Monday, September 29, 2003

Google robot requests old links

what I’m wondering: On the webserver of my company I find a lot of requests from Google and Scooter robots for *very* old pages, resulting in 404 of course. Trying to reduce the number of 404 messages, I thought search engines would automatically remove outdated links from their databases. At least after trying for 100 (or more accurate 1000’s) of times. Is their something wrong, please let me know, because I really don’t know how to ‘talk’ to Google and say something like “hey, stop requesting this outdated file on my server”

Weekend is over...

...all back to work! I got a message from my friend @FIRSTNAME $LASTNAME. Well, looks like some spammers didn’t know how to spam. Like trying to execute Active Server Pages on a php/Linux server…I also see emails with subjects like $RANDOMIZE the last weeks. Is there some newbie spammer around or something.

Sunday, September 28, 2003

Security Steve

Well, as I was telling you the other day: I'm more and more on the hand of MS. But lo and behold - well, don't say that, the phrase is so popular there days that it becomes just noise in the background- now I just read this article above, where Microsofts's CEO Steve Ballmer compares hackers to skyscraper destroying terrorists showing absolutely no morale.


"Hackers are criminals," Ballmer says, plain and simple.


and another quote about the "criminals"


"There's no way to way to look these people as anything other than what they are: malicious people who are violating the law"


Unfortunately, this leaves no room at all to the interpretation that at least *some* so-called "criminals" serve the general public by announcing security holes. In the end, making software errors public, just forces software manufacturers to addressing security issues promptly, thereby preventing the exploitation in the future. Let's make a comparison: some
In the end this will make software more secure. I can draw no other conclusion that Mr. Ballmer must be a big fan of the principle of security by obscurity (correct me if I'm wrong). Well, there's an abundance of information about why this is a bad thing. For starters, read what Bruce Schneier has to say about this in his Cryptogram newsletters (worth reading!) or his book Secrets and Lies. It just does not work, and it is a dangerous way to just hide something secret in this digital age (thought added: well it will not work *in the end*, as there'll can / will always be someone reading your mind someway - and figuring out your cmd.exe resides in c:\mytools instead of the systemdir. I will not go into it any further, as I'll only do that when I'd have something new to tell you. Repeating what others have already said is only boring and not attributing anything to the discussion.

But we were talking about Microsoft. When they take the issue of security seriously, that is: are trying their best to make software more secure, they can only be happy with so many people finding security holes in their products. What I don't mean is that you should just write an exploit, release it on some hacker ftp site, and not tell the manufacturer about the issue. A reasonable amount of time should be given to them to fix the hole and subsequently release a patch to the general public



Thrusthworty Computing

I was thinking about their Thrusthworty Computing initiative they started last year (Feb 2002 if I remember correctly). Of all the opinions I read about it, and which for the majority – at least the ones I read – are laughing about it in more or less obvious terms, I tend to lean to the camp applauding this Initiative more and more. I think their meaning with this is serious, why would someone like Michael Howard devote a whole book to the subject of writing secure code. One can laugh, but I think MS could also have fixed the public opinion problem in a less troublesome way, namely just hiring some more marketing managers preaching about all serious trouble they give themselves writing better software… and instead just produce code-and-fix products. Why write a whole book like this and not meaning anything it says is beyond me. I’m on the MS side a bit, but they should be taking the customer serious. Maybe that’s something they forget in their near-all-mighty situation. Just wanted to share this thought with you. Do you agree, don’t’? Let me know. Which reminds me that I should look into a way to put comments on this site. I guess it must be possible, but I just didn’t take any time to look into the matter


So much blogs

Been reading a lot of blogs this afternoon. Also added some to the list on the left of your screen. What occurs to me is how difficult it is to bring some interesting thought in a blog instead of just repeating all news items of the past days, which can be found on any other blog (Verisign domain hyjacking, ICANNs objection, Verisigns refusal to take the much insulted page offline, MS working on better code – this one we see every week (see the other posting of today), the next virus or worm appearing, software engineers being responsible for their own code – hmm, this is one to give some more thought to because of its implications for developers
Anyway, all these newsitems can be found on a major number of blogs all referring in the end to the big news sites

Friday, September 26, 2003

delayed access to secure webserver

For some time I have this problem with a secure website. On a testmachine (Win2000) in our internal network the response on a https request was immediate, which is fine. On the live webserver, it took about 6 seconds before the client is given the option of accepting the vertificate (we are our own CA). Well, for the time being this is within acceptable borders, however I’m trying to find a way to make this response quicker. Now the real problem: on the testwebserver I installed a fresh Win2000 copy on a different partition which should in no way be able to influence the other installation. But… now it takes almost 2 minutes before the certificate screen pops up in the client, and another 1 ½ minutes for the test webserver to process the credentials. Seems like something is looking for something until some timout occurs. By now I have no solution for it. Tried the wfetch.exe utility from MS to troubleshoot the connection. What happens now is that, given correct credentials, the complete page is loaded within seconds in the utility. Maybe something wrong with the IE install, but nothing changed on my PC lately. I tried it with making the test webserver trusted, tried it without the trusted option... no difference. Well, tried another machine then: this works! A Win2000 server acting as client gets a response within 5 seconds, which is, as we concluded, within an acceptable range. I'm still working to get a fast response back on my own PC, as, well it could be any other outside client connecting to our secure server having this problem. And that certainly shouldn't happen, I've never encountered a client willing to wait for 3 1/2 minutes getting access to a website

Saturday, September 20, 2003

Something for the weekend

Felt like at least I had to write *something* for the weekend but couldn’t think about what. Write before the bug we discovered this week that effectively deletes data from our database under certain unforeseen circumstances. Or about the email blast which took me some time to start. This was because after moving to Exchange 2000, there suddenly seems some problem with sending email as another person. This “"you do not have the permission to send the message on behalf of the specified user" message was getting annoying after some time. And this even while I had the rights to “send as” this user :(
Anyway, the problem solved itself the next morning, probably due to some synchronising between the servers during the night: I said we’re in the *transition* to Exchange 2000, didn’t I…
Or should I write about the total lack of sleep from the last days (crying baby at night), which make working a bit uncomfortable. Well I don’t know. The last subject doesn't seem suitabel 'cause it make me look like a moaner. Let me just wish you a good weekend... at least I hope someone reads this: please send me mail


Monday, September 15, 2003

Print Landscape

Looking for a way to have webpages automatically print on landscape format. But, although JavaScript has access to the “print” window, no settings on it can be changed however. This page told about doing this using CSS. But, testing on IE6 did not result in the hoped for result. This means that the feature can only be used when the majority of my users users some version above IE6 (which will take a substantial amount of time I can tell you :) Or wait untilll they changed to some other obscure browser capable of handling the @page command. Or .. well , I guess I should forget about the feature anyway, use PDF or something. But it would have been nice to have automatically uploaded web pages printed in the format I want it

Share problems

Strange thing this. A user ‘suddenly’ couldn’t enter several shared drives on a Win2000 server which was installed weeks ago. It turned out share permissionsand directory permissions were allright; only the root dir only had admin allowance. This means everyone was perfectly able to access files with known paths inside the share ( call it deeplinking if you want). But entering from the upside down is another matter. What was strange though is that nobody noticed this earlier. Seems people work a lot from their bookmarks here

Alert: Bear virus!

Had a user this morning happily announcing she cleaned up the bear virus from her computer. You know, the jdbmgr.exe hoax At the end of the conversation it turned out it was about her home computer. pffffff, lucky me… Well actually, this was not a person who needs the Microsoft Debugger Registrar for Java on a daily basis

Sunday, September 14, 2003

inpiration

Not much inspiration this weekend. Normal stuff (shopping, cleaning the house, taking care of our 1 year old – what is interesting is that he just started to walk, which cleared some of his frustration of the last period, when that just didn’t work out exactly as he wanted).
This week I’ll bet it’l be a busy week, because of the holiday of my college. Also some standard ‘screen building’ (data entry forms) will be time consumers. We’ll see

Thursday, September 11, 2003

new features for free...



Wow, only 3 days at Blogger and the're giving away their Pro features for free!
. This is good news, thanks to the one man's IT Dept where I read this first

And it really works as you can see from this post. Adding a title is easier than typing a strong line at the start of every post. Additionally, there is the possibility to add a url on top of you post, one can change the time of the post based on your own time zone.
Also, I took the possibility to change some things in the standard template (the "posted by" was too big to my liking, just like the title

Tuesday, September 09, 2003

Just a quick install

This user was asking me: can you install this-and-this program I've been waiting for for some time. Well, just a simple program, never had problems with (HP lock which settles itself in the systray, click-click, and your Win NT Workstation is locked). Only, this time I didn't really verify whether it would work on this type of machine.... nope. Rebooting, two dll's failed to load and on Ctrl-Alt-Del the Winlogon process crashed hard (BSOD). Reboot, Last Known Good Menu > same result. Repair NT-installation > complete hang this time. New installation. Well, the installation itself (no image, we're starting working with them in the near future) only takes about 1 1/2 hours, but still... should be more careful next time :(

Monday, September 08, 2003

let me know what you think of this blog. You can email me at sikko2go I welcome some reaction, also because I'm still investigating the kind of subjects which are suitable here. It will have to fall in categories like Microsoft (no ranting!), Visual Basic & database programming, Web Security. But actually, evertying technical has my interest in some way (I install my own Linux machine when the need is there. I currently work at quite a small IT department. Therefore the One man's IT Department blog has my deep interest... Working at a small dept like this means doing everything from setting up Win2000 servers, helping users with their broken email clients, PC, laptops, doing some web development. Database programming is also an important part of the job. We have an inhouse SQL Server / Access database which we have to take care of. Well, I could go on and on, but you'll find something about these subjects here in the future .....

Thanks to Joel
...from Joel On Software I was drawn into making a weblog for multiple reasons. He showed me the fun of writing about everyday things with a tecnhnical mindset, and I wanted to improve on my web design skills which stopped to develop some 4 years ago…… only I found myself living on for months and months without anythning happening to the old home rolled blogsite. Until now, when I found out how easy it is to set something up on one of the free blogsites. I decided to switch goals and just put something quick-and-ready ont the net. I'll be programming and building websites at work, and informing you about my everyday

Only thing is, I don't want to pay for it, so I guess the banners up here will stay there for a while longer...

Visual basic prototyping

I'm wondering why people often refer to VB as only useful for prototyping (REF#1,REF#2). I think an application just needs to get the job done, and the size of the binary doesn't have to be a goal in itsef. I think I'm even going to devote an article to it…

eXtreme Programming

Reading a Martin Fowler article "Is design dead?". About XP -Extreme Programming-. This term seems to pop up everywhere, and I was wondering whether it can do something for me. Haven't found out yet. It aims to integrate design and building into one and the same person and process. Looks interesting, but the strict separation between designing and programming seems really appealing to me. It is also the way I was tought building applicatins. First, think the concept through, then -and only then- fire up your favorite RAD tool and start to code. Well, maybe I'll get back to this later...

Blogging at last

Today I put the preliminary version of my BLOG online. Because builsing something myself, and because of lacking an own domain name, I decided Blogger was my choice . More to follow …