For the purpose of this article and code samples, I'm going to show how to write the test for a simple login page.
The login page only has three elements we care really care about at the point; the username field, password field,
and the "login" button. The plan here is quite simple: Open the page, type in the user name, type in the password,
then click the "login" button, and make sure that we got past the login page and on to the next page of your site.
Version 1.1 of Job Application Db has just been released. This app for your Android phone is a tool for job seekers to keep track of the jobs you have applied for. Simply add in company name and job title, and you will never wonder if you applied for that job.
Working in a one man team doing app development for Android is not as easy as it would seem. Without the distractions and interactions of other team members, one would think it would be a simple matter of just moving forward.
The first Android App from HansenOnline is now live on the Play Store. This is a simple app that lets you keep track of your Trophies (PS3) and Achievements (XBox) from the game.
While this is a minor project at this time, I hope to be able to add some more features to the App, but since I have other ongoing projects, I cannot make any promises as to when there'll be an update.
The new front page design has been worked out, which will hopefully be pleasing to everyone. Still some more changes to come, but sorting out one thing at a time.
Some new content will be forthcoming. I've been working a little bit today to add a new template for posting articles, etc., as well as integration with social media. Some other design changes may also be forthcoming.
Ok, so that was a long break. Very unintentional. Server has been moved on to new hardware, and that is all very exciting. Hopefully all the links still works, I haven't been able to double-check them all before making the new server live.
There should be some new content coming up shortly.
I spent quite a while searching for a solution to this one, but couldn't find anything that didn't mean a complete uninstallation of the software.
It appears that the management software for some of the WWAN (aka wireless broadband) may cause an application error with any program that accesses any network connection. The error is "Memory could not be read: 0xnnnnnnnn at 0x00000ba0".
After threading through AT&Ts customer service one department after another, I finally found someone with the answer. As soon as I said what the error was, he was "oh yeah". And now I'll share the solution with you:
Uninstall the ByteMobile part of the management software. In the AT&T version of the software, go to the Tools menu, pick "Settings", then the Acceleration tab, and click "uninstall". Reboot, and the error is gone.
Note that if you've had the software on for months and have added and removed a ton of stuff, this may not work. In that case, a complete reinstallation of the IP stack may be necessary. This can be done with "netsh" like this:
netsh interface ip reset
netsh winsock reset catalog
This will bring your IP stack back to where it was when the OS was installed. If you have installed any software that adds any LSPs or latches onto the stack in any way (VPN software, firewalls, malware software), this will have to be re-installed.
I found some more information about the certificate issue when configuring Radius in Windows. There's more information in the WLAN Radius article. But, this may solve the issue for those of you who have had issues with setting up IAS due to a missing certificate. I will test this in the coming week (depending on my schedule), and I'll report back.
UPDATE: The server that I intended to use for a test machine to see that this really works have unfortunately been retired "for parts", so I won't be able to verify these findings.
Not unlike many others, I've run into the occasional issue with using Windows Update along with WSUS. Recently, one computer started showing 0x80244010 errors in the WindowsUpdate.log file.
Judging from all the results I found on google, I'm not the only one with this problem, and it appears that there's several solutions based on what the source of the problem is.
One solution points to an issue with http.sys on the Windows server, which causes a connection issue. One would think this would affect all or most clients, and not a single client. However, I downloaded the update (MS KB898708) and installed it on the server, but the one client still reported the same issue.
Another solution, is to delete the SoftwareDistribution folder in the Windows folder and start up the Automatic Update service again. This will rebuild the local database and clear out any corruption. No good for me.
Third suggestions I found pointed towards WMI, and the suggestion was to stop the WMI service, then delete the Repository folder in Windows\System32\WBEM. I tried this too, but no luck.
I also downloaded, manually, the newest Windows Update agent, rebooted and tried again. Still no luck.
Then I came across a discussion thread on techarena.in where I found my solution: I had to re-register the msxml files, and there's three of them; using regsvr32 on each of the three files msxml.dll, msxml2.dll and msxml3.dll did the trick for me. Once I forced another detection (wuauclt /detectnow), the client properly checked in with the server, downloaded the updates and allowed me to install all the updates.
It turns out that the people at the BlackHat conference that showed how to hack a MacBook in 60 seconds used a third party wireless card and driver, and that the flaw they exploited was related to this card/driver, and not the MacBook itself.
Gee, if you can't trust the people at the BlackHat Conference, who can you trust?
So, you thought that Macs were secure? Sorry, but this article at DailyTech says otherwise.
Newsfactor.com has an interesting story on the increasing threat of spyware.
Microsoft have decided to enter the Anti-malware market with their security suite that contains anti-virus, anti-spyware, a firewall, a tune-up module and a new backup/restore solution. Sounds good so far, but what does all this do, and how well does it do it? Lets find out.
Children often go "whats yours is mine, whats mine is mine". AT&T now follows suit. Those records with your personal information are now AT&T property, to which they can do whatever they want.
Ernst & Young just awarded Freeze.com with the "Entrepreneur of the Year" award for distributing spyware and adware with their screensavers. There's really nothing worse than a big name like E&Y validating the methods used by companies like this. Chalk one off for the bad guys and shame on E&Y. The people over at the Sunbelt blog isn't happy either.
I know I promised some details about this. I haven't had time to put something together yet, but at least I can confirm that it does in fact detect viruses.
The question is, will anyOneCare? I'm currently testing Microsofts all in one security offering, and apparently, my computer is "at risk" ... I'll have more details coming up at the end of the week.
Stopbadware.org, a campaign coming out of Harvard Law School's Berkman center and Oxford University are taking aim at fighting "Badware". With backing from heavy hitters like Google, Lenovo and Sun Microsystems, hopefully they'll be able to make a positive contribution to the fight against spyware, adware, viruses and other malware.
Brian over at clearware.org have come up with some symbols to help making sense of EULAs. Hopefully, something like this will be adopted by software makers to make it easier for people to understand what they are agreeing to.
Along with two recent government data leaks, Congress is now moving to weaken disclosure requirements, leaving it up to the organization that exposed your data to decide if the risk of identity theft is great enough to bother notifying you. For the full story, check this infoworld.com article.
Some small changes to how entries are made. They'll be labeled with a general topic as well as a short title. The header also looks slightly different to distinguish it from older entries.
Here's a story that probably took a different twist than initially intended. A lost cell phone causes too much trouble for too many people. Check out the Stolen Sidekick website.
CipherTrust offers a toolbar that will integrate with Outlook or Lotus Notes. The plug-in promises to "empower end users to thwart spam, phishing and fraud and safeguard legitimate mail." Sounds like a very handy tool considering the amount of spam and phishing attempts that ends up in my inbox. So, the question is: does this plug-in deliver on this promise? Will it keep spam and phishing out of your inbox?
But, before I answer that, a little bit about how this plug-in works. The plug-in uses as similar method to that used by blacklists such as spamhaus.org (which I use for blocking mail on my server). It performs a DNS query against a specific DNS server, and based on the answer, it will classify the message as good, bad, or undetermined. The query contains the IP address of the server that delivered the message, as well as a hash of either the message itself or at least parts of the header. This sounds like a reasonable way to determine who sent the message, and to check if there are records of people saying it is spam. When you press the button on the toolbar to report something as spam, the toolbar will send a hash of the e-mail to Ciphertrust, and with enough people reporting the same message as spam, it will eventually end up being reported as such.
Unfortunately, it's not the right tool for the job. It doesn't do any screening of your e-mail before it is presented to you. It doesn't move anything to your junk mail folder unless you tell it to. The lookups for determining if the message should get a green, happy face (not spam) or a red, sad face (spam) takes too long. And, Outlook is locked up while the process takes place. Any attempt to move on to other messages will have to wait until the process is complete, and then Outlook will perform all the tasks it has queued up while waiting. I hope you didn't hit "delete" a number of times, because you may just have sent a number of messages to the garbage. In addition, Outlook takes a considerable longer time to start up, and I've experienced difficulties closing Outlook when the plug-in is installed, as well as some slight corruption issues with my mailbox.
Based on this, the CipherTrust TrustedSource Toolbar get a failing grade. The spam filter that comes with Outlook does a much better job without the extra hassle. Pass on this, and better luck with version 2 for CipherTrust.
I'm going to do a partial retraction of that I said about Windows Defender earlier.
Windows Defender uses Automatic Updates to get new signatures, and this does indeed work with WSUS. The reason why I couldn't get it working was because I couldn't find "Windows Defender" as a product to download anything for in WSUS. It appears that Microsoft have put it in the same grouping as all their operating systems (it's listed under "Windows"). Once that is selected, along with "definition updates", new definitions for Windows Defender will indeed be made available on the WSUS server. So, this is good news for organizations that have WSUS set up, but not necessarily good news for everyone else.
Relying on Automatic Updates may not be the best way to go for such as product. I know that Microsoft wishes that everyone used it, and had it configured to do everything automatically, but that's hardly the case.
So, over all, Windows Defender goes from a C to a A-. It gets points off for the interface redesign, yet it remains one of the best, free AntiSpyware solution available today.
Microsoft have updated their AntiSpyware solution, and renamed it "Windows Defender". But, is it a step in the right direction? I think not.
Having tested Windows Defender on a couple of computers, I am not impressed with the results. First of all, where are the updates? It comes with a set of definitions, and in over a week, it has not been able to get any new updates beyond the set that comes with the installation. Not good enough.
Although the solution have more or less the same features, the new interface is actually rather drab. The main screen is just a big empty space. Along the top, there's a warning that I haven't updated the signatures in over 30 days (not for lack of trying!), and on the bottom, it gives me the date and version of the signatures. In the big space between, there's just nothing. The scanning screen is more of the same. Scanning progress on the top, and I assume that it will list found items in the empty space, but I didn't have anything for it to find... The system explorer has been moved from a nice list of available to explorer to a single drop-down list. Lots of blank, empty unused space yet again. Why is this program taking up so much of my screen if it's not using it?
It is possible that since I'm using WSUS for updates that this may interfere with the update process, but my WSUS server have been configured to download new "signatures", but nothing is ever found for the Windows Defender.
So, before you move ahead to test this product, make sure you have the installer for the Microsoft AntiSpyware handy, because chances are, you'll be going back...
Tired of having a computer that sounds like a jet engine? Try HansenOnlines new line of quiet PCs, built with quiet and quality parts.
The newest version of the Linksys WAP54G firmware was released back in November. For those of you who haven't upgraded, you should note that you may lose your settings when you do upgrade. For some reason, mine remembered the old SSID, and went from WPA-Enterprise to no security at all. Make sure you properly document all your settings.
After 4 1/2 days of very high activity, it seems that the probing of ports 1025 and 1026 have returned to normal.
On Saturday night (01/07) the number of port probes suddenly quadrupled. It went from around 40/hr to over 160/hr. The massive increase is on port 1025/udp and 1026/udp, going from less then 50 and over 500 respectively (per day) to around 2000 each, per day.
Found myself listening to Diamond Dave on the radio this morning. Pretty funny stuff. Certainly funnier than anything Stern dished out in the last few months on broadcast radio. The question is, can he keep it up? Today, he had big time help from his uncle Manny.
Yeah, if you ever run into this article at microsoft.com when IIS just won't let go of your IP addresses and you can't tell a subkey from subway from a dword value ... Here I am with the answer: If there's no ListenOnlyList found under services\http\parameters, then you got to make your own. If you Google for it, everyone will point to the MS Article, which is close to useless... Here's the real answer: Create a multi-string value named "ListenOnlyList" in the mentioned key (...\services\http\parameters), then modify the value to include the IP address and port number you want the server to listen on, like this: "192.168.11.11:80" (without the quotes). If you need to add more, just keep adding lines.
Article in configuring a Group Policy to deploy wireless configurations to computers in Active Directory has been published today.
Security software (anti-virus & anti-spyware) can be compared to a safety belt. It will protect you against most accidents, but it should not be considered a license to drive recklessly. Check to make sure that you are getting timely updates of signatures for all your security software, and check that your software is actually working!
Computers from most major brands only come with a 90-day trial version of anti-virus software. Too many people think that this is enough to keep them safe. It is not! You have to purchase that license to get the updates, or switch to another AV solution after those 90 days are up.
With the rather hostile Internet we have today, everyone should have (or must have) Anti-Virus software and Anti-spyware software. It doesn't even have to cost any money. There are free solution for personal use, such as AVG Anti-Virus and the Anti-Spyware solution from Microsoft.
Make an effort to protect your computer and your identity. Update your software today!
Clicking on the port probe image in the top right corner will now give you year-trend picture that'll show the rather disturbing trend in port probes over the last year.
Although not quite the same as the Dow 10K issue from 1999, I almost ran into a similar issue myself. The program that reads the firewall log files and does all the counted was set to use only 4 digits when printing the result. Luckily, changing to 5 digits is easy enough, and that doesn't seem to have any undesirable affect on the code on this page. But, who would have thought that I would get 10,000 hits on a single port in a single month?
I just got an e-mail from the "HansenOnline Support Team", telling me that I have successfully updated my password. Funny, because I am the "Support Team", as well as everything else. [view image]. Of course, it's just another worm, and I'm not going to open the attachment to see which one...
Seems my server needs a reboot every six months or so. Hope nobody got kicked off when downloading any of the videos...
If anyone have run into the nasty Aurora spyware, which is such a pain to remove, here's how to get rid of it... standard disclaimer: works every time for me.
That's it! You will get a warning when rebooting that access to nail.exe is denied, but that's the point. If nail.exe can't start, then it can't re-insert itself into the registry, and all the other parts of Aurora will also be benign. Run a scan with your favorite spyware scanner to get rid of some leftover files, and Aurora is gone from your system.
I've added a new video from GT4. This is a short one, only about 1:25 long. Should be a quick view.
Older messages have been moved to the archives page.