Ben’s Blog

Archive for September, 2008

Ive been reading up a bit on USB booting. Theres a variety of reasons to do this. Some people make their own toolkits that they want readily available – some simply want to boot WinPE. Now that WinPE 2.0 comes with Vista DVD’s and the WAIK, it provides for a ready easy way to make your own set of tools.

Ill leave aside the coolness of ImageX and packaging up your own custom image – though you can easily play with this. You simply need a copy of the WAIK which is freely available from Microsoft.com/downloads, install it and you have the necessary tools to open up the boot.wim file and add your own stuff in.

So how to get it booting you ask?

Several easy steps.

1. Find a shiny new USB stick or one that you have backed up the data from

2. Format it as NTFS

3. Load up an (elevated) command prompt window

4. Run diskpart.exe and then set your drive and partition to point to the stick. Make sure you set the paritition as Active.

5. Theres a tool in Vista called bootsect.exe. Cant find it? Its on the Vista DVD itself in the Boot directory.

6. Run bootsect /nt60 <drive letter of your USB drive>

7. Copy over the Boot directory and bootmgr from your Vista DVD to your USB drive

8. Create a directory on your USB drive in the root of it called "sources"

9. Copy over the winpe.wim file from your WAIK directory and drop it into sources. On my machine its located at C:\Program Files\Windows AIK\Tools\PETools\x86

10. Rename winpe.wim to boot.wim

Youre now good to go and have a bootable USB drive with WinPE

Enjoy!!

Information concealed by the InPrivateBrowsing feature of Microsoft’s Internet Explorer 8 can easily be recovered by forensic experts, a Dutch website has found

Brenno de Winter (WebWereld Netherlands) 01/09/2008 09:11:00

A privacy feature built into the second beta version of Microsoft’s Internet Explorer 8 browser aren’t as private as advertised.

The InPrivate Browsing feature in Microsoft’s latest browser is designed to delete a user’s browsing history and other personal data that is gathered and stored during regular browsing sessions. The feature is commonly referred to as ‘porn mode’ for its ability to hide which websites have been visited from nosy spouses or employers.

Forensic experts however found it trivial to retrieve the history, according to a test by Webwereld, an IDG affiliate in the Netherlands, and Fox IT, a Dutch firm specializing in IT security and forensic research.

"The privacy option in this beta is mainly cosmetic. For a forensic investigator, retrieving the browsing history should be regarded as peanuts," said Christian Prickaerts, forensic IT expert with Fox IT.

To prevent login details, online orders and other sensitive information from leaking out, the privacy feature prevents Internet Explorer 8 beta 2 from storing any cookies. The browser furthermore refrains from storing the browsing history in the Windows registry.

But researchers were able to retrieve data displaying general information about the browser’s behavior. Although URLs (Uniform Resource Locators) aren’t stored, Prickaerts was still able to restore the browsing history. "The remaining records in the history file still enable me to deduce which websites have been visited," said Prickaerts.

Even more data is stored in the browser’s cache, a feature designed to speed up performance of websites by storing a copy of recently accessed information on a user’s hard disk. InPrivate Browsing failed to disable this feature. Users seeking a higher level of privacy could manually delete the cache, but it can later easily be retrieved through commonly available forensic tools.

The shortcomings in InPrivate Browsing put the level of privacy protection in Internet Explorer 8 on a par with Firefox 2 and 3. The open source browser allows users to delete all private data, but does that by merely deleting files. Those too can easily be retrieved. Developers have crafted plugins for Firefox which mitigate the risk of information leaks.

Microsoft’s main goal with InPrivate Browsing is to prevent other users of the same computer to gain access to the browsing history, the company said in an e-mail response. The feature isn’t designed to protect a user’s privacy from security experts and forensic researchers, the company said.

Source

Strikes will stymie online trade for Qantas, Westpac, Customs
Darren Pauli 01/09/2008 16:31:00

Planes could be grounded and banking systems disabled after negotiations failed between IBM and staff in its Baulkham Hills “Flightdeck” facility.

Qantas, Cathay Pacific, Air New Zealand and Westpac, along with government agencies Medicare and Customs, are some of the businesses that face critical IT and infrastructure outages if strikes planed for Thursday go ahead.

Workers are represented by the Australian Services Union (ASU) which has pressured IBM for employee collective agreements which include equitable pay rises, redundancy packages, penalty rates and leave entitlements.

ASU branch secretary Sally McManus said IBM has flatly refused to accept the collective agreements since negotiations began in May this year.

“They point blank refused to meet with us in May, and they refused in a meeting in May to enshrine anything in a collective agreement or agree to any pay increases,” McManus said.

“IBM told us today that they won’t negotiate or meet with us if we plan to strike, but there’s no point of meeting if they won’t move on anything.

“IBM wants everything in policy so they can change things in a whim; redundancy pay is now under review with no discussions with staff. Some staff haven’t had a pay rise in six years.”

McManus said IBM is putting the reputation of its customers at risk because they will be unable to process online transactions, including money transfers and bookings.

At the Baulkham Hills facility — known as “Flightdeck” because the rows of computers resemble an aircraft flight deck — workers maintain critical applications and continually fix errors to maintain smooth service operations for some of IBM’s biggest customers. This is a key bargaining chip for the ASU, according to McManus.

“Airport customers will face flight delays, billions of dollars may not be processed for Westpac, and Customs won’t be able to keep track of security checks, all because IBM refuses to talk to its employees,” she said in a statement.

“Every one of the IBM customers has collective agreements so I would imagine they will be pretty annoyed that their business is at risk because IBM refuses to work with us.”

The strike was agreed upon last Friday after the results of a two-week long secret ballet drew 87 percent support for indefinite strikes. The action will begin with rolling four-hour work stoppages and will be escalated if IBM “doesn’t budge”.

IBM raised objections with the Australian Industrial Relations Commission in July that the ASU should not be allowed to represent Flightdeck workers.

IBM spokesman Caspian Smith said in a written statement that it will maintain service level agreements with customers.

"We are engaged in ongoing discussions with employees at the site in question to address any issues directly, and we will continue to maintain service levels to our clients," he said.

Source