From:         Patrick Douglas Crispen 
Subject:      Tourbus - 30 Oct 03 - Shoot the Messenger / OS X Bugs

TODAY'S TOURBUS STOPS: Shoot the Messenger / OS X Bugs / RSVP
The Internet Tourbus - U.S. Library of Congress ISSN #1094-2239
Copyright © Bob Rankin and Patrick Crispen - All rights reserved

Howdy, y'all, and happy Halloween from deep behind the orange curtain in beautiful Irvine, California. I'd usually add something funny about my hometown here, but in light of the recent fires that have struck a large portion of Southern California over the past couple of days -- 11 fires have consumed over 1,100 square miles (almost 3,000 square kilometers) of land, destroyed over 2,600 homes, and killed 20 people -- I think holding off on the funny right now is completely appropriate.

Wednesday's edition of the Los Angeles Times contains a detailed map of what's been going on here on the left coast. If you have Adobe's free Acrobat Reader installed on your computer, check out

http://tinyurl.com/t35h

[I live pretty close to the Interstate 5 sign in the middle of Orange County on the map.] Make sure to scroll down once the entire map loads to get a better understanding of the scope of this disaster. And remember, this map is 24 hours old.

I'm sure the LA Times will be posting an entirely new, updated map early Friday morning in the right column of

http://tinyurl.com/t3j3

Finally, if you are interested in making a donation to the relief efforts, check out

http://tinyurl.com/t3kq

The bottom of that article provides links to relief agencies throughout Southern California.

TOURBUS is made possible by the kind support of our sponsors [and the proceeds from today's post will be donated to the American Red Cross Disaster Relief Fund.] Please take a moment to visit today's sponsors and thank them for keeping our little bus of Internet happiness on the road week after week.

On with the show ...

Shoot the Messenger Audience: Windows NT, 2000, XP, and 2003 users in all countries

Back in the days of mainframe computing, and *WAY* before the days of instant messaging as we know it, the folks at computer centers needed a way to send emergency text messages to everyone announcing things like

THE PRINT CENTER CLOSES IN 15 MINUTES! PLEASE PICK UP YOUR PRINT JOBS IMMEDIATELY.

or

SQUADRONS OF SQUIRRELS SPOTTED IN THE VICINITY OF THE SEEBECK COMPUTER CENTER! YOU WOULD BE WISE TO IMMEDIATELY SAVE YOUR WORK AS WE WILL SOON BE PLUNGED INTO SQUIRREL-INDUCED DARKNESS.

So, built into mainframe operating systems like VM/CMS and UNIX are commands like TELL and WRITE that let you broadcast a simple text message to a specific user or group of users. [And you get special karma points if you ever used these commands to spook newbies.]

Windows has a similar, built-in feature called the "Windows Messenger Service." Now this is NOT to be confused with "Microsoft Messenger" or "MSN Messenger," Microsoft's free instant messaging program (a la AOL Instant Messenger, ICQ, or IRC.) *WINDOWS* Messenger Service is a way for mainframe and network administrators to broadcast an emergency text message to all users.

The Windows Messenger Service is, by default, enabled in Windows NT, Windows 2000, Windows XP (Home and Professional), and Windows 2003.

And it's about as useless as giving a job application to my brother.

The problem is that the Windows Messenger Service can be used by unscrupulous spammers to send you an untraceable pop-up message even if your Internet Explorer is closed. And, even worse, a hacker can use the Windows Messenger Service to break into your computer and do all sort of nasty things "including installing programs, viewing, changing or deleting data, or creating new accounts with full privileges." [Source: Microsoft Security Bulletin MS03-043 at http://tinyurl.com/r2j3]

By the way, you DON'T need to worry about the Windows Messenger Service if have a Mac, a *nix box, Windows 95, Windows 98, Windows 98SE, or Windows ME. BUT, if you have Windows NT, Windows 2000, Windows XP, and Windows 2003, you need to turn this little bugger off. Now.

You could manually disable the Windows Messenger Service if you want -- the University of Virginia's Information Technology and Communications department shows you how to disable it at http://www.itc.virginia.edu/desktop/docs/messagepopup/ -- but if I were you I'd just hop on over to

http://grc.com/stm/shootthemessenger.htm

and download the free "Shoot the Messenger" program. I *HIGHLY* recommend this program for four reasons:

1. It's free. Free is good.

2. The Shoot the Messenger program is only 22 kilobytes in size. That's so small it's downright silly. You can download this program literally faster than you can read this sentence, even on the slowest modem connection on earth.

3. Shoot the Messenger was created by Steve Gibson at Gibson Research, the guy behind ShieldsUp and SpinRite. Steve is probably one of the most trusted and respected computer gurus on the planet. Having Steve Gibson [through his Shoot the Messenger program] disable the Windows Messenger Service for you is like having Lance Armstrong fix your bike or Michael Schumaker fix your car.

4. Downloading and running Shoot the Messenger keeps you from having to get your hands dirty by going to Start > Settings > Control Panel > Administrative Tools > Services > Messenger ... blah blah blah.

Once you have downloaded Shoot the Messenger, just double-click on the shootthemessenger.exe icon. A little window appears telling you if the Windows Messenger Service is running on your computer. If it is, just click on the "Disable Messenger" button and then click on "Exit."

That's it. The Windows Messenger Service is now disabled, and your computer is now protected from both the spammers and the hackers who have been using the Windows Messenger Service to do nasty things to other people's computers.

Oh, and you can delete shootthemessenger.exe if you want. You don't need it any more. :)

Nightmare of the Jaguar Audience: Mac users in all countries, especially if you use or plan to use OS-X

It looks like the security problems that have plagued the Windows community have now invaded the Mac community as well.

According to a report at CNET's News.com,

Cambridge, Mass.-based @Stake released three advisories on Tuesday. The first details "systemic" flaws in the way OS X handles file and directory permissions; the second notes a kernel-level vulnerability that does not affect default installations of the operating system; and the third involves a buffer-overflow condition that may be remotely exploitable.

[Source: http://news.com.com/2100-1016-5098688.html]

The solution to all three problems seems to be to upgrade to Mac OS X 10.3 (a.k.a. "Panther.") for US$129.00.

Sorry to be the bearer of bad news. If it is any consolation, John Paczkowski at Good Morning Silicon Valley adds that

some in the Mac community are questioning the integrity of the advisory. After all, @stake is a consulting company that works closely with Microsoft. And it did recently dismiss one of its marquee security researchers for calling "the ubiquity of Microsoft software a hazard to the economy and to national security"

[Source: http://tinyurl.com/swsx ]

Of course, you could always just upgrade to Windows XP and avoid this mess altogether. :P

RSVP Audience: Mac and PC users in all countries who have the Flash player

Our last stop comes to us courtesy of the Lifetime television network, the folks behind blockbuster movies of the week like "Voices from within: Where's my baby?," "Seduced by madness: what did you do to my baby?," and [while the first two are made up, this next one is actually a real movie title] "Baby Monitor: Sound of Fear." [I am *SO* Tivo-ing that!]

If you have the free Flash player installed on your computer and are looking for a really cool, addictive game to swallow up what little free time you actually have, point your Web browser to

http://www.lifetimetv.com/games/rsvp/index.html

and click on "Play Now." This loads a Flash game called "RSVP" in a new pop-up window, so make sure to disable your pop-up blocker.

The game is super simple to play. In fact, here are the instructions:

Arrange "guests" around the game-board table. Partygoers are happy when the colors on their card match the colors on either side of them.

To get to the next table, all the guests at your party must be happy. You can deal yourself three new cards, but this will cost you five points. You can deal new cards a maximum of four times.

Once you have placed "guests" at the table, you are free to move them around to make more matches.

Yeah, I know -- that sounds difficult. It really isn't. Trust me.

That's it for today. Have a safe and happy weekend, and we'll talk again soon. 

           .~~~.  ))
 (\__/)  .'     )  ))       Patrick Douglas Crispen
 /o o  \/     .~
{o_,    \    {              crispen@netsquirrel.com
  / ,  , )    \            http://www.netsquirrel.com/ 
  `~  -' \    } ))    AOL Instant Messenger: Squirrel2K
 _(    (   )_.'
---..{____}                  Warning: squirrels.

The Internet Tourbus - U.S. Library of Congress ISSN #1094-2239
Copyright © Bob Rankin and Patrick Crispen - All rights reserved
TOURBUS
HOME PAGE
LINUX
TUTORIAL
TOURBUS
ARCHIVES
Shoot the Messenger-OS X Bugs, viruses, hoaxes, urban legends, search engines, cookies, cool sites
TOURBUS Site Search