Jason Meserve reports that the first exploit for recent Patch Tuesday has been published:

A security researcher has published the first exploit against one of the 14 vulnerabilities patched last week by Microsoft, security company Symantec has warned customers. In a posting to the Full Disclosures security mailing list, Alla Bezroutchko, a senior security engineer at Brussels-based Scanit NV/SA, spelled out JavaScript code that crashes Internet Explorer 6.0 on Windows 2000 and Windows XP Service Pack 2. Bezroutchko's proof of concept exploits the critical bug in XML Core Services that was patched by MS07-042. Computerworld, 08/20/07.

More reason to ensure you're patching regularly.  It also emphasizes the importance of MS07-042 - it pretty much seems to have the capacity to touch everything.

Read the full article here.  For the latest updates, go to Microsoft Update!

The latest glut of spam that I've been looking at all focus on getting me to update my banking account information.  Never mind the fact that I don't have, never had, and likely never will have an account with any of these financial institutions - they all urge me to update my info.

Dear Marshall & Ilsley Bank business or corporate customer,

Marshall & Ilsley Bank Customer Service requests you to complete MiWeb Commercial Customer Online Form.

This procedure is obligatory for all business and corporate clients of Marshall & Ilsley Bank.

Please click hyperlink below to access Money MiWeb Commercial Customer Online Form.

http://miwebcombank.session-3678527.mibank.com/Nubi/custform.aspx

Please do not respond to this email.

Copyright 2007. Marshall & Ilsley Corporation. All Rights Reserved.

******************************************************************************************

Note the nice personal greeting: Business or corporate customer.  Note the poor grammar: decided not to capitalize the entire greeting, and the awkward phrasing of 'requests you to complete.' and lack of prepositions later on.  Also note that the original link (not here of course, I scrubbed that so it points to our site now) points to a URL in Hong Kong. 

From TD Banknorth:

Dear TD Banknorth business customer,

TD Banknorth Customer Service requests you to complete TD Banknorth WebExpress Customer Form.

This procedure is obligatory for all business and corporate clients of TD Banknorth.

Please click hyperlink below to access TD Banknorth WebExpress Customer Form.

http://webexpress.session-20257.tdbanknorth.com/wcmfd/wcmpw/CustomerForm

This mail generated by an automated service.

Copyright 2007 TD Banknorth Inc. All rights reserved.

---------------------------------------------------------------------------------------------

And TD Canada Trust

View As Web Page

Dear TD Canada Trust customer,

TD Canada Trust Customer Service requests you to complete EasyWeb Customer Form.

This procedure is obligatory for all customers of TD Canada Trust.

Please click hyperlink below to access EasyWeb Customer Form.

http://easyweb.ServerID-70978.tdcanadatrust.com/custserv/easywebform.jsp

Thank you for choosing TD Canada Trust for your banking needs.

Please do not respond to this email.

This mail generated by an automated service.

TD Group Financial Services site - Copyright © TD

It never ceases to amaze me how many attempts to hit a single person with the same, exact email content a spammer / scammer will try.  Interestingly enough there's also a bunch of crap hidden in a white-on-white motif at the bottom of each mail.  Also interesting: The TD Canada message appears to actually point to a .cn URL (Canada) rather than another Hong Kong - although good old HK is where the TD Banknorth message links to. Of course Canda could relay there as well; I didn't really bother trying to check, since they are all worded nearly identically and are all scams anyhow.

Of course, the only reason they keep doing it is because people keep falling for it.  Once again, I replaced the links but left the URL intact here for search purposes. 

What I mean is, I've been noticing lately that this blog is getting hit when someone searches for information on these scams - so I want to be sure if someone honestly isn't sure this is a scam, they can find this post.

Don't fall for any of these of course - they are all scams and should be immediately deleted.

As if there was any reason to doubt, This Article pretty much says it all.  Gruden is apparently preparing to cut Chris Simms for his poor performance in training camp following the removal of his spleen after being injured early last season.

As a coach the guy has had no success since taking a team that he had little to do with building to the superbowl in 2002.  His career coaching record is 77-67 - but 39-41 with the Bucs (Gruden was 38-26 with the Raiders before joining TB. 

Why this guy is still employed is a mystery.  He took a team that went 12-4 and won the Superbowl and went 12-20 over the next two years.  His apparently immense ego seems to make him think he can win by force of will rather than by gathering good players and putting them into position to perform at their peak.

The way things are looking to me - unless Jeff Garcia can sparkle the offense with some magic - it'll be a miracle if they can manage to run 8-8.  All Bucs fans can hope for is either a miracle to have a good season, or a quick bombing that leads to Gruden's dismissal.

As for me, the best part of being a Bucs fan this year will be the fact that I'm also a Giants and Jets fan - so the Bucs have a great chance to be the best among my teams.  ~sigh~

Thank goodness I signed up for AT&T's notification of when the iPhone was available.  Thanks to this excellent service, I was among the first to know when the iPhone was actually available in AT&T Stores.

In case you're wondering, I'm posting this 'cause I got an email last night as follows from AT&T:

Touching is believing.
The Apple iPhone is now in stock and ready to go. And surf. And play. And of course, talk. Use our online store locator to find the closest AT&T store near you and get your hands on one today.hing is believing.
The Apple iPhone is now in stock and ready to go. And surf. And play. And of course, talk. Use our online store locator to find the closest AT&T store near you and get your hands on one today.

This is the type of service you might have come to expect from AT&T apparently, if you read their customer comments.  Now in fairness, my experience has been fine, but I haven't had to call them for help yet...

Powered by Qumana

After a good six weeks of iPhoning, I thought I'd point out some of the 'bigger' annoyances that I've come across so far.  Before I do so, let me be clear: these are the things I'd like to see changed / improved / added - but I am still convinced that once Exchange over-the-air sync is truly rectified, that the iPhone will wind up being the most impactful smartphone ever.

Anyhow, the list:

• Better sync with Exchange - this has to be everyone's number one 'wish' for the iPhone.  I was on the phone with Apple yesterday and they concurred, this was something many, many people ask for this
• Better recognition of phone numbers in other applets - Calender for example!  If I have a concall in Calendar and the phone number is in the event notes, I'm typing.  I should be able to simply click on that as a link and have the number dial for me.
• Agenda View - I know lots of folks love the list view in calendar, but personally I'd prefer something a bit more in line with WinMobile's agenda view - all the stuff I have coming up today, with a preview view of the item that includes location would be great.
• Updated bluetooth stack - bluetooth seems to work pretty well with some headsets, but (1) they really should have supported stereo bluetooth, and (2) the communications with my BMW sucks.  On the first, I've heard varying reports that this can or cannot be done via a software, so not sure if it can be done ont he current hardware or not.  On the second, it just sucks.  The communications is choppy and while people can hear me, I only hear every other word. 
• A 'sleep' or 'snooze' feature on appointment reminders.  Why this wasn't included I just don't know, but bottom line is if I get a reminder, I want to hit one button and have it snooze for a little while at least - 5 or 10 minutes - rather than having to open the appointment and modify the reminder.  That just sucks (on the plus side, I do like being able to set two different reminders.  Alot!)
• Finally - better debugging tools.  I've had very little trouble with my iPhone, but I've worked on a couple for friends and clients and the debugging tools are abysmal.  Actually worse than abysmal, because even acknowledging that they exist is misleading - there are no debug capabilities on the Windows side of the house.  I spent two hours working on a client's phone yesterday trying to figure out why it will sync some calendar items from Outlook, but not others.  I'll be back on Friday to try a few more things, then likely back on the phone with Apple on Monday to continue the process.

Powered by Qumana

While this probably won't see much national coverage, this is an incredibly bad sign for the Bucs this year.  With Mike Alstott's pending retirement (and that guy has been the heart and soul of this team for years on offense) the genius down in Tampa (and by Genius I mean the idiot running the team, Jon Gruden) has apparently decided that Michael Pittman will help fill the void.

Now besides the fact that Pittman is a truly despicable man who is best known for breakaway runs and wife beating, people in Tampa seem to have forgotten that size actually does count when it comes to the Fullback position.

At 6-0 and 228, Pittman doesn't exactly strike fear into anyone (again, unless you count his wife)

Powered by ScribeFire.

We've been looking at a website rework for my company in the past couple weeks.  The site's been static for nearly a year, and alot of the information is either outdated or flat out wrong, and our new sales and marketing team wants it to be updated to better support our sales efforts.

(For any reader out there - are there any readers out there? - Protechnica is an IT Services and Consulting firm)

Anyhow, the big debates are: (1) Do we outsource the effort or do it internally?  We have the skillsets to do so, but the time is the thing.  And (2) Flash or Ajax?  I like the concept behind Ajax, but with Flash we can have it up and running in about a day.  rapid development there, eh?

Powered by Qumana

Just completed a Notes (well, Domino) to Exchange migration, and thought I'd share the good, the bad, and the ugly. 

To set the stage, I've been doing email migrations for more than eight years at this point, so nothing new there, but this was the first time I used the new Transporter Suite from Microsoft, and I wanted to share the hiccups and/or gotchas we ran into.

First of all, the Transporter Suite is pretty nifty, it does some base analysis of existing Notes applications as well as handling email migration - but - you still need to run the application analyzer.  The functionality included in Transporter doesn't do a very good job of analyzing and categorizing the existing apps - you still need the App Analyzer for that functionality.

And we ran into some hiccups with Transporter - hiccups that resulted in a loooooong call with Premier, that led us to downloading a beta build of an updated Transporter. The updated version resulted in successful migrations on 98.6% of the mailboxes.  Of the remaining mailboxes, all but one were successfully migrated using the migration tool from BinaryTree.  The one that kept giving us fits wound up being a mailbox with no data - it was empty.  The user had an assistant that routinely went in, forwarded his mail to another email address, and deleted the content.  As an aside, please, don't get me started about the security implications, this just goes to show that no matter what you do, users will find a way to circumvent it.

In any case, on the migration, that empty mailbox basically confused both tools and left them trying to migrate and failing.

The other major issue we ran into - and this was largely fixed by the updated Transporter - was with exceptionally old recurring meetings.  Basically what we figured out was, if you had a recurring meeting in Notes and the first occurence - the original meeting - had been deleted, funky errors ensued.  If we omitted calendars then the migrations ran fine.  Since this wasn't a solution, we wound up needing the updated tool.  The biggest hassle here was that the tool would run - sometimes for quite some time - then hit the bad event, and error out rather than trying to continue on the error and skip the failed events.  No such luck.

Finally, a word of praise for both tools - they handled very large mailbox migrations without a major hitch (once we figured out the event issue that is) without a hiccup due to the size - the larges we moved was around 3GB!

Overall nice work by the Transporter team - and especially props to Dave Howe with Premier Support for an outstanding save, and on a Sunday afternoon to boot!

I found the content here to be interesting, especially some of the comments.

http://scobleizer.com/2007/07/11/iphone-update-rumors-cause-conversations/

(Yes, that's me down near the bottom)

Apple released the first iPhone update - 1.0.1 - whcih takes around 5-6 minutes to apply.

Apparently it's primarily a security update to address the Safari exploit that was announced last week, which allowed an attacker to take control and/or access data on the iPhone.

In other news, my updates have been off.  I have two in the works, one touching on some recent iPhone experiences - both good and bad - and one on a recent Notes migration we did for a client, and my experiences on that.  Which incidentally is why I haven't been updating - late nights moving data and migrating mailboxes!