A Diebold voting machine can be opened by a hotel mini-bar key.

No one dares ask me what I think about corporate “sponsored” voting machines which were handed to contractors by the most corrupt of Neocons. Not unless they want a 30 minute lecture on individual vote accountability. But this is a security test anyone can understand. A common key that can be bought almost anywhere on-line can open the most security sensitive part of a Diebold voting machine where the memory card is located.

Your vote does count. As many times as Diebold wants it to for their candidates. I particularly like one readers response:

“At least the minibar has a paper record of what you’ve taken out.”
http://www.freedom-to-tinker.com/?p=1064

Firefox 1.5 Spell Checker

I recently learned the developer of Spellbound, the best spell checker ever for forms in Firefox 1.0, went to work for Mozilla to incorporate the extension to Firefox 2.0. Therefore there was never a compatible release for 1.5. But I found a little known forum project that has an extension that seems to work just as well.

Before installing the Spellbound 1.5 Dev extension you’ll need to install a Mozilla language dictionary. If you already had Spellbound installed before upgrading to Firefox 1.5 your existing dictionary will work.
Mozilla Dev Language Dictionaries

Just save this file to your desktop, open Tools, Extensions from the Firefox 1.5 menu and drop the downloaded file into the Extensions window. Restart Firefox.
Install Spellbound Dev 1.5

Verizon sucks. <- period.

All of this is documented fact that would hold up in court.

A couple of months ago I attempted to get DSL service provisioned by Verizon into a new facility location for Pack-Rat. They screwed up and cancelled the order three times only to re-open it every time. We even paid $49.00 to have a tech go out an install the service for us. They never showed for three scheduled appointments delaying our ability to open for business by two months. In the final call I made to Verizon regarding this provisioning I was told that the installation tech that was suppose to go on-site to install the service would not be available for a “truck roll” for another week. I indicated that was not acceptable. Verizon charged us for the install, no truck rolled and the rep actually asked me if I would “like to cancel” if the option of waiting another week was not to my liking. I cancelled. Covad’s getting the business.

But that’s not as bad as it gets. 2 weeks ago I called Verizon to get order a PRI for our corporate location in DC. We already have four analog lines with them in that location. I was told by the sales rep that we would have to be referred to a sales rep and the request would be “put in queue”. 2 weeks later – no call. So I called them this morning. I was told that the request was “picked up” by Russell Noll, someone I’ve never heard from.

Is Verizon in the business of selling telecommunications or not? They are no more than another company that got so busy with a large customer base they do not care one bit about new business or customer service. May their stock drop like Bell South’s and burn into bankruptcy and corporate corruption scandals. For the record, I’ve heard their cell coverage sucks from those I know stuck on one of their plans. Probably overloaded their network in this area.

And don’t even get me started on the voice prompts when you call Verizon customer service. They are truely a company that has lost the ability to make customers happy while generating new business. They’re like Republican’s in Iraq. They won the first round of the turf battle but now they’re neck deep into something out of their control. Could this be the beginning of the end?

WinVNC4.exe virus

Had a really strange virus break out on our network yesterday. Here’s the breakdown:

Trend Micro Office Scan detected an initiation on a workstation at 12:21 PM. The virus was located in the file C:\Program Files\RealVNC\VNC4\WinVNC4.exe. This is a legitimate file and location for us as we have VNC server installed on workstations for remote admin. Trend reported the virus name as Trojan_Generic and it could not be cleaned or quarantine. It propagated through an unknown transport to random machines on the WAN in a matter of 10 minutes.

15 machines got infected before I shut down the MS Exchange services just in case it was using the address book as a transport. It didn’t seem logical that this was the propagation mechanism but the outbreak seemed to subside. We then removed VNC from the machines that got infected and I restarted the Exchange services. Two more machines were infected after this but no more. Several other workstations on the network had VNC server and the port open but were not ever infected.

One more interesting lead I have is that the machine where the outbreak initiated was the only one on the network with ports 6697 and 9234 recently opened for a custom IRC application. These have been closed. Anyone with any information about this outbreak is welcome to leave a comment.

_______________________________________________________

Update: 07-26-2006

Turns out this was a “false-positive” in Officescan virus definitions release 5.99.

Upgrading to the 6.07 definitions clears the problem.  I still think Trend Micro is the leader in the Anti-virus industry.

Why does Acrobat 7 suck so much?

I had a full copy of Acrobat 6 on my machine at work. For some reason only known to Adobe it decided to start hosing and wouldn’t open any documents. It just froze a blank white box on the center of my display. So I uninstalled it and put on a copy of Acrobat 7 reader. I needed to open some documents damn it.

Acrobat 7 ran flawlessly. Once. Then any time I tried to open a subsequent document it gave me an hour glass and the Acrobat process chewed up 45-50% of my CPU with no results. What a piece of sh*#!

Flush Acrobat – Get Foxit PDF reader and never look back. Adobe should pay as much attention to these readers as they do Photoshop. And what’s to happen to all the wonderful Macromedia products now that they’ve entered the Adobe family as step-child applications? We will know shortly. Until I know I won’t give up my old copy of Dreamweaver.

Lacking SNMP

I had the worst day trying to troubleshoot slow internet connection speeds with Time Warner today. Without SNMP interfaces on the 3Com OfficeConnect VPN Firewalls we use I couldn’t get a handle on where the problem was occurring. All I knew is that we didn’t have a lot of irregular traffic on any ports, the VPN stayed up (barely) and I had external URL and IP ping times as high as 2500 ms.

We’re going to be putting an SNMP compliant firewall/router at our core. Probably a 3Com Tipping Point. That will let me use PRTG Traffic Grapher to look at our bandwidth by interface in real time. Monitoring without SNMP sucks.

Outlook Web Access from another IIS server

Last weekend I spend over 16 hours working on an Exchange mail server migration from a MS Small Business Server to a stand alone Exchange instance on a Dell PowerEdge 2850. It all went relatively smoothly by installing the second Exchange server on the network as a second instance and moving the mailboxes using the wizard. The part that took the most time was moving the Outlook Web Access configuration.

For the record, you cannot run OWA from an instance of IIS other than on the Exchange server itself. But if you have only one public IP address on the firewall/router and have port 80 going to a different web server you can still access OWA on the Exchange server by using SSL port 443. Here’s how (assumes advanced IIS knowledge):

  1. Using Port Address Translation on your firewall point port 443 to the internal IP address of your Exchange server.
  2. Port 80 should already be going to your primary web server via PAT entry unless your running it in a DMZ.
  3. Make sure your external DNS entries contain an entry for the new “webmail” host (an A record or CNAME pointing to the public IP of your firewall/router). ex: webmail.yourdomain.com
  4. Create a CNAME (alias) in your internal DNS records for “webmail” pointing to the A record for your primary IIS server.
  5. Create another A record or CNAME entry in your external DNS entries to include the name of the Exchange server. ex: “exchangeserver.yourdomain.com”. You should already have this entry internally or you didn’t set up your Exchange server right.
  6. On the primary (port 80) IIS server create a new site called “OWA Alias”.
  7. Create a host header for this site called “webmail.yourdomain.com”.
  8. In the properties of this site select “Redirect this site to another URL” to a site on port 443 (https://exchangeserver.yourdomain.com).

Now when an internal or external user goes to “webmail.yourdomain.com” they will be redirected to “https://exchangeserver.yourdomain.com”. For users outside of your LAN this will push them back out the firewall and force them to come in over port 443 to the Exchange server. Internal users who type the “webmail.yourdomain.com” into a browser will be redirected to the https://exchangeserver.yourdomain.com as well thus providing a URL required for the certificate.

Note: you should always run OWA with a certificate so make sure ones installed for the “Default” site for the instance of IIS on the Exchange server. This certificate can come from a public Certificate Authority or can be generated by Microsoft Certificate Services running on the Exchange server itself. Because of the detail involved I won’t get into certificate issuance in this post. Pay close attention to the name of the host when generating the certificate request. It should be the same as the https host name (https://exchangeserver.yourdomain.com in my example).

I heard Skype sucks anyway.

This article was slashdotted today and is undoubtedly getting a bazillion hits:

AMD’s Lawyers call on Skype

Skype is claiming that AMD’s dual cores aren’t sufficient to handle 10 way VOIP conference calls and Intel’s are. What a crock of SH….!!!

Maybe Skype didn’t do their homework before building corporate bias into their software (the “GetCPUID” function). Let me help them. Skype read this:

Dueling Cores: AMD vs. Intel

Or this:

CNET Prizefight: AMD vs. Intel Dual Core (cut to the chase: AMD won all 7 rounds).

And here’s a very thorough test by ExtremeTech:

“While Intel’s Pentium Extreme Edition 840 acquits itself fairly well in a number of benchmarks, there are also some disturbing trends. In some tests, such as Cinebench 2003, AMD’s X2 sees greater gains in performance than the Intel CPU. In more theoretical tests, such as Passmark’s Performance Test, Intel generally holds its own—except in floating point, where it loses by a wide margin.

Everyone who’s done this level of testing professes that while the Hyper threading helps Intel at running multiple applications simultaneously (like 12) the AMD chips smoke Intel in single instance apps because they handle the floating point better. And when AMD invokes on-board diagonal memory addressing Intel is doomed because AMD will have a solid solution for handling 4 cores. Intel doesn’t have a chip with architecture to begin handling it so they might go to market with a 4-core chip in 2007 (Clovertown) that won’t have an on-die memory controller. “This bandwidth problem will be exacerbated by the fact that Intel still won’t have an on-die memory controller, which means that memory traffic will be flowing to all four cores over that single, dated FSB.” What’s Intel gonna do when the day comes that we want to use all flash memory without a FSB? Personally, one day I want a 19″ flat panel calculator with 200GB of flash memory and 256MB of video ram plugged straight into 8 cores. In my spare time I’ll get in Pcad and Pro-E and get it rollin’ for us.

So Skype can try to pull off a corporate partisan move and sell out to the marketing monoliths (they won’t even admit they’ve tested their software against AMD chips) and unfortunately they may succeed. This level of technology is beyond the argument of the justice system in that there is not judge or jury capable of analyzing performance results of multi-core processors to a level capable of discrediting a bogus claim such as this one made by Skype. The science and tech sector must rely on a platoon of lawyers outgunned by a lack of technological competence in society at large. Their task is monumental; to find a jury of “peers”. Does this mean everyone at Micron, Honeywell and Motorola should prepare for jury duty?

My last day with Dillon Supply

I started off my last day at Dillon Supply by going to get a CT Scan at Wake Radiology Consultants. Crohn’s is beating me up again. The barium suspension they gave me for the test sent my stomach into flips for the rest of the morning. I wasn’t okay until my sister brought me some medicine around 2:00. Then I struggled through a shower and went to get the last of my stuff from Dillon.

When I got there they had already disabled my access badge so I went in through the storefront. I had a long conversation with Mike about some recent technical decisions in my last days and how they were handled. All I can say now is that after all this it sounds like they’re getting straightened out.

Out with the old…

imageFor anyone who wants to reminisce over the old theme, here’s a screen shot. Every day Connor acts more like Amy so she can’t be left out. He’s not just like me, he’s just like us.
And for the big announcement: Monday, February 13th I will start my new position as the Manager of Information Systems at 1-800-Pack-Rat, Inc. Many thanks to Sean, Matt, and others who provided “impeccable” references. You rock. I get a base salary increase, annual performance bonus that’s 10% of base and a flexible spending account.  Amy and I are going to The Bonefish Grill tomorrow night to celebrate.