For the most part Windows 7 is great.  There are a few – things – about it that annoy me, and I have found another.  This “feature” has popped up a couple times and is very frustrating when it does.

For files created/modified in the last 24 hours, Windows 7 does not display the file time in the File Properties dialog.  It just gives a very unspecific “X hours ago”.  What the fuck is this shit?

So if I wanted to know the EXACT time this file was created, I can’t see that.  Fan-fucking-tastic idea Microsoft.  Where do you idiots come up with this shit?  Seriously, who ever thought this was a good idea should be punched square in the balls.  What good does “5 hours ago” do.  Ok, so it was created some time 5 hours ago, giving an hour of buffer time in there.  That really doesn’t help me.

Read More

Not too long ago I wrote about how to Make Firefox More Secure by Disabling Java in it.  Since I wrote that article in November, nearly every malware cleanup I have done since then has used Java as it’s injection vector, and that has been quite a lot.  This has become a HUGE wide spread security issue for Windows users, and it’s all thanks to Oracle’s Java plugin for web browsers.

Java isn’t supposed to allow apps with out a certificate to execute unless the user gives it permission to.  The problem is that there are bugs in the Java plugin that allow malicious apps to still run, regardless of the user clicking allow or block!  I don’t know if the latest Java update version has patched these holes or not.  Every system I have seen though has been running Java 6, just one of the lower update numbers (they’re on update 18 at the time of this writing).  Compounding the issue is that most people never update Java.  Heck, I hardly ever used it, so I never updated it either.

Read More

First off, let me say I love The Big Lebowski.  I have attended local Lebowski events and had a blast at them.  It’s one of those movies that you watch the first time and you’re just confused.  You get some of the obvious jokes, but you’re mostly left going wtf was that?  Pretty soon you’ll end up watching it again, and then you really start catching the little things.  All of the tiny details in the dialog and in the background and you find yourself cracking up through out the whole thing.  It’s easily one of my favorite movies.

For this reason I knew I had to rent The Achievers: The Story of the Lebowski Fans when I heard about it.

First I’ll get in to ways that it was good:  It burnt an hour and 10 minutes up of my borring night.

Next let’s get to ways that it was lame:  There is no menu system.  You put the disc in and the movie starts playing.  Seriously, I can make better DVD’s on my computer with free software.  The movie was also not widescreen, parts of it are letter-boxed, parts of it are full screen (4:3).  It’s like they couldn’t pick a format.  Not a good start already.
They thoroughly interviewed the guy who played Saddam and the guy who played the Corvette owner.  The check out girl (on screen for 4 seconds), and her twin sister are in there too.  Oh yeah, and Liam (not a single speaking part).  Wow, great, you got people that were on screen for a combined total of less then a minute.  REALLY?  You couldn’t get any of the actual actors in the movie that had real parts??  Well, they DID talk to Jeff Bridges… what looked like outside a night club at 3am for 30 seconds.  What was weird though was Jeff Bridges was at a Lebowski event, and they have footge of him there.  But they couldn’t sit him down for a real interview?  Pretty crappy.

Read More

I was excited to see that Firefox 3.6 was released today, so I promptly downloaded and installed it on my Asus Netbook (which I have been loving by the way).  Upon restarting Firefox after the upgrade I noticed my Persona was missing.  Now would be a good time to explain that I run a theme on my Netbook other then default.  The default Firefox theme is generally ok, but on a Netbook it is simply too bloated and chunky.  It takes up way too much real estate on a Netbook’s low res screen.  To resolve that annoyance I run a theme called Classic Compact.  It gives you a good chunk of your screen space back, leaving you more room to view your porn websites.

After loading up 3.6 and seeing my Theme was lacking my Persona (the clean  Firefox B), I hopped back over to the Persona website and reapplied it.  But at this point something disturbing happened.  Firefox switched back over to it’s morbidly obese default theme.  I turned Classic Compact back on and applied the Persona again, and again Firefox’s ugly fat theme butted in.  After a quick goog, I discovered that this was a common complaint on the Mozilla forums.  Evidently in the new version of Firefox, with the Persona integration, they merged Persona’s in to themes.  You can no longer have both, as you always could before.

After screaming a few choice words I decided to just downgrade back to 3.5.7 until Firefox fixes this issue or someone else releases an add-on that will fix this bullshit.

It’s pathetic that Mozilla would take a feature that has been working fine for such a long time, integrate it, and completely fuck it up!

I also find it rather pathetic that Mozilla couldn’t scrape together a single fucking Windows 7 feature for Firefox… I would’ve been happy with even some god damn jump lists, but noooo… heaven forbid the Mozilla team actually be on the ball about what it’s users want.

So the lesson here is, if you run a theme and a persona, don’t upgrade to 3.6 quite yet.  Wait for a fix to come out, either from Mozilla, or from someone in the community in the form of an add on.  And since pictures are always more fun to look at…

Read More

For the uninitiated, TrueCrypt is a Free, Open Source, on-the-fly disk encryption software.  You can do many things with it, from Encrypting flash drive, to creating Encrypted file containers, to Full System Encryption.  I had done all except the latter and I have been wanting to try it out.  For various reasons though I had never really bothered with it, until now.

Over the holidays I picked up an Asus EeePC 1005HA Netbook

I have a 14 inch laptop with all the bells and whistles of a normal laptop, but after a while, lugging the beastly heavy thing around got to be quite old, and it got to a point where I just didn’t even bother bringing it with me any more because it was just a hassle.  I picked up the Netbook to hopefully remedy this issue.  Their small and incredibly light build will hopefully not become such a burden down the road.  While you can definitely feel the slowness of the Atom processor, you only really notice it if you’re doing a bunch of stuff at once.  If you’re just surfing the net, IM’ing, doing office stuff, you don’t really notice at all.

So now that I have my new little buddy I started thinking about security for it.  Since it’s so small and will be going with me every where, it’s also prone to growing a set of legs and walking off.  Should this occur, I want all of my personal and work related files stored on it to be completely secure.  I have used TrueCrypt for many years so I have come to trust it, and I figured this would be en excellent solution.

Read More

This article is referring specifically to Windows Server Backup 1.0 that comes with Windows Server 2008 R2.

I recently had the pleasure of another horrid Server 2008 product.  This time around it’s the built in backup utility causing my head aches.

What’s the problem with it?  It’s slow.  I don’t mean takes a few extra hours slow… I mean it takes 18 hours slow.

First let me give a quick over view of the equipment being used… as this is definitely NOT a hardware issue.  It’s a poorly-written half-assed software issue.

The server is 2U rackmount HP Proliant DL380, running 2 Intel Xeon E5540 CPU’s at 2.53Ghz.  Each CPU has 4 cores with hyper-threading, giving it a total of 16 processing cores.  It has 24gb of ram (6gb free when in production).  For HD’s it is running 8 300GB 10,000 RPM SAS hot-swappable drives in a RAID 10 configuration.  This server is no slouch.  The server’s sole purpose is a Hyper-V server.  It runs 4 virtual machines, all Server 2003 machines with 4 gb of ram each.  In total, the virtual server has 746gb of data that needs backed up.

The server is connected via gigabit ethernet to a switch.  The switch is connected via fiber to another switch, where lives our backup server that is also connected at gigabit and has 2tb of storage space for the server backup.  Using straight file copying over network shares I have verified full gigabit transfer speeds.

It all sounds good right?  Well, it actually all is pretty nice… until you throw Windows Server Backup in to the mix.  What a piece of shit program this is.  I’ll save you the hours of configuration it took to get it to play nice in setting the backup to go to the network share and to play nice with the Hyper-V virtual machines.  Mind you this is a production server, so shutting down the 2003 servers for a couple hours isn’t an option.  Luckily volume shadow copy services comes to the rescue here, but again, I’ll spare you the explanation on that as this isn’t the point.

Read More

Yesterday I wrote about how I had stumbled upon a virus through Java in Firefox and how Avira didn’t quite stop all the infections.

I also mentioned I didn’t blame Avira because I felt that it was a new strain, and it looks like I was right.

Yesterday when I scanned the infected file it wasn’t reporting any issues.

Today I noticed a little update notice from Avira so for the heck of it I scanned the infected file again (kept it around to test with), and bam, detected!

So for the heck of it I popped it through my trusty online scanner, VirusTotal which will scan any file you upload against 41 antivirus engines.

The other day I got:

File iaStor.sys received on 2009.11.12 18:25:30 (UTC)
Current status: finished

Result: 1/41 (2.44%)

Reanalysing the file today I get:

File iaStor.sys received on 2009.11.15 00:09:41 (UTC)
Current status: Loading … queued waiting scanning finished NOT FOUND STOPPED

Result: 11/41 (26.83%)

No, not Javascript.  Java.

Despite similar names, Javascript and Java are 2 entirely different things.

Java, or Java applets are programs that can be embedded in to websites.  They are generally poorly written, and hardly ever function right.  Most people will probably never even need java, and in fact the only website I can think of that I ever use it on is Facebook’s shitty multi-photo uploader which I use only a handful of times a year.

Why am I writing about this?  Because I had a Windows 7 machine that was fully updated, running an updated Firefox with Java (Java may have not been up to date),  and a fully updated Antivirus program.  By clicking one simple link, the machine was infected through the Java run time in Firefox.  Despite clicking “Deny” on the Java question, the app still managed to run itself.  It looked like it caused some type of crash in the Java run time and allowed itself to execute code.  The virus then proceeded to attempt to hijack the browser and insert other malicious code in to the system.  Avira Antivirus was able to block most of these attempts, but it did miss something.  I have a feeling that this was a new strain of the virus, so I’m not going to place too much blame on Avira here.  After all was said and done I ran the infected file through an online scanner, and only 1 of 41 virus engines detected it.  Yikes!

Before shutting down the system I had ran FULL scans with Malwarebytes and Avira, both came back clean.  I rebooted the system and that is when it happened.  7 load screen… blue screen…. reboot.  Over and over.  Safe mode was of no use, other methods of recovery didn’t work, the bluescreen yielded no useful information.  It wouldn’t even point me to the file causing the crash (which would of helped me tremendously).  To make a long story short (I put probably 4 hours in to fixing this bluescreen), the virus had attempted to insert code in to my iaStor.sys driver.  This is an Intel Storage driver, vital to system operation.  I believe that because this was a Windows 7 machine, it was unable to successfully hijack this file (the virus was probably written to hijack XP machines).  I found the lone infected file by pulling the drive out of the laptop and using a separate computer running Nod32 to scan the entire drive,  and replaced the infected file with a good copy I had in my archives.  The really strange thing about it was the good file and infected file were the same exact size, but the infected file no longer had the Intel signature and had a different MD5 hash then the good file.  The virus obviously tried to re-write some part of my storage driver… who knows what though.

Nod32 identified it as Olmarik.pv which from what I can tell is a pretty new strain.

To bring this story back to it’s point, a fully updated system, running Firefox still caught an infection thanks to shitty ass Java.  So, do yourself a favor out there RIGHT NOW.  Disable Java.

Tools -> Options -> Content

Un-check Enable Java:

The nice part about this is that if you do end up on a site that you TRUST and need to enable it, you can simple check the box again and reload the page and it will work.  You don’t have to restart your browser.  Just be sure to disable it again after you’re done to keep your browser safe!

I have made this change on all of my machines and I strongly encourage you to as well!