Scott Hanselman

Caught in the Act

July 5, '07 Comments [8] Posted in Musings
Sponsored By

iStock_000001183244XSmall

My wife caught me. I knew I shouldn't have been doing it, but she was sleeping and I figured, what was the harm? It's a victimless crime.

It was late, I was *engrossed* and suddenly the door opened! I'd been thinking about doing this all day and had finally found a quiet opening. I couldn't get it off my mind, I just needed to finish this thing up.

She was awake and coming to check her email. I could tell by the look on her face that she wasn't happy. It was that mixed look of shock and disappointment that you never want to see.

"Scott David!" she exclaimed, "What are you doing? Why couldn't you talk to me first!" What could I say, I was violating that one thing that one must not violate in a relationship. I tried to cover things up but the damage was already done.

I had her personal computer opened up, ribbon cables everyone, guts spread all over the room, trying to upgrade the system's memory.

This is an even worse situation than the first time I tried to replace the main TV remote control with one from Radio Shack. At least that turned out OK in the end.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

MSN For You - MSN Messenger Worm Virus Self Phishing Replicating Evil

July 5, '07 Comments [26] Posted in Musings
Sponsored By

getmessengerevilWow. I just got nailed. A trusted friend sent me a standard "check this out" instant message on MSN saying I should take a look at a site called http://www.newmsnlive.info also known as http://www.msnforyou.info and http://www.get-messenger.com.

Do NOT visit these links.

I didn't read the FAQ, but there's these gems:

"By using the Online Delete Checker you authorize Get-Messenger to temporarily change your nick to "http://www.get-messenger.com: Find out who removed you from his/her contact list" only for advertising purposes. You can change the nick again the next time you log into your regular MSN Messenger® client."

By using the Online Delete Checker you authorize Get-Messenger to send Instant Messages on your behalf to your online contacts advertising the site.

It is quite simple. We just try to get visits in order to make money publishing ads. There are no dark or mischievous intentions behind."

I don't know what I was thinking, but I figured I could just change my password afterwards. What I didn't expect, though, was that the website would send out Instant Messages to 300 of my closet friends, some of the messages in Spanish, asking THEM to visit the site.

Of course, these terms of service are buried at the bottom of a long FAQ I didn't read. I appreciate that they are 'honest' but I really find this way of viral advertising to be disingenuous.  Fortunately, I'm not the only one who is finding this to be very uncool, and the site(s) are starting to show up in Anti-Phishing Databases.

The issue is also being escalated with Windows Live Messenger Operations with the intent to get the URL blocked. And I've changed my Live Password.

I'm so embarrassed. This is the first time I've ever been "successfully" phished. And hopefully the last.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

DasBlog2 Theme Contest

July 4, '07 Comments [12] Posted in DasBlog
Sponsored By

We're running a dasBlog Theme Contest! As we get ready for the 2.0 Medium Trust release, we thought it'd be nice to get a few more themes together.

What do you get for your troubles? Well, you get fame beyond measure as we'll ship your theme along with DasBlog. If lots of folks use your theme and you include a link to your own blog in your theme, you could get Google Juice.

But wait, that's not all, if your theme is selected as the most awesome by the DasBlog team (the folks on the developer's list) you also get a US$100 Amazon Gift Certificate.

If you've got a great theme you want to share, or even if you just want learn How to make a DasBlog Theme, head on over to Ben's blog as he's got a writeup on how you can get started with your own custom theme, and possibly walk away with 10,000 pennies in Amazon Cash.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

How to Determine if a User is a Local Administrator with PowerShell

July 3, '07 Comments [13] Posted in PowerShell
Sponsored By

I truly must be losing it, but my intern and I fought with this simple task for at least 15 minutes today and it REALLY shouldn't be this hard.

Anyway, this is what we came up with to figure out if a user is a Local Administrator. It's not very "terse" PowerShell because the goal is (trying to) teach him so there's temporary variables.

$userToFind = $args[0] 
$administratorsAccount = Get-WmiObject Win32_Group -filter "LocalAccount=True AND SID='S-1-5-32-544'"
$administratorQuery = "GroupComponent = `"Win32_Group.Domain='" + $administratorsAccount.Domain + "',NAME='" + $administratorsAccount.Name + "'`""
$user = Get-WmiObject Win32_GroupUser -filter $administratorQuery | select PartComponent |where {$_ -match $userToFind}

$user
I Googled all over and thought about a number of ways this could be done, but this turned out to be the easiest. I'm interested if you have hit this before also and what you came up with.

Nonte that SID value for the Administrators group is a "Magic Number" that's hardcoded, but we get around that because it's always been that way and can never change. Instead I call it a "Well-Known Value" and sleep better at night.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Password should not contain any special characters, symbols or spaces

July 3, '07 Comments [27] Posted in Musings
Sponsored By

secure

When signing up for an Mvelopes Personal trial, I selected my traditional unique super secure crazy password special for this site and was told "Please enter a valid Password (Password should not contain any special characters, symbols or spaces)."

Patrick was standing with me while I tried to sign up. After we picked our jaws up off the ground he said:

"Seriously, how about a dialog box that says 'Please ensure your password is all lowercase and only contains words from the dictionary.'"

Folks, please, use strong passwords. For me, I'm going to pass on financial institutions that encourage passwords like "password" to protect my money.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.