Echobit

You’ve probably heard about the critical security fixes that Microsoft released recently. This means that whenever you distribute a new build of your product, you must remember to ship the latest version of the VC++ redistributable package with it (VC++ 2005 and 2008). If you don’t, your customers will get endless side-by-side misconfiguration errors.

If you’re like me, you still want to be able to run debug builds on your test machines. As always, you need the Debug CRT for that, which I’m sure you know isn’t part of the redistributable package. Microsoft has documented two ways of installing a debug CRT on test machines:

http://msdn.microsoft.com/en-us/library/aa985618%28VS.80%29.aspx

I personally use the second approach since I know exactly which files get copied to the target machine and it’s just less intrusive in general. Read more…

I’ve been traveling quite a bit lately and I’ve found it particularly convenient to simply remote into my machine at the office and do all my work through Terminal Services (or are we supposed to be calling it Remote Desktop Services now?). This allows me to access the virtual machines and the servers located at the office without major latency. If you’ve ever tried using VMware Server Console through a VPN connection, you know what I’m talking about.

I always listen to music when working. At work, that’s not a problem since I’ve got all my music stored on my work computer. However, when on the road all my music is stored on my laptop. This becomes a problem since my laptop’s music player cannot be accessed without first minimizing the fullscreen remote desktop window. Read more…

I spent some time last night catching up on the new season of 24. The first three episodes have a large emphasis on security and hacking of secure networks. In one of the episodes, the network administrator is tasked with restricting access to certain information because there’s a leak inside the FBI. That same network administrator is also responsible for tracking down that same leak, and at one point she goes down to the mainframe to confirm the user name of the person. Before logging in on the mainframe, she cautiously looks over her shoulder to make sure nobody is around to see her type the password.

What cracks me up about this is that when she gets back to her own workstation, it’s not even locked! If you’re worried that people might be snooping around and you know for a fact that your account has unrestricted network access, why the hell do you leave your computer unlocked when you go somewhere.

Just a random note

I recently wrote about security when it becomes a nuisance rather than an effective safety mechanism. Not long ago, I had a similarly unfortunate interaction with a large American bank.

Shortly after I had created my account, it turned out that I’d given them an incorrect mailing address because the agent at my apartment’s leasing office had accidentally written the wrong street number on the leasing papers (well done…). Even though only the last digit was wrong, and the street number one I’d been given didn’t even exist, it meant I had to get in touch with my bank, insurance company, etc., to make sure they all had my correct address.

Unfortunately, changing the mailing address with my bank turned out to be more difficult than expected. Read more…

A while back I went clothes shopping with my brother. While we were waiting in line, it occurred to me how the stores go to great lengths to prevent shoplifting. They obviously cannot have security cameras in the fitting rooms so they need another mechanism, and one popular way is to allow the customers to bring only a certain number of items into the fitting rooms. A lot of places enforce this by counting the number of items you’re bringing into the room (with an upper limit) and handing you a small badge showing exactly how many you’re bringing with you. When you come back out, the number on the badge is compared to the number of items you’re carrying.

This is a pretty simple and straightforward scheme that works quite well. With this post, however, I wanted to highlight how commonly used this approach has become that the stores (and their employees) seem to have forgotten why it was created in the first place. Read more…