This weeks links (2010-12-27)

* The Best of 2010 Our Audiobook of the Year [Audible]

The case of the missing audio books…
This is really annoying me; (iOS 4.2.1 / iTunes 10.1.1.4) occurs on iPhone, iPod and iPad. iTunes still displays the storage space occupied by the media files, but they are nowhere to be found on the device. Only solution so far is to deselect then reselect the books and re-synch the device; common to all missing books is that they are mp3 files (not affecting audible) synchronised from external hard drives.
* Topic : Audiobooks disappear after every sync? (2010-Dec-16) [Apple - Support - Discussions]
* iPhone iOS 4.2 Problem: How to Get Your Music Back (2010-Nov-23) [iPhoneFAQ]

Some reading/listening:
* EP271: God of the Lower Level (2010-Dec-16) [escapepod]
By: Charles M. Saplak, Read by: Steve Anderson, First appeared in The Urbanite.

* Transmission 33: The Chance Walker by Lynda E. Rucker (2010-Dec-06) [Transmissions From Beyond]
The Chance Walker by Lynda E. Rucker, Read by the author, The Third Alternative 33, February 2003

* Story: The Right Book by Cory Doctorow (2011-Jan-02) [Dark Fiction Magazine]
by Cory Doctorow; read by Kim Lakin-Smith; Dark Fiction Magazine Issue 3

* Beachworld by Stephen King (2010-Oct) [Lightspeed Magazine]

Music Monday #046 – Merry Christmas

“Wishing you a Merry Christmas and a Happy New Year”

Time for some music …

The Pogues and Kirsty MacColl – Fairytale of New York

Paul Kelly – How To Make Gravy
(RocKwiz Christmas Special, 2007 )

Slade – Merry Christmas Everyone

Apple, why the price difference?

This Christmas I have been shopping online for multiple items, a strong Australian dollar has meant that we have had some good purchasing power as most of the online stores are based on the US dollar. Not so with Apple iTunes;

Using the current exchange rate: 1.29 USD = 1.28997 AUD
Live rates at 2010.12.22 21:37:00 UTC

This means that a US$1.29 track being sold for AU$2.19 is a 70% mark up and is some pretty steep price gouging. So much for the Free Trade Agreement with the US which supposedly provides for a non-discriminatory treatment of digital products.

And I’ll save this one for another day (it is a good thing I also have an Audible account and don’t rely on iTunes).

This weeks links (2010-12-20)

“You better not, in a pear tree!”

In Brief:

* Google Perth and Adelaide’s ‘live’ traffic on Google Maps! (2010-Dec-20) [iTWire]

* Year-End 2010 (201-Dec) [NPR]
All week we’ll be talking about the best and worst ideas in music this year

* Brouwer says too much force not the ticket (2010-Dec-22) [The Age]

”.. Of concern was that the incidents in question were referred to the department by the operators for possible prosecution of the commuters involved” – not the ticket inspectors. ”In my view, this demonstrates that authorised officers and their managers are clearly not aware of the limitations on the appropriate use of their powers, or are ignoring them. …”

* Dear Tech Early Adopters: Manufacturers Don’t Care About You (2010-Dec-21) [TechCrunch]

* ‘A Game of Thrones’: HBO Ventures Into Fantasy (2010-Dec-20) [The Atlantic]
Winter is coming and with it, Christmas, the promise of longer days to come, and a new year in pop culture. For dedicated fans of George R.R. Martin, 2011 particularly means that his sweeping, sophisticated fantasy series, A Game of Thrones, is finally coming to the small screen as a lush HBO show. Given Martin’s slow progress towards the finale of what’s supposed to be a seven-book series, the series will tide them over. And HBO’s expansion into a new genre is good for television as the medium slugs it out with film for preeminence. …

Music Monday #045 – The Dresden Dolls

Continuing with the silly season change of pace;

The Dresden Dolls
The Dresden Dolls are an American musical duo from Boston, Massachusetts. Formed in 2000, the group consists of Amanda Palmer (vocals, piano, harmonica, ukulele) and Brian Viglione (drums, percussion, guitar, bass guitar, vocals). The two describe their style as “Brechtian punk cabaret”, a phrase invented by Palmer because she was “terrified” that the press would invent a name that “would involve the word gothic.”[2] The Dresden Dolls are part of an underground dark cabaret movement that started gaining momentum in the early 1990s.
– wikipedia.org

Time for some music …
Continue reading ‘Music Monday #045 – The Dresden Dolls’

Patch Tuesday Wednesday (DEC-2010)

Welcome to another Patch Tuesday, this month we have seventeen (17) new security bulletins.

Hi everyone. As part of our usual cycle of monthly security updates, today Microsoft is releasing 17 bulletins addressing 40 vulnerabilities in Microsoft Windows, Office, Internet Explorer, SharePoint Server and Exchange. Two of those bulletins carry a Critical rating, while 14 are rated Important and one is rated Moderate. [1]

Bulletin	KB number	Description	Severity	Impact	Software
MS10-090	2416400	Cumulative Security Update for Internet Explorer	Remote Code Execution	Critical	Microsoft Windows, Internet Explorer
MS10-091	2296199	Vulnerabilities in the OpenType Font (OTF) Driver Could Allow Remote Code Execution	Remote Code Execution	Critical	Microsoft Windows
MS10-092	2305420	Vulnerability in Task Scheduler Could Allow Elevation of Privilege	Elevation of Privilege	Important	Microsoft Windows
MS10-093	2424434	Vulnerability in Windows Movie Maker Could Allow Remote Code Execution	Remote Code Execution	Important	Microsoft Windows
MS10-094	2447961	Vulnerability in Windows Media Encoder Could Allow Remote Code Execution	Remote Code Execution	Important	Microsoft Windows
MS10-095	2385678	Vulnerability in Microsoft Windows Could Allow Remote Code Execution	Remote Code Execution	Important	Microsoft Windows
MS10-096	2423089	Vulnerability in Windows Address Book Could Allow Remote Code Execution	Remote Code Execution	Important	Microsoft Windows
MS10-097	2443105	Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution	Remote Code Execution	Important	Microsoft Windows
MS10-098	2436673	Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege	Elevation of Privilege	Important	Microsoft Windows
MS10-099	2440591	Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege	Elevation of Privilege	Important	Microsoft Windows
MS10-100	2442962	Vulnerability in Consent User Interface Could Allow Elevation of Privilege	Elevation of Privilege	Important	Microsoft Windows
MS10-101	2207559	Vulnerability in Windows Netlogon Service Could Allow Denial of Service	Denial of Service	Important	Microsoft Windows
MS10-102	2345316	Vulnerability in Hyper-V Could Allow Denial of Service	Denial of Service	Important	Microsoft Windows
MS10-103	2292970	Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution	Remote Code Execution	Important	Microsoft Office
MS10-104	2455005	Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution	Remote Code Execution	Important	Microsoft SharePoint
MS10-105	968095	Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution	Remote Code Execution	Important	Microsoft Office
MS10-106	2407132	Vulnerability in Microsoft Exchange Server Could Allow Denial of Service	Denial of Service	Moderate	Microsoft Exchange

PATCH NOW:
NOW: MS10-090, MS10-092 Actively being exploited

LINKS:
[1.] December 2010 Security Bulletin Release (2010-Dec-14) [MS: MSRC]
[2.] December 2010 Microsoft Black Tuesday Summary (2010-Dec-14) [SANS]
[3.] Microsoft Security Bulletin Summary for December 2010 (2010-Dec-14) [MS]
[4.] Microsoft security updates for Decemebr 2010 (2010-Dec-14) [MS]

This weeks links (2010-12-13)

del.icio.us
* Now Yahoo! Says Delicious Will Live On…Somewhere Else (2010-Dec-17) [Read Write Web]
* What’s Next for Delicious? (2010-Dec-17) [delicious blog]
* R.I.P. Delicious: You Were So Beautiful to Me (2010-Dec-16) [Read Write Web]

R.I.P. Tom Walkinshaw

The qualifying lap that gave Tom Walkinshaw pole for the 1985 Bathurst 1000 race in his TWR Jaguar XJS V12

… Walkinshaw won the 1984 European Touring Car Championship in a Jaguar, and his success for the manufacturer saw TWR commission him to run Jaguar’s Sportscar program.
The TWR Jaguar Group C cars went on to win three World Sportscar titles, plus secure two wins at Le Mans in 1988 and 1990. …

In Brief:

* 2010’s Top 5 Social Network Foul-ups (2010-Dec-17) [SecurityNewsDaily]

The new Frank Tate room - looking good

Music Monday #044 – Professor Elemental

As it is the silly season, a slight change of music style for the next month or so. This week we will visit the chap-hop annexe of the SteamPunk genre. So tally-ho chaps don’t dilly dally ’cause the following ditty is absolutely smashing! I’d like to blame Sean C for the following … (but then again I did also pick these up on iTunes so I am not totally blameless).

Professor Elemental
Professor Elemental is Steampunk hiphop band comprising of singer, songwriter, and guitarist Paul Alborough
– wikipedia

Time for some music …
Continue reading ‘Music Monday #044 – Professor Elemental’

Patch Tuesday, a Heads Up. (Dec-2010)

Next scheduled release: December 14th, 2010
The heads up for this month is; On Tuesday 14th December (US time; Wednesday 15th December AU time) Microsoft expect to release seventeen (2 critical, 14 important and 1 moderate) new security bulletins. 17 updates – Merry Christmas!

First, for December we’re releasing 17 updates addressing 40 vulnerabilities in Microsoft Windows, Office, Internet Explorer, SharePoint and Exchange. Of the 17, two bulletins are rated Critical, 14 are rated Important, and one is rated Moderate. As always, we recommend that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible. [1]

Microsoft Security Bulletin Advance Notification for December 2010 [2]
Microsoft Security Bulletin Advance Notification issued: December 9, 2010
Microsoft Security Bulletins to be issued: December 14, 2010
This is an advance notification of security bulletins that Microsoft is intending to release on December 14, 2010. …

LINKS:
[1] December 2010 Advance Notification Service is released (2010-Dec-09) [MSRC]
[2] Microsoft Security Bulletin Advance Notification for December 2010 (2010-Dec-09) [MS]
[3] Microsoft patches (2010-Dec-09) [SANS]

McAfee VirusScan Enterprise 8.5i and earlier DLL Side Load issue

Description [1]
McAfee is aware of a publicly disclosed security issue that may affect VirusScan Enterprise (VSE) version 8.5i and prior. We are investigating the claims and will update this KB with additional details when they are available. We will be publishing a hotfix for this issue as soon as we are certain the fix closes all avenues of attack. This hotfix will mitigate the issue in affected configurations.
This bulletin and patch cover a potential code execution issue discovered in McAfee’s virus scanning products. If successfully attacked, this could result in an attacker causing attacker supplied code to execute in the context of the antivirus engine.
VSE 8.7i and beyond are not affected by this issue and are readily available immediately. Upgrading to the newest version effectively closes this issue completely.
Additionally, exploitation of this issue requires a user to be actively engaged. It requires intentionally scanning unknown documents hosted on remote shares. McAfee recommends that you not do this until the problem is solved.

Remediation: Upgrade to or install VSE 8.7i.

LINKS:
[1] McAfee Security Bulletin – McAfee VirusScan Enterprise 8.5i and earlier DLL Side Load issue (2010-Dec-01) [McAfee]
[2] McAfee Security Bulletin Released (2010-Dec-01) [SANS]
[3] McAfee VirusScan Enterprise Insecure Library Loading Vulnerability (2010-Nov-29) [Secunia]