Friday, October 15, 2004

Desktop Search

Google has a desktop search client. It works OK. However after running across Google's, I remembered that a company called Copernic had a free desktop search client also... I found it and downloaded it and I would have to say it blows Google out of the water, it also blew me away :) It searches documents in any specified folder and also outlook email, contacts etc. Oh and it gives you a clean three pain view with a preview of the found items contents, and when you locate that email or whatever you where looking for, just double click and it opens right up, way cool.

URL: Copernic Desktop Search

URL: Google Desktop

Sunday, October 10, 2004

Microsoft JPEG vulnerability

I have been ignoring this issue for a week and have finaly revisted it and am making sure all of my systems are patched. Here are some relevent sites regarding this issue.

Microsoft Security Bulletin MS04-028

GDI Scan

GDI Scan Tutorial and how to fix the GDI+ JPEG Vulnerability

Nelson's Weblog - JPEG vulnerabilities in Windows

Friday, October 8, 2004

In my continued quest to run with least privileges on my WinXP box, I needed to change security on all files in my Cygwin home directory. So I looked into using find to do it. I wanted to change all files (not directories) to not be executable. I read the man page for find and after getting more confused ;) I googled for info on find and found a good tutorial on how to use it. I ended up using the following command from the root of my home directory:

find . -type f -exec chmod -v uga-x {} ;

The part that was triping me up was the backslash to escape the semicolon, without the backslash, the shell was eating the semicolon and not passing it on to find and find was giving me an error that the exec parameter was incomplete.

Here is the web site with some good info on find:

Linux Magazine: A Very Valuable Find

Slashdot is reporting a flaw in ASP.NET that allows someone to bypass certain types of security to access pertions of a web that they do not have the right to. If you use forms based authentication with a sub folder and web.config file, like this:


and the user type in:


they will not be routed to the authentication page and will instead see the page.

Here are some links from the article:

Slashdot: Microsoft Issues Ominous ASP.Net Security Warning

NT-Bugtraq: discovered a serious flaw in .NET forms authentication

Microsoft KB-887459: Programmatically check for canonicalization issues with ASP.NET

Tuesday, October 5, 2004

Mac OS X: Keyboard shortcuts

An article on Apple's web site that lists keyboard shortcuts that can change the 'boot' time behaviour of OS X.

URL: Mac OS X: Keyboard shortcuts

Monday, October 4, 2004

Running Windows XP with least privilege

Here is a blog that has some cool tools and great insight into running XP as a User instead of an Administrator. The two tools: MakeMeAdmin.cmd script and PrivBar really make it possible and much less painful to run my account as a lowely user and elevate my account when needed. Higly recomended

URL: Aaron Margosis' WebLog

Sunday, October 3, 2004

Self Service fix it for Apple iBooks/PowerBooks

Here is a site that has detailed instructions with pics on fixing/upgrading Apple's (i/Power)Books

URL: PB Fixit guide Series