Rosetta Stone discovered – Microsoft Speak unraveled

Speaksy English?  YES! – TYVM Eric

What did he say? Deciphering “Microsoft speak”

On Friday, there was an email thread going around amongst some Partners trying to decipher what an answer they had received from Microsoft really meant. Why? Because the people from Microsoft responding to the question fell into the trap of using “Microsoft speak” or “the excessive use of acronyms to see who can say the most with the fewest letters possible.” I’ve even heard rumors we have some teen cell phone texting champs on campus to help us get even more efficient and completely rule out the use of any full words… No, just kidding! 

Well, to try and help out, I thought I would take the acronyms included in that email, as well as several others, and post the REAL meanings up here so that they can hopefully help you in the future in the event one of us Microsoft folks start throwing out random multi-letter acronyms again in a conversation (and let me apologize in advance on behalf of all of them). Of course, you could just slap us and say, “ENGLISH PLEASE!” to snap us out of it. (Maybe you better skip the slapping part since I am not sure who from Microsoft you may be speaking to)

…translations, babble and more here:  ->Microsoft SMB Community Blog

OpenDNS – Why? Can something free be good?

OpenDNS – I use it and like it and yield it like a Zen master:  OpenDNS

Regardless if any blocking is used, the tool still provides an auditing/oversight function. OpenDNS is a high availability DNS service; it has a very proven track record of dependable service. If there were a cost it would be sellable; however, it’s ‘free as in beer’ so that is an even easier sell. If for nothing else it could be used as an introductory mechanism to helping your client discover the value of such web oversight of his office staff. Some would rather not bother; some will require access to this information on a as-needed basis, some are overreaching power mongers. It’s not a one size fits all thing.

As for if you trust them in their expressed intention of being a good neighbor in the ‘net’ as to their reason for providing this FREE service, that’s for you to sort out. As a skeptic looking for my clients best interests, I’ve not been given any telltale signs of any bait-n-switchery or other less than forthright underpinnings. It seems legit.

One downside I’ve discovered with OpenDNS is with optionally your logo integrated; when done your logo is displayed on an informational html page whenever something doesn’t resolve or is blocked. Although at first I thought this good in that I’d have a track back mechanism for people who were false-positive blocked that would enable finer adjustments, white listing, …etc. However, instead it put me in the position of a web ‘door-man aka bouncer’ of sorts. I really don’t advocate putting yourself in that front and center thug/gate-keeper position unless you have a service agreement in place as well as some pre-existing expectations, instructions, and explanations as to the who?, what?, and why? of web filtering in writing and distributed to all under your wise and almighty judicious power.

OfficeLabs.com – Innovative Business Applications

Found this today while doing some research on Microsoft OneNote – there are some great ideas and innovative concoctions available for your own download and discovery – think of it as the business process focused version of Live Labs:

Microsoft Office Labs

 http://www.officelabs.com/Pages/Default.aspx

Wirelessness – what tha? dual band? 2.4 or 5GHz “n”?

Having been doing some shopping for a wireless network of late I thought I’d try and discover what the whole “dual band” ‘n’ router thing was and why I would benefit from buying one especially since the costs are much higher than a single band ‘n’ model. In the process I’ve learned a lot more about bandwidths and the pro’s and con’s of 2.4GHz versus a 5GHz band. I didn’t know the draft ‘n’ specification includes both radio frequency bands; furthermore, it doesn’t necessarily require operation on both. Yes, that means it could be either one and this is of course pretty important to connecting a transmitter with a receiver (networking). I’ve also learned that there aren’t many 5GHz ‘n’ products on the market if there are any at all.  Let me Google that for you.  I’ve also learned that the promise of a 5GHz HOV styled expressway for wirelessness is in reality less than fantastic in that the higher bandwidth 5GHz doesn’t penetrate through walls as well nor go quite as far as 2.4GHz.

Here’s some more 5GHz food for thought – http://blogs.zdnet.com/Ou/?p=411

The next ongoing discovery was that Linksys (and others aka NetGear do the same) sells and promotes their simultaneous “dual band” expensive high-margin router (WRT610n) promising the ability to get better HD video streaming and online gaming performance on the relatively empty 5GHz band versus the crowded 2.4GHz band. …that sounds great The hollow and empty promise truth is that Linksys doesn’t sell a single 5GHz N network adapter (WMP300N is 2.4GHz) except for notebooks; you aren’t going to be throwing a simple adapter into that gaming rig box at your or your boy’s desk. That’s right and you are probably now connecting the dots. …all hype and no delivery Worse yet, you cannot easily find what band their “N” adapter offerings operates at (whether 2.4GHz or 5GHz); at least not from any of the product literature, spec sheets, and packaging that I’ve looked over (some mfg’s do provide this). Lacking a desired decent desktop adapter card, your only option then is to purchase another 5 GHz router and use it as a bridge with its wired ports.  In fact this is kinda what NetGear is selling as a “kit”.

bah humbug!  …this is one frustrated & frequency fatigued shopper

Antivirus 2008 or was it 2009 or was it…? a Malware Removal Tool Discussion

Last month’s Microsoft Malicious Software Tool cleans this threat (Win32/FakeSecSen – Microsoft naming):

http://blogs.technet.com/mmpc/archive/2008/11/12/win32-fakesecsen-a-nasty-piece-of-work.aspx

…and Microsoft has had a great amount of success as reported by the tool:

---

From Sandi @ Spyware Sucks this business perspective breakdown in $

Fraudware detected on 994,061 computers

As reported by Microsoft:
http://blogs.technet.com/mmpc/archive/2008/11/19/msrt-review-on-win32-fakesecsen-rogues.aspx

The figures relate to what Microsoft has labeled “Win32/FakeSecSen”.  That figure does not (I think) encompass all of the fraudware (fake security software) products that are out there.

Just imagine, if you will, if just 1% of the owners of those detected machines were fooled into buying the fraudware software at $40 a pop – that’s $397,624.40 in illicit income garnered by the crooks.  When we take into account the fact that billing services such as the (now defunct?) Bucksbill were regularly accused of double-charging victim’s credit cards, then we’re looking at an illicit income of $795,248.80.

Scary, isn’t it.  Is it any wonder the crooks behind malvertizing are so persistent?

Published Friday, November 21, 2008 9:53 AM by sandi

---

Here’s a word on the tool from Microsoft’s Steve Riley including some information I found uniquely valuable:

Steve Riley [MSFT]

Newsgroups: microsoft.public.security.virus

From: “Steve Riley [MSFT]” <steve.ri…@microsoft.com>

Date: Mon, 1 Dec 2008 14:15:34 -0800

Local: Mon, Dec 1 2008 5:15 pm

Subject: Re: Alerting – Malicious software removal tool (MSRT)

When the MSRT runs, if it finds what it looks for, it removes it and reports that removal to Microsoft. If it finds nothing, it exits. Neither I nor the
tool nor the SIR make any claims that the MSRT completely cleans a machine. As others have pointed out, it is one element of an effective arsenal of
tools to help improve security.

Here’s something interesting, which might even surprise you: this month (November 2008) the single most prevalent piece of malware the tool detects
is Win32/FakeSecScan (rogues that mimic the Security Center). As of 13 November, we’ve tracked 811,000 removals. This includes some FakeSecScan
threats that were no longer active when detected — meaning that they were incompletely cleaned manually or by other AV products, and the MSRT
successfully cleaned out the remaining bits.

I have a proposal for you — actually, for everyone reading this thread. The MSRT creates a log file in %WINDIR%Debug. KB 890830 describes its output.
If you ever encounter an instance of where the tool fails to properly clean a machine, the Microsoft Malware Protection Center is ready to help. Go to
http://www.microsoft.com/security/portal, click on “Submit a Sample,” and please send us your MRT.LOG file and a sample of the malware, if you can.
We’d love to work with everyone to make sure the tool is as effective as possible.

–
Steve Riley
steve.ri…@microsoft.com
http://blogs.technet.com/steriley
Protect Your Windows Network: http://www.amazon.com/dp/0321336437

---

You may not be aware, but you can run that Microsoft tool manually.  ‘Run-> MRT’  It of course runs in the background quietly after you download it’s latest version via MU or WSUS each Patch Tuesday.  To learn more on running this manually and an in depth guide on the tool look here:  http://www.vista4beginners.com/Windows-Malicious-Software-Removal-Tool

Another tool I heard recommended that I’d never heard of before (much like it was with the ever successful against this threat – Malwarebytes) is SuperAntiSpyware:

Here’s some very interesting background on the bad guys behind this threat from security super-friend (think Hall-of-Justice) Jesper:

http://msinfluentials.com/blogs/jesper/archive/2008/11/07/xp-antivirus-in-the-news.aspx

If you want to be knowledgeable and prepared for this ever adapting malware threat, read the above and follow the references on how this elaborate shakedown scam got hacked.  It is very impressive to see how they have been so successful at their nefarious deeds due to capitalism in the black market.  Basically they have implemented a franchise business model of sorts founded on social engineering piggy-back attacks.