I feel that having a pre-teen life where discipline is stressed makes for better adults down the road. In fact discipline where a semi-strict schedule is followed with activities and the like, in my opinion, gives kids the framework necessary to function in today’s hectic and high-tech society. I wish I had more of a strict schedule in my yearly years as I currently have a bit of trouble with getting things done. (I’m working on it and making huge strides toward fixing it).

Monitoring what kids do on the internet is a part of developing discipline. It’s simply too easy to fall for the addictive nature of the internet, which makes it a potentially dangerous influence to self-discipline. However, the monitoring, in my opinion, shouldn’t be coupled with blocking of many websites. Perhaps just the NC17+ websites being written to a log for later review by a parent, guardian or older sibling. I’m talking more of a benevolent monitoring where you know all the potentially questionable websites the kid has been to. This would give the monitors a chance of talking to the kids about it down the road, if they happen to notice some interesting websites in the logs.

One should also take into the account the undeniable fact that kids nowadays do not stay kids for long. I’m not saying whether that’s a good thing or a bad thing; what I’m saying is that it changes things. We need to acknowledge their earlier maturity by not applying completely arbitrary age laws.

People tell me that my opinion will change when I have kids. Perhaps, and we’ll see. I can’t predict the future.

As a recent user of public school computers, let me say just how annoying the filters are and how easy to get by the them it is. I was often very inconvenienced when doing research on school computers. Many topics involving war and sex (as in anatomy and reproduction) were blocked. Also, sites about hacking (the good kind), computer gaming, news and many others found themselves on the blacklist. It took me all of 10 minutes to bypass all this by using port 22 to connect to my home network and funnel all the traffic through there.

It seems like there is a huge misunderstanding between children and their parents on this issue. I have yet to see someone over the age of 11 being permanently hurt by something they have seen on the Internet (again, I’m not an expert; this is just my personal experience). In fact, these people are the prime and willing audiences for some of the most disturbing content on the Internet-content which even I shy away from.

Also, there is the issue that now there are laws requiring schools and libraries to use approved install blocking software in order to get federal funding. This gives few select companies all the profit and takes the initiative away from schools to find the best suited solution for their case.

The whole idea of content blocking is untenable at its core. There are hundreds of millions of sites on the Internet. If filters decide to block the bad sites, they will fail due to the numbers being stacked against them. If they choose to block everything and only allow the good sites, they will greatly inconvenience the users of network by blocking necessary resources.

Please, before you respond to this, keep in mind that I’m still very much thinking about this issue. We shouldn’t be too quick to reach a conclusion about something as important as this. If you disagree, tell me why and I may change my mind. After all, I don’t have kids and I’m still very young myself.

My only regret is that I passed on a chance to see him live.

He’s in a better place now-playing cards with Joe Pesci.

So what do I do? In general, I want to keep this blog updated and yet I can’t ever get into a specific situation where this is the case. I don’t have a solution to this dilemma yet. Perhaps I’ll also post about this issue on this blog.

Today I had to restore a whole site from a .dat file. Simple enough, right? Fire up stsadm and type:

stsadm -o restore -url http://path/to/site -filename e:\backup\path\of\file.dat -overwrite

At first everything seemed like it will be fine. Since this is a command line utility, I didn’t have a progress bar to give me hope, but I was sure of the process and of the outcome; or so I thought…

After 4-5 hours of waiting for the restore to finish, the SharePoint portal went down. The reason was a complete re-crawl of the ENTIRE portal and non-portal data. This kind of thing is done at night and on weekends for a reason! Why did I wait 5 hours? Well, the site in question was 10GB in size. The biggest restore I did up to that point was during off hours and of a 500MB site.

There is no clear cut answer to this on SharePoint 2003. I tried stopping the search service, but this didn’t stop the re-crawl. The solution ended up being desperate–a reboot. I had backups for all the data in case the worst happened. So I rebooted and I waited. The server came back online and after taking around 45 minutes to recheck the databases, it finally settled down and became accessible to everyone. In addition to this, the site restore I was doing also turned out to be successful.

The moral of the story in my case is not to trust SharePoint 2003 with anything. It’s a decent piece of software and 2007 is even better. It just always seems to do things just a bit off of what a person would expect–enough to get you in hot water.

1. Data view web parts cause users with access to SharePoint sites to be denied access. When users attempt to access sites, they receive an authentication prompt, which fails after being filled out with correct information. The quick workaround for this issue is adding users to the local Administrators group. This was the best (so to speak) solution to this problem before a hotfix was released.

2. The edit in datasheet View feature in lists does not work correctly. It redirects the users back to the standard view. The fix for this issue was quickly released by the community, and later corrected by Microsoft via a hotfix.

The above issues are addressed in hotfixes 948919 and 941412. You will need to fill out a request for these hotfixes.

IMPORTANT: When you apply the fix for issue 1, an immediate rebuild of your portal and non-portal content will follow. On some setups this is known to slow down normal SharePoint access to a crawl. Always backup your SharePoint database before applying hotfixes.

OS X security implications aside, my first reaction was not anger or shame-it was puzzlement. I went on searching for a source which would give me more details about the actual hack. I knew that Charlie Miller signed an NDA, promising not to talk about the exploit; but what I needed to know weren’t necessarily the technical details of the exploit. I simply wanted to know what he did from an onlooker’s point of view. There was reportedly an audience of 20 people, cheering Charlie Miller on².

What did Charlie do exactly? Did he just click on a link? Did he click on a link and press to confirm the installation of [something]? Was the MacBook Air logged in and running as an administrator? Does the exploit work on a non-administrative user account, assuming that the user only surfs to the exploiting webpage without clicking anything to confirm the execution of any additional code?

I can only assume that the MacBook Air was indeed logged in as the default administrative account, where the user does have most administrative privileges, however; only after confirming his or her administrative actions via a warning dialog box, a la Vista UAC and Ubuntu.

Three operating systems were put to the test, OS X failed first. What would you expect the result of this to be? Would people attempt to figure out what really happened and then quickly distribute information about protecting from the flaw in Safari 3.1? OF COURSE NOT! This OS X hack gives the Apple/Apple user haters an excuse to unleash a torrent of abuse, ridicule, and pompous bragging about their own respective platforms. In return, the Apple “zealots” unleashed their own set of abuses, ranging from profanities, to making fun of the form factor of some unfortunate Dell laptop, and of course, bragging about the Apple experience. Go to Technorati right now and search for “CanSecWest Mac” and you’ll see exactly what I’m writing about.

Folks, is this really the best thing to be doing? I know that certain mac “zealots” tend to be very offensive to many people. I know that Steve Jobs is a bit annoying to some. I know that to some the sight alone of an Apple store causes uncontrollable convulsions and sickness. Does that mean that we should all turn into the Apple “zealots’” counter-parts and use their own tactics on them? I hope not.

Now off to find out what I can do right not in order to protect myself…

Note: I’m a very happy Mac user-a recent convert from Windows/Linux.

UPDATE: According to John Gruber of Daring Fireball, “contest-winning exploit took advantage of an overflow bug in the PCRE regex library used by WebKit’s JavaScript engine.” Gruber also stated that this issue has been fixed by WebKit developers. My advice to you is to stop using Safari for the time being and to start using the latest build of WebKit. You can also use Firefox or Camino if you’d like. And most importantly, don’t run as an administrator on your Macs, Windows machines, or Linux machines.

–
^{1, 2. http://security.itworld.com/5013/mac-hacked-first-in-contest-080327/page_1.html}

The most important thing to keep in mind when trying to avoid malware on the Internet is behavior. Most malware nowadays depends on you doing something (i.e. visiting a site, opening an e-mail attachment, etc.). If you never do the wrong things, you will greatly minimize the chances of being compromised.

The second most important thing when trying to avoid malware is your computing platform. If you’re using Windows, don’t be surprised when the bad guys start time sharing your computer behind your back. (I am aware that you can keep a perfectly safe Windows box, but can your grandmother?) If you want to truly be safe, you need to ensure that your platform is secure. If you need to be using windows, you can use software like VMware in order to browse the internet and read e-mails. And after you’re done, you just reload your VMware image and it is like nothing has happened. It is the operating systems equivalent of an etch-a-sketch. Another thing you may consider doing is moving to a Mac or installing a Linux distribution. Historically there have been thousands upon thousands of different pieces of malware for windows and only hundreds of these things for both the Mac and all Linuxes combined. You don’t need to be a statistician in order to see which one has a lesser chance of being infected.

The third most important thing is keeping you anti-virus up to date and having a so called internet router in front of your computer, so to speak. Never, never connect your DSL modem (unless it’s also an internet router) or your cable modem directly to your computer. Doing this effectively ensures that you’ll have malware company; sometimes within minutes. There are old worms like blaster which are continually scanning the internet for new victims. Most computers when first deployed directly behind DSL or cable modems are vulnerable to recently (or not so recently) patched worms like the Blaster worm.

If you have to use Windows, make sure that you are using a good browser. It is usually your first level of defense against the bad guys. Never use Internet Explorer 6. It is just bad. Not to mention that it is hardly even supported by Microsoft anymore. If security is key for you, you will forgo Internet Explorer 7 and even Firefox and use Opera. Give Windows Vista a chance. For all its shortfalls, it’s still a fairly good platform as far as security goes.

Finally, spyware removal should not even be an option. Imagine that you live in a castle (i.e. your computer), like the ones in medieval England. One day you leave your castle to go shopping and 1,000 thieves (i.e. spyware) break in. You come back and you realize that there are intruders in your castle. You promptly call the police (i.e. anti-spyware, or spyware removal programs) who go through the castle and throw out the thieves. My question to you is: do you not feel safe to sleep at night in your castle? Are you 100% sure that all of the 1,000 thieves have been thrown out?

Once you are (or you think you are) compromised, format, learn from what you did wrong, and move on.