Mike Swanson

January, 2005

  • Mike Swanson's Blog

    The Move Begins

    • 12 Comments

    Sometime later today, I'll be backing up the data on my computer and disconnecting it for our final move out to Redmond, Washington. We have packers and movers here from Wednesday through Friday, and we make our one-way flight to Redmond this Saturday morning. It's been a very busy few weeks. In addition to all of the move-related tasks, I found out Sunday evening that I've been the victim of identity theft. Apparently, someone used my social security number to open a line of credit and order items that weren't being shipped to me. I've had to contact the credit bureaus and the local police department. I'm hoping that this was discovered early enough to avert too many unpleasantries. Anyway, the next time I'll have an opportunity to blog will be from our new location. Wish us luck!

  • Mike Swanson's Blog

    Download Microsoft Windows AntiSpyware Beta

    • 11 Comments

    As indicated in my post from last week and in a press release just this morning, we have made a beta version of Microsoft AntiSpyware available for download (more details here). It's based on the technology we acquired with our recent purchase of GIANT Company Software, Inc., and in my few days of testing, it appears to do a better job than the combined efforts of both Ad-Aware and Spybot Search & Destroy. Like Windows Update, the AutoUpdater feature can check for and automatically download new spyware definitions on a scheduled (and user-configurable) basis. And by default, the software runs a periodic system scan. For the past few days, a summary window has been waiting for me when I sit down at my computer in the morning. It's nice to start the day knowing that my system is "clean."

    Microsoft AntiSpyware also provides real-time protection by monitoring activity on your system with over 100 Security Agents. Security Agents are proactive in that they help to stop threats before they are installed. From the integrated help: "When software is installed or a change is made to your protected computer, internet, or application settings, System Agents react to analyze the change, and either allow the change if it is known to be safe, block the change if it is known spyware, or prompt you for additional action." Nice.

    There's also a SpyNet feature that allows your computer to share new threats with an AntiSpyware community. So, if your system and its Security Agents identify new spyware, the rest of the community can benefit as a result. The help file calls it a "neighborhood watch" for spyware, and that seems like a perfect mental image to me. This is similar to the way a lot of anti-spam software works, and it's been shown to be very effective.

    Remember that this is a beta release, and normal beta rules apply (don't install it on a production system, don't use it on production data, don't run with scissors in your hands, don't eat red meat, etc.). I really like what GIANT has put into this product. It's very easy to use, yet configurable enough for geeks. Plus, it's proactive, so I don't have to worry about running system scans every few days. What I've seen so far makes me excited about the future possibilities of Microsoft AntiSpyware.

    Update: Flexbeta compares Microsoft AntiSpyware with Ad-Aware and Spybot and concludes that "Microsoft AntiSpyware was able to detect more infected files than the current leading anti-spyware applications in the market today, Ad-Aware and SpyBot S&D."

  • Mike Swanson's Blog

    Relocation

    • 5 Comments

    I apologize for the lack of recent posts, but my wife and I have been preparing for our relocation to the Redmond, Washington area, and we've been quite busy preparing for the move (we're flying out on January 29th). We've never had to relocate more than an hour away, and it's always been one of those "call up your friends, rent a truck, and have a moving party." This is a little bit different. Our "to do" list seems to keep growing and growing. Plus, we're trying to spend some time with family and friends, because it won't be nearly as easy to visit them from 1,770 miles away! We've been in Southwest Michigan for most of our lives, and our roots here are pretty deep. However, the closer we get to the actual move, the more excited we get.

    I've been working remotely this week, and it's gone smoothly so far. I'm being introduced to people that I'll be spending a lot of time with, and I'm really looking forward to our future interaction. There have been a few technical hurdles related to switching my internal account between domains, but overall, no showstoppers (and perhaps more importantly, nothing I wasn't prepared for). I've started to read through the WinFX SDK documentation from the November CTP release, and it's made me even more excited about what we're doing with Avalon. I'm sure I'll be blogging about it a lot more down the road.

  • Mike Swanson's Blog

    SQL Injection Attacks and Data Thief

    • 5 Comments

    Although I wouldn't consider myself a SQL Server expert, like any good developer, I know my way around stored procedures, database normalization, and proper indexing techniques. Occasionally, I get questions from customers about SQL injection attacks. The questions are usually along the lines of: "What is SQL injection?" or "Is it really a big concern?" I can tell you that it is a very big concern, and if you're writing web applications (on any platform), it would be irresponsible not to familiarize yourself with the exploit.

    Mike Gunderloy's The Daily Grind 533 references a good introductory articled titled SQL Injection Attacks by Example by Stephen J. Friedl. Although the article is posted on a Unix tech tips site, its content is nonetheless germane to almost any web application on any platform. His example illustrates a SQL injection exploit on IIS 6, ASP.NET, and SQL Server.

    Here are some other resources that I typically forward to curious developers:

    But, if you really want to freak out (or if you want to demonstrate to management how critical it is to worry about such issues), download the free proof-of-concept tool called Data Thief from Application Security, Inc. and a related whitepaper titled Manipulating Microsoft SQL Server Using SQL Injection. I saw this tool demonstrated at an internal security event, and the first thing that popped into my mind was: "This is Enterprise Manager for hackers." Scary stuff.

  • Mike Swanson's Blog

    Macro Wallpaper 5

    • 4 Comments

    Although it was never my intention, I seem to have started a wallpaper trend. As each season draws near, I receive e-mails asking when I'll have the next seasonally appropriate images to share. Well, here are five new ones for winter. The originals are cropped at a 16:10 aspect ratio (1920 x 1200) to match my monitor, and as always, I've also supplied them at 1280 x 1024.

    It's tough to find color in the winter; all that snow and ice tends to wash everything out. The first four photos were taken at a park in Holland, Michigan on November 24, 2002, right after a beautiful snowfall. If you look carefully, you can see an individual snowflake in the fourth picture. The last shot was taken as my wife and I left for a Caribbean cruise on the morning of April 6, 2003. It had rained, and everything was coated with an icy shell. This image is from a tree in our front yard. Needless to say, none of the palm trees in Florida later that day showed any signs of ice. :)


    (1280 x 1024 version)

    (1280 x 1024 version)

    (1280 x 1024 version)

    (1280 x 1024 version)

    (1280 x 1024 version)


    If you missed the first four sets, check out Macro Wallpaper, Macro Wallpaper 2, Macro Wallpaper 3: Fallpaper, and Macro Wallpaper 4.

Page 1 of 2 (9 items) 12