Liudvikas Bukys

TechRepublic:
Use NetMeeting to support remote clients–for free

Wired News:
Stealing MS Passport’s Wallet
12:25 p.m. Nov. 2, 2001 PST

To correct serious security flaws, Microsoft on Friday disabled the virtual wallet function of its Passport service and has begun notifying partners about the vulnerabilities, the company has confirmed.

The bugs in Passport, a sign-on service used by more than 200 million people, were discovered this week by Marc Slemko, a software developer who lives near Microsoft’s Redmond, Washington, headquarters.

Besides posting it at his site, Slemko intends to release the technical details on several security mailing lists Friday “so that, if they choose, users and partners can choose to reduce the impact on themselves,” he said. Because of the severity of the flaws, Slemko withheld publication until Microsoft had an opportunity to correct it.

MS to force IT-security censorship. The Register Nov 2 2001 12:34AM ET [Computer security news]

Cambridge University gets low grades for IT. Silicon.com Nov 2 2001 3:22AM ET [Tech latest]

Security Focus (Neohapsis):

Microsoft released a new version of HFNetChk today.

A couple of errors were fixed with the utility itself, and the
readme.txt file was updated to include instructions on using HFNetChk if
you cannot or do not want to update to at least MS Internet Explorer 5.0
(these instructions might have been there before, but I don’t recall
seeing them).

If you are not familiar with HFNetChk, it is an excellent tool for
determining whether your WinNT or Win2k systems (workstations and
servers) have the recommended hotfixes installed. You run it from a
Command Prompt and HFNetChk downloads the current patch list from
Microsoft then checks to see if the system is up-to-date. (The patch
list, in XML format, is saved to the default directory, so you can also
test systems that aren’t on the network.) Not only is the operating
system itself checked, but HFNetChk also knows how to check Exchange,
SQL and IIS. You can check systems across the network and can specify
multiple systems to be checked with one command. The output can be
redirected to file for detailed review and historic documentation
purposes.

Using HFNetChk alone won’t completely secure your system, but it does
make the process of checking for missing patches more manageable.

See http://www.microsoft.com/Downloads/Release.asp?ReleaseID=31154 and
the links therein for more info.

— Mark Medici mark@dbma.com

Ben Adida: Why Not MySQL? (for the OpenACS Project)

NOTE: This Document was written in May 2000. Thus, it is outdated and does not represent the latest data concerning MySQL. I will attempt to find time to rewrite this with more current information soon (August 10th, 2001)

If what you want is raw, fast storage, use a filesystem. If you want to share it among multiple boxes, use NFS. If you want simple reliability against simplistic failure, use mirroring. Want a SQL interface to it all? Use MySQL.

Now, if what you want is data storage that guarantees a certain number of invariants in your data set, that allows for complex operations on this data without ever violating those constraints, that isolates simultaneous users from each other’s partial work, and that recovers smoothly from just about any kind of failure, then get your self a real RDBMS. Yes, it will be slower than the MySQL file system. Just like TCP is slower than UDP, while providing better service guarantees.

TechnologyEvaluation.COM:
The Application Server War Escalates:
BEA and Oracle duke it out at JavaOne conference while Sun/iPlanet and IBM look on.

TechnologyEvaluation.COM:
Great Product: Too Bad The Architecture Doesn’t Fit

Mozilla.org Announces Open Source Calendar [Slashdot]

IBM DeveloperWorks:

CVS for the developer or amateur
: tutorial, can be read online (web) or offline (PDF).
About two hours in length.