Luci Sandor’s blog

PCMagazine features a huge discovery: Windows XP SP2 Has a Dangerous Hole. It looks that an attacker can watch and eventually turn off your antivirus and your firewall on Windows XP SP2, because Microsoft allowed their control through WMI API.
Of course, an attacker is not waiting for you to turn off your firewall. If you are smart enough to use one, why would you turn it off?
But in order to kill your firewall, the attacker needs, as a prerequisite, administrative rights. I am afraid that, with adminsitrative rights, an attacker can do basically whatever he wants, without even bothering to turn off the firewall.

A lot of bile has been spilled from this page over the dead brains of people such as David Berlind or Paul Thurrot, described by their self-assuring slogan "where the unprofessional journalism looks better", driven to boring conferences by the hope of winning a free iPod. In IT journalism you can’t tell that someone is pro or "un-pro".
Here’s a guy who thinks he was a sports journalist. In his MSNBC column, In final judgment, eliminate gymnastics from Olympics, this guy trying to conceal the idea of deliberate cheating on gymnastics scores by putting the blame on judges. I watched enough gymnastics contests and I saw too many times how the hierarchies are changing during any contest held on American soil. I have the luck to listen to world’s greatest champions, commenting with a surgeon precision what takes place on a floor or on a beam. I can’t buy this:
And that’s why gymnastics has no place in the Olympics. We have no idea how this sport is being judged, where the points are going, what criteria is being used to determine a champion. Is it the landing? The bow? The smile? What does it take to win?
If you really want to know how scores are calculated, switch from the biased and incompetent NBC or, better, buy the rule of the game on booklets available from the FIG online shop.
Of course, you should repeat as frequently as you can that Paul Hamm is a "victim" of the system. Isn’t he the one opposing to reviewing the performances on tape?

A week or two after the public release of SP2 for Windows XP, we already have a hotfix:

884020 - Programs that connect to IP addresses that are in the loopback address range may not work as you expect in Windows XP Service Pack 2.

It didn’t took too long for Microsoft.

The flawed file is TCPIP.SYS. I’ve already wrote on Scoble’s blog comments about this file. After SP2, it has a hardcoded limitation of maximum 10 outgoing half-open connections. There were people on the net who hexedited the file and posted the results on public websites. These computers cannot be patched, as Raymond Chen explained. For a better deal on Kazaa, the people who patched their systems may compromise their data and may be more prone to trojan replication, i.e., they might compromise the data of their network neighbours.

As acknowledged by its makers, the spyware-bundled codec DivX is not listed among the installed codecs after you install SP2 for Windows XP. They even provided a guide on how to disable the buffer overflow blocking feature, called Data Execution Protection, the one that’s guilty for this incident.

This procedure involves editing the BOOT.INI file and the advice is published on DivX Networks site. It wasn’t enough that they have obtained a huge market share in the Joe Average User campus and they are probably the most successful spyware distributors. They had to provide indications on how to break Joe Average User defense against other menaces to his PC.

This news was learned from eWeek, with the whole story on what’s to do to save the most corporatist codec of them all (EW boys, I couldn’t find anything DivX coded on local shops, perhaps you did it on Kazaa…). They also did mentioned in a footnote something about issues with Visual Studio, Access and TabletPC implementation of OneNote. EWeek blocks external referrals, hence I’m not bothering with the link.

According to DevShed, PHP 5 looks too much like Java and the "partnership" between Sun and Zend is at least suspect.

I tried to access the website of a romanian bank, but the very first page, www.bcr.ro, redirected me to a warning that I should be using Internet Explorer. The screenshot proves that the user experience is even dumber in Internet Explorer.

The boys were tired and played like amateurs.

This is pretty funny, because you don’t really need a setup program.

You can download the zip file instead of the setup program. After unzipping it, it will not become the default browser, but when you will run it for the first time, you will prompted for this, and the file type and URI protocol associations will be created.

According to Unattended project on SourceForge, Mozilla and Netscape installers used to have a switch -ma that disables the GUI and -ira, that disables the automatic launch of the application after the installation. This might still work, but I’m not sure. This way, you cannot set anymore the installation directory.

No words can express my satisfaction.

Because we got married on Saturday, I have missed the mach. In fact, I have arrived in Bucharest during at half time and the train has passed at 300 meters from the stadium. It entered slowly the North Station, and it took five minutes until I got a good angle to read the board. Five minutes of nailbiting…

The first pic shows Sabin Ilie, who scored both Rapid goals, again from the first page of Gazeta Sporturilor. The second one is an impressive crowd hailing their favorites, Rapid, image from ForzaRapid.RO, an unofficial fan site.

I am watching a TV show about yoga and things like this. The guest is a so-called Count. He’s a kind of astrology PhD, with a big portfolio of sick wonders, such as predicting that Romania would be the most powerful country in the world … around year 2000. He has something to say against Bivolaru, the pedophil guru. I can’t follow the thread because a dozen yoga practitioners call in at the TV show and each repeats their damned mantra about how you can get health from urine, the positive and negative, the light and the dark, the zodiacal signs and stuff…

I lost my patience and sent an SMS.
Hi, this is a great bunch of lunatics, but the chief madman is missing. Listen, Rapcea [Bivolaru's lawyer], your master is sexually challenged. Sue me! Baron of Grozavesti.
When the host started to read the messages, it seemed that mine would be overlooked. There were other funny guys asking for nudes in commercials, for predictions about their wives’ whereabouts, for someone to commit the count or Bivolaru or the whole yoga group into a mental institution. The host already started to miss the big opportunity to interview such a personality and already was smiling. I was loosing patience, feeling like George Constanza missing the spotlight in the theater.

But when my SMS was read, Diaconescu and the Count started to laugh for about a minute. Hey, I didn’t realized it was that good, you philosophically challenged big boys!