Archive for February, 2007
Installing Windows Vista using Bootcamp on a MacBook Pro
by Rodney Campbell on Feb.13, 2007, under Life, Technology
I recently installed Windows Vista under Parallels (I’m running the latest Beta – Build 3150) which worked fine except as Parallels does not yet support 3D graphics acceleration you don’t get any of those nice Aero Glass effects.
To see how well Vista can run on a Mac I decided to give Apple’s Bootcamp beta (version 1.1.2) a try.
Installation of Bootcamp is painless and after making a 20GB partition for windows and creating the Macintosh Bootcamp Drivers for Windows XP CD I was ready to boot the Vista installation DVD.
After going through the normal process of installing Windows Vista (it autodetects and installs drivers for just about all of the MacBook Pro’s hardware – including as it happens my Apple Bluetooth keyboard and Bluetooth Wireless Mighty mouse) I manually installed a few more things to get Vista working just right.
First off ethernet and graphics drivers work out of the box (including Aero) however I updated the ATI catalyst drivers (including support for the Mobility Radeon X1600) to the latest Vista release from Catalyst 7.1 Display Driver for Windows Vista (32 bit).
To enable iSight and Sound you will need to manually extract and install the drivers from the Macintosh Bootcamp Drivers for Windows XP CD you made before – to do this insert the CD into the drive and run the following from a DOS command prompt under Windows Vista:
D:\Install Macintosh Drivers for Windows XP.exe /A /v
and follow the prompts to extract the drivers to a location.
To install the Sound driver navigate to the location where you extracted the drivers and go to the "program files\Macintosh Drivers for Windows XP 1.1.2\SigmaTel" folder and double click the setup.exe file in there.
To install the iSight driver Launch the Control Panel and go into the Device Manager. Go to sub-category called "Imaging Devices". iSight should be listed there. Right click the item and select "Update Driver Software". Manually install the driver by choosing "Browse My Computer For Driver Software", tick "Let Me Pick From a List…" and tick "Have Disk". Now navigate to your drivers folder and select the iSight.inf file in the "program files\Macintosh Drivers for Windows XP 1.1.2\iSight" folder. Install the driver.
Instead of installing the BootCamp Apple Keyboard driver and Brightness Controller program I suggest you just install the excellent Input Remapper software. This little gem basically gives you all the Apple Function key functionality available in OS X (F1 and F2 Screen Brightness, F3 Mute, F3 and F4 Volume Down and Up, F6 Num Lock, F8 F9 and F10 Keyboard Backlighting controls, F11 and F12 Media Playback controls and Eject plus things like Ctrl-Alt-Del.
BTW: My Vista Ratings (for my 17" MacBook Pro – 2.33GHz Core 2 Duo, 3GB RAM, 160GB 5400RPM HD) were:
Processor: 5.2
Memory (RAM): 4.7
Graphics: 4.9
Gaming Graphics: 4.9
Hard Disk: 4.8
2007.02.13 Daily Security Reading
by Rodney Campbell on Feb.13, 2007, under Security
Writing an RFP for a Network Access Control Solution
When considering network security solutions, many organizations choose network access control (NAC) technology as an integral part of their security fabric. Many industry experts believe that NAC is vital to complete network security.
Solaris Telnet 0-day vulnerability
This is almost identical to a bug in AIX and Linux rlogin from way back in 1994.
According to the Doom9 forums HD-DVD has been hacked. Arnezami has found the volume key for King Kong, which should work for all HD-DVDs.
2007.02.12 Daily Security Reading
by Rodney Campbell on Feb.12, 2007, under Security
Yapbrowser: Directing you to Illegal Content
Web-browsers. They’re all around you, on every PC across the length and breadth of the planet, yet you probably don’t stop to think about them too much. Why would you? They’re just there, and that’s all that matters, like the mouse or the keyboard – a tool you just plug in to do something else, without worrying about what they happen to be doing internally.
Cisco going open source with NAC client
As it develops the next-generation of network security infrastructure, Cisco Systems Inc. is planning to cease development on its network admission control (NAC) client, the Cisco Trust Agent (CTA), and submit the source code for the software client to the open-source community.
Investigative reporter Kim Zetter spent a year probing the life of David Thomas, a high-tech grifter who became an FBI asset. In interviews with Thomas, his girlfriend, his associates in the underground and federal agents on the cybercrime beat, Zetter pieced together the strange world of the "boards," online bazaars where crooks and swindlers work together to scam everyone else.
Price of cybercrime tools shrinks
It’s becoming cheaper and easier to get hold of the tools needed to launch a cybercrime attack.
2007.02.08 Daily Security Reading
by Rodney Campbell on Feb.08, 2007, under Security
Essential lockdowns for Layer 2 switch security
Failing to secure your switch architecture is like sending hackers an engraved invitation to attack your network. Yet security administrators often neglect to lock down Layer 2 of their network infrastructure. This comprehensive guide explains the essential procedures that will enable you to properly configure and secure your switch infrastructure.
Hackers Attack Key Net Traffic Computers
Hackers briefly overwhelmed at least three of the 13 root DNS servers that help manage global computer traffic Tuesday in one of the most significant attacks against the Internet since 2002.
RSA Security conference… kiosks… running under the all-powerful administrator account.
Stefan Esser is the founder of both the Hardened-PHP Project and the PHP Security Response Team (which he recently left). Federico Biancuzzi discussed with him how the PHP Security Response Team works, why he resigned from it, what features he plans to add to his own hardening patch, the interaction between Apache and PHP, the upcoming "Month of PHP bugs" initiative, and common mistakes in the design of well-known applications such as WordPress.
2007.02.07 Daily Security Reading
by Rodney Campbell on Feb.07, 2007, under Security
Pointers to some interesting tools designed to harden your Apache/PHP environment.
Information security is the process of protecting data from accidental or intentional misuse by persons inside or outside of an organization, including employees, consultants, and yes, the much-feared hacker. A security breach can involve anything from a website defacement to a computer virus, to an employee who inadvertently discloses his password, to a former employee who sabotages a customer database, to corporate spies who find out how many widgets your top customer bought last month.
A Brief Exaplnation of Diffie-Hellman Key Exchange
A cryptographic key exchange method developed by Whitfield Diffie and Martin Hellman in 1976. Also known as the "Diffie-Hellman-Merkle" method and "exponential key agreement," it enables parties at both ends to derive a shared, secret key without ever sending it to each other.
Security is both a feeling and a reality. And they’re not the same.
Kevin Mitnick says his story is the Catch Me if You Can of cyberspace.
Security zone shortcomings – why browsers and websites encourage phishing
For those of you unaware or unfamiliar with browser security zones, the short story is that web sites can be classified into ‘zones’. There’s typically a zone for web sites you explicitly trust (such as your bank), a zone for local/intranet web sites (typical in a work environment), and then an Internet zone for everything else.
Study Finds Web Antifraud Measure Ineffective [pdf]
Internet security experts have long known that simple passwords do not fully defend online bank accounts from determined fraud artists. Now a study suggests that a popular secondary security measure provides little additional protection.