" widescreen TFT, the resolution is so high (1680x1050) that it all looks fine when I sit back from it.

Taken from today's BOFH:

"Promiscuous - such a quaint term. But to use your vernacular, I believe she's probably been hit more times than [Return]."

It's funny, I had to share (NSFW).

I can't seem to get Goldfrapp - You Never Know out of my head, I blame the strings at the end, amongst other things. It probably doesn't help that I've been playing the album (Supernature) repeatedly. I'm sure I had a promo CD of one of their early singles and never gave it a listen, I'll have a proper look for it someday.

I've actually started listening to Radio 1 again, after a year long hiatus, and came across Gwen Stefani - Wind It Up, which many people seem to hate. Well I find it quirky, but annoyingly catchy. It's different. It does remind me of a few tracks though, I'll work them out eventually.

*sigh* I hate spam.