Sunday, December 28, 2008

The Fall and Rise of Spam

You'll remember how I track spam. Back in October 2008, I observed a precipitous drop. Remember that my numbers lag about 30 days as that's how long Google leaves spam before they delete it. I continued to watch this drop rapidly until it bottomed out in early December 2008. Now it's clearly headed back up.

The Fall and Rise of Spam

While you have to look pretty closely at this chart, it represents a drop of almost 50%, 1500 to just over 800.

The story behind this is what's interesting.

Start with Brian Krebs' article from the Washington Post. It seems that the Internet backbone providers got together and took McColo off the air. McColo was a web hosting service that was accused of hosting 75% of spam. That's amazing.

Shortly after Krebs' article went up, FireEye began a series of blog posts about "the rest of the story." The links are here:

McColo shutdown Nov 11, 2008 16:23 EST

McColo found a new upstream provider (update)

But then the story took a twist. The spam had been emanating from a huge botnet known as Srizbi.

Srizbi control regained by original owner

It seems that this botnet had a plan to reestablish their command and control center in the event that they lost their host.

Technical details of Srizbi's domain generation algorithm

The good guys at FireEye even began buying up the domain names generated by the Sirzbi algorithm but to no avail. By late November, Krebs called it a "resurrection." He recapped it in this blog entry.

Andre' M. Di Mino of The Shadowserver Foundation discusses this in his podcast.

Monday, December 15, 2008

Good Job, Canon

My wife's work has a Canon PowerShot A95. It's a couple of years old but still a nice camera.

She came home one day and mentioned that there was something wrong with it. It wasn't taking pictures.

The next time I was by there I picked it up and played with it. When you viewed the pictures, it seemed to not display anything.

I kept playing with it and realized that if I continued to scroll backwards, I eventually got to old pictures.


Then I took some pictures and they too were black. You could see all the menus though.

Seemed like the capture thingy was busted. (Don't you love it when I talk techie?)

I fell back to my faithful Google search for "Canon PowerShot A95 black LCD." Wouldn't you know that the first hit told me about the problem?

Eventually I got to this page at Canon.

The bad news is there is something fundamentally wrong with the CCD Image Sensors on a number of Canon cameras in this era.

The good news is that Canon is doing the right thing. A quick call to Canon and they e-mailed us a pre-paid UPS label to return the A95 to them. Within 10 days it was back repaired for no charge.

Nobody likes it when a product they buy fails but the way Canon is handling this is exemplary.

published with Windows Live Writer

Monday, December 08, 2008

BartPE on SD Card

The Asus Eee PC 1000H has an SD card reader. I read on the forums that you could boot from that device.

That got me to thinking about booting BartPE from that.

I already had a BartPE CD so I just wanted to copy that to an SD card. I Googled "copy bartpe cd to usb drive" and got some pretty good hits. I chose this link.

Worked like a charm. Now I can boot BartPE from the SD card and use an external USB drive to Ghost to.

Tuesday, December 02, 2008

What's Google Up To?

I'm obviously a big Sitemeter fan. When I was looking at my report the other day, I noticed something odd. There were several entries from an ISP called Google! Look at this list.

Date/Time Entry Page Comments
10/05/08 5:21:20 pm testblog/2007_12_01_archive.html XP IE6
10/12/08 5:44:41 pm testblog/ XP IE6
10/12/08 10:00:55 pm 2008/09/thank-you-google-i-think.html From Google in NY OS X Firefox
10/12/08 10:52:20 pm testblog/2007/12/test-2.html XP IE6
10/13/08 2:35:03 am testblog/2007/12/test.html XP IE6
10/18/08 1:41:10 am testblog/2007/12/test-2.html XP IE6
10/18/08 4:48:18 am testblog/ XP IE6
10/18/08 11:21:47 am testblog/2007/12/test.html XP IE6
10/19/08 7:47:43 pm 2008/10/thinkpad-xp-sp3-wi-fi.html XP IE6
10/20/08 5:53:27 am 2007_12_01_archive.html XP IE6
10/23/08 2:51:24 pm 2008/10/thinkpad-xp-sp3-wi-fi.html XP IE6
10/26/08 3:12:51 pm 2008/02/gps-and-google-maps.html WinNT IE7
"can i imports maps to mio c320"
11/09/08 6:43:04 pm Javascript disabled Win2000 IE6

What on earth is going on with Google?

Why do they keep visiting my test blog? And those entries aren't even active. They're test entries when I was experimenting with using Blogspot's ftp method of publishing.

Someone from Google's New York office even visited.

I think it's interesting to notice that most visits were from Windows XP, IE6, and 1024x768 display. Probably the same PC.

Every now and then, you'll see an outlier, like the WinNT IE7 visit on 10/26/08. It looks like that visit was personal as it was the result of a Google search for "can i imports maps to mio c320." And the security conscious visitor on 11/09/09 who had his Javascript disabled.

Google, what are you up to?

published with Windows Live Writer

Wednesday, November 26, 2008

Javascript or Not

Remember way back in 2006, I wrote a blog entry on Javascript. That was about my experiment with Steve Gibson's recommendation of blocking Javascript except on Trusted Sites in Internet Explorer. His idea was to put known sites in the Trusted Sites list. Boy, was that a pain! It was a noble experiment but I gave it up.

Well, now Steve is a Firefox user and and has embraced the NoScript add-on.

He went on and on about NoScript in Security Now 168 where he talked about clickjacking. If you don't know what that is, go listen but don't loose any sleep about it.

Then in Security Now 169 Steve confessed:

Steve: The reason I didn't want to skip this question was this was when I planned to confess.
Leo: You turn it off.
Steve: I've turned it off, too.
Even Steve Gibson runs with Javascript enabled!

No doubt turning off Javascript is the safest thing to do but it's pretty much impractical.

So that got me to wondering how many people actually TRY to surf this way.

Here's what my blog readers look like. This blog is on the left. WhereIveBen is on the right.
3.5% of the geeks have Javascript turned off and 1% of the normal people.

Wednesday, November 19, 2008

Secunia Online Software Inspector

Recently, I mentioned the Secunia Online Software Inspector. I played with it some. It worked pretty well.

It's a Java applet so there's nothing to install. It "only" checks about 100 programs but they're the key ones.

The OSI page says it takes "5-40 seconds." I saw this all over the place, as high as 4 minutes. Most runs were in the sub-20 second range though.

The first run showed up vulnerabilities in several Adobe products. I'm fanatical about patching Adobe products so that was a surprise.

It even gives you a link to resolve the problem. The Flash Player was tough to fix.

I finally had to download and save the Flash Player uninstaller. Then closed my browser(s) and ran the uninstaller. When it was done, clicked on the "Show Details" button and looked for "Delete on Reboot..." I found one so I needed to reboot.

After the reboot, I went back to Adobe and installed the current Flash Player.

After that, the OSI ran clean.

Maybe I'll go play with the Secunia Personal Software Inspector (PSI) next.

Friday, November 14, 2008

Asus Eee PC 1000H

My birthday was back in September. My birthday list was short - the brand new Asus Eee PC 1000H. The price had just dropped from $650 to $499 so I jumped on it. The price immediately fell to $410 and has now reached $399. Oh, well.

But it's a sweet system. The 1000H version comes with a 10" screen, 1GB of RAM, 80GB SATA hard drive, a 1.6GHz Atom processor and weighs just over 3 lbs.

It comes with XP Home pre-loaded. I'd never used XP Home before but it does everything I need so far. It's pretty clean of bloatware. What extra software that is loaded is pretty much just the utilities to support the Asus.

The screen is only 1024x600 but is crystal clear. With a hardware button, you can change the resolution to 800x600, 1024x768 (compressed into 1024x600) and finally 1024x768 that scrolls.

The Atom has been pretty zippy. The latest BIOS (which came already loaded) even enables hyperthreading.

Unfortunately it doesn't have my beloved TrackPoint but it has a multi-touch touchpad similar to the iPhone. It shipped without the latest drivers but I downloaded them from ElanTech and they're wonderful. There's a clip on demonstrating it. You'll also notice that they have Vista running on the 1000H!

I upgraded the memory to 2GB for $12.99. I'm not sure that it made much difference but for the price ...

Asus suggests the battery life is up to 7 hours. I can't vouch for that yet but it has run for hours even with the WiFi running. Speaking of WiFi, it supports B, G, and draft-N. Oh, and Bluetooth. And has an SDHC slot. And 3 USB 2.0 ports. And a VGA port.

There's a very active and supportive community around the 1000H here.

Here're some comparison photos of the 1000H, my beloved ThinkPad X20, and my work Dell D410.

Sunday, November 09, 2008

JRE Vulnerability

I was listening to Windows Weekly last week and Paul Thurrott mentioned Microsoft's Baseline Security Analyzer. Leo Laporte then mentioned Secunia's PSI (Personal Software Inspector). I had heard about it before but it was a long time ago.

Secunia's PSI has a much broader scope than Microsoft's so I went poking around looking at it. Leo had also mentioned that Secunia had a similar Online Software Inspector. This doesn't require an install as it's a Java applet (here's where the good stuff starts) but only scans less than 100 programs. Even so, that list is a pretty good start.

So I read on. There was a bright red link in the right column that caught my eye.
When I followed this link, There was a discussion of a newly discovered exposure in Sun's Java Runtime Environment (JRE).

It's pretty geeky reading and has a link to CERT's blog post on it (interestingly entitled "Signed Java Applet Security: Worse than ActiveX?").

Go read it for yourself and then either take the steps in the CERT blog article or just run the Secunia OSI and it'll do it for you.

Friday, November 07, 2008

USB Drive autorun.inf

So I had my menu working great on my new USB drive.

What I wanted it to do was to give me an choice to run PStart when I plugged in the USB drive.

I had noticed that my wife's USB drive that she runs Allway Sync from gave her that choice so I went looking there.

All I could see different on it was an autorun.inf. There had to be something in there.

It looked pretty normal but it had an entry I wasn't familiar with: action.

Go try and find some documentation on autorun.inf. After many searches, I came across this. It said:
ACTION is a relative new command that was introduced in Windows XP SP2. It is not supported in earlier Windows. This command specifies a text that should be shown as the first option in the Windows Autoplay dialog, together with the icon specified by the ICON. This option is always selected by default and if the user accepts the option, the application specified by the OPEN or SHELLEXECUTE entry in the media's Autorun.inf file is launched.
There also was a link to an MSDN page.

So I copied the autorun.inf from my wife's USB drive and made the following changes:

open=PStart.exe -autorun
action=Launch PStart Menu
label=Ben's 8GB USB
Here's what it looks like when I plug it in.

Just hit Enter and you're off!

Monday, November 03, 2008


A guy at work has been working on a green project involving putting PCs into reduced power states. He had a Kill-A-Watt so I borrowed it and brought it home.

My tests were clearly unscientific but I tried to be consistent.

I tested 4 laptops: a ThinkPad T42, a Dell D410, an Asus Eee PC 1000H, and a ThinkPad T61.

I ran each through 4 scenarios. First was a Steady state. XP was booted and "idle" as I wasn't intentionally running anything. I made no attempt to stop background tasks. Next, I started a search of the hard drive for a character string in a file name that would be unlikely to be found. During this I subjectively recorded the Search value and the Peak value. Lastly, I put each system in Standby.

The LCD was powered on and the battery was fully charged in all tests.

The Kill-A-Watt only recorded whole Watts so there is probably an issue with resolution in the Standby readings. It read 1 Watt when nothing was plugged into it.

Nevertheless, there are some pretty interesting results:


The Asus Standby effectively read no power draw but that can't be accurate. This is likely an issue with the resolution mentioned earlier.

Saturday, November 01, 2008

Bye, Bye U3

I was enamored with my U3 USB drive. It really did work well for me but my primary use was for KeePass. KeePass doesn't directly support U3. There are a couple of independently done U3 packages but I couldn't figure out how to incorporate my backup plugin. I had created my own package but it didn't use the U3 wrapper to shut down KeePass when I used the U3 launchpad to eject the drive.

And then when I handed my drive to somebody to share a file with them, I had to tell them to hold down the shift key while they inserted it so the U3 launchpad wouldn't run. They'd always look at me like I was from Mars.

Then my wife lost (and then found) the cap to her USB drive she runs Allway Sync from. So I started searching for her a USB drive that didn't need a cap.

I came across Super Talent's Pico-C.

I got her one at SuperMediaStore. Believe it or not, they're cooler than they look.
I had to have one myself.

So I got an 8GB from SuperMediaStore and moved my content over to it.

But wait, now I needed a menu!

I've used a couple of PortableApps but while they worked great, I didn't like the branding. I thought maybe I could use their menu system and delete all the branded stuff. Then I stumbled across PStart.

Perfect. The menu starts empty and you can just right click and add items. There's lots of flexibility to tailor the menu. There are just 2 files involved: PStart.exe and PStart.xml.

It's so clean. It puts an icon in the system tray (I'll get to how in another post.) A single left click brings up this menu.
A left double-click brings up the "panel."
Hitting Esc even dismisses this panel!

Thursday, October 16, 2008

ThinkPad XP SP3 Wi-Fi

Remember the ThinkPad T42 I bought last year? It's still running XP and doing fine, thank you.

I run 802.11g throughout the house and the T42 came with a 802.11b mini-PCI card. I found a P/N 91p7301 on eBay for less than $5. Swapping it out wasn't trivial but I did it and it works fine.

I had installed Windows XP SP3 on a number of systems and had had NO problems.


After I finished the SP3 install and rebooted, the network wouldn't connect. It just sat there saying it was trying to get an IP address. Of course I tried "Repair" but no change.

Interestingly, if I left the wireless NIC trying to connect and connected the wired NIC to the router, the wireless NIC got an IP address and all was well.

I got another laptop and began Googling it. I found a couple of hits here and here. I wasn't alone.

It seems to be pretty specific to the particular chip set that's in that Wi-Fi card. The suggestions were to set the services "Extensible Authentication Protocol Service" and "Network Access Protection Agent" to "Automatic" and reboot.

That worked.

Oh, I don't use ThinkPad's "Access Connection" nor nLite.

Saturday, October 04, 2008

Disappearing Task Manager

Have you had the problem I've had where Windows' Task Manager "disappears" when you minimize to the system tray. Yeah, I've got all the items checked under Options but it just disappears when you minimize it.

The only way I'd found to make it work as it should has been to reboot. I don't like to reboot so that wasn't acceptable to me.

The other day I Googled it one more time.

I found it. A couple of screens down in the Google results was this forum post.

f0dder's answer was so simple. I should have thought of this myself.

To solve it, bring up the task manager, *exit* it instead of minimizing, and re-start... at least that works for me.

Saturday, September 20, 2008

KVM Switch

A couple of weeks ago, a thunderstorm went through and made the lights blink at my house. I've got UPSs on almost everything except my SageTV box. Yep, it wouldn't come back up. 2 beeps at power on and then nothing.

Now this box run headless, no keyboard or display. So I headed upstairs to my parts stash and returned with a display and keyboard.

What I found was that the CPU fan had died. I took it to PC Doctor in Memphis and they diagnosed and replaced the fan for just under $50 in 3 days. Not bad.

But it was a real hassle to drag it out of the desk and hook up the keyboard and display.

I found a D-Link KVM-121 at for $20 after rebate with free shipping.

It supports not only the keyboard and display but sound.

So now I can readily toggle between SERVER and SageTV. Hopefully I won't ever have to but I can.

Saturday, September 13, 2008


My wife's old ThinkPad T23 is getting long in the tooth. The wireless continues to loose NetBIOS so from time to time she can't get to the shared My Documents nor print. And the DVD drive keeps disappearing and reappearing. She's been exceptionally tolerant of it (more than I would have been).

So when her birthday came around this year, I found her a Lenovo ThinkPad T61. Don't worry. I also got her some Irish pottery.

It came with Vista Business and 1GB of RAM. I added a second GB.

The OEM Vista was pretty clean as it was a business load.

All seemed well until I started using it. I started having flashbacks of my previous Vista experience.

I had the same problem installing the printers. At least I knew how to fix it but that shouldn't be a problem.

I also have a problem connecting consistently to my WPA network although I'm not convinced that's not a Lenovo issue.

Then when I got it all hooked up, I ran into of all things performance problems! It was taking 5+ seconds to open a new tab. Most of that time, IE7 sat with "Connecting..." in the tab name. All it was trying to open was about:blank.

My friend Google finally turned up this forum post at Microsoft. The gist of it is that the slowdown was due to a BHO (CPwmIEBrowserHelperObject) that Lenovo had installed.

I aggressively disabled (Tools/Internet Options/Programs/Manage add-ons) any add-on that I didn't know that I wanted and now the T61 runs great.

Tuesday, September 09, 2008

Thank You, Google, I Think

I admit I'm a Google fan-boy. And I'm apparently one of the last to still be running Internet Explorer 6.

But in the same week that Google released Chrome, they updated (?) Gmail for IE6.

Thank you, Google, I think. What's next? Netscape?

Tuesday, September 02, 2008

Google Chrome

This is not the definitive post on Google's new browser, Chrome. (I kinda like that name.)

You know I'm a sucker for all things Google so I downloaded it and began playing with it.

This post just has the first couple of things that caught my eye and interest.

First, they lie to the web site. They probably have to or all the web sites would give them junk html.

They tell the web site that they are Safari on Macintosh WinXP. That's a new operating system to me. Apparently the code base is Apple's WebKit.

The rendering looks pretty much like Firefox as they both use the Gecko engine.

As you would expect from Google (particularly in a 0.2 release), this thing is pretty minimalist but it is elegant. Look at the Find bar.

And yeah, the up and down arrows are "previous" and "next." So subtle.

IE 7 and Firefox 3 have gotten this thing about combining the history in "Back" and "Forwards" buttons. Chrome leaves the history on the appropriate button but adds a new user interface of clicking and holding to display it.

Time will tell on this one.

I've really gotten where I like the color coding of the address bar for SSL and EV certificates. Chrome has half of it.

To show the EV certificate, you have to click on the lock in the address bar.

If you right click on the tab bar, one of the choices is "Task manager." I had to click that.

Interesting but I couldn't resist the "Stats for nerds."


Remember the controversy over Firefox 3's address bar pulling up history? Google just went way beyond that. They use the address bar field for a search field also.

Go play with it. Just remember that it's a 0.2 release!

Wednesday, August 27, 2008

Windows XP SP3 Slipstream

This isn't a step-by-step "how to" but more of a "how not to."

I had heard a Windows Weekly podcast where Paul Thurrott talked about an article he had written on how to create a Windows XP installation disk with SP3 slipstreamed into it. It is nothing if not thorough.


Paul wanted to make his process completely self-defining and using all free software. So he used ISO Buster and Nero 8 Trial.

ISO Buster is used to extract the file Microsoft Corporation.img from the original XP disk. As I'd already built an SP2 slipstreamed disk a couple of years ago, I already had that. Scratch off ISO Buster.

And I am a moderately big fan of Roxio so I didn't need Nero 8 Trial. Sometimes I'm too "clever" for my own good.

The end of the story is that the Microsoft Corporation.img file that I had worked fine but I had fits translating Paul's instructions for Nero 8 Trial into Roxio-speak.

I googled "make a bootable cd with roxio." On the first page was a link to "The Elder Geek's" post on how to slipstream SP1.

But at the bottom was a link to how to burn the CD using "Roxio Easy CD and DVD Creator 6."

Bingo. That worked.

Friday, August 15, 2008

DNS Security, Part 3

Is there no end to the DNS security flaw? I've written about it here and here.

We all hoped that the technique that Dan Kaminsky described would put this to rest.

Apparently we were wrong.

The Register reported that a Russian researcher had demonstrated DNS cache poisoning on a freshly patched DNS server. It did take him 10 hours with a dedicated gigabit connection to the server but he did poison it.

Even Dan had to respond.

I read that when he posted it but I kinda glazed over after a while.

Then Steve Gibson revisited the DNS vulnerability in his last podcast. (I gotta quit listening to Steve.) You can read it here.

Steve refers to the "0x20 hack." If you hadn't falling asleep reading Dan's post, you would have seen that he did too.

I found the ITEF RFC that describes this technique. Sure cure for insomnia. Suffice it to say it has to do with using mixed case in the domain name being queried.

Let me net it out for me and you both.

Prior to this summer's patches, DNS had as low as 1 in 32,769 possibilities to be compromised. After the patches, the odds were 1 in 4,294,967,296 (according to Dan).

The 0x20 hack makes this 1 in billions and billions. Yeah, there are some edge cases that Dan covers but it's way better.

And this seems relatively easy to implement. I expect it'll slip in in a future round of patches and we'll be done with this until ... DNSSEC.

Stay tuned.

Saturday, August 09, 2008

DNS Security Flaw Explanation

Early last month, Dan Kaminsky announced that he had found a serious security flaw in the DNS code. My blog entry on it is here. Dan had promised that he'd explain it at Black Hat on August 6, 2008.

Here are his slides.

My take of it is that the bloggers had the vulnerability pretty much right but Dan explained how it could be so much easier exploited.

I welcome your comments with more insight.

Wednesday, July 23, 2008

Windows Product Key Update Tool

If you've been reading this blog for long, you know what a sucker I am for ThinkPads. I buy them off lease from RetroBox. If you watch them closely (think every day), you can really find some good deals.

They come from RetroBox wiped clean; no OS. That always gets me to scrambling even though they all have a Certificate of Authenticity (COA) for Windows XP Pro on the bottom with a key. You'd need the IBM OEM XP Pro recovery CDs to use this key. Or so I thought.

Tonight I found the way to activate using this key. I have a consumer media for Windows XP Pro with a key. Use this and do a normal install even including entering this key. Don't sweat it if it has already been activated.

Then after the install is complete and before activating, go to Microsoft and download the Windows Product Key Update Tool. Run it and follow the instructions using the key on the COA on the bottom of the ThinkPad. One reboot later, you're done. It's even authenticated!

I don't see why this wouldn't work on any PC with an OEM COA. Let me know your experience.

I found this technique here on My Digital Life.

Wednesday, July 16, 2008

Allway Sync

Remember when I talked about using FolderShare to help my wife work back and forth between home and her office?

Her work system administrators have gotten increasingly thorough. In the end, they've blocked FolderShare. I completely understand why they're doing that.


If I was ever going to see my wife, I had to restore her ability to work from home. I talked around at work and found robocopy and SyncToy. robocopy comes in the Windows Server 2003 Resource Kit Tools. It's a command line utility but there's a GUI to "help." While it's very capable, it's pretty awkward.

Then there's SyncToy v2.0 Beta. It's bigger than a breadbox. For example, it requires the .NET Framework v2.0.

I kept looking.

Somewhere I came across Allway Sync. It's free but limited to "synchronize no more than 20,000 files per 30-day period." I can live with that. They have a portable install made especially for installation on USB drives.

I found her a 512MB USB drive and copied her work My Documents to it. Then installed Allway Sync and created an automatic synchronization job.

On her PC at work, I created an icon on her desktop that will launch Allway Sync and run that synchronization job. And I got her a USB extension cord so she had a place to plug her USB drive in right on her desktop.

When she gets to work, she plugs in the USB drive and clicks the icon. It syncs automatically. She removes the USB drive and works normally throughout the day. When she is ready to leave, she repeats the process. Now the USB drive has a copy of her work My Documents.

At home, she plugs the USB drive into her ThinkPad and works from there. An unexpected benefit is that since she keeps the USB drive on her key chain, she can actually work on any PC by just plugging in the USB drive.

Still not as nice as FolderShare but works good enough within the restrictions of her work.

Wednesday, July 09, 2008

OpenDNS and the DNS Security Flaw

I found another reason to run OpenDNS. Brian Krebs of the Washington Post recently posted about a newly revealed security problem in the design of DNS.

Brian linked to Dan Kaminsky's blog. Dan has a gadget on his page that will check YOUR DNS server. You know me. Like the bank robber in "Dirty Harry," "I gots to know."

Here's what the test reported for OpenDNS:

Then I went to another PC that is using BellSouth's DNS servers:

You be the judge.

Saturday, June 28, 2008

Firefox 3

Here I go again.

I'm using pretty much the same Add-ons I used before:

Here're the options for QuickDrag:

And here're the options for Tab Clicking:

I changed a couple of things in about:config:
browser.tabs.autoHide - false
browser.tabs.closeButtons - 2
browser.tabs.tabMaxWidth - 100
browser.tabs.tabMinWidth - 10
The location bar has a star at the right end for Firefox bookmarks, clear if the site isn't bookmarked and gold if it is. Since I don't use Firefox bookmarks, I just wanted that real estate back. This tips list tells you how to do it.
Hide the star button if you prefer to use the Bookmarks menu or a keyboard shortcut (Ctrl + D)

* Open your userChrome.css file located in your profile folder.
* Add this line to the end of the file:
#star-button {display: none !important;}
* Restart Firefox for the change to take effect.
What they don't tell you is how to get the userChrome.css because it doesn't exist. In your C:\Documents and Settings\<username>\Application Data\Mozilla\Firefox\Profiles\im0vt1ea.default\chrome there is a file userChrome-example.css. Copy that in place and rename it to userChrome.css. Oh, they also don't tell you that you need to edit this with WordPad. Restart Firefox and then all is fine.

Maxthon lets you search from the address bar and I'm already missing that in Firefox. I think I've found something even better though. John Bokma wrote about how to add "smart keywords" to Firefox. These work just like Maxthon's search shortcuts except you use them in Firefox's location bar. I've added the obligatory ones for Google and wikipedia.

Can't be any worse than Maxthon 2.

Sunday, June 22, 2008


You'll remember back in February 2008 that I highlighted the IT Conversations podcast with David Ulevitch, founder and CEO of I suggested then that I'd be playing with OpenDNS and I have.

Initially, I just switched my DNS to point to OpenDNS' servers. This gets you a couple of features. Things like if you misspell .com by typing .cm instead. OpenDNS will automatically change this to .com and send you on your way. If OpenDNS can't figure out what you want, it'll perform a search for you and give you an error page with the search results.

Nice, even cute, but not a big deal.

Then my mom started getting e-mail from phishing sites.

So I set up a free account at OpenDNS and registered my static IP address with them. Then I added a second "network" with OpenDNS for my mom's IP address. Unfortunately, she has a dynamic IP address.

OpenDNS has a client that you install that will track your IP address and update OpenDNS when it changes, just like DynDNS.

You have to enable that "network" within OpenDNS for dynamic IP address tracking and then you're good.

With all that in place, you can then set domain filtering for each "network" within your account. You can even specify text for the error messages and put your own logo on the messages.
Of course there are statistics and reports galore.

Pretty cool.

Wednesday, June 11, 2008

HD UPS Problems

I've been fighting a problem with my APC UPS that I have in front of my HD setup. It's a BE350R.

When I went HD, I bought a new BE350R just for it. It ran fine for several months then one night the lights blinked and the whole HD setup dropped power. Bummer.

I reset it and it did it again. I just plugged everything into a power strip and went on.

Today I had time to work on it so I went on the APC site and they had a nice real-time chat feature. They walked me through testing the battery and it was fine. As I replayed the symptoms to the agent, he said that they indicated that the UPS was overloaded. The BE350R supports 200W. Actually the agent, Arun, was very good.

Plugged into it I had the Sony KDL52W3000, the Scientific Atlanta 8300HD DVR, the Hauppauge MediaMVP 01000, and the Vantec enclosure with the 750GB drive from the Seagate FreeAgent Pro.

Remember, I'm a mechanical engineer, not an electrical engineer!

So tonight I struck out finding the power requirements of this equipment. It didn't take long to discover my problem. The Sony draws 295W!

I'll just plug the Sony into the surge suppressor side of the BE350R and I should be fine.

Friday, June 06, 2008

Excel 2007 Slow Launching From Notes

A couple of us at work were early adapters of Office 2007.

As we installed it so early, we left Office 2003 installed as well. We've run into some interesting problems that I believe are as a result of that.

The most irritating example is that when you open an Excel file attachment from within Lotus Notes, Notes hangs, Excel opens but without a file. Then after what seems an eternity (really less than a minute), it breaks loose and all is fine. My friend even discovered that if he clicked on the Open icon in Excel and then canceled the dialog box that Excel would take off. The same thing happens when you double click on an Excel file in Windows Explorer. I haven't noticed it for Word files.

I Googled this and found this blog entry.

That fixed it. Interestingly, we both noticed that the text in our entry read
"C:\Program Files\Microsoft Office\Office11\EXCEL.EXE" /e
You can just click on Browse in that dialog box and navigate to the Office12 folder.

Friday, May 23, 2008

FairUse Wizard

In this post over 2 years ago, I mentioned FairUse Wizard.

At that time, I was using it to transcode movies for my Treo. I still use it for that and it works fine.

However, I've found a new use for it. Remember that for Christmas I got the Philips DVP5982 DVD player.

The DVP5982 plays DivX/XviD videos from USB drives. I've been taking DVDs and ripping them with FairUse Wizard to 700MB XviDs. I copy these to a 2GB thumb drive and watch them from there.

Saturday, May 17, 2008

Windows Desktop Search, Part 2

Last year I wrote about Windows Desktop Search. I've been using it since then. I've been through a couple of versions and am now using Windows Desktop Search 4.0 Preview. The previous version's add-in for Lotus Notes still works.

The Preview version seems to be less aggressive than the previous versions. But I noticed the folder C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\Desktop Search\Logs was full of log files indicating errors in the Notes add-in.

Seems I wasn't the only one. Read this.

  1. From the Start menu, click Run, type regedit.exe and press Enter
  2. In the registry editor, navigate to HKLM\Software\Microsoft, right click and create a new WindowsSearchPreview key.
  3. Right-click HKLM\Software\Microsoft\ WindowsSearchPreview, add a new REG_DWORD value LogLevel.NotesPHLog, and set it to 4
  4. Open a Command Window (Start->Run->cmd.exe, ENTER)
  5. In the command window, type: net stop wsearch
  6. Press Enter, then type: net start wsearch and press Enter again.
  7. Remove the logs from C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\Desktop Search\Logs.
The good news is that the registry hack seems to have eliminated the error logging. And my memory usage has gone down significantly.

Friday, May 09, 2008

Notes Address Book to Outlook

In Notes, open your address book. Go to "File" and choose "Export." Chose a place to save it in "Save in:" Then specify a name in "File name:" and change the "Save as type:" to "vCard 3.0." Click on "Export."

In the resulting dialog box, click the "All documents" and "All fields" radio buttons and click on "OK."

Now go to Windows' "Start" menu, "Accessories" and select "Address Book." Go to "File" and choose "Import" and then "Business Card (vCard)." Point to the file you created above and click on "Open." You'll get a "Properties" dialog box for each entry. Just click on "Ok" each time, or keep banging on Enter.

You may want to take a second here and make a copy of the Windows Address Book. To do this, in the Address Book application, go to "File" and choose "Export." Pick a type and location.

Lastly, go to Outlook. Select "Contacts" then "File" and choose "Import and Export." Select "Import from another program or file." Select "Outlook Express 4.x, 5.x, 6.x or Windows Mail." In the dialog box titled "Would you like to import e-mail messages and addresses from Microsoft Outlook Express or Windows Mail?" answer "Yes." Note these instructions are for Outlook 2007. Yours may differ.

Or you could buy this or this or this or ...

Thursday, May 01, 2008


I know that's an odd title but you'll see its importance in a minute. Remember last year when I whined about Word 2007 not supporting some early Word file formats?

Well, I got to share the misery with everyone who put Service Pack 3 on Word 2003. Microsoft imposed the same restrictions on those users.

I've just about learned to screen capture pages from Microsoft. KB928850 now explains how to unblock the older file formats in all the Office 2007 programs. KB922849 has the details for Word 2007.

That fixes it.

Sunday, April 13, 2008

ThinkPad Scrolling

When I was playing with the Windows Live applications, Windows Live Mail and Windows Live Writer, I noticed that the center button on my ThinkPad T42 didn't scroll the windows like a scroll wheel should. If I plugged in a real mouse with a scroll wheel, that worked so it was something with the ThinkPad's center button.

I Googled this for a while and found this post:

Well this seems to work:

Open c:\Program Files\Synaptics\SynTP\TP4table.dat

Add this just before the "Pass 1" block:

; Set WheelStd as default
I tried it and rebooted.

Problem fixed.

Saturday, April 05, 2008


I went to a VMware seminar last month. I was interested in their Virtual Desktop Infrastructure (VDI). I felt kinda out of place there in my sport coat and button down shirt. There were a lot of pony tails and jeans!

One of the related products they pitched was Thinstall. You can read about it for yourself here. Microsoft has a similar product in Softricity.

While I was researching it, I came across Thindownload.

This guy takes free software and packages it with Thinstall.

I've downloaded a couple of them and they work fine.

The kind of things I've done with them is that one PC I use occasionally runs in user mode and has USB devices blocked so I can't run my Portable Firefox. So I just go to Thindownload and get Firefox. Or you can play with applications without doing a full install, e.g. Google Earth.

Tuesday, April 01, 2008

Sitemeter, Again

I've written about Sitemeter a couple of times, here and here.

I'm still finding nice things in the "Plus" service. Look at the pathing that they report on this one visit:

Isn't that amazing?

The detail page is here.

The visitor had googled "wiring diagram for hd dvr." He entered on "TV Wiring Diagram, Post HD."

I'm not going to relive the whole visit for you. You can read it for yourself but look at the detail Sitemeter Plus gives you. He came in on one page. Read it for 11 seconds. Clicked on another link. Read it for 40 seconds. Looked at a picture. Back to the second page. Back to the first page. Another picture. Then outta there!

Whew! Makes me dizzy.

Sunday, March 30, 2008


The City of Southaven has been developing a metropolitan wireless Internet Service Provider. The first areas were serviced by some kind of microwave service (more later). You had to be near one of the city's water towers. Then you had to have a special antenna and modem. A friend of ours had it and its bandwidth was around 512 Kbps. Pretty pitiful.

As I rode through my neighborhood recently, I saw this on a street light pole.

When I got home, I grabbed my laptop and went looking for new wireless networks. Nothing there.

Then last night, I tried again and there it was:

So you know what I did. Yep, connected to it. Don't worry. That laptop is running a firewall.

But I immediately got this:

I guessed that they were intercepting http and forcing some kind of logon so I went to my browser and got this:

It looks like they're using "NetNearU."

The homepage for MagnoliaWave says their price is $30/month and run at 1 Mbps. They also have daily access at $6.95 per day. They referred to their roaming partners so I hoped they had partnered with AT&T but no luck.

From the logos on the homepage it seems like the earlier solution was WaveRider from Vecima.

Friday, March 21, 2008

Where's Vista

On the way home today I was listening to Security Now. Leo and Steve were answering a question about Windows 2000 and it wandered off to Vista adoption.

Steve: ...are we over 50 percent adoption?
Leo: I think it's well less than half.
That sent me off to go look at my blogs to see what they were seeing.

Here's what I got from for was practically the same distribution.

Where are the Windows 2000 users coming from? There are almost as many as Vista users. Are there still that many businesses running Windows 2000? All their employees must be reading my blogs!

It's kinda surprising that after more than a year, the adoption of Vista is still single digits percentage and less than 1/10th of XP.

I blogged about this 2 years ago. Go here and see what it looked like then.

Saturday, March 15, 2008

DVR External Storage

I've written a couple of posts on my switch to HD. They are here, here, here, and here.

So far, so good. Except...

The Scientific Atlanta 8300HD DVR doesn't really have much recording capacity. But it does have an eSATA port where you can attach an external drive.

I found a Seagate FreeAgent Pro with 750GB and eSATA attachment for $129.99 at Sorry but it's gone back up now.

But don't be disappointed. It didn't work with the 8300HD.

I found this the hard way but that wasn't really necessary. I could have gone here and found a table of what works and what doesn't.

A quick scan of that showed that my FreeAgent Pro was never going to work. Equally as obvious was that the Vantec enclosures worked well. had the Vantec NST-360SU-BK for $29.99 + $7.15 shipping. Sorry but it's gone back up now too. It was delivered the next day.

My plan was to put the 750GB drive from the FreeAgent Pro in the Vantec enclosure. That wasn't as easy as it seemed but Google came to the rescue. I Googled "how to open a seagate freeagent pro" and got this as the first hit:

  1. Remove the rubber feet
  2. remove the screws from where the rubber feet were.
  3. Remove the esata/usb base
  4. remove the lower plastic cover
  5. remove the tiny screws
  6. remove the metal shield
  7. remove the 3 base screws.
  8. stick a standard screw driver into the lower holes and twist. One side panel will move, one will not. The removeable panel is the one with the logo that lights up. If you are looking at the drive from the back where the ports are, the panel is on the left.
  9. Stick the screwdriver between the plastic of the panel that moves. this panel has 4 clips holding it on very tightly but it can be pryed off.
  10. Once the panel is open, unplug the drive and remove it. It is in a metal free floating cage. Remove the rubber covers to reveal the screws.
  11. Pry the two cage panels apart and the drive is free. There is no permanent damage to the case, so you should be able to mount another drive in it.
Piece of cake!

I put the drive in the Vantec case and plugged it into the 8300HD. My "Recording Space Used" went from 40% to 8%.

Saturday, March 08, 2008

Window Live Writer

As I mentioned in my previous post about Windows Live Mail, Microsoft's suite of "Windows Live" products includes two that I've played with: Mail and Writer.

Windows Live Writer is a blog authoring tool that I really wanted to work. I want to go further with my posts than I can with blogger's capability. Oh, well.

Here's an excerpt of what I created for my post on Windows Live Mail.

Click on the "My Maps" tab and then "Create new map." You'll get the following screen:

Google Maps 1

Now, enter a title and description and click the radio button for Public or Unlisted. This doesn't matter for this project.

Back up above "Title" is a link for "Import." Click that.

Google Maps 2

Browse to your kml file for iGO POI Explorer and click on "Upload from File."

There it is!

To get fancy, click on "Link to this page" at the top right of the map.

Google Maps 3

Copy and paste that HTML to embed in your web page.

Ta da!

Looks pretty good doesn't it?

Writer give you the ability to do things that blogger won't. For example, you can create tables and wrap text around images.


The pictures don't work! Try one. Here's what I get.

And I'm not the only one. Here are a couple of links to others having the same problem.
Seems to be a problem with the way Writer saves the pictures for the blog. Hope they get it fixed or worked out with Google.

Thursday, March 06, 2008

Maxthon 2

Maxthon has been my browser of choice for a couple of years. Recently I saw someone at work using Maxthon 2 so I thought I'd try it.

It had a couple of things that I wanted. The Address bar field has a yellow background when you're running SSL and a green background when the site has a valid EV certificate.

F10 will give you a side-by-side presentation. That's cool.

But ...

The Back and Forward buttons no longer have a drop-down menu. They've added a new History Track button that "combines" this function. That's a great alternative but don't take away my drop-downs! There is a post in the Maxthon 2 forums about this.

I was wondering if it is possible yet to use the original back and forward buttons. I really dislike the catch all button that was implemented in M2 and would like to have the drop down list integrated with the button as before. It's cleaner and faster.
The moderator responded:

It's not possible
Maxthon has a nice feature similar to Windows Explorer in that you can "go up" one level in the current URL. In Maxthon 2, this button has the words "Go Up" next to it and can't be configured. Gimme a break. I know what that icon represents. I want my real estate back.

In Maxthon 1, I had the options set so that if you double-clicked on a blank space on the tab bar, it had a mini-script of "File -> New Tab -> Home" and left the Address Bar field with focus. You could just start typing! In Maxthon 2, "Double Click on Tab Bar" can give you "Homepage." The Address Bar field doesn't have focus. A moderator of the Maxthon 2 forums said "The 'new tab' is not configurable at the moment." That was in September 2007. Apparently there hasn't been much progress since then.

There are other differences with tabs. One user asked "Is there a way to make the tabs use in ver 2.x behave like ver 1.x in Maxthon...?" When the moderator responded with some threads that stated "it's not implemented" the poster noted that those posts didn't resolve the issue but thanked the moderator. A "Core User" flamed the poster and suggested that the poster "ought to apologize."

The search capability in Maxthon 2 is just different enough to be annoying. One poster asked how to get a similar search to Maxthon 1. A moderator responded:

This information was also already available on the forum, so I suggest reading through the FAQ's and make searches for further questions.
To which the poster responded:

...if you are going to further admonish me I don't need the answer.

One poster asked:

I just updated to Maxthon 2 and generally speaking am very happy. The only problem is ... you seem to have dismantled the quick search options. ... am I missing something?
The moderator's response:

Maxthon 2 ( UNICODE) has crashed twice while I've been researching this post. I think we ought to give Maxthon 2 a little lot more time.

Saturday, March 01, 2008

Windows Live Mail

Microsoft has a suite of "Windows Live" products. I've been playing with two of them: Mail and Writer. (Look at those links! for Writer. What gives?)

Mail replaces Outlook Express and Vista's Windows Mail. Wait, that's the same name. Well, almost. The new product is Windows Live Mail. There, that clears that up.

Mail has that Vista look. But look closely at that screen capture. I used Alt+PrtSc to capture that so I would just get the application in focus. Then why do you see my desktop behind it? Mail cheats. To get that Vista look, they apparently make the top menu transparent. If you look closely, it goes all the way around the window as well.

This little "beauty" trick is not benign. You can't put the application window up against the top of the screen. It'll jump back down a little due to the hidden area. And the menu items that you need are hidden and have to be unhidden to do routine activities, e.g. manage accounts.

The most aggravating part of Mail is the little nuances that just don't work "right." Things like Ctrl+C. This doesn't always copy the selected text. Seems simple enough to get right.

Another is that it doesn't scroll with the center button on my ThinkPads. It does work with a regular mouse's roller wheel.

The Options setting for "Send and receive messages at startup" works some of the time. C'mon Microsoft! See if this thread frustrates you as much as me.

And the toolbar reserves a significant part of real estate for the Windows Live Account id even if you aren't using one.

On the positive side, it integrates seamlessly with Hotmail or Live Mail (wait, this application is called Live Mail)'s mail.

Saturday, February 23, 2008


When I finished setting up the new HD TV and furniture, the old Dell GX270 for SageTV seemed out of place. It wouldn't fit in it, under it, or behind it.

So what to do? I moved the SageTV system into the "computer room."

I went back to the SageTV web site and looked around. I found they had a Hauppauge Media Extender. This is similar to the Microsoft Media Center Extender.

While Sage sells it, it is really just Hauppauge's MediaMVP 01000. Sage's is bundled with a license but I had a license that I could reuse for PlaceShifter (more later).

It comes in wired and wireless but wired was all I needed as I already had Cat5 at the TV.

I bought it from The first one was DOA so I went back to Amazon's site. They had a button to return it and even provided a pre-paid mailing label. Without me asking they cross-shipped a replacement. I had to scramble to get the defective one to the post office before the replacement arrived!

The second one worked perfect. I just hooked up the wires and turned it on. It immediately came up and asked if I wanted to connect to the SageTV. I replied that I did and I was done. Even the remote I used with the SageTV worked.

Oh, the PlaceShifter license - I had bought this some time ago. The media extender capability of SageTV uses this same license. It is a concurrent use license so I can use both PlaceShifter and the media extender, just not at the same time. The only "gotcha" to this is that the MediaMVP turns itself on (activitating the license) when it is powered up. So I just plugged it into my UPS to minimize this problem.

Monday, February 18, 2008

TV Wiring Diagram, Post HD

The movement to HD not only improved my picture but really cleared up the clutter behind my entertainment center. Here's my old configuration. And here's the new:

Input from the cable goes directly into the Scientific Atlanta 8300HD DVR. It feeds HDMI into the Sony KDL52W3000.

The Philips DVP5982 DVD player also feeds HDMI into the Sony.

Finally, I added a Haupagge MediaMVP 01000 to get the SageTV PC out of the living room. This feeds S-video into the Sony. More on that later.

Wednesday, February 13, 2008

GPS and Google Maps - Part II

Last time I related how I had been able to get my POIs off of my Mio C320 and into a format (kml) that I could post to a Google Map. In this post, I'll cover how I got the kml into Google Maps. That's a lot easier.

First, you have to be logged into Google. Then go to Google Maps.

Click on the "My Maps" tab and then "Create new map." You'll get the following screen:

Now, enter a title and description and click the radio button for Public or Unlisted. This doesn't matter for this project.

Back up above "Title" is a link for "Import." Click that.

Browse to your kml file for iGO POI Explorer and click on "Upload from File."

There it is!

To get fancy, click on "Link to this page" at the top right of the map.

Copy and paste that HTML to embed in your web page.

Ta da!

Sunday, February 10, 2008

Mark Russinovich to the Rescue

My wife's laptop has been acting flakey lately. It gets where it won't print to the shared printer or save to our shared folder. To "fix" this, she has to right click on the Wi-Fi icon in the system tray and select "Repair." In a few seconds, all will be well. Well, almost.

She is also complaining about it being slow. I went and looked over her shoulder the other night. No wonder it was slow. The CPU was 100%. Hmmm.

Firing up Task Manager showed that the system was mostly in System Idle Process but the CPU in the status bar was hovering around 100%. What was using the rest of the CPU? Cooties? My paranoia led me to imagine all kinds of terrible things.

I remembered Sysinternals' RootkitRevealer. Microsoft bought Sysinternals in July, 2006 but hasn't spoiled them.

RootkitRevealer ran in a few minutes but didn't show anything. Back to square one.

Back to Sysinternals to pickup Process Explorer. Bingo. Look at this screen.

Now what hardware was causing those interrupts?

I had a hunch given the network problems so I popped out the Wi-Fi card. That was it. The CPU dropped to the single digits.

I moved it to the other PCMCIA slot with the same results. Guess I'll have to try another Wi-Fi card.

Friday, February 08, 2008

Finally, HD - Part II

Sometimes there are happy endings. In my previous post, I was waiting on the Philips DVP5982 DVD player to come back from the service center.

10 working days and it is back and it works! The first one not only had the "DISPLAY CONNECTED NON-HDCP COMPLIANT" problem but it was very sluggish as well.

The replacement is quick to respond to the remote and the upconverting looks great.

Saturday, February 02, 2008

GPS and Google Maps

I was playing with my Mio C320 and got to wondering how I could log locations and then put them on a online map. That seemed like something that ought to be easy to do and it was but it was a long way to get there.

The Mio has a button to add POIs. But then I couldn't find where they were on the device. The short answer is that they are in the file iGO.db that's in the flash drive (not the SD card) on the Mio.

Then I needed to convert them to a format that I could import into something like Google Maps.

To do this I Googled and Googled and finally found iGO POI Explorer. There's a pretty good discussion of it in the GpsPasSion forums. A Google search works pretty well also.

I connected the Mio to my laptop with a USB cable. Then I could see the iGO.db file in \MIOMAP\MIOMAP. Remember that the Mio C320 runs Mio Map v3.3.

I copied iGO.db to my laptop and opened it with iGO POI Explorer.

This is what the POIs look like in iGO POI Explorer.

Then you need to export them to a kml file that Google Maps can import.

From there, it's just playing with Google Maps. I'll make that another post. Maybe you can figure it out before then.

Here's the result.

View Larger Map

Saturday, January 19, 2008

Finally, HD

Remember back last year when I made a foray into HD? Let's just say it didn't go well.

Well, I got brave again. This time I wanted to make sure I got WOW. 52" seems to do that.

I went for the Sony KDL52W3000. It's an 1080p LCD with 3 HDMI inputs. Berclair Television gave me a great price. My wife found a nice stand for it and we coordinated the deliveries.

It seemed like it was going to work out fine until I visited Comcast. "Sorry, we have no HD boxes. We'll take your name and call you." That was a week ago. My phone hasn't rung.

You may recall that I'm kinda persistent so I didn't accept that answer. The third Comcast store I visited had plenty of the Scientific Atlanta 8300HD DVRs.

Delivery and installation went well. Berclair Television did all the setup. I used HDMI connections for the cable box and the Philips DVP5982 DVD player.

That was until I tried playing a DVD.

"DISPLAY CONNECTED NON-HDCP COMPLIANT" and then snow. The first call was to Berclair. "Must be a problem with your player." I should not have let Berclair leave until I played a DVD.

The next call was to Philips. "Must be a problem with your TV." Would you have expected anything else?

So, I chilled for a day or so and called Philips back. This representative walked me through a reset procedure and it still failed. He gave me an RMA and it's on its way back to Philips.