|
|
| ABN 23 114 975 772 | newsletter@quarkgroup.com.au | www.quarkgroup.com.au | issue 14 | november 2005 |
|
|
Update Zone |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
The Latest Malware Information |
||||||||||||||||||||||
Sony and Rootkits Firstly let me say that I have no issue whatsoever with a company protecting its intellectual property, copyrights, trademarks or other assets by legal and safe methods of enforcement. What I draw the line at is any company using nefarious means such as viruses, trojans, rootkits, baseball bats or anti-competitive behavior to force another party into submission. What I'm riled about at this point in time is Sony BMG using a program known as a "rootkit" as part of its anti piracy protection mechanisms. Of course, this rootkit is only installed on the systems of those purchasers of the original CDs that use this copyright "protection" method and is never going to stop those who want to pirate any Sony BMG CDs. This is tantamount to a car manufacturer putting components in the brake system that are dissolved by brake fluid on all of their new cars to ensure that owners don't drive the cars over 110 Kmph. Because of the publicity that this mind numbingly stupid move on Sony BMG's part has generated, not only have their been a number of trojans written to exploit this rootkit, but Sony BMG looks to be in legal trouble in a number of countries over this malicious software they install. In California and New York there have been class-action lawsuits filed against Sony for the damage that this rootkit has caused to the computers of those people who bought any of the 20 copy protected CDs in question (including artists such as Natasha Bedingfield, Neil Diamond, Sarah McLachlan, Ricky Martin, Santana and Celine Dion). While on the topic of Celine Dion, I think they need playback protection on her discs, not copy protection! |
Having been dealing with computer security since the mid 1980's, I (Hilton) have seen a lot of things come and go that the majority of computers users don't even know about. That doesn't mean that these things aren't important and shouldn't be learned about in order to protect yourself, your network and your data. Something that frightened me about this Sony BMG Rootkit issue more than anything else was when I heard Thomas Hesse, the President of Global Digital Business at Sony BMG say (and I quote) "Most people, I think, don't even know what a Rootkit is, so why should they care about it?" Listen for yourself at npr - Thomas' comment is around 1:45 - 2:04. This is one of the most frightening things I've heard from a person in such a position in a great many years. Although removal of this malicious rootkit is an intricate procedure, Quark IT is capable of achieving this. We will also gladly report the presence of the rootkit to our contacts at the Australian High Tech Crime Centre. |
|||||||||||||||||||||
Licensing: OEM - O E what? |
|
OEM - Original Equipment Manufacturer When you buy a new computer, it often comes with not only Microsoft Windows XP, but also the option of buying various OEM packages at the same time, such as Microsoft Works or Microsoft Office. The cost of these applications (and the Operating System, itself) is quite cheap when compared to the full packaged products - for example an OEM Office 2003 Small Business Edition may cost around $325, whereas a full copy will cost around $700. The contents of both packages are identical, so you may be wondering why there is such a price discrepancy. Well, the simple answer to this is "Licensing Restrictions". Microsoft (and pretty much all other software manufacturers) apply rather restrictive licensing conditions to their OEM versions of both software and hardware (such as keyboards and mice). Microsoft, for example, restricts OEM licenses to be used only on the physical computer that they were originally sold with. If the machine's components are replaced due to regular in-warranty conditions, then there is no need to re-purchase the OEM software, however if the machine is damaged, lost or stolen outside the original manufacturer's hardware warranty conditions, then when a replacement machine is purchased, the OEM Licenses must be re-purchased - the original OEM Licenses live and die with the original machine. Software Assurance The only way that these OEM Licensing conditions can be lifted is if a Software Assurance Agreement is purchased within 90 days of the original invoice date (to the reseller, not to the client). This applies to software, operating systems and also CALs - Client Access Licenses. If the SA is purchased outside this 90-day period, the OEM Licensing restrictions are still enforced, however the remainder of the SA benefits will still apply. Upgrades If you have an OEM License on a computer, say for Windows 2000 Professional, and wish to purchase a Windows XP Professional Upgrade License, then you will be required to retain the original OEM License for that computer and also only use the Upgrade License on that computer. The qualifying product for your Upgrade License is an OEM License, so the Upgrade License is only valid for the computer to which the OEM License was locked. Admittedly, the upgrade situation is not really that much of an issue as generally you are more likely to buy a new computer at the same time as you upgrade from an older operating system, but for those times when you are upgrading an existing computer to a new operating system or application such as Microsoft Office, then you need to be aware of the OEM restrictions that are subsequently placed on your Upgrade License. |
So, why bother with OEM at all? Price, basically. OEM software and hardware is often around 50% of the price of the equivalent full packaged products and a little bit cheaper than Microsoft Licensing versions of the same operating system or application. However, as we all know (though often don't want to admit), you get what you pay for. OEM Licensing restrictions do place serious constraints - both practical and legal - on what you can do with that software and/or hardware. Quite often it is much more sensible to purchase Microsoft Licensing versions of things such as Server Operating Systems, Server CALs, Office applications and so on. But not always. If everything were black and white, why would you need us? :) How do I know my OEM License is valid? All Microsoft OEM Licenses are shipped with an End User License Agreement (EULA) and a Certificate of Authenticity (CoA). The EULA is the screen that you should have read before accepting the conditions of use of the software License in question (however this may have been accepted by the person or company who installed your computer system(s) for you if you had given them approval to install the system for you. The EULA may also be found printed in the User's Manual or as a piece of paper that accompanied the product, and often can be found on the computer in text format or on the website of the company who wrote the software. For all currently supported Microsoft OEM software, the CoA will be found on the computer itself. This is a requirement of the Microsoft OEM System Builder program. If the original computer motherboard needs to be placed in a different case, the OEM CoA sticker is not allowed to be detached from the original case and reattached to the new case, but the original case component where the sticker is attached needs to be retained. Silly, sure , but that's the current recommendation from Microsoft. Summary OEM Licenses are sold at a reduced price because, mainly, they are locked to the computer on which they were originally sold and are unable to be transferred to another computer. Upgrade Licenses are subjected to the same conditions when upgrading an OEM License. The original Tax Invoice showing the purchase of hardware and software on the one Invoice as well as the CoA are needed to prove OEM License compliance. If you have any concerns about the number or type of Software Licenses that you have purchased, please contact Quark IT and we can assist you to determine if you are correctly and adequately licensed. |
Why Engineering Is So Important |
|
A busy time for all The end of year can be an extremely busy time for the building industry. With many contractors in a rush to get major works completed before Christmas, it is even more important than usual that project details are documented and managed effectively. If you are in the process of building or looking to commence works, we cannot emphasise enough the need for accurate and well developed documentation and meticulous project management. Documentation and engineering is essential Over the years, we have heard too many horror stories of projects going wrong and costing the client money and time because the company did not engineer projects, or was not qualified for the task. It is for this very reason that we conduct Systems Engineering with Registered Practicing Engineers and use a team of experienced experts on-site to manage and maintain the integrity of our projects. Although in most cases we are happy to work with your builder or architects electrician, if they have no documented plan, no scope of works, no inclination to discuss lighting requirements and no certification in data or C-Bus™ systems... we strongly recommend you consider what you are getting for your money. These sorts of issues are the reason that Quark Automation demands more of the team involved in your project. We ask if you have a data-qualified electrician, a lighting plan and a digital copy of floor plans because we need to monitor the works and progress of your project with the utmost attention to detail. It is unfortunate that many companies work by the seat of their pants. In some cases, experience means that most times, they get it right. In our opinion, experience should not be the only guarantee proffered as an indication of delivering a quality project. Most times just isn't good enough – especially if yours happens to be one of the rest of them. Professional design and documentation is the key. When everybody is working off the same page, the same plans and with a clearly defined goal, your project will run more smoothly with the result you deserve to expect. Systems Integration should not be left to chance. If you are looking to build, please don't hesitate to speak to us as soon as your have a digital copy of the floor plan. If your architect, builder or electrician has not discussed Home Automation or Smart Wiring with you, ask them to bring in the experts. Quark Automation's team uses Lighting Designers, AudioVisual Engineers, and fully-certified AudioVisual industry experienced electricians and IT experts to deliver you the System Solution you are seeking. Quality engineering costs a lot less than the alternative. Don't leave your Home Automation project to chance. |
  In recent news, a belated congratulations to the team from the Queensland University of Technology "White Room" display at the 2005 Brisbane Home Show. The girls took out the People's Choice Award and came a very close second to one of the largest designers in Brisbane in the professional awards. What an amazing result for this group of talented third-year students. Congratulations again to you all. Quark Automation is proud to have been part of your project and we enjoyed working with you all very much. Gia Mitchell's contemporary art exhibition "The Rapture" was on exhibition at the Institute of Modern Art, Judith Wright Centre, Fortitude Valley. We are pleased to have assisted Gia in the AudioVisual and soundtrack components of her exhibition in conjunction with our friends at Bose®. If you would like to receive some more information or make an appointment to discuss how Quark Automation can design a Clipsal® C-Bus™ system to suit your home or office needs (or even your art exhibition), please contact Quark Automation to discuss your home and office automation needs. Quark Automation is a registered Clipsal® C-Bus™ Systems Integrator.  |
Windows XP Media Center Edition 2005 |
|
An early Christmas present As it is getting close to Christmas, we thought it only fair that we show you a bit of what Microsoft has to offer around the Home Entertainment area - instead of just yapping on incessantly about their solutions for business. Microsoft Windows XP Media Center Edition 2005 (MCE) is the third revision of Microsoft's Media Center software and I have to say, it ain't half bad! MCE is basically a PC based on Windows XP. After recovering from this shocking revelation, I'm sure you have now decided that you really don't want a rocket ship next to your television that means you need to buy the houses around you and convert them into bunkers so you can turn the home theatre up loud enough to hear over the fan noise. That's good - nor do we. And thankfully, there are a few ways to overcome this situation. One is to buy a huuuuuuge block of land. The other ways involve investigating the technology that is available today and employing the best of breed solutions that are appropriate to your situation. Just like in every other aspect of life. Hardware options The load that MCE places on a computer is quite high, especially if you are recording or watching High Definition television. Because of the high load, a high end computer is needed to run MCE and anything less than this will be a disappointment. Although I am reluctant to throw numbers in here, if you have anything less than a 3.0 GHz CPU, 1 GB RAM and a 256 MB video card, you will not be getting the best from a MCE computer. Alternatives abound, however, no matter which way you look. Hewlett-Packard makes a nice MCE PC, Quark IT can build a customised MCE PC to suit your needs, or we can build a solution based around products such as the Life|ware: Media Centre Edition. 
|
Media Center Edition software MCE, in its default state, is nothing like Windows XP as you know it. It has a completely different interface that has been designed for use with televisions and remote controls. It is a very logical interface to your digital entertainment - music, television, DVDs, pictures and so on.  Your MCE box will act as a rather nice PVR - personal video recorder. With support for up to 3 tuners, you can even watch one program whilst recording 2 others! Say goodbye to your old photo albums and slide collections - MCE allows you to make a slideshow of your last holiday snaps or your daughter's most embarrassing photos for her 21st birthday party and have this accompanied by the music of your choice. MCE has the ability to read the photos from your digital camera and import them into the computer. You can rotate and even touch up the photos to make your slideshows even more enjoyable. You can burn not only your slideshow with its backing music to a DVD to share with friends and relatives, but you can also burn CDs from your collection and even DVDs from home videos that you have saved to the computer. Corporate uses for MCE Boardrooms and waiting rooms are ideal targets for MCE installations. If you'd like to discuss your options, please don't hesitate to contact Quark AudioVisual. |
Next Month |
|
Software Licensing We continue this series of articles with a look at the conditions that apply to Version Upgrade Licenses. There are many people who think that they are fully licensed, but because of the specific Upgrade License conditions, they are actually running unlicensed software. |
Microsoft's gaming platforms After introducing you to the first of Microsoft's Home Entertainment products - the Windows Media Centre - we'll let you know the current goss on their new gaming platform, the Xbox 360. Again, if there is anything you'd like to see covered in future Newsletters, please email us with any suggestions or comments. |
Signing off |
|
We'll call that a wrap for our November, 2005 Quark Group Newsletter. It appears that Sony BMG has stopped deploying rootkits with some of their music CDs now, due to the public outcry that surrounded the discovery of this practice. As of 11 November, 2005, Sony BMG has stopped shipping all CDs the deploy the malicious rootkit onto honest and legitimate users' PCs. Microsoft's (and many others') antispyware applications will detect and remove this rootkit. As I sit here with yet another storm brewing outside, don't forget to ensure that your sensitive electronic equipment and its data is adequately protected from electrical damage. The Quark Group can evaluate your needs and recommend the best options for you. With the latest Sober.Y worm threat that has appeared in the last week, I suppose it is time to remind everyone that a good antivirus solution will protect you - this is why we only recommend NOD32. None of our clients who have NOD32 installed suffered the ill effects that many other people worldwide suffered. Sober.Y is a clever (read: dangerous) variant of this mass-mailing worm that harvests email addresses from your computers and emails a copy of itself out to all those email addresses it finds. If you know anyone else who would like to receive this Newsletter, please feel free to forward this edition to them and also ask them to email us asking to subscribe. Please contact us if you would like Quark Group to assist you in ensuring that your home as well as your office computing environment is as functional as it can be. | |
