I just finished cleaning up a Presario 2100, an older model notebook suffering from a keyboard problem. While typing, certain letters drop out, leaving words without h's i's and j's (among others). It has been suggested that this is related to the keyboard connection. However, I suspected that this was not the case (and I did not want to open the case ;^). Digging deeper I began to realize that it was actually the battery that was causing the problem. The battery had been dead for years, but somehow it was still interfering with the bus. When the battery was removed, the keyboard functioned perfectly, but when the battery was back in it started stuttering again.
The solution: I removed the terminal plug on the battery, popped it back in without its connector, and the machine is working great!
Thursday, March 05, 2009
Tuesday, February 24, 2009
Reinstalling Windows XP (Service Pack 3)
Extreme spyware infestations require extreme measures. Repartioning /wiping the hard drive and reinstalling Windows is the safest solution. If you reinstall Windows XP from the original system CD, it will usually install either Service Pack One, which has only limited firewalling capabilities, or Service Pack Two, if you are lucky. However, Microsoft is making the Service Pack 3 update available for download at:
http://www.microsoft.com/downloads/details.aspx?FamilyId=5B33B5A8-5E76-401F-BE08-1E1555D4F3D4&displaylang=en
Burn the installer to a CD, and you are good to go. You do not need to boot from the CD to run the Service Pack 3 installer.
In lieu of the SP3 update, you will need to install a third-party firewall (I would suggest the light-weight Filseclab personal firewall) BEFORE connecting to the Internet. After restarting with the firewall active, you can proceed to the Windows Update site to activate automatic updates, and download Service Pack Two and Three. It is a time-consuming process, and when you have a clean system you might wish to ghost it to CD or DVD for future reinstalls.
P.S. The answer to my Windows USB device problems was simple: My old computer was not supporting USB 2.0. So I can't really blame Winrot, can I?
http://www.microsoft.com/downloads/details.aspx?FamilyId=5B33B5A8-5E76-401F-BE08-1E1555D4F3D4&displaylang=en
Burn the installer to a CD, and you are good to go. You do not need to boot from the CD to run the Service Pack 3 installer.
In lieu of the SP3 update, you will need to install a third-party firewall (I would suggest the light-weight Filseclab personal firewall) BEFORE connecting to the Internet. After restarting with the firewall active, you can proceed to the Windows Update site to activate automatic updates, and download Service Pack Two and Three. It is a time-consuming process, and when you have a clean system you might wish to ghost it to CD or DVD for future reinstalls.
P.S. The answer to my Windows USB device problems was simple: My old computer was not supporting USB 2.0. So I can't really blame Winrot, can I?
Wednesday, December 10, 2008
Winrot, Ubuntu and Peripherals
Chalk it up to proprietary software, or call it a case of Winrot: I've been running my XP system for two years now, and with the constant updates it is rapidly filling up my hard drive. I was able to attach a Canon LIDE-certified scanner, by downloading the driver, however installing my other peripherals has been more difficult.
XP registers my Epson 870 printer, and I have been able to download and install the driver. The paper cycles through, the print heads move, but nothing is printed on the paper. I also used the installer CD with worse luck. The driver on the CD fails with a "communication error." I would love to spend hours troubleshooting this printer, but I do not have the time.
The solution: I plugged it into by Ubuntu Linux machine which instantly recognized the printer, and installed the Gutenprint adapter for the 870. I immediately began printing in vivid color!
XP registers my digital camera, and I installed the accompanying software from the CD. Does it transfer photos? No. It fails every time, with no explanation. USB again, however my USB thumb drive and Zip drive work just fine!
The solution: I plugged the camera into Ubuntu, which pulled up a download interface and began copying my photos on command. No need to download or install software.
So why I am I still using XP? It's got support for Adobe Shockwave, but that may be about all it's got going for it. The user interface is good in XP, but I'm tired of the Genuine Advantage program updates. After hearing the horror stories, I shudder every time it installs and runs the Genuine Advantage tester. I know my product key is legit, and I have the original CD, but I feel like I am at the mercy of Microsoft. Of course Genuine Advantage needs to talk to Microsoft Corporation, open a port in the firewall immediately!
XP registers my Epson 870 printer, and I have been able to download and install the driver. The paper cycles through, the print heads move, but nothing is printed on the paper. I also used the installer CD with worse luck. The driver on the CD fails with a "communication error." I would love to spend hours troubleshooting this printer, but I do not have the time.
The solution: I plugged it into by Ubuntu Linux machine which instantly recognized the printer, and installed the Gutenprint adapter for the 870. I immediately began printing in vivid color!
XP registers my digital camera, and I installed the accompanying software from the CD. Does it transfer photos? No. It fails every time, with no explanation. USB again, however my USB thumb drive and Zip drive work just fine!
The solution: I plugged the camera into Ubuntu, which pulled up a download interface and began copying my photos on command. No need to download or install software.
So why I am I still using XP? It's got support for Adobe Shockwave, but that may be about all it's got going for it. The user interface is good in XP, but I'm tired of the Genuine Advantage program updates. After hearing the horror stories, I shudder every time it installs and runs the Genuine Advantage tester. I know my product key is legit, and I have the original CD, but I feel like I am at the mercy of Microsoft. Of course Genuine Advantage needs to talk to Microsoft Corporation, open a port in the firewall immediately!
Sunday, August 10, 2008
XP Update breaks ZoneLabs
A recent Windows XP update (KB951748) caused an internet lockout for Zone Alarm users. I often install ZoneAlarm for my clients with ongoing security issues because it allows them to see incoming and outgoing traffic messages. This can be very informative for users, helping them to understand how many times their computer is connecting to the internet, and where it is reporting. Although the Windows XP firewall is equally robust, it tends to remain invisible to the user, and they may not even be aware if it is on or off.
Of course, the simplest solution to this problem was to activate the XP firewall, and deactivate ZoneAlarm. Thanks Microsoft! ZoneLabs counseled users to turn their Zone security settings from high to medium. ZoneLabs has released an update for Zone Alarm which will fix the problem.
Of course, the simplest solution to this problem was to activate the XP firewall, and deactivate ZoneAlarm. Thanks Microsoft! ZoneLabs counseled users to turn their Zone security settings from high to medium. ZoneLabs has released an update for Zone Alarm which will fix the problem.
Wednesday, January 16, 2008
Diagnosing Spyware
Are you wondering whether your computer is infected with spyware? I am a spyware detective, and I deal with many infected machines. I have seen everything from malware to rootkits. I have grave concerns about future developments in software for criminal use.
Over the last two weeks I have serviced two computers that were riddled with viruses and spyware. Guess what? Both were running up-to-date antivirus software, one ran Norton 360, and one ran McAfee. The clients claimed not to have run e-mail attachments, or any unknown executables, although I have my doubts.
Neither McAfee nor Norton could detect the problems on their own systems, however the users reported problems connecting to the internet and browsing websites, and one could not access his control panels (they disappeared from the XP start menu!).
I run a triad of detection tools that I have found to be most effective: Lavasoft's AdAware, Spybot Search and Destroy, and AVG antivirus. AVG antivirus is very effective at rooting out problem viruses and even spyware that Norton and McAfee do not seem to detect. I had to run the tools repeatedly, because on both machines the active spyware was able to hide itself during initial scans, until I had disabled components of it, and restarted - of course it's best to go through the startup items, and disable any obvious spyware first!). After three cycles of all three detection tools, I had uncovered dozens of problems on the machines and corrected them.
The XP system running Norton was badly damaged. Norton's program structure had been disabled, and could not be uninstalled. Symantec does provide a Norton removal tool, but even that did not remove Norton completely. I chose not to reinstall it, because of its ongoing issues, and selected AVG antivirus (free for home users) instead. Although the Control Panels reappeared, there were damaged functions that required a full system restore. The user opted to purchase a new computer instead! Thanks a lot malware...
The McAfee machine is functioning normally, after the removal of one virus and several malware and spyware components.
The Norton machine had another symptom: The LMHOSTS file had been altered to prevent Norton from updating, and to prevent access to various spyware removal websites. That's a sure sign that a system is compromised.
I typically notice high CPU usage on seriously compromised machines, and high transmit rates when I am not browsing the internet. These would be other giveaways. If you are familiar with the XP system registry, check what is starting up. Some startup items only manifest in the registry! A malware process often has a unique registry entry.
Good luck with the malware investigation! If folks have to buy a new computer because of malware, that's a benefit for computer and OS manufacturers, but a huge burden on society. Of course, I always hint that users could switch to Linux!
Try installing Zone Alarm's free firewall as well, and deactivate the Windows firewall to test with Zone Alarm. You may see the names of program components as they try to register to communicate over the internet.
Good luck...spyware begone!
Over the last two weeks I have serviced two computers that were riddled with viruses and spyware. Guess what? Both were running up-to-date antivirus software, one ran Norton 360, and one ran McAfee. The clients claimed not to have run e-mail attachments, or any unknown executables, although I have my doubts.
Neither McAfee nor Norton could detect the problems on their own systems, however the users reported problems connecting to the internet and browsing websites, and one could not access his control panels (they disappeared from the XP start menu!).
I run a triad of detection tools that I have found to be most effective: Lavasoft's AdAware, Spybot Search and Destroy, and AVG antivirus. AVG antivirus is very effective at rooting out problem viruses and even spyware that Norton and McAfee do not seem to detect. I had to run the tools repeatedly, because on both machines the active spyware was able to hide itself during initial scans, until I had disabled components of it, and restarted - of course it's best to go through the startup items, and disable any obvious spyware first!). After three cycles of all three detection tools, I had uncovered dozens of problems on the machines and corrected them.
The XP system running Norton was badly damaged. Norton's program structure had been disabled, and could not be uninstalled. Symantec does provide a Norton removal tool, but even that did not remove Norton completely. I chose not to reinstall it, because of its ongoing issues, and selected AVG antivirus (free for home users) instead. Although the Control Panels reappeared, there were damaged functions that required a full system restore. The user opted to purchase a new computer instead! Thanks a lot malware...
The McAfee machine is functioning normally, after the removal of one virus and several malware and spyware components.
The Norton machine had another symptom: The LMHOSTS file had been altered to prevent Norton from updating, and to prevent access to various spyware removal websites. That's a sure sign that a system is compromised.
I typically notice high CPU usage on seriously compromised machines, and high transmit rates when I am not browsing the internet. These would be other giveaways. If you are familiar with the XP system registry, check what is starting up. Some startup items only manifest in the registry! A malware process often has a unique registry entry.
Good luck with the malware investigation! If folks have to buy a new computer because of malware, that's a benefit for computer and OS manufacturers, but a huge burden on society. Of course, I always hint that users could switch to Linux!
Try installing Zone Alarm's free firewall as well, and deactivate the Windows firewall to test with Zone Alarm. You may see the names of program components as they try to register to communicate over the internet.
Good luck...spyware begone!
Saturday, October 06, 2007
OSX and the Sirius Player
Sirius Radio's web-based player is helpful when there is interference with Sirius' satellite signal, as in the case of a recent client who listens to the Metropolitan opera through Sirius' web-based player. However, a recent OSX update appeared to break Sirius' web-player.
The truth is that Sirius' player uses Windows Media Player as its base, and OSX tends to favor Apple's native Quicktime player. Apple corrected the problems in a Quicktime update, and once we were completely up-to-date with all of 10.3.9's updates, including Quicktime and Safari, we were able to load Sirius' web-based player in Safari.
Apple is on the move, refining OSX with regular updates. Running an OSX prior to 10.3.9 may mean a loss of functionality. If you have OSX 10.3.9 I recommend running all of your updates.
The truth is that Sirius' player uses Windows Media Player as its base, and OSX tends to favor Apple's native Quicktime player. Apple corrected the problems in a Quicktime update, and once we were completely up-to-date with all of 10.3.9's updates, including Quicktime and Safari, we were able to load Sirius' web-based player in Safari.
Apple is on the move, refining OSX with regular updates. Running an OSX prior to 10.3.9 may mean a loss of functionality. If you have OSX 10.3.9 I recommend running all of your updates.
Friday, August 10, 2007
Slow Internet / DNS response in Ubuntu Dapper
I recently upgraded to Linux Dapper Drake with a CD, and everything was working very well until I allowed Dapper to perform its automatic updates.
The updates created a problem in Firefox: URL's did not even begin to load for twenty seconds. I guessed this was related to my Linksys router, however I also knew that Windows was working fine, and Dapper worked before the updates. I researched the issue and patched together a solution, which I posted to the Ubuntu community forums. If my DNS servers change, there could be an issue, however at that point I could switch to open DNS.
Here's the problem: Ubuntu is having difficulty with DNS because of miscommunication with the router (related to wrong ports).
Here is my advice:
Establish a direct DNS connection. No need to disable IPv6!
1. Find your DNS servers. You may need to check your router settings (usually 192,168.1.1 or 192.168.0.1). Look for a status tab, or similar with the current DNS information. Write down your DNS servers (x.x.x.x & x.x.x.x).
You may wish to back up your dhclient.conf file at this point. In the Terminal, type:
cp /etc/dhcp3/dhclient.conf /etc/dhcp3/dhclient.bak
2. Enter these DNS servers directly in your dhclient.conf file:
sudo gedit /etc/dhcp3/dhclient.conf
You should see your dhclient.conf file displayed (with text in it). Add two lines to the end:
supersede domain-name-servers x.x.x.x,x.x.x.x;
prepend domain-name-servers x.x.x.x,x.x.x.x;
The x's represent your DNS server IP addresses that you found in Step 1.
Save your dhclient.conf file, close gedit and return to the Terminal.
Now restart your DNS lookup with (assuming eth0 is your connection to the router):
sudo ifdown eth0 && sudo ifup eth0
You should immediately experience an improvement in your Internet speed.
I built this solution with help from https://forum.bytemark.co.uk/viewtopic.php?pid=1790 as well as several Ubuntu forum entries.
The updates created a problem in Firefox: URL's did not even begin to load for twenty seconds. I guessed this was related to my Linksys router, however I also knew that Windows was working fine, and Dapper worked before the updates. I researched the issue and patched together a solution, which I posted to the Ubuntu community forums. If my DNS servers change, there could be an issue, however at that point I could switch to open DNS.
Here's the problem: Ubuntu is having difficulty with DNS because of miscommunication with the router (related to wrong ports).
Here is my advice:
Establish a direct DNS connection. No need to disable IPv6!
1. Find your DNS servers. You may need to check your router settings (usually 192,168.1.1 or 192.168.0.1). Look for a status tab, or similar with the current DNS information. Write down your DNS servers (x.x.x.x & x.x.x.x).
You may wish to back up your dhclient.conf file at this point. In the Terminal, type:
cp /etc/dhcp3/dhclient.conf /etc/dhcp3/dhclient.bak
2. Enter these DNS servers directly in your dhclient.conf file:
sudo gedit /etc/dhcp3/dhclient.conf
You should see your dhclient.conf file displayed (with text in it). Add two lines to the end:
supersede domain-name-servers x.x.x.x,x.x.x.x;
prepend domain-name-servers x.x.x.x,x.x.x.x;
The x's represent your DNS server IP addresses that you found in Step 1.
Save your dhclient.conf file, close gedit and return to the Terminal.
Now restart your DNS lookup with (assuming eth0 is your connection to the router):
sudo ifdown eth0 && sudo ifup eth0
You should immediately experience an improvement in your Internet speed.
I built this solution with help from https://forum.bytemark.co.uk/viewtopic.php?pid=1790 as well as several Ubuntu forum entries.
Friday, January 12, 2007
Can we Protect Privacy and Reputation?
I was recently published in CIO magazine in a response to Rob't Atkinson. Here is "Privacy and Progress: We Can Have Both" from the December 1, 2006 issue:
"I disagree with Robert Atkinson’s article “The Luddites are Coming” [Oct. 1]. I have yet to meet someone who is actively against the Internet. There is no “war against IT.” At least not yet!
I find that IT’s strongest critics come from within our own ranks, and appear on the pages of your magazine and similar publications. Perhaps this is because we understand the threats and possibilities of IT.
"The public does have legitimate concerns, especially if they are informed that their personal data has been stolen from an unsecured laptop, or through an online hack. Everyone has a right to be concerned if rootkits and “back doors” allow hackers to scan your hard drive or record your keystrokes. We should be angry if thieves divert legitimate network traffic to illegal Web servers that spoof legitimate sites. This is the new reality of an IT world. Unless we get security under control, we are going to lose public support.
"IT professionals know that biometrics do not provide foolproof security, and that Microsoft’s fingerprint reader can be fooled. We are very concerned about a society where everyone’s financial data, phone records and Social Security numbers are available for $75 online.
National databases are currently gathering thorough profiles of us as individuals and consumers, and the federal government is very interested in this information. As IT professionals, we need to advocate for the individual in terms of privacy, reputation protection and online security.
"I believe we currently have the support of the public, and that almost everyone realizes that network technology has benefits for the general population. However, as identity chips are implanted in livestock and people, we will face renewed questions about surveillance issues and privacy rights. We can respond by targeting imaginary “Luddites,” or we can develop more standards and protections for consumers before we release smart systems and biometrics into popular use."
"I disagree with Robert Atkinson’s article “The Luddites are Coming” [Oct. 1]. I have yet to meet someone who is actively against the Internet. There is no “war against IT.” At least not yet!
I find that IT’s strongest critics come from within our own ranks, and appear on the pages of your magazine and similar publications. Perhaps this is because we understand the threats and possibilities of IT.
"The public does have legitimate concerns, especially if they are informed that their personal data has been stolen from an unsecured laptop, or through an online hack. Everyone has a right to be concerned if rootkits and “back doors” allow hackers to scan your hard drive or record your keystrokes. We should be angry if thieves divert legitimate network traffic to illegal Web servers that spoof legitimate sites. This is the new reality of an IT world. Unless we get security under control, we are going to lose public support.
"IT professionals know that biometrics do not provide foolproof security, and that Microsoft’s fingerprint reader can be fooled. We are very concerned about a society where everyone’s financial data, phone records and Social Security numbers are available for $75 online.
National databases are currently gathering thorough profiles of us as individuals and consumers, and the federal government is very interested in this information. As IT professionals, we need to advocate for the individual in terms of privacy, reputation protection and online security.
"I believe we currently have the support of the public, and that almost everyone realizes that network technology has benefits for the general population. However, as identity chips are implanted in livestock and people, we will face renewed questions about surveillance issues and privacy rights. We can respond by targeting imaginary “Luddites,” or we can develop more standards and protections for consumers before we release smart systems and biometrics into popular use."
Thursday, January 04, 2007
Net Neutrality and Market Pricing
I was recently published in Network World (12/11/06):
"I usually agree with Johna Till Johnson, but her article 'Nuances Matter in Net Neutrality' left me perplexed.
[She asks] Why would Google support net neutrality regulations? They developed Google video, purchased YouTube for 1.65 billion dollars, and signed content agreements with Universal, Warner Music Group, Vivendi, the NHL, and others. But with AT&T offering Internet television on demand in their Homezone package, can Google compete? Only if their content is not further degraded.
Johna is right that net neutrality is still a vague concept. There's almost no way to tell if content is being intentionally degraded and it may be difficult to enforce legislation specific enough to address real world problems. However, it is important that we have a fair and level playing field. Whether content is charged per bit or per packet, the price should be the same for any player. A typical market incentive is volume discounts, not volume overcharges.
Net neutrality may end up being decided in myriad individual court cases relating to anti-competitive practices, or in government antitrust action. But the idea that carriers such as AT&T are investing billions in a "money-losing endeavor" is ridiculous. Video is the next phase of the internet, and it requires infrastructure expansion and investment. Net neutrality means that all players in the video over internet market receive a fair price as well as reasonable and enforceable quality of service agreements."
"I usually agree with Johna Till Johnson, but her article 'Nuances Matter in Net Neutrality' left me perplexed.
[She asks] Why would Google support net neutrality regulations? They developed Google video, purchased YouTube for 1.65 billion dollars, and signed content agreements with Universal, Warner Music Group, Vivendi, the NHL, and others. But with AT&T offering Internet television on demand in their Homezone package, can Google compete? Only if their content is not further degraded.
Johna is right that net neutrality is still a vague concept. There's almost no way to tell if content is being intentionally degraded and it may be difficult to enforce legislation specific enough to address real world problems. However, it is important that we have a fair and level playing field. Whether content is charged per bit or per packet, the price should be the same for any player. A typical market incentive is volume discounts, not volume overcharges.
Net neutrality may end up being decided in myriad individual court cases relating to anti-competitive practices, or in government antitrust action. But the idea that carriers such as AT&T are investing billions in a "money-losing endeavor" is ridiculous. Video is the next phase of the internet, and it requires infrastructure expansion and investment. Net neutrality means that all players in the video over internet market receive a fair price as well as reasonable and enforceable quality of service agreements."
Monday, December 11, 2006
Rootkit Fever
Rootkits are becoming more common. By infiltrating deep into the system they are very hard to remove without damaging vital system resources. You play a game of tag, trying to remove the debris from the registry, while the rootkit runs on ahead, reclaiming territory you thought you had cleaned up. One of my clients recently lost his Windows ME to a rootkit. We ran some great antispyware tools, installed a compatible firewall (hard to find for ME), but it was too late. Soon all of his files were inaccessible, although he could still send e-mail. Rootkits love to copy themselves over the internet, so they often keep this resource alive when all else seems to drag into infinity. One client reports the sound of a child laughing, which indicates the contamination. Auditory hallucinations, or the first sign of impending doom?
XP's firewall seems to be sufficient for stopping rootkit contamination, and Windows 98 does not seem to be a big target. I have a feeling that Vista will resolve a lot of these issues. Or you can always switch to Linux!
XP's firewall seems to be sufficient for stopping rootkit contamination, and Windows 98 does not seem to be a big target. I have a feeling that Vista will resolve a lot of these issues. Or you can always switch to Linux!
Wednesday, November 15, 2006
Linksys drops settings
I have noticed that several of my small business clients consistently lose their Linksys router settings, affecting their cabled and wireless networks. It happens randomly, with no particular regularity. However, three clients report that this has happened more than once. As they did not know how to access the router settings, they could not have changed them. What they experience is that they can no longer connect to the internet until we go into the router settings and reset them. Sometimes all the settings are gone, but most of the time we just have to tell the router to connect. They are all on DSL.
If this is happening to you, you can check your Linksys settings by opening your browser and entering http://192.168.1.1 into the address bar. It will ask you for a password: If you don't know it, try leaving it blank, or entering "admin" - if neither of these work you may have to reset the router (small button), or call Linksys/Cisco for free support.
If this is happening to you, you can check your Linksys settings by opening your browser and entering http://192.168.1.1 into the address bar. It will ask you for a password: If you don't know it, try leaving it blank, or entering "admin" - if neither of these work you may have to reset the router (small button), or call Linksys/Cisco for free support.
Thursday, November 09, 2006
OSX 10.3 firmware update kills monitor
With the introduction of OSX 10.3, Apple demands JEDEC compatible RAM. How did I learn this? While updating a friend's computer to OSX 10.3, I encountered a new phenomenon for me, the disappearing screen. Let me tell you the story...
Bob has an iMac G3, which according to Apple is compatible with OSX 10.3. However when we tried to install 10.3, we received a message asking us to upgrade the firmware, a message that is typical for Apple upgrades. To update the firmware, you go to Apple's firmware list, and download the upgrade for your model, then run the installer, turn off the computer, and start it up while holding the programmer's key, a small button with a carat symbol. You hear a long chime, and the firmware is updated.
However, due to a little-known problem, Bob's firmware update crashed his video....the screen died, although we could hear the computer starting up and spinning the CD. There was no way to access the open firmware settings or the console. Had the firmware update crashed? Did we permanently damage the boot ROM? No, the answer was both simpler and more complex.
I swapped the hard drive into another iMac, and it booted correctly, displaying a message, "Your firmware update is complete!" - seemed like a good sign. Next I swapped the RAM from the working iMac into Bob's iMac. Now it started up with the normal tone, then emitted three beeps and stopped working. I went a step further and dug out some RAM sticks I had lying around. After trying a couple, I found one that worked. Bob's iMac started up correctly, booted his hard drive and the monitor. Soon after that I found this document on Apple's website:
Firmware Update: Firmware Updates 4.1.7 and Later May Disable Out-of-Spec Third-Party RAM
http://docs.info.apple.com/article.html?artnum=60839
So remember team:
"When purchasing RAM modules for use in Macintosh computers, make sure that they conform to the JEDEC specification."
Otherwise you may face the blank screen of death!
Bob has an iMac G3, which according to Apple is compatible with OSX 10.3. However when we tried to install 10.3, we received a message asking us to upgrade the firmware, a message that is typical for Apple upgrades. To update the firmware, you go to Apple's firmware list, and download the upgrade for your model, then run the installer, turn off the computer, and start it up while holding the programmer's key, a small button with a carat symbol. You hear a long chime, and the firmware is updated.
However, due to a little-known problem, Bob's firmware update crashed his video....the screen died, although we could hear the computer starting up and spinning the CD. There was no way to access the open firmware settings or the console. Had the firmware update crashed? Did we permanently damage the boot ROM? No, the answer was both simpler and more complex.
I swapped the hard drive into another iMac, and it booted correctly, displaying a message, "Your firmware update is complete!" - seemed like a good sign. Next I swapped the RAM from the working iMac into Bob's iMac. Now it started up with the normal tone, then emitted three beeps and stopped working. I went a step further and dug out some RAM sticks I had lying around. After trying a couple, I found one that worked. Bob's iMac started up correctly, booted his hard drive and the monitor. Soon after that I found this document on Apple's website:
Firmware Update: Firmware Updates 4.1.7 and Later May Disable Out-of-Spec Third-Party RAM
http://docs.info.apple.com/article.html?artnum=60839
So remember team:
"When purchasing RAM modules for use in Macintosh computers, make sure that they conform to the JEDEC specification."
Otherwise you may face the blank screen of death!
Wednesday, October 18, 2006
Anti-Rootkit Tools
There are two free tools that can help with detecting rootkits: Sophos Anti-Rootkit (www.sophos.com/products/free-tools/sophos-anti-rootkit.html) and Rootkit Revealer ( www.sysinternals.com/Utilities/RootkitRevealer.html). While both are useful tools, Rootkit Revealer digs deeper and returns more information than the Sophos tool. Some rootkits may prevent Rootkit Revealer from running properly, and you will receive an error message. This is a good sign that there is a rootkit on the machine. Some rootkits that I detected with Rootkit Revealer, were not detected by Sophos Anti-Rootkit, therefore I would recommend running both if you suspect a rootkit on your system.
Saturday, August 26, 2006
Vulnerability
"Feature-Rich" would be a good description for the majority of new software offerings. But with more features can come more vulnerabilities. The latest spectre is the dreaded "rootkit" which is rumoured to transform a $1000 computer into a pile of trash. Rootkits allow hackers to zombify your computer. They decide how much functionality is leftover for you, after your computer sends a million spam e-mails to Canada. Not a pretty sight.
Rootkits can be revealed. However, they show a dangerous precedent. There is currently no 100% defense against hackers, short of pulling your network connection. You can imagine a future where rootkits and other hacker tools mean your computer is not your own while it is plugged in on the internet. Because rootkits are very hard to detect, they are the ultimate trojan horse. As long as a hacker only uses part of your internet bandwidth, you may not even detect the manipulation.
Subscribe to:
Comments (Atom)