2016-10-06

Gifting for International Coffee Day

Mmmmmm, coffee.....joe, nectar of the gods.

In celebration of international coffee day, and the molecular blessing that is caffeine, I will be buying this perfect gift, the essential This is Not a Paper Cup cup to my fellow Portage Design employee.

While I'm at it, I think I should start looking for stocking stuffers & christmas gifts.




2016-03-04

New ECHO Drawing Management System by DCM coming soon...

The preview of the latest ECHO DMS release by DCM looks awesome.  Have a look here.  My previous company had tonnes of CAD drawings.  We used to store them on Windows network file systems and later on SharePoint with some very basic metadata.  By a proper Drawing Management System like ECHO would have been a huge boost to productivity.  The expense of not working from the latest drawing can be enormous.

2015-07-07

Document Check-out Done Right

The Drawing Management System (DMS) by DCM has a revision control feature I very much like.  Not only does it support the typical check-in comments, but also check-out comments.  It's nice to know not only who, but why and when my colleague has the document checked-out.  Putting a simple content to this transaction can save a phone call or email in the process if I see that they just have the drawing or document just out for a few minutes or many weeks, and have forgotten about their check-out. 

As a manager, it can also help me keep tabs on the work in progress of my staff without pestering them for updates.

http://dcminc.ca/drawing-tip-2-check-in-check-out/

2014-05-12

2014-04-30

IE Vulnerability in a post-WinXP Support Era

US Dept. of Homeland Security official advisory of recent Internet Explorer vulnerability affecting version 6 to 11 of the popular & default WinOS browser.

http://www.us-cert.gov/ncas/current-activity/2014/04/28/Microsoft-Internet-Explorer-Use-After-Free-Vulnerability-Being

Microsoft now has an accompanying security advisory, with many technical details and work around of using the Enhanced Security Feature of IE.

https://technet.microsoft.com/en-US/library/security/2963983

If you are on WinXP however, IE 8 the last version of Internet Explorer available to you an now patch will be released.  In this case, you should strong consider installing and using another browser such as Firefox or Google Chrome.  On WinXP computer you many want to kill IE so that it never gets used even by a user who manually invokes the application directly.

Here's how to kill IE once and for all on WinXP: http://www.runbooks.info/p/disable-internet-explorer-on-winxp.html




2014-04-08

Heartbleed Bug OpenSSL

Possible one of the most significant security bugs in recent times. Any server running OpenSSL 1.0.1 through 1.0.1f (inclusive) is vulnerable to this security threat.   As this is a common package on many Linux distros, a very large number of Internet servers, hosting everything from websites, ecommerce sites, email system, instant message, etc. are likely affected by this bug.

By exploing this memory leak the server's private key can be compromised.  The attack leave no trace. With the private key in hand, attackers could decrypt any past and future secure traffic that used/uses this key.

For the average Internet user, this potentially means that your password used to access a given secure website, (on a server affected by this bug), could be determined by anyone who has access to a copy data packets exchange between you and the "secure" server.  This could be anyone who has access to the path on which your data flows between client and web server, local network administrator, ISP, (NSA it goes without saying).    

What Happens Now:
Sys Admin will need to patch their system and get new private keys re-issued.
User should change their password on their system is fully patched and operating with new keys.

The affected version of OpenSSL are included by default in the following Linux operating system.

  • Debian Wheezy (stable), OpenSSL 1.0.1e-2+deb7u4
  • Ubuntu 12.04.4 LTS, OpenSSL 1.0.1-4ubuntu5.11
  • CentOS 6.5, OpenSSL 1.0.1e-15
  • Fedora 18, OpenSSL 1.0.1e-4
  • OpenBSD 5.3 (OpenSSL 1.0.1c 10 May 2012) and 5.4 (OpenSSL 1.0.1c 10 May 2012)
  • FreeBSD 10.0 - OpenSSL 1.0.1e 11 Feb 2013
  • NetBSD 5.0.2 (OpenSSL 1.0.1e)
  • OpenSUSE 12.2 (OpenSSL 1.0.1c)


OpenSSL Security Advisory from 07 Apr 2014 (http://www.openssl.org/news/secadv_20140407.txt)