Monday, March 22, 2010

2010: Week 11

As the eleventh week of 2010 progressed I was reminded of the opening sequence of the film Primer, where the voiceover introduces the characters and, more importantly, their nature:

"Meticulous, yes. Methodical. Educated. They were these things. Nothing extreme. Like anyone, they varied. There were days of mistakes, and laziness, and infighting. And there were days, good days, when by anyone's judgment... they would have to be considered clever. No one would say that what they were doing was complicated. It wouldn't even be considered new. Except maybe in the geological sense. They took from their surroundings what was needed... and made of it something more."


Some weeks are lazy, and some weeks are good, and this week was definitely one of the good ones!

A wide range of topics crossed my path this week, some technical, some less so. And we got to celebrate St. Patrick's Day with the time honored tradition of spending the day drinking.

Technology:

Oracle: Early in the week I was reminded of a technique for recovering an Oracle database that has suffered the loss of a datafile by recreating the control files to exclude the reference to the missing file, thus allowing you to get in to make repairs. While this is nothing too exciting it made me think about how important it is to understand recovery strategies for all systems in use as this knowledge will remove any mystery about what to do in the event of something going wrong. When something breaks down, be it a computer system or your car, it's the uncertainty around the failure and how to get back to normal operations (and how much that will cost) that brings high-stress levels. If, on the other hand, you're familiar with the system and are not intimidated by the recovery process, then life is a little easier.

The conversation that reminded me about the control file thing also touched on the subject of Oracle GoldenGate, more importantly it's footprint to cost ratio - a small install of GoldenGate may be less than 100MB in size but can still set you back in the region of thirty grand! The bloke I was talking to seemed to be of the opinion that he shouldn't have to pay so much for such a "small" programme, so I hit him a slap and moved on (<- please not that this is a joke and not an admission of a crime - that comes later!).

Wordpress: My tinkering with the Wordpress content management system (it's now far too well developed to still think of it as merely a blogging system) has continued in the test environment at home. This week my time was spent on customising the login screen via a neat little plug-in as well as uploading files to an embedded gallery. The gallery side of things impresses me greatly as it's easy to upload large quantities of picture files, particularly as the system (NextGen gallery) creates thumbnails automatically and allows for picture sequences to be changed with ease. The custom login screen is also pretty decent, but some of the changes I'd like to implement will require some manipulation of the PHP code itself and will definitely need some testing to get right. In the meantime the login imagery has been altered and looks OK. I'm now kicking around the idea of a complete change to the login using the full screen as opposed to the default notion of a dialogue box.

I can foresee a time when I implement Wordpress for any website I'm involved in, and it'll hopefully be soon when The Hackers Coven (http://www.hackerscoven.net/) moves over.

Microsoft Security Essentials: I've been a disappointed with the performance of Avast AV at home as this week a nasty little file managed to sneak in and mail itself onto a mate of mine. This prompted an immediate shutdown of Outlook operations on the PC until the AV situation could be improved. I liked Avast up to this point as it allowed for multiple schedules to be setup and the voice alerts were fun, giving your computing a Star Trek type feel. However, like so many things in life, AV is only as good as it's last screw up and Avast screwed up. MS Security Essentials has moved from Beta to V.1 and is getting decent reviews, coming second in a recent list of AV tools, the highest ranking free tool by far. It's now installed and we'll see how it gets on over the next while.

Apple iPad & the Safari Web Browser: My current employer has a retail operation adjacent to the offices and I was thinking about public-facing IT and how important it is, as even though the IT used isn't created by my employer it reflects badly on the professionalism of the organisation if that IT performs poorly, or even just looks bad (as in old and busted). The iPad goes on general release early next month and it occurred to me that it may just be the ideal tool for use in our showroom as the guys there use Microsoft's CRM retail portal as their primary application for processing sales and the iPad looks flash. I've begun testing the use of Safari with CRM Portal as, if the iPad is anything like the iPhone, Safari will be the only supported browser. Early tests with the Portal are positive, though only Internet Explorer works with CRM Back Office. The testing will continue but hopefully I'll be getting my grubby mitts on an iPad soon enough!

MSXML 6: What a pain in the arse! My employer uses an application that has SQL Server express built in and one of the lads needed it installed onto his laptop. He'd tried and failed himself so I took a crack at it. Sure enough, the install routine conked out when it got to installing SQL Server. Turns out that there's a problem where PCs have run an update on MSXML before installing SQL and the SQL install stops as it hits a newer version. Microsoft provide a neat little tool called the Windows Installer Clean Up that allows you to remove the reference to MSXML and therefore gets SQL Server installed - check out the link below for more details.

Towards the end of the week I came across an article about a CIO who was changing the way his department is perceived by basically assigning a business value to the work of IT and talking about IT in business terms. It's an interesting idea and worthy of consideration but definitely requires not only the right vocabulary but also a real understanding of how other's in the business think. What struck me though was how much of a revelation this seemed to be to everyone involved. I've always thought it a little strange when IT heads don't think in business terms as their entire function is to support business operations. Still, the article was a good read, and I liked the bit about changing the words used to describe IT related things. (There's a link to the article at the bottom of this page).

Entertainment:
Week 11's primary entertainment was found in the pub on Wednesday as we got together to celebrate all things Irish for St. Patrick's Day. Tradition dictates that we hole up in a small place about seven miles down the road from home (safer to be away from home on 17th March) where we hit the sauce the moment the Angelus bell stops ringing and stay there until we can take no more. This tradition was followed to the letter and a most entertaining day was had, however the volume of booze consumed did lead to one small problem:

Caprica: The latest episode of the prequel to Battlestar Gallactica was viewed while I was extremely under the influence, so my recollection of what happened is hazy at best, but I do remember that the show ended well with Daniel figuring out an important deatil about his shiny new Cylon. Caprica is shaping up nicely, it's nothing like Battlestar so I'd imagine some fans are a little disappointed, but I like it, though the Greystone's are the main focus and should get more screentime as the Adama storyline is bogging down a bit too much in Touron culture.


Hustle: I'm still working through older episodes of Hustle and I think I'm somewhere in series four at the moment. This episode featured Patrick Bergin as a diamond fanatic who'd had a necklace stolen for his collection that was subsequently lost by the thief (a friend of Micky and Albert's) who he had beaten up. Micky steps into the mix to help his friend and get one back at Paddy Bergin.

Poltergeist: On Tuesday night this gem of a horror got a spin on the DVD player. My opinion of this great movie is well documented and if you're so inclined you can find out more here: http://hackerscoven.blogspot.com/2009/09/27-days-of-fright-reprint-day-four.html

Two Thumbs Up for 2010 Week 11.

Links:
Windows Installer Clean Up vs. MSXML:
http://support.microsoft.com/kb/968749

Dr. Doeslitte, the CIO who talks to the Accountants:
http://searchcio.techtarget.com/news/article/0,289142,sid182_gci1456760,00.html

Friday, March 19, 2010

Bypassing Windows Logon Security with Kon-Boot

I'd been looking for an excuse to try this out for a while, but as with such things, a reason presented itself that REQUIRED me to try Kon-Boot in order to get onto a Windows machine that I didn't have a password for.

The situation is this - a typical problem that presents itself to administrators is new starts with no notice, that is, a new person is coming into the company on Monday and I was told about it today. Today is Friday. The person is only going to be here for a short while but they still need a PC and access to the company network, so I had to rustle something up for them. There's been a spare PC on my desk for a while now and this seems the perfect opportunity to get rid of it for a while, however when I powered it up I realised why it was there in the first place. It works, but no-one can log on as no one has a clue what the local password is and it won't connect to the company domain so those user accounts are no good either.

I'd seen Kon-Boot on an episode of Hak5 and had sworn that I'd get round to trying it our for real. Not too long ago a friend of mine contacted me asking for advice on how to deal with the problem I've just been presented with and I suggested that he try this naughty little piece of software that's designed to get you through the pesky security on a windows computer. I'm not sure if he ever tried it but I vowed that I would.

So, this very afternoon I was finally given the excuse I needed to do this (legitimately) at work. I searched for the website (see links below) and downloaded the iso image for the Windows version. This I burned onto a disc which I used to boot the PC in question. Upon boot, you are presented with an old school boot screen that presents the credits for the developers of the software. This reminded me of the credits that used to go at the beginning of old Amiga games that had been craked and were a favorite of the kids at the school I attended back in the day - if you take a look at the Kon-Boot website you may notice some other references to the old Amiga systems.

Once you get beyond this screen another, similar screen lets you know the system is loading. From this point you are in familiar terrirtory as the XP loading screen is presented and the computer gets to the CTRL ALT DELETE prompt as normal. All is far from normal however, as once you press those three keys you can put in any old muck and the system will log you on.

That's it. You're in at that point and free to do whatever you please.


Links:
http://www.piotrbania.com/all/kon-boot/
http://www.hak5.org/episodes/episode-518