piranha: red origami crane (Default)
you probably don't need this advisory, because you better know what you're doing.

microsoft has released a patch for the latest security problem. if it's not coming down the pike for you automatically, read the release bulletin, which will also point you at the update centre where you can download it. note that contrary to lots of suspicion in the blogosphere this doesn't appear to require upgrading either from windows 98/ME nor from XP SP1.

if you followed the directions in the post i pointed at, you should now uninstall the unofficial patch (from control panel -> add/remove software). you can do so either before or after installing M$'s patch.

the state of the piranha: cranky, tired, but not unhappy per se, just mired in tedium. i've been incessantly fighting with my system, trying to get my video card driver upgraded to handle a newer version of openGL for a new piece of software to run adequately, which is a horrid chore -- install a driver, reboot, find out whether it works, uninstall, reboot, rinse, lather, repeat. dear toshiba: you suck. just because nvidia's reference drivers rule doesn't mean you should have just fallen down on the job of keeping a finger on the pulse. so now they no longer support the card; how about you do?

this explains my absence in IM. i am not keeping up with LJ or email either; sorry everyone. but all this rebooting is getting me to pare my startups down. ghod, how overloaded windows gets with crap that people decide should all run at startup time. ASK ME whether i want it or not! period cleaning; not just for spring anymore.
piranha: red origami crane (Default)
the last year ended with a major vulnerability in M$ windows, and the new year starts with snowballing pieces of malware out there exploiting it. if you haven't heard about the "WMF exploit" yet, get yourself to this link and follow the instructions to apply the unofficial patch and deregister shimgvw.dll -- this is really serious, and you won't even be safe if you don't run IE or outlook, which are the usual vectors for such crap. this can hit you through other browsers as well. website for the unofficial patch, which might be more up-to-date than the first link by the time you're reading this. remember that you did this, when M$ comes out with their official patch, you'll want to undo both these changes.

generally it's a good idea to have Windows Data Execution Prevention turned on, which keeps data from executing in areas already marked as storage (which is how buffer overflow exploits usually work). in XP SP2 you do that via start -> control panel -> system, tab advanced, performance region settings button, tab data execution prevention, radio button Select Turn on DEP for all programs and services except for those I select. you don't have to add anything there unless you're debugging code. reboot after applying changes (one reboot for all 3 actions, the two above and this one will do :).
piranha: red origami crane (Default)
XP service pack 2 quietly limits the TCP-IP stack to 10 simultaneous connection attempts. ostensibly this was done to avoid the spreading of worms, which is all good and well -- except that i fucking want to be TOLD what is being done to my system, and i want to be given the option to ignore microsoft's idea of "best practices". i know, this must be so hard for bill to believe, but some of us do know what we're doing with our systems, and -- *gasp* -- we actually know better than him!

that limit is a problem for any applications that open a lot of TCP connections -- such as p2p programs. it'll slow them down. why is that so? TCP connections are initiated with a 3-way handshake: the client sends a SYN packet, and waits expectantly for a SYN and ACK response from the server. once the client gets that, it sends back an ACK. as long as the initial response from the server hasn't been received, the connection is "half-open", and the client waits for a certain period of time before giving up (and trying again a bit later). limiting the number of half-open connections means any further attempts to initiate a connection are put into a queue and have to wait their turn. windows will also consider writing to the event log. all of this takes processing time away from actually exchanging data.

if your system event log contains several 4226 events each day, this is happening to you. there is alas no registry fix, but you might want to grab ahold of the patch that's available; it allows you to raise the limit. the defaut of 50 should work fine, and still provide protection against the fast spreading of worms (if you are worried about that), but you can rerun the patch with a higher limit if you still find a lot of 4226 events in your event log.
piranha: red origami crane (Default)
sometimes i am slow. i recall hearing some vague comments about windows screen font smoothing, but i never paid any attention. today, while checking out font managers, i came across what is called "cleartype font smoothing", turned it on, and let me tell you, I CAN SEE!

it has improved my screen quality amazingly. pages from certain sites (frex the guardian) which i previously needed to switch over to viewing with my own font, are now perfectly legible. everything is much more defined, sharper, with better anti-aliasing. smaller letters especially. it's beauteous.

it's meant first and foremost for LCD displays, but allegedly it also improves matters for many people with CRTs. if you want to try it (instructions for winXP):

right-click on your desktop, pick "properties", appearance, effects. second drop-down menu (for smoothing the edges of screen fonts), pick "cleartype", OK, OK, enjoy. there is some fine-tuning you can do by downloading a tuner from microsoft.

i only hope this doesn't mean a real performance hit.


piranha: red origami crane (Default)
renaissance poisson

July 2015

   123 4

Most Popular Tags

Expand Cut Tags

No cut tags


RSS Atom