Pages

Monday, March 31

Comment becoming a post

Got this as an anonymous comment on my last post:

"anonymous said...
How is it even remotely weak? Considering most virii spreading around these days is done via browser related vulnerabilities, I hardly would consider it "weak".

If it is so easy to discover browser vulnerabilities then how come IE7 held up on the Windows box (until the 3rd day when it was owned by flash)? How come you don't have any browser vulnerabilities credited to your name?

I hate to be "that guy", but the guy that won Pwn2Own walked away with $10k and a new laptop. I doubt he cares too much what bloggers think of him or his vulnerability, especially someone that hasn't done any similar research. Don't bash someone else's work unless you can reproduce it yourself.

Mon Mar 31, 08:55:00 AM"

My response:

Dear person-who-didn't-leave-their-name,

Who says I was bashing work? I still think it's a weak vulnerability.

I'm not saying that the guy that discovered it is stupid, or that the exploit itself is stupid -- props to him for getting 10k and a fat laptop. I'm saying that most of the journalists and bloggers out there are saying things like "Mac owned in 2 minutes". Really? Was it owned in two minutes? Or did the guy merely have the exploit already set up on his webpage before the contest began. Does that make sense? I don't like sensationalist headlines, essentially.

I'm also not saying it's easy for someone to discover the vulnerability, I am sure it took alot of research and fuzzing. I am saying now-a-days, there are alot of browser vulnerabilities. It seems like every week there is at least one. I'm not saying that the research that is done by the people isn't worthwhile, I am just not a fan of browser vulnerabilities, because, as I said.. It's easy to switch browsers.

I do think it was interesting that Windows held up until Flash was introduced. But what kind of metrics are we using here? A machine wasn't able to get exploited in one week? It takes more time than that doesn't it?

All punditry. I guess I just miss the days of remote server side exploits like ws_ftp, IIS, and the like.


Subscribe in a reader

Saturday, March 29

New Calendar phishing


The 419's will stop at nothing to scam you.  Now they are forging legit looking Calendar requests.  (Actually, this was a LEGIT calendar request!)  To get me to meet with them because I had won the death lottery.  Awesome.

Keep an eye out for these!  Classic.

 Subscribe in a reader

Pwn2Own

People have been writing into me asking what I think of the Mac getting owned in the pwn2own contest at CanSecWest.

Truth is, two things.  I don't know about the exploit other than it was Safari related.
And second, browser vulnerabilities suck.  No matter the browser, simply because there are so many exploits for every browser that is out there, and they pop up, then are quickly squashed all the time.  Plus, it's way too easy to just switch browsers now a days.  Many computers are starting to have more than one browser on them now..  not by default, but just by sheer happenstance.

All in all, I am going to say the same thing I said last year when the same thing happened at CanSecWest when a Mac was owned via the browser, then that's all I am going to say about it.

Weak.

 Subscribe in a reader

New Calendar phishing


The 419's will stop at nothing to scam you.  Now they are forging legit looking Calendar requests.  (Actually, this was a LEGIT calendar request!)  To get me to meet with them because I had won the death lottery.  Awesome.

Keep an eye out for these!  Classic.

 Subscribe in a reader

Friday, March 28

Top 30 podcasts in iTunes


Not only did our podcast finally get indexed (correctly) by iTunes yesterday, but today I looked in there, and our podcast is in the top 30!  Now, I know that the algorithm that manages the top "whatever" is done by how many people subscribe all at once and new subscribers and that kind of thing, so naturally, we are going to shoot up at first..  But I thought it was cool.  (No I don't really know how the algorithm works, it's just a hunch, and I know it will be different on other people's computers...

So, thanks.    Subscribe through iTunes here!

Digg it here.




 Subscribe in a reader

Top 30 podcasts in iTunes


Not only did our podcast finally get indexed (correctly) by iTunes yesterday, but today I looked in there, and our podcast is in the top 30!  Now, I know that the algorithm that manages the top "whatever" is done by how many people subscribe all at once and new subscribers and that kind of thing, so naturally, we are going to shoot up at first..  But I thought it was cool.  (No I don't really know how the algorithm works, it's just a hunch, and I know it will be different on other people's computers...

So, thanks.    Subscribe through iTunes here!

Digg it here.




 Subscribe in a reader

Thursday, March 27

A new podcast hits the airwaves

Last night Dr. Johannes and I sat down and recorded the first podcast of the Internet Storm Center.  Episode One.  The audio on my mic at the beginning is a bit low (I wasn't close enough to the mic), and Johannes's mic almost the whole way through was red peaking.  (I had him turned up too loud).  We recorded the whole thing over Skype, and I used Garargeband to master the sound.  It was pretty cool.  I am still learning how to use Garageband, so you might have to bear with me for a couple podcasts still, but I'm getting it.  In total there are about 8 tracks on the podcast, all requiring equalization and mastering, fading in and out, album art... etc.  So, it was kind of interesting.  

You can get the podcast through iTunes here.  (Hit subscribe, it'll download the newest one)  Or for you non-iTunes users, you can get it here.  Right now I only have it available in m4a (aac compression), but we should get the mp3 up very soon.  (I ran out of time last night, screaming baby and all)

On another note...


Paul of PaulDotCom and I were talking this morning about some potential podcast ideas, and we think we have come up with a good idea.  So those of you that are involved in podcasting about security, please start watching your inbox for emails from me/paul/johannes involved an idea we may have.  I know many of you read this blog either directly or through a syndicated feed, so, keep an eye out.

 Subscribe in a reader

A new podcast hits the airwaves

Last night Dr. Johannes and I sat down and recorded the first podcast of the Internet Storm Center.  Episode One.  The audio on my mic at the beginning is a bit low (I wasn't close enough to the mic), and Johannes's mic almost the whole way through was red peaking.  (I had him turned up too loud).  We recorded the whole thing over Skype, and I used Garargeband to master the sound.  It was pretty cool.  I am still learning how to use Garageband, so you might have to bear with me for a couple podcasts still, but I'm getting it.  In total there are about 8 tracks on the podcast, all requiring equalization and mastering, fading in and out, album art... etc.  So, it was kind of interesting.  

You can get the podcast through iTunes here.  (Hit subscribe, it'll download the newest one)  Or for you non-iTunes users, you can get it here.  Right now I only have it available in m4a (aac compression), but we should get the mp3 up very soon.  (I ran out of time last night, screaming baby and all)

On another note...


Paul of PaulDotCom and I were talking this morning about some potential podcast ideas, and we think we have come up with a good idea.  So those of you that are involved in podcasting about security, please start watching your inbox for emails from me/paul/johannes involved an idea we may have.  I know many of you read this blog either directly or through a syndicated feed, so, keep an eye out.

 Subscribe in a reader

Monday, March 24

Happy Birthday OSX!


Seven years old today.  Happy Birthday OSX.  March 24, 2001, Apple Releases OS X (10.0) Code-named Cheetah.  Remember those days?  I was to meet my wife (to be) a week later...  What is now the Apple Store in my local mall used to be a 5-7-9.  My primary operating system at the time was Redhat/XP.  A year later I bought a Mac.

Time flies.  Remember pre-OSX?   Now remember seven years ago... No iPod's?  No iPhones?  No Apple Stores?  

 Subscribe in a reader

Happy Birthday OSX!


Seven years old today.  Happy Birthday OSX.  March 24, 2001, Apple Releases OS X (10.0) Code-named Cheetah.  Remember those days?  I was to meet my wife (to be) a week later...  What is now the Apple Store in my local mall used to be a 5-7-9.  My primary operating system at the time was Redhat/XP.  A year later I bought a Mac.

Time flies.  Remember pre-OSX?   Now remember seven years ago... No iPod's?  No iPhones?  No Apple Stores?  

 Subscribe in a reader

Sunday, March 23

Happy Easter

Just wanted to wish a Happy Easter to everyone.  Take time and spend it with your loved ones.

 Subscribe in a reader

Happy Easter

Just wanted to wish a Happy Easter to everyone.  Take time and spend it with your loved ones.

 Subscribe in a reader

Wednesday, March 19

APPLE-SA-2008-03-19 AirPort Extreme Base Station Firmware 7.3.1

I just posted this over at the ISC as well, but I thought i'd post it here as well in case people don't read both.

Fresh on the heels of yesterday's huge Apple Security Update 2008-0002, today Apple released 2008-03-19 firmware update for the current (and pre-gigabit) Airport Extreme Base Stations.

AirPort Extreme Base Station with 802.11n*
CVE-ID: CVE-2008-1012
Available for: AirPort Extreme Base Station with 802.11n*
Impact: A maliciously crafted AFP request may lead to a denial of
service
Description: An input validation issue exists in the AirPort Extreme
Base Station's handling of AFP requests, which may cause file sharing
to become unresponsive. This update addresses the issue by performing
additional validation of AFP requests. This issue does not affect
Time Capsule or AirPort Express. The fix for this issue is available
in the following separate updates:
- - AirPort Extreme with 802.11n (Fast Ethernet) 7.3.1
- - AirPort Extreme with 802.11n (Gigabit Ethernet) 7.3.1
Credit to Alex deVries for reporting this issue.

More info here. (Although, I think I posted the whole thing above...)

To update to the newest firmware, open Airport Utility that is in your Utilities Folder in Applications. (If you are using a Mac, if you are using it for Windows, well, I don't know where it's at. ;) It should automatically check for the newest update and prompt you. It's a two click download and update.



Subscribe in a reader

APPLE-SA-2008-03-19 AirPort Extreme Base Station Firmware 7.3.1

I just posted this over at the ISC as well, but I thought i'd post it here as well in case people don't read both.

Fresh on the heels of yesterday's huge Apple Security Update 2008-0002, today Apple released 2008-03-19 firmware update for the current (and pre-gigabit) Airport Extreme Base Stations.

AirPort Extreme Base Station with 802.11n*
CVE-ID: CVE-2008-1012
Available for: AirPort Extreme Base Station with 802.11n*
Impact: A maliciously crafted AFP request may lead to a denial of
service
Description: An input validation issue exists in the AirPort Extreme
Base Station's handling of AFP requests, which may cause file sharing
to become unresponsive. This update addresses the issue by performing
additional validation of AFP requests. This issue does not affect
Time Capsule or AirPort Express. The fix for this issue is available
in the following separate updates:
- - AirPort Extreme with 802.11n (Fast Ethernet) 7.3.1
- - AirPort Extreme with 802.11n (Gigabit Ethernet) 7.3.1
Credit to Alex deVries for reporting this issue.

More info here. (Although, I think I posted the whole thing above...)

To update to the newest firmware, open Airport Utility that is in your Utilities Folder in Applications. (If you are using a Mac, if you are using it for Windows, well, I don't know where it's at. ;) It should automatically check for the newest update and prompt you. It's a two click download and update.



Subscribe in a reader

Verizon sets rules for Open Development

I don't want to retype a whole bunch of nonsense, but Verizon has finally published it's specs for Open Development as it promised last month.

Click here for the link.  So this essentially lets anyone develop a phone for Verizon's network, as long as it functions correctly.

 Subscribe in a reader

Verizon sets rules for Open Development

I don't want to retype a whole bunch of nonsense, but Verizon has finally published it's specs for Open Development as it promised last month.

Click here for the link.  So this essentially lets anyone develop a phone for Verizon's network, as long as it functions correctly.

 Subscribe in a reader

Tuesday, March 18

Questions I was Googled for today

In my first installment of "you came to my website because you Googled for something", I take your questions and answer them:

"gdbm invalid argument" -- you were probably trying to install gdbm on osx, where the bin group doesn't exist.  Go here.

"leopard graphics update" -- you were probably wondering what the hell it is.  I don't know.  But here's the post about it.

"the punisher" -- You were probably looking for the movie.  But you came to my site because of a friend of mine whose site is called "The Punisher".

"when was nuclear fusion discovered" -- I have no idea how you wound up at my site.  Here's Wikipedia.  But it appears the answer is "1932".

"make looped ringtones" -- I talked about this on my Garageband post.

"how to airport extreme powerbook"  -- You were probably looking for how to install an airport extreme card into a powerbook.  Uhhh, unless you have a really really old powerbook that comes with a regular airport card (instead of an airport extreme),  you can't put an airport extreme in an older one.   And if you have a newer powerbook, it has an airport extreme built in.

"joel esler" -- Uh, you found me.  Here I am.

"how do i save my iTunes library for reinstating on another machine" -- Okay, here's a good question.  Open up iTunes, then open Preferences.  Then Click on the "Advanced" button.


See the folder location there?  Open up your Finder, browse to your home directory (which it should go to by default), click on music, you will see a folder there called "iTunes".  Copy that folder on to whatever media you have, thumbdrive, through the network directly to the other computer, dvd/cd, whatever...

Now, on your new computer, navigate to the same path, you should have an "iTunes" folder there, with nothing in it.  Delete the folder on the new computer, and replace it with the iTunes folder that you copied from the old computer.  Start iTunes.  iTunes should pick up the folder with all your music in it.  At most, when you play your music, if you have any music that you have bought from the iTunes music store, you will have to authenticate with the iTunes store in order to play your music (big whoop!).

"esler blog"  -- AH!! you found me.

"differences between two operating systems" -- You were probably looking for this post.

That's all for today.  Come back later for more questions answered.

 Subscribe in a reader

Science fiction author Arthur C. Clarke dies aged 90

As if you haven't read it in 90 other publications already,  Arthur C. Clarke died today at the age of 90.  The man who wrote "The Sentinel"  (No, not the movie with Michael Douglas and Keifer Sutherland in it), the book on which "2001:  A Space Odyssey" was based.

R.I.P.

 Subscribe in a reader

Questions I was Googled for today

In my first installment of "you came to my website because you Googled for something", I take your questions and answer them:

"gdbm invalid argument" -- you were probably trying to install gdbm on osx, where the bin group doesn't exist.  Go here.

"leopard graphics update" -- you were probably wondering what the hell it is.  I don't know.  But here's the post about it.

"the punisher" -- You were probably looking for the movie.  But you came to my site because of a friend of mine whose site is called "The Punisher".

"when was nuclear fusion discovered" -- I have no idea how you wound up at my site.  Here's Wikipedia.  But it appears the answer is "1932".

"make looped ringtones" -- I talked about this on my Garageband post.

"how to airport extreme powerbook"  -- You were probably looking for how to install an airport extreme card into a powerbook.  Uhhh, unless you have a really really old powerbook that comes with a regular airport card (instead of an airport extreme),  you can't put an airport extreme in an older one.   And if you have a newer powerbook, it has an airport extreme built in.

"joel esler" -- Uh, you found me.  Here I am.

"how do i save my iTunes library for reinstating on another machine" -- Okay, here's a good question.  Open up iTunes, then open Preferences.  Then Click on the "Advanced" button.


See the folder location there?  Open up your Finder, browse to your home directory (which it should go to by default), click on music, you will see a folder there called "iTunes".  Copy that folder on to whatever media you have, thumbdrive, through the network directly to the other computer, dvd/cd, whatever...

Now, on your new computer, navigate to the same path, you should have an "iTunes" folder there, with nothing in it.  Delete the folder on the new computer, and replace it with the iTunes folder that you copied from the old computer.  Start iTunes.  iTunes should pick up the folder with all your music in it.  At most, when you play your music, if you have any music that you have bought from the iTunes music store, you will have to authenticate with the iTunes store in order to play your music (big whoop!).

"esler blog"  -- AH!! you found me.

"differences between two operating systems" -- You were probably looking for this post.

That's all for today.  Come back later for more questions answered.

 Subscribe in a reader

Science fiction author Arthur C. Clarke dies aged 90

As if you haven't read it in 90 other publications already,  Arthur C. Clarke died today at the age of 90.  The man who wrote "The Sentinel"  (No, not the movie with Michael Douglas and Keifer Sutherland in it), the book on which "2001:  A Space Odyssey" was based.

R.I.P.

 Subscribe in a reader

Microsoft Polishes a Turd with SP1

Microsoft released their big SP1 update for Vista today.  Check out the Vista team's blog here.  Good luck with SP1.  I've heard it doesn't improve much, including most of the things that caused it to be largely rejected by the Windows community overall.

 Subscribe in a reader

Answering Googled questions

Since my blog is indexed by Google, Yahoo, MSN, and whatever else search engines have found me, I get alot of hits from people searching for simple answers to questions.  When I look at them, I realize that there probably isn't a good way to answer the questions that are asked.  Obscure questions like "What does it mean to close port 80?".

So, I had a thought, maybe I'll take these every once in awhile and make a post to answer these questions.   So, what I'll do is grab some of these, write a blog entry and put it up.  So basically, if you have questions, feel free to ask em..  If I don't know the answer, I know someone who does.

 Subscribe in a reader

Mail and it's conversion

I recently had to move a ton of email (several hundreds of thousands) from one server to another.  (Damn you Gmail IMAP).  On one server all my email was in Maildir and in order to move all that email to the server I wanted it on, I had to import it into Mail.app.  Mail.app imports from a number of formats, the one I was interested in was mbox.  So, I scp'ed all my email down from server #1, of course, in Maildir.  So I needed some conversion from Maildir to mbox.  I found this script online with a quick Google search:

#!/bin/bash
echo search mdir-files in $1 and send them to mbox: $2
for file in `find $1 -type f`
do
echo parsing: $file
cat $file | formail >> $2
done

It took a long time to do, but now all my email is comfortably resting on server #2.  

Microsoft Polishes a Turd with SP1

Microsoft released their big SP1 update for Vista today.  Check out the Vista team's blog here.  Good luck with SP1.  I've heard it doesn't improve much, including most of the things that caused it to be largely rejected by the Windows community overall.

 Subscribe in a reader

Answering Googled questions

Since my blog is indexed by Google, Yahoo, MSN, and whatever else search engines have found me, I get alot of hits from people searching for simple answers to questions.  When I look at them, I realize that there probably isn't a good way to answer the questions that are asked.  Obscure questions like "What does it mean to close port 80?".

So, I had a thought, maybe I'll take these every once in awhile and make a post to answer these questions.   So, what I'll do is grab some of these, write a blog entry and put it up.  So basically, if you have questions, feel free to ask em..  If I don't know the answer, I know someone who does.

 Subscribe in a reader

Mail and it's conversion

I recently had to move a ton of email (several hundreds of thousands) from one server to another.  (Damn you Gmail IMAP).  On one server all my email was in Maildir and in order to move all that email to the server I wanted it on, I had to import it into Mail.app.  Mail.app imports from a number of formats, the one I was interested in was mbox.  So, I scp'ed all my email down from server #1, of course, in Maildir.  So I needed some conversion from Maildir to mbox.  I found this script online with a quick Google search:

#!/bin/bash
echo search mdir-files in $1 and send them to mbox: $2
for file in `find $1 -type f`
do
echo parsing: $file
cat $file | formail >> $2
done

It took a long time to do, but now all my email is comfortably resting on server #2.  

Wednesday, March 12

PaulDotCom Community Blog

So, over on the PaulDotCom mailing list several of us were discussing the idea for a wiki strictly for the security community.  Sections for malware, IDS's, Anti-virus and such.  I thought this was a good idea.  Then we said, "Hey, since the new mainstream media for people in our line of work is quickly becoming blogs and online journalism, why don't we start a blog.  But instead of just one person being able to blog, open the blog to lots of people.  People we know of course, but more than just a couple people.  How diverse would that be?

Well, Paul (of PaulDotCom) started the blog over at http://pauldotcommunity.blogspot.com and is going to be adding bloggers soon.  I think this might be a very interesting experiment.  

I've also linked it over on the blog roll on the right ----->

 Subscribe in a reader

Internet Zoning Initiative, and why it's stupid

Usually I'm not very vocal about 'policy' ideas.  Things that may become law in other words..  But I read this article as a recommendation from Marc Sachs.  We were sitting in the ISC chat room last night, he asked us if we had read it, and I said no.  So I grabbed the pdf and here I am blogging about it.

So essentially what the Internet Zoning Initiative is, is the ability (trying to become a requirement) for lawmakers to tell web providers to essentially make different "channels" out of the web.

For instance, if you had a website that had normal content and adult content, it would require you to run a "Child-free" website on port 80, then, using virtual hosting, run your adult website on port 69.  (Or whatever.)  Here's an example they give in their pdf:

Now, this, to me, is like asking a kid to click on, "Are you above the age of 18?  Yes, or No".  If a teenager (or adult for that matter) wants to go and look at whatever they want to look at, what are they going to click? 

Yeah, I can just imagine a kid now, sitting behind his desk at home, "Oh wait, I'm not 18, let me click No."  Come on people.

All you are doing is saying that basically the kid has to either click on the link on your port 80 website to go to your port 69 website.  OOhh!!  What protection!  Even that, hey, I can just add http://urlgoeshere:69 to my browser address bar, and thusly, I am there man!

I think this whole idea is founded well.  Okay, so you want to protect kids on the internet, fine.  I have no problem with that idea.  But the idea that you have here is a bit off base.  I've heard that OS X's parental controls are quite good.  However, never having tested them, I can't endorse them either yet.  But the idea of putting porn on a totally different port isn't going to solve a THING.

The only idea that I have ever seen that was at least descent was the invention of the ".xxx" domain for 'adult' content.  That's at least blockable and instantly distinguishable.  

Besides, let's look at the corporate implications for this.  Inline proxies would have to start listening on, essentially all ports.  IDS/IPS's would have to normalize http over any port, there would be all kinds of holes poked in the firewalls..  It's just not feasible.  Sorry, try again.



 Subscribe in a reader

Tuesday, March 11

SANSFIRE 2008

Found out yesterday that i'll be giving a talk at SANSFIRE 2008.  I have a topic (I don't want to publicly share it yet, as the title might change a bit) and it'll probably be one of the evening talks.

I don't know yet where or when the talk/speech will be (of course at SANSFIRE, but I mean, room and time)  so we'll see.  I'll keep the blog updated with more info as I find out.

 Subscribe in a reader

SANSFIRE 2008

Found out yesterday that i'll be giving a talk at SANSFIRE 2008.  I have a topic (I don't want to publicly share it yet, as the title might change a bit) and it'll probably be one of the evening talks.

I don't know yet where or when the talk/speech will be (of course at SANSFIRE, but I mean, room and time)  so we'll see.  I'll keep the blog updated with more info as I find out.

 Subscribe in a reader

Monday, March 10

Port 7100/udp part deux

I wrote about port 7100/udp before.  We had a bunch of packets submitted at the ISC, all rather random.  

Buddy of mine wrote this about it:
"The overrall packet size is very strongly 104 bytes. So a set hash length. and packets all doing about the same function.  A handful have been observed (like maybe 400 out of 2 million) with a length of 1144 bytes."

Nothing ever came of it.  You can see the graph here.  We still don't know what to make of it, so if you know what the deal was, or have any more intel, feel free to write in and let us know.  

 Subscribe in a reader

Apple TV, my personal review

By now, you have probably heard of the Apple TV, a device that is essentially a fancy-pants iPod for your TV.  Allowing you to take your media that is in your iTunes and have it play on or through your TV.

iWanted one when it first came out, but I couldn't bring myself to buy it.  Couldn't justify it.  Hard drive was too small, price point too high.

Then Apple came out with a second version, with way more harddrive space, (160 G's) but the price point was too high for the features that you get.  (You still had to buy movies on your iTunes on your computer, then transfer them over to the AppleTV when it got done downloading.)

Then Steve Jobs came out with the "AppleTV: Take two".  They lowered the price point, and made the ability to rent movies directly from my couch possible.  Excellent.  This is exactly what I was waiting for.  So, being such that it was my birthday, I went down to the local Apple Store and bought one.  The bigger one that was 329.00.  

Brought it home, plugged it in, of course, mine was on the old software revision, so it had to update first, which, after joining it to my Wireless Network, it downloaded the update and updated itself.  (802.11n, so the download was fast.)

Next, my computer that holds all my movies and music (I started ripping my movies from DVD onto my computer using Handbrake a long time ago :) auto-detected the AppleTV, asked me if I wanted to set it up (of course I did!), and it transferred all the media over.  Now, I have about 140 Gigs of media, so I set it to transfer and went to bed.  It was late at night anyway.

When I woke up, everything was synced, and I was good to go with my photos, music, and movies.  (Even though I could have streamed them directly from my machine(s)).  I've rented and watched a few movies.  It's been great.

Overall, I like it.  If you have taken the time to convert all your media (CD's, Movies, etc) into digital format and into iTunes, (or would) I highly recommend the AppleTV.  There is nothing like having your entire movie library, music library, and all of your photos at your fingertips able to be watched and loaded at the touch of a button.  Of course, along with the ability to rent movies, this is priceless.

Stamp?  Recommended.

 Subscribe in a reader

Port 7100/udp part deux

I wrote about port 7100/udp before.  We had a bunch of packets submitted at the ISC, all rather random.  

Buddy of mine wrote this about it:
"The overrall packet size is very strongly 104 bytes. So a set hash length. and packets all doing about the same function.  A handful have been observed (like maybe 400 out of 2 million) with a length of 1144 bytes."

Nothing ever came of it.  You can see the graph here.  We still don't know what to make of it, so if you know what the deal was, or have any more intel, feel free to write in and let us know.  

 Subscribe in a reader

Apple TV, my personal review

By now, you have probably heard of the Apple TV, a device that is essentially a fancy-pants iPod for your TV.  Allowing you to take your media that is in your iTunes and have it play on or through your TV.

iWanted one when it first came out, but I couldn't bring myself to buy it.  Couldn't justify it.  Hard drive was too small, price point too high.

Then Apple came out with a second version, with way more harddrive space, (160 G's) but the price point was too high for the features that you get.  (You still had to buy movies on your iTunes on your computer, then transfer them over to the AppleTV when it got done downloading.)

Then Steve Jobs came out with the "AppleTV: Take two".  They lowered the price point, and made the ability to rent movies directly from my couch possible.  Excellent.  This is exactly what I was waiting for.  So, being such that it was my birthday, I went down to the local Apple Store and bought one.  The bigger one that was 329.00.  

Brought it home, plugged it in, of course, mine was on the old software revision, so it had to update first, which, after joining it to my Wireless Network, it downloaded the update and updated itself.  (802.11n, so the download was fast.)

Next, my computer that holds all my movies and music (I started ripping my movies from DVD onto my computer using Handbrake a long time ago :) auto-detected the AppleTV, asked me if I wanted to set it up (of course I did!), and it transferred all the media over.  Now, I have about 140 Gigs of media, so I set it to transfer and went to bed.  It was late at night anyway.

When I woke up, everything was synced, and I was good to go with my photos, music, and movies.  (Even though I could have streamed them directly from my machine(s)).  I've rented and watched a few movies.  It's been great.

Overall, I like it.  If you have taken the time to convert all your media (CD's, Movies, etc) into digital format and into iTunes, (or would) I highly recommend the AppleTV.  There is nothing like having your entire movie library, music library, and all of your photos at your fingertips able to be watched and loaded at the touch of a button.  Of course, along with the ability to rent movies, this is priceless.

Stamp?  Recommended.

 Subscribe in a reader

Saturday, March 8

Subscribers Part 2

In my previous post I said that I lost about 100 subscribers.  Looks like one of the url's that I had through Google Reader didn't transfer over, and one of the url's that bloglines grabs didn't transfer over.

See the problem is this:  
Some people subscribed to esler.is-a-geek.net
Some subscribed to www.joelesler.net

Under those two domain names, some people subscribed to the rss.xml, and others subscribed to the atom.xml.  (Little did you know, it was the same exact file.. heh)

That's a potential of 4 different subscription points.  Then, as I have been trying to do, I had everyone (using mod_redirect) reading the feeds from feedburner.  At this url: http://feeds.feedburner.com/RandomThoughtsFromJoelsWorld.  This is the url that is now managing all the feeds.

So what it looks like happened is, I lost all the people that were subscribed through Google Reader and Bloglines at the esler.is-a-geek.net url.   I can correct some of that, by using webhops and redirects, but I think I'll wind up losing about 50 or so still.

So, here is the correct URL to repoint your rss readers at.  I apologize for all the moving and confusion around here.  Switching my blog from blogger to mac.com hosted, and back, then moving from Georgia to Delaware, in the meantime switching ISP's 3x.  It caused some havok.

So, I apologize, now, my blog is hosted through the custom domain feature at Google, I should have no problems, and I won't move it anymore.  Thanks for your patience.

 Subscribe in a reader

Thursday, March 6

Subscribers

Seems when I moved my blog I lost about 100 readers, and a bunch of people have been Googling me and successfully finding me again..  So, hopefully they don't get too lost..  My rss feed is below.  I serve my rss and atom feeds through Feedburner.  Lets me keep all the readers in one place.  More predictable that way.

When I was on my previous cable provider I had unfiltered inbound port 80.  Now I am on Verizon FIoS, and I don't have that luxury without paying for a business account.  So I moved the blog to Google's servers.  Not only is it faster for me to update the blog (instantly, there used to be a 5 minute delay), but I don't have any of the maintenance anymore. Cool

 Subscribe in a reader

Live from the Apple SDK event

No, I'm not actually there.  But Engadget is.  Hit the link.

So far --
-- ActiveSync, Native iPhone with Exchange.  Including calendar, contacts, GAL, etc..
-- Remote wipe
-- SDK

Check out the link above.

 Subscribe in a reader

Subscribers

Seems when I moved my blog I lost about 100 readers, and a bunch of people have been Googling me and successfully finding me again..  So, hopefully they don't get too lost..  My rss feed is below.  I serve my rss and atom feeds through Feedburner.  Lets me keep all the readers in one place.  More predictable that way.

When I was on my previous cable provider I had unfiltered inbound port 80.  Now I am on Verizon FIoS, and I don't have that luxury without paying for a business account.  So I moved the blog to Google's servers.  Not only is it faster for me to update the blog (instantly, there used to be a 5 minute delay), but I don't have any of the maintenance anymore. Cool

 Subscribe in a reader

Live from the Apple SDK event

No, I'm not actually there.  But Engadget is.  Hit the link.

So far --
-- ActiveSync, Native iPhone with Exchange.  Including calendar, contacts, GAL, etc..
-- Remote wipe
-- SDK

Check out the link above.

 Subscribe in a reader

Wednesday, March 5

Port 7100/udp

I've seen some news circulating this morning on port 7100/udp.  We've even put out a call for packets at the ISC.  We have received some pcaps of the traffic (we could use a bit more), and are researching what it could be.

One possibility that exists is the Solaris XFS font server bug that was published last year in October.  I'll update the blog as I/we conduct more research.

 Subscribe in a reader

Tuesday, March 4

I'm over it. (The flu that is)

Last week, I was in bed all week not eating, throwing up, drinking Gatorade, and running back and forth to the bathroom.  (So was my wife and daughter..  it was a sick household.)

But, everyone was asking how I am, so I just wanted to let you know that I am fine now (we all are, except for daughter, who has molars coming in now).  Thank you for your concern!
 Subscribe in a reader