Forgot your password?
typodupeerror
Security

Windows MHTML Vulnerability Warning From Microsoft 49

Posted by CmdrTaco
from the thats-bad-mmkay dept.
jhernik writes "An HTML scripting bug impacting all supported versions of Windows is receiving Microsoft's attention Microsoft issued an advisory on a Windows security vulnerability today after exploit code for the bug went public. The bug, which lies in the MIME Encapsulation of Aggregate HTML (MHTML) protocol handler, can be exploited to cause data leakage. Though proof-of-concept code for the vulnerability has already gone public, the company said it is unaware of any attempts to exploit the bug." This might seem familiar to you, but considering how many times I saw it submitted this morning, it probably doesn't ;)
Portables

+ - OLPC has kill-switch as theft deterrent

Submitted by Sid
Sid (666) writes "Ars reports that the One Laptop Per Child (OLPC) XO has an anti-thieft daemon in the OS that can be used to remotely disable machines, much like WGA. The Project added the kill switch at the behest of a few countries concerned laptop theft. From the report, "OLPC has responded to such concerns by developing an anti-theft daemon that the project claims cannot be disabled, even by a user with root access. Participating countries can then provide identifying information such as a serial number to a given country's OLPC program oversight entity, which can then disable the devices in certain scenarios.""
Sci-Fi

+ - Regrowing lost body parts coming in the future

Submitted by
[TheBORG]
[TheBORG] writes "There are two stories on Yahoo! News about regrowing lost body parts. One is about regrowing lost fingers & limbs and the other one is about regrowing teeth. The story about regrowing lost fingers and limbs talks about the experimental use of powdered pig bladder to regrow fingers and eventually lost limbs for soldiers and others in need from information that Pentagon-funded scientists hopefully learn from studying the salamander. The story about regrowing teeth talks about how Japanese scientists used primitive cells (not quite as early as stem cells) and injected them into a framework of collagen (the material that holds the body together). Once grown to a certain point, scientists implanted the growths into mice where the teeth developed normally."

Comment: 9 months with Asterisk (Score 1) 232

by TBC (#14144074) Attached to: Solutions for Small Business VoIP?
We have been using Asterisk for about 9 months. We came from an Altigen system. Our configuration was:

Digium 4 port T1 card and ADIT Channel bank with 8 FXO & 16 FXS ports
Cisco 7960 SIP Phone
Generic selection of SIP/IAX phones
Intel Server Class hardware (ECC Memory, RAID, etc.)

The Altigen system was a 8x16 system, and had a really good call queue system. We just needed more extensions. My goal was to duplicate the capabilities of that system. I started using AMP, the asterisk management portal as my configuration "GUI". In our office, I have 2 Linux/Unix people, and 20 windows techs, so my goal was a user friendly management system that I didn't have to baby sit. Unfortunately, when we started, AMP didn't support call queues. I hand-coded in the queues, and had a problem with queue calls dropping directly to voicemail. I'm in the process of transferring all of my extensions into the latest version of AMP, but I still have a few issues.

We have a number of issues that I believe will be fixed when we switch out the config files, but as it is right now, Asterisk is very unforgiving of errors in the dial-plan configuration files. If I had the option to do it over again, I probably wouldn't have gone with Asterisk. I still have problems where a "ZAP" or analog extension will simply "lock up." I have an issue where SIP calls will unpredictably fail until the extension re-registers. We have set up a connection with voicepulse to do outbound long distance, and it's OK as long as traffic isn't too heavy.

My advice is to consider Asterisk under the following conditions:

You need a VERY simple phone system. An Asterisk server with 4 FXO lines, 8 VoIP extension, and simple IVR menues to get to the extensions.

or

You are looking for a complex phone system, and can dedicate the time to hand-create the dial-plan files to be exactly what you need.

or

You can pay Digium or a consultant to customize the phone system exactly for your needs.

Asterisk has so many capabilities, but (not to knock the developers) it is too easy to crash the engine with a misplaced dial-plan entry. I created a "time-and-temp" application just for fun. It's absolutely amazing what you can do with it. Unfortunately, it isn't coded with five-9's of uptime in mind. Changes to analog trunks require a complete restart, which may not be possible in a busy phone system.

I like Asterisk. I think that in the right circumstances, it's a great tool, but you have to go into it with your eyes open. If you're time is valuable, go for a packaged solution.

As far as VoIP, you need to consider two cases:

1: VoIP Handsets on the same network as the phone system. (At least 10Mb/s of bandwidth available)
2: VoIP for inbound & outbound Telco.

My experience has been that VoIP on the local network has worked fine. My phone is on the same VLAN as our production network, and it has all the standard services running over it for ~30 PC's. I have NEVER had an audible artifact related to network traffic, including when I was trying to saturate the link with 80Mb/s of traffic. We're running G.729 for all of our SIP phones.

My experience with VoIP over the Internet has been hit and miss. As long as you have enough bandwidth between you and the VoIP provider, you can expect at least cell phone quality. The problem is if you have any bandwidth constraints or packet loss, you will degrade rapidly. Someone else mentioned the difference between GSM, G.711, & G.729. G.729 does seem to be the best option for us.

Lend money to a bad debtor and he will hate you.

Working...