Morpheus application is ‘safe’
Morpheus application is ‘safe’. But watch out for those downloads [The Register]
Archive for the ‘LINKS’ Category.
A redesign recipe for tough times
Lighthouse: A redesign recipe for tough times. The recent boom has ensured that most of the Web sites that are needed have already gone up. The end of that boom has deadened any sense of urgency among organisations still planning their first site. And it’s a rare Web site built in the past four years that couldn’t use substantial improvement. [Tomalak’s Realm]
Redesign: When and How
devhead: From December 22, 1998; Redesign: When and How. Jakob Nielsen. [Tomalak’s Realm]
Results, Not Resolutions
Results, Not Resolutions
A guide to judging Microsoft’s security progress.
By Bruce Schneier and Adam Shostack
Jan 24 2002 3:50AM PT
Microsoft Network Security Hotfix Checker (HFNetChk) version 3.3
Microsoft Network Security Hotfix Checker (HFNetChk) version 3.3
HFNetChk is a command-line tool that enables an administrator to check the patch status of Windows NT 4.0, Windows 2000, and Windows XP machines.
HFNetChk can be run from Windows NT 4.0, Windows 2000, or Windows XP systems, and will scan either the local system or remote ones for patches available for the following products: Windows NT 4.0, Windows 2000, Windows XP, Internet Information Server 4.0 and 5.0, SQL Server 7.0 and 2000 (including Microsoft Data Engine), and Internet Explorer 5.01 and later.
NOTE: Version 3.31 (Nshc331.exe) is an updated version of 3.3 that will properly identify SQL Server 7.0 systems.
Gartner on IT Architecture
Gartner on IT Architecture:
requires a Gartner “seat” — send me mail if you’re at UR and want to see the reports
The Architecture Engagement Process
[PDF]
TU-14-9766,
15 January 2002,
Greta James, John Roberts
What Do IT Architects Do?
[PDF]
COM-13-2153, 8 May 2001,
Nick Jones, Simon Mingay
A perspective on IT architecture as an investment principle helps to define the purpose and role of architects.
Weakened encryption lays bare al-Qaeda files
Weakened encryption lays bare al-Qaeda files
Relatively weak encryption appears to have been used to protect files recovered from two computers believed to have belonged to al-Qaeda operatives in Afghanistan.
The files were found on a laptop and desktop computer bought by Wall Street Journal reporters from looters in Kabul a few days after it was captured by Northern Alliance forces on 13 November. The files provide information about reconnaissance missions to Europe and the Middle East.
A report in the UK’s Independent newspaper indicates that the encryption used to protect these files had been significantly weakened by US export restrictions that existed until last year.
The files were reportedly stored using Microsoft’s Windows 2000 operating system and protected from unauthorised access using the Encrypting File System (EFS), which comes as standard on this platform. They were protected with a 40-bit Data Encryption Standard (DES), according to the Independent report. This was the maximum strength encryption allowed for export by US law until March 2001. All systems are now sold with the standard 128-bit key encryption, exponentially stronger than 40-bit.
Wall Street Journal reporters say that they decrypted a number of files using “an array of high-powered computers” to try every possible combination, or “key” in succession, a process that took five days.
The IDL That Isn’t
“The web service model is a very good one. But it will only be adopted if interoperability is easy to achieve. The best way to do that is to move to the IDL-centric model used by the classic RPC technologies of the past. Ultimately, web service toolkits will have to support a development model that starts with WSDL and web service developers will have to embrace and use that language. To facilitate that, WSDL should be radically reworked by the W3C and ultimately simplified (preferably along the lines we described in last month’s column). Until then, WSDL will remain the IDL that isn’t.”
Gosling: Why Microsoft’s C# isn’t
Sun’s James Gosling on .NET: “You find stuff in it that has essentially loopholes for everything. They had this problem in their design rules that they had to support C and C++, which means you have to have a memory model where you can access everything at all times. It’s the existence of those loopholes that is the source of security, reliability and productivity problems for developers. So on the one hand, they copied Java, and on the other hand, they added gratuitous things and other things that are outright stupid. That’s amusing.” 
[Scripting News]
