Make a Survival Kit out of an Altoids Tin
Fitting inside an altoids tin, this kit is easy to keep on hand at all times
This is ideal for anyone who wants to have the essential survival gear along each time they head into the field. Everything fits in the Altoids tin (above). It fulfills all the component groups (see “Make Your Own,” last slide) except for shelter and protection, but add a survival blanket to your pocket and you’ll be covered.. ...
Make a Survival Kit out of an Altoids Tin (and Two More Life-Saving DIY Projects) [Field & Stream]

What's On Your Thumbdrive?
"Nowadays, we need to support not only people at the office, but friends, family, friends of the family, family of the friends... you name it! They all run Windows to a degree and there are many tools to help you when assisting. Personally, I have a thumb-drive with removable memory cards. One of them has a small bootable Linux, the other one is filled with ready to use Windows utilities (CPU-Z, Ultra-Edit32), DOS utilities I've been collecting over the years, and Unix-style utilities (ps.exe, kill.exe, and others) ported to Windows, without the need for a layer like Cygwin. I also have a copy of the install files for AVG, Spybot, Sygate and the likes. But, even though I think I have many great tools, I'm sure I do not know about a lot of great others to help diagnose and solve problem. So I ask you, what's on your thumb-drive?"
What's On Your Thumbdrive? [Slashdot]

Is your luch safe?
... As for the least likely lunch bandits, Buffini said, it's managers because of the scrutiny they're under from all sides, as well as "hero" departments like information technology, which come to your aid when you're down. ...
Stolen lunches? Substitute cat food for tuna on wheat [chron.com]

Intel wireless

Intel initially issued a big file (100MB) that you had to download, but at least it upgraded everything on your machine, if it needed upgrades. After rebooting in the next few days I noticed that my machine is a bit slower then it was. A look at Task manager output, or excellent Process Explorer from Sysinternals showed that a process called S24EvMON.exe is using quite a bit of CPU, ... [1]

I cannot replicate this issue on my DELL D810 using the updated Intel drivers set, my call at this stage is to patch the machines and deal with any machines that show these symptoms as they arise.

MS06-042 reissue
My previous advice was: Where required keep MS06-042 applied, it fixes more bugs than it creates.

This issue may lead to an additional buffer overrun condition only affecting Internet Explorer 6 Service Pack 1 customers that have applied the original version of that update released August 8th, 2006. The security issue is documented in the Vulnerability Details section as Long URL Buffer Overflow – CVE-2006-3869. Internet Explorer 6 Service Pack 1 Customers should apply the new update immediately. [2]

When it appears - rePATCH! The last patch was at least a step 'better' than an unpatched machine, this should return the machine to a better state. (What, you're still using IE for web browsing! Get thee to a nunnery!!)

Time to re-apply the patch on Internet Explorer 6 Service Pack 1 for Windows XP Service Pack 1 (all versions) and Windows 2000 (all versions) [2]

As we are *all* on XP-SP2 and IE-SP2 we shouldn't see this patch ... we are all patched to this level aren't we guys?

PowerPoint Zero-Day?

According to the new information this is not 0-day vulnerability, it is related to patched MS06-012. [3]

Ahhh, grasshopper the ZEN of patch often and patch early.

We have just finished with the DELL D810 battery issue, and not suprisingly considering they also use SONY battery units, Apple has announced their own BBQ laptop specials;

Will QANTAS apply their DELL policy [4] to the Apples? We'll see ...

After looking into the technical side of publishing and serving a Podcast (newsfeed) it is time to look at the actual creation of the content for a podcast. 5, 4, 3, 2 ,1 ... recording!

There is nothing new in creating Podcasts, people have been recording audio for many years. In general the rule is the better the recording equipment and planning - the better the result (think 'garage band session' vs 'recording studio master')

An alternate way of thinking about Podcasts is to think that you are producing a pre-recorded radio show.

You need to optimise your recording environment to produce the best results for your budget. In most environments cash will be the limiting factor; if this is the case you do not want to have a *mega expensive* microphone plugged into a cheap sound card as you waste the functionality of the microphone. All of the elements of the kit should be matched to ensure that you have optimise your expenditure.

Software
I strongly recommend Audacity with the LAME MP3 encoder plugin dll

Noise
Do you need proper acoustical isolation, absorption and diffusion? Is background noise leaking into the environment? Can you use soft furnishings to provide an 'OK' environment? Is the space a write-off to the extent that you should look for a new venue?

Technique
Proper techniques do help. Remember cringing as *that* singer ate the microphone, or as *that* announcer kept the microphone down at their waist?
Get some lessons/advice; trial different techniques to see what works for you.

Hardware
This is where things become difficult ... what conditions are imposed by the physical space where you make your recordings. (Also remember that we are not creating an audio CD, the recording will be compressed to an MP3 format)

Initial requirements;

• Microphone
• Headphones
• Soundcard

The starting point is a good set of headphones, and a USB microphone. Why USB? USB microphones tend to avoid many on the noise issues associated with using the 3.5mm jack microphones in a PC environment. Less line-noise = better recording. The USB microphone also allows you to use a standard soundcard as you will only be using it for listening to the playback.

Additions;

• Microphone stand or boom
• preamp/Mixing desk for multiple inputs
• Input filters: Compressor/clipper/noise-gate

Editing
As with the written word the quality of the editing process reflects strongly on the finished audio product. There is a reason that the post production can take longer than the actual recording session :)

Apple extends the RSS version 2.0 syntax with some custom <itunes:item>content</itunes:item> tags. [1]

For example to indicate Adult content;

<itunes:explicit>yes</itunes:explicit>

Is displayed in iTunes as; (eg. SecondCast feed [2])

The Apple extensions are as follows;

<itunes:explicit> - Channel & Item
<itunes:subtitle> - Channel & Item
<itunes:summary> - Channel & Item
<itunes:author> - Channel & Item
<itunes:keywords> - Item
<itunes:duration> - Item
<itunes:owner> - Channel
<itunes:name> - Channel (for owner, required)
<itunes:email> - Channel (for owner, optional)
<itunes:image> - Channel & Item (artwork 300x300 pixel, jpg, png uncompressed)
<itunes:block> - Channel & Item (block display in directory)

NOTE: All fields will be truncated to 255 unicode characters, except for <itunes:summary>

Staying with the secondCast example from above, let's look at the first item in the feed file "Secondcast 1"

<item>
	<title>Secondcast: 1 "Power Lines"</title>

	<link>
	http://www.secondcast.com/podcasts/secondcast-ep01-64.mp3
	</link>

	<description>
	Lordfly Digeridoo, Aimee Weber, Cristiano Midnight, Walker Spaight, and 
	Johnny Ming discuss life as a public figure in SL, intellectual property, 
	and forum drama.
	</description>

	<itunes:subtitle>Episode 1</itunes:subtitle>

	<itunes:explicit>yes</itunes:explicit>

	<itunes:summary>
	Lordfly Digeridoo, Aimee Weber, Cristiano Midnight, Walker Spaight, and 
	Johnny Ming discuss life as a public figure in SL, intellectual property, 
	and forum drama.
	</itunes:summary>

	<author>johnny@secondcast.com</author>

	<pubDate>Sun, 19 Feb 2006 16:17:55 -0500</pubDate>

	<category>Talk Radio</category>

	<enclosure url="http://www.secondcast.com/podcasts/secondcast-ep01-64.mp3" 
	length="01:09:26" type="audio/mpeg"/>

	<itunes:keywords>
	secondlife, secondcast, linden lab, lordfly, aime weber, walker spaight, 
	cristiano midnight, anshe chung, eletric sheep
	</itunes:keywords>
</item>

This produces the following information in iTunes;

Back in May this year I had a quick look at machine rollovers and disposal schedules [1]. I am now looking at the same data from a slightly different perspective.

In terms of Lab Rollover dates, our machines are rolled over after 3 years, for their W+1 (warranty + 1) year they are re-deployed outside of the lab environment.

For 2007 we will be re-deploying from DM211 (Evo530), DM809 (iMac 15" Lampshade), DM208-MM (3 x Mac G4 towers) into the W+1 category. The MM Lab machines will be sold. We will

Replacements for 2007:
Windows - DM211 (11 units) - HP dc7600 ?
Apple - DM809 (30 units), DM208 (4 units) - iMac Intel 17" ?

Audio-Visual refits for 2007:
DM809 - requires controllers and 2 x projectors (IWB)

The Brooklyn Botanic Garden's gigantic "corpse flower" is flowering;

Webcam: Visit this page to catch the excitement via webcam. All the fun, none of the stink! The image is automatically updated every minute.

Photo Gallery: Visit this page to see the daily photo collections.

MS06-040 is being actively exploited via BotNet. It is important to have ALL of our machines patched for MS06-040 as soon as possible. I have been scanning our subnets looking for machines that have not been updated.

I am using the Class C virsion of eEye's Retina MS06-040 NetApi32 Scanner

Retina MS06-040 NetApi32 Scanner

TIME.com: 50 Coolest Websites
How do we select our finalists? We evaluate hundreds of candidates—some suggested by readers, colleagues and friends, others discovered during countless hours of surfing. Many of this year's choices are shining examples of Web 2.0: next-generation sites offering dynamic new ways to inform and entertain, sites with cutting-edge tools to create, consume, share or discuss all manners of media, from blog posts to video clips. Think we missed one? Send us your thoughts and we'll post a selection of your comments online. There's always next year.
50 Coolest Websites [TIME.com]

Zombie Alphabet
Simply type in a phrase and press GO ...
http://e-zombie.com/

Tip of the Day: Logbooks
Over the years I found the use of a logbook, either on paper or electronically an essential instrument in managing (security of) devices. They can be useful for more than just managing security but they shine during emergencies. Since most emergencies with devices involve loss of either Confidentiality, Integrity, or Availability, the use of these logbooks is highly related to security. In some organizations the system or network administrators are the ones who are in the best position to keep them up to date and working properly, sometimes making it hard to coordinate with a different set of security people.
...
Tip of the Day: Logbooks [SANS]

Govts pose greatest threat to web privacy: Google
Web search leader Google, which stores vast amounts of data on the web-surfing habits of its users, sees government intrusions rather than accidental public disclosures of data as the greatest threat to online privacy, its chief executive has said.
...
Govts pose greatest threat to web privacy: Google [ABC News Online]

With the discussions we are having at the moment regarding patch release and deployment this is a very timely posting on the SAN site.

Approaches;

1. Just patch (If something breaks, fix it)
2. Test on limited scale, roll out carefully (Get a feel for how it works in your environment then release.)
3. Test applications thoroughly (Testing applications to the end is next to impossible, for critical servers only?)
4. Fully features planned rollouts (a roll-out plan that covers a long time before they come full circle and start over.)
5. Divide and conquer (divide the to be patched machines in different categories and tackle each differently.)

If you have a security architecture in place, including network segregation;

1. General clients: not mission critical, could be patched as soon as the patches are available. Any issues are resolved once they occur.
2. Non-critical servers: patch machines if you see no problems reported, or you could just roll them out and be ready to roll back if you see problems.
3. Mission critical servers should have many layers protecting them from evil, even from internal users. They should also not be exposed to most of the internal machines and they could remain unpatched or even isolated for a long while.

In our little corner of the internet:

• EXPOSURE (1): Foremost we should acknowlege that our machines are not heavily protected. Our machines sit out there on the internet using routable IP addresses. We rely on a carefully balance interplay of patching, antivirus and local firewall.
• EXPOSURE (2): Our mobile users are NOT highly IT literate, every PDA and laptop that wanders onto a wireless network, or conects to external machine increases our exposure (sometimes exponentially).
• SOE for General clients: the advantage of sticking to SOE software is that patches are tested against these applications reasonably quickly; if there is an issue a single solution can be developed and deployed. If it's not SOE (or if it is a rare or low support SOE item) you may be on your own
• SERVERS: Thankfully all of our WinTel servers are Non-critical servers and as such can be patched and then problems resolved
• LCG: allows for some extent of test and release style patch evaluation. This allows for testing on a limited scale.
• AUDIT: evaluation of who is patched and to what level ... need better reporting

08 August 2006 - Patch Tuesday
Welcome to another 'Patch Tuesday', this months show bag contains the following fun products; Critical (9) Important (3)

Note that MS06-040 is flagged as Addresses a critical security problem this is due to this vulnerability being actively exploited.

In our environment:
i.) MS06-44 and MS06-49 only apply to Win2K, and as such are less important in our environment as we should have no W2K in production; where we have W2K it should be deployed.
ii.) MS06-45 and MS06-50 are classed as IMPORTANT, these should be deployed anyway.
iii.) The remaining patches are CRITICAL and should be depolyed in our environment as they affect software included in our SOE

Volcanic eruption: Philippines residents face an imminent eruption of the rumbling Mayon volcano. The volcano is found in the province of Albay in the Bicol Region. Legazpi City is the top tourist destination in Bicol as it lies 15 kilometers southeast of Mayon Volcano, one of the Philippines' most famous volcano.

Mayon in GoogleEarth
Want to locate it quickly? Try MayonVolcano.kml

Today is the day that the Jedi come out and play. Supposedly 10,000 people are required to claim that their religion is "Jedi" on the Australian national census to be held tonight for "Jedi" to be recognised as an official religion in Australia; (How Ron L. Hubbard is that?). It didn't work in 2001, so I doubt it will work this time around ... maybe the force is stronger with this one?

Luke, feel the power ...
Oh, and by the way the Census can be completed online :)

Feel the power of the Dark Side!
Bloody Sith!

The Dark Side all right -- couldn't access eCensus with Firefox v1.5.0.6 and had to use IE. Not happy Jan!

...

A *heads up* for this months Patch Tuesday offerings from Microsoft;

i.) Intel WLAN Vulnerabilities

The 2915ABG chipset is used in the DELL latitude D810 laptop (our SOE model) and by default our Driver Version is 9.0.0.61. (** NOTE: the HP NC8000 uses an HP W500 and is not affected)
Currently an update is NOT available via Windows Update for the D810.

The DELL Support website has Intel (R) PRO/Wireless 2200BG Network Connection, (R) PRO/Wireless 2915ABG Network Connection, (R) PRO/Wireless Network Connection, v.10.1.1.3 (TIC 113763), A12 Release Date: 5/17/2006

The Intel site says that affected versions are All prior to 10.5 with drvr 9.0.4.16, so this DELL version will not help
This leaves us with no OEM driver and the need to go with the generic Intel release; "Intel(R)PROSetWirelessSoftwareVer10.5.0.0.exe"

After an install anb some testing the "Intel(R)PROSetWirelessSoftwareVer10.5.0.0.exe" appears to be a good installation and works well on the D810.

Recommendation: In our environment, due to the nature of MUWIRLESS and the untrusted locations that our laptop fleet can venture into, it is my recommendation to install the generic Intel 10.5.0.0 software.

ii.) Mac wireless issues

Recommendation: In our environment we should;
1.) Turn off the wireless card, and bluetooth,
2.) Watch for patches.

iii.) FireFox update

Recommendation: In our environment we should be running Firefox 1.5.x with autoupdate enabled. Our fleet should update themselves, laptops should be checked during standard patching.

More toys ... SightSpeed 5.0 (Build 5016). There are clients for Windows and Mac. There are two plan options; a free 'Basic Service' plan, and a monthly premium 'Pro Service' plan that comes in at US$4.95/month or US$49.95/year. For my testing I have gone with the free 'Basic Service' account

Fishtank test

And another review for Windows Live Messenger;

OSS Watch Survey 2006
During February and March 2006, OSS Watch conducted a survey2 of UK Higher Education (HE) and Further Education (FE) institutions, looking at their attitudes and policies towards open source software (OSS). This was in many ways a repeat of a similar exercise that OSS Watch performed in October 2003.
...
Although only 25% of institutions mention OSS in an institutional policy, in practice 77% of institutions consider OSS when procuring software. ...
OSS Watch Survey 2006: Executive Summary [OSS Watch]

AUC Interactive Podcasting Presentation
AUC offers free Podcasting Workshops for University Staff.
The Apple University Consortium will be presenting two Interactive Podcasting Presentations in Melbourne (16th August) and Sydney (9th August) for University staff.
The content of the workshops is being specifically developed by Steve Doyle, our Professional Development Manager for Higher Education, to address issues pertaining to Podcasting in Universities. ...
AUC Interactive Podcasting Presentation : August 2006 [Apple Australia]

McAfee flaw discovered
San Francisco — Consumer versions of McAfee Inc.'s leading software for securing PCs is susceptible to a flaw that can expose passwords and other sensitive information stored on personal computers, researchers said Monday.
The vulnerability affects many of McAfee's most popular consumer products, including its Internet Security Suite, SpamKiller, Privacy Service and Virus Scan Plus titles, said Marc Maifrett, chief hacking officer at eEye Digital Security Inc., a competing maker of security products.
i.) McAfee flaw discovered [globeandmail.com]
ii.) Heads Up: new flaw in McAfee [SANS]

The Google Maps Mania Blog directs us to a KML file that geographically documents events that have taken place in the past week on both sides of the Israel - Lebanon border.

Google Map of Israel Lebanon Conflict (using KML) [2]
Viewed in GoogleEarth

Interesting work by Kathryn Cramer using GoogleEarth and Photoshop to Speculate on where Israel will attack on the ground [3]

"Israeli Forces Push Through Lebanon Border" (from Lebanon looking towards Israel) [4]

Mazen Kerbaj is a Beirut blogger who is posting illustrations and live improv as bombs drop;
mazen kerbaj's blog (Blogger)
mazen kerbaj's photos (flikr)