Rick Wargo
November 18th, 2010 - 11:23pm
While doing some routine housecleaning on my MacBook Pro, I must had inadvertently removed something that caused my licensed and activated copy of Parallels 6 to stop working and request to be activated. Entering in my upgrade key in the activation window only produced a message stating it was an invalid key.
The only solution I could find was to completely uninstall my copy of Parallels 6, including all the settings, and reinstall. I requested a trial key, which I used to start the software. It then asked me to purchase, asking for a new activation key, which I entered. Because it was for an upgrade to Parallels 6, it then asked me for my Parallels 5 activation key, since the software was not installed. Fortunately I had that handy and entered it, successfully re-activating my copy of Parallels 6.
Rick Wargo
November 18th, 2010 - 03:32pm
Suddenly my (at the time of purchase) high tech, A/V receiver stopped offering audio; instead it displayed “ERROR ACK” in a flashing motion (approximately one second on, one second off) in the display. A call to Marantz directed me to a “local” authorized repair shop, about 40 miles away. With a fixed price $249 bill, it would be cheaper for me to futz with it myself or buy a replacement on eBay.
I tried to reset the receiver by pressing CLEAR and DISPLAY OFF simultaneously and holding about five seconds until you can hear the relay click. Unfortunately, this just reset my settings, but did not make the error message go away. Next, I did the unthinkable – disconnect all wires from the back of the unit (with the unit powered off and unplugged). I turned on the receiver and no more error! I believe the message had to do with one of the inputs (probably digital) having an error in the communication.
I attempted to disconnect some of the digital inputs with the unit on prior to attempting this procedure with no success. If I had to do it again, I would disconnect one at a time, each time cycling the power prior to disconnecting the input.
Rick Wargo
October 14th, 2010 - 09:35pm
Unless Facebook opts to add another factor of authentication, the recently announced one-time passwords are an easy “in” to gaining access to a Facebook account.
Currently, you are required to enter a password, something (hopefully) obscure that you know; this constitutes single-factor authentication – in this case, something you know. When you utilize the one-time password authentication password in Facebook, you are also submitting to a single-factor authentication scheme – in this case it is something you have.
Because both methods utilize only one method of authentication, they are relatively equal in strength. However, it can be argued that something you have is substantially more insecure than something you know. For example, “social engineering” is a mature practice designed to trick people into offering information they know that no one else knows. It comes in many flavors and can be quite effective, even fooling the “techiest” of people.
“Something you have” is probably one of the oldest notion of identification/authorization and has been compromised probably since the beginning of history. It is my opinion that it is easier to physically take something than to convince someone to offer personal information. So, with Facebook’s one-time passwords, if one would want to compromise an account, all that is necessary is the confiscation of someone’s phone for a very brief period of time (less than one minute). Seeing the phone of someone’s Facebook account that would be compromised, a quick grab, text, and read/remove is all that is necessary to log in to that account (within the given 20 minute window) without any knowledge of the owner.
How many people currently regard their phones as important to protect as their wallets? Next time you are out, look closely at the number of phones left at a table or otherwise readily available to be snatched.
Unless Facebook adds a second factor of authentication, don’t enable this behavior and give them your mobile phone number.
Rick Wargo
September 27th, 2010 - 07:23pm
I love to cook but don’t often blog about it. Today, I created something wonderfully delicious by accident, deserving to be in the what I learned today category. I made baked potatoes, asparagus, and sauteed broccoli rabe as my dinner, and was content to eat each individually, but, after I finished with the innards of the potatoes, leaving the yummy skins, I decided to put the veggies in the potato skin and eat it like a sandwich. The result: amazing. Read on for the recipe; there are some steps which add to the flavor of the dish.
Rick Wargo
September 14th, 2010 - 10:56am
WebMatrix is a great tool for introducing a variety of powerful web platforms to a developer. I decided to check out DotNetNuke and used WebMatrix to install it. Unfortunately, it could not create the database and thus the installation failed. It is using SQLExpress, version 10.0.2531, better named SQL Server 2008 SP1.
This version of SQLExpress ships with Windows authentication only and the sa login disabled. So, prior to installing DotNetNuke using WebMatrix the server must be set up for Mixed Mode authentication and a known password must be given to the sa account. Additionally, when creating a password for the dnnuser account, ensure the password supplied meets the password policy specified in SQL Server. These precautions are easily set using the SQL Server Management Studio, but can also be done via the command line using osql.
Turning on Mixed Mode Authentication is much easier using SQL Server Management Studio, but can also be done by changing the registry as described in the Microsoft Knowledge Base Article 325022 – scroll down to where it reads “Turn on Mixed Mode Authentication after you install MSDE“.
On the machine running SQLExpress and logged in as an administrative account, start a SQL shell with the osql command (in a cmd shell).
C:\> REM -S specifies the server and -E authenticates with your Windows account
C:\> osql -S .\SQLExpress -E
1> -- change the password for the sa account, remember it needs to be complex
2> sp_password @new='P@ssw0rd!', @loginame='sa'
3> go
1> -- an alternative method to change the sa password
2> alter login sa with password = 'P@ssw0rd!'
3> go
1> -- enable the sa account
2> alter login sa enable
3> go
Finally, SQLExpress needs to be restarted. This can be accomplished on the command line, running as a user that has privileges to restart the server.
C:\>runas /user:Administrator "net stop MSSQL$SQLExpress"
Enter the password for Administrator:
Attempting to start net stop MSSQL$SQLExpress as user "COMPUTER\Administrator" ...
C:\>runas /user:Administrator "net start MSSQL$SQLExpress"
Enter the password for Administrator:
Attempting to start net start MSSQL$SQLExpress as user "COMPUTER\Administrator" ...
When this all has successfully completed, start WebMatrix and create the DotNetNuke site. Remember to use the password previously supplied for the sa account and to use a password that meets the policy restrictions enforced on SQL Server, otherwise the database will not be created.
