Error 0x8002007 installing Security Essentials

Good one this! If you’re trying to install Microsoft Security Essentials and it crashes out with Error 0x8002007, clicking on the Help link doesn’t really help.

If you read the technet blurb it relates to the Windows Update service not working, and if you believe this you’re going to waste a lot of time trying to repair it. I did. But the solution was really simple.

If you’re using Windows XP the Microsoft site will give you the Vista/Windows 7 version by default! Hunt around for the Windows XP 32-bit version, download that and it’ll probably work. Just don’t click the “Download Now” button because it doesn’t check which one you need – or give you the choice.

Some genuis programmers at Microsoft didn’t bother to check the version number as soon as start to run the installer. I wonder why not.

The one you get by default is:

mssefullinstall-x86fre-en-us-vista-win7

The one you probably want is:

mssefullinstall-x86fre-en-us-xp

The Church vs the Establishment

The Bishop of Willesden, Pete Broadbent, has said the marriage of our future King (and his future boss) and Kate Middleton would “last about seven years”. He went on:
“We need a party in Calais for all good republicans who can’t stand the nauseating tosh that surrounds this event.”

I always thought the church took marriage seriously, but apparently not.

His employers, the Church of England, have said he was acting as an “individual”. ‘sfunny, I thought he was a bishop.

He’s since apologised. So that’s all right.

On the same day, the Bishop of Manchester, Nigel McCulloch, has complained to Ofcom that News Corporation’s full takeover of Sky “might lead to a harmful concentration of media power”.

I wonder – is he an individual or a bishop?

But Rupert Murdoch is confident that the takeover will not damage competition. So that’s all right.

 

Google is innocent (ish)

So Google’s streetview cars have been driving around harvesting people’s email passwords have they? Well this is probably true. Let’s sue/fine/regulate them!

Actually, let’s not. They haven’t done anything wrong. What Google’s surveying vehicles did was record the wireless Ethernet radio activity as they went along, to get an idea of where the WIFI hotspots are. This is a really useful thing for someone to have done – there’s no other way to find out what’s really where than by doing a ground-level survey.

In order to determine what kind of service they’re receiving you need to record a bit of the traffic for analysis. If it’s a private service, this traffic will be encrypted so it really doesn’t matter a jot – they’d be mostly recording gibberish. If it’s an open, public service they’d get the clear text of whatever happened to be transmitted at the time if the luser’s weren’t using application-layer encryption. If some technological dunderhead decides to do a radio broadcast of his unencrypted passwords, Google (and anyone else in the vicinity) will end up receiving that too.

Look at it another way – if someone wrote their password on a big sign and stuck it in the front of their house, anyone walking down the road couldn’t help but capture it. Are the pedestrians doing something wrong, or is the owner of the house an idiot?

It’s no good the idiots bleating on about Google. That won’t give them brains. It might, however, give them some of Google’s money and this could be the real motive.

The Information Commissioner, Christopher Graham, has come up with some surprising statements about Google. But on review, they’re only surprising to someone understanding the technical issues here. Does this mean Graham is a technological klutz? It’s one theory – at times it seems like everyone the government appoints to deal with technology requires this as a qualification. However I think it’s far more likely a case of bowing to media/political pressure on the subject and wishing to be seen to be doing something about it.

Then, last Friday, Google signed an undertaking with the Information Commissioner’s Office to train their staff that they mustn’t do naughty things (just in case they were ever tempted). In return for this the ICO promises to leave them alone. Read it for yourself – it’s only three pages long.

http://www.ico.gov.uk/~/media/documents/library/Data_Protection/Notices/google_inc_undertaking.ashx

What’s sad about the whole affair is that the ICO is, first and foremost, a political/media driven entity even if there are some level heads at work behind the scenes. But what a waste of time and money…

Crude Awakening plans to block oil refineries

So who are they? Part of the international Climate Action Justice network, but the group currently blocking the Coryton refinery are probably just an affiliated bunch.

Crude Awakening Coryton DemoThis idea is nothing new – people have been organising high-profile protests against oil dependency for some time. But what is “oil dependency”? Basically, it’s the tendency of politicians to favour the oil industry against all common sense.

One obvious example of this is the motor industry, which enjoys protected status in order to furnish votes. Look what happened when the economy crashed in 2008 – subsidies to the motor industry to “protect jobs”. If Gordon Brown and friends were simply interested in finding employment for redundant motor industry workers they’d have spent the money on building something useful, like cycle lanes or wind turbines. But no – bail out the motor industry as people like cars, and hope no one notices how hypocritical this sounds from a New Labour twittering on about the environment while using it as an excuse to raise taxes.

Other high-profile groups involved in this kind of thing are Plane Stupid and Climate Camp , although this lot are clearly more confrontational about it. If you want the other extreme there’s the World Naked Bike Ride. These are all groups who have woken up to what “Oil Dependency” really means – pollution, congestion, war, greenhouse gasses and political dodgy dealing to secure supply. Would certain countries get away with what they’re doing if they didn’t the off-button the oil supply?

As yet, however, none of these are a political force to be reckoned with. Blocking an oil refinery will get the issue in the news, if they handle things properly, but will David Cameron sit up and take notice?

So good luck to Terri Orchard and her merry bunch (not all-women as reported in the press). From what I understand, Coryton is only the first refinery on the list, and they’re planning to cover a lot more if they can. If this proves correct, I’ll be glad I ride a bike.

Oliver Drage makes mockery out of RIPA

Oliver Drage, suspected trader in child pornography, has just been sent down for refusing to disclose the password he’d used to encrypt his PC. This is an offence under RIPA (the Regulation of Investigatory Powers Act 2000). So if you’ve got something dodgy on your computer, you’ll get locked up whether or not the cops can decrypt it (or you’ve lost the password).

A spokesman for Lancashire police was pleased: “Drage was previously of good character so the immediate custodial sentence handed down by the judge in this case shows just how seriously the courts take this kind of offence.”

Really. Drage is going to gaol for sixteen weeks  (read “two months”) . How long would he have been locked up for if he’d given them the password so they could decrypt whatever it’s alleged he was hiding? Five years? Ten years? Lock up and throw away the key?

This is not what I call “taking it seriously”.

The penalties under RIPA for not disclosing passwords are far lower than the likely sentence assuming someone’s been up to anything of interest of the authorities in this way. They don’t take it seriously at all.

Comment spam from Volumedrive

Comment spammers aren’t the sharpest knives in the draw. If they did their research properly they’d realise that spamming here was a stupid as trying to burgle the police station (while it’s open). You’ll notice there’s no comment spam around here, but that isn’t to say they don’t try.

Anyway, there’s been a lot of activity lately from a spambot running at an “interesting” hosting company called Volumedrive. They rent out rack space, so it’s not going to be easy for them to know what their customers are doing, but they don’t seem inclined to shut any of them down for “unacceptable” use. For all I know they’ve got a lot of legitimate customers, but people do seem to like running comment spammers through their servers.

If you need to get rid of them, there is an easy way to block them completely if you’re running WordPress, even if you don’t have full access to the server and its firewall. The trick is to over-ride the clients Apache is prepared to talk to (default: the whole world) by putting a “Deny from” directive in the .htaccess file. WordPress normally creates a .htaccess file in its root directory; all you do is add:

Deny from bad.people.com

Here, “bad.people.com” is the server sending you the spam, but in reality they probably haven’t called themselves anything so convenient. The Apache documentation isn’t that explicit unless you read the whole lot, so it’s worth knowing you can actually list IP addresses (more than one per line) and even ranges of IP addresses (subnets).

For example:

Deny from 12.34.56.78
Deny from 12.34.56.89 22.33.44.55
Deny from 123.45.67.0/24

The last line blocks everything from 123.45.67.0 to 123.45.67.255. If you don’t know why, please read up on IP addresses and subnet masks (or ask below in a comment).

So when you get a a load of spammers from similar IP addresses, look up to see who the block belongs to using “whois”. Once you know you can block the whole lot. For example, if you’re being hit by the bot using Volumedrive on 173.208.67.154, run “whois 173.208.67.154”. This will return:

NetRange: 173.242.112.0 - 173.242.127.255
CIDR: 173.242.112.0/20
OriginAS: AS46664
NetName: VOLUMEDRIVE
NetHandle: NET-173-242-112-0-1
Parent: NET-173-0-0-0-0
NetType: Direct Allocation

<snip>

If you don’t have whois on your comptuer (i.e. you’re using Windoze) there’s a web version at http://www.whois.net/.

In the above, the CIDR is the most interesting – it specifies the block of IP addresses routed to one organisation. I’m not going in to IP routing here and now, suffice to say that in this example it specifies the complete block of addresses belonging to volumedrive that we don’t want – at least until they clean up their act.

To avoid volumedrive’s spambots you need to add the following line to the end your .htaccess file:

Deny from 173.242.112.0/20

If this doesn’t work for you the the web server you’re using may have been configured in a strange way – talk to your ISP if they’re the approachable type.

I have contacted Volumedrive, but they declined to comment, or even reply; never mind curtail the activities of their users.

This isn’t a WordPress-only solution – .htaccess belongs to Apache and you can use it to block access to any web site.

Perhaps there’s some scope in sharing a list these comment spambots in an easy-to-use list. If anyone’s interested, email me. This is a Turing test :-)

Why and how to hack a mobile phone

Anyone outraged that News of the Screws journalists have been “hacking” in to mobile ‘phones needs to get a grip on reality. They’re investigative tabloid journalists; what do you expect them to be doing?

To call it “hacking” is grossly overstating the case anyway – what they did required no technical knowledge other that that available in any playground in the country. All you need to do to retrieve people’s voice mail messages is dial their number, and when you get through to voice mail, enter the PIN. Most people leave the PIN as the system default.

You might argue that this is a gross breach of privacy and so forth. But it’s no more so than camping out on someone’s doorstep to see who goes in and out, following them, or tricking them into telling you something they wouldn’t if they knew your were a journalist.

New Labour was very keen to suppress the traditional liberties of the population in general and passed various dodgy laws to protect the lives of the guilty from prying journalists. In 2000, listening to other people’s voice mail was made a specific offence. “And quite right too!”. Wrong! It’s just another example of those in power making it difficult for us to check up on what they’re doing. We have (or had) a free press with a tradition of snooping on politicians, criminals and anyone else they wanted to using whatever means, as long as it was “In the public interest”.

Journalists are also out to sell papers, so the “public interest” defence is often strained to its limit, or broken. However, it should remain as a defence in a court of law and people should be able to argue their case there. It should be all about intent. But New Labour had other ideas.

People are uneasy about voice mail because it’s technological, so lets look at another example.

Suppose a journalist was camped outside someone’s house, noting down who came in and out. Another invasion of privacy, but right or wrong?

Well that depends – if it’s some innocent person then the journalist will probably end up throwing the notes away, so no harm done. If someone uses information collected in this way in the pursuance of a crime (e.g. Blackmail), that’s another matter, but journalists don’t do that.

Now supposing the journalist is investigating a suspected terrorist, and checking up to see who they’re associating with – or even a politician associating with a known crook. Clearly this information in the public interest.

It’s all about intent.

You could argue that investigations of this nature shouldn’t be carried out by private individuals but should be left to the security forces. That argument doesn’t bear scrutiny for more than a couple of seconds. The public needs the right to snoop as well as the government agents – anything else is known as a ‘police state’

As to the current difficulties – anyone who knows anything about the press will tell you that these and many other tricks are employed as a matter of course, although journalists won’t make a big noise about using them. It’s conceivable that an editor like Andy Coulson would neither know nor care exactly what his investigation teams were doing to come up with the information; you don’t ask. It’s also inconceivable that only the hacks on the News of the World had thought of it. Sources need protection.

It’s clearly a political stunt by old new Labour. Could they be upset that the press, including Mr Coulson’s old rag, turned against them? They used to be friends with the News of the World. At the time of the original scandal, it appears that the first politician to call Andy Coulson to commiserate with him about having to resign was none other than Gordon Brown. Apparently he went on to suggest that someone with his talent would soon find another job where he could make himself useful. (Source: Nick Clegg at today’s PMQs).

In defence of TalkTalk

The ICO has just had a go at TalkTalk for snooping on their customers. Hmm. I wouldn’t be a TalkTalk customer if they paid me so I’m not bothered on that score. But I’m also not worried because I can’t see they’ve actually done anything wrong in this instance.

What they’re accused of is harvesting the URLs of web sites visited by their punters. Reality check: networks log traffic anyway. It’s necessary for maintenance and optimisation. All managed networks do it, all the time. The system the ICO is making a fuss about simply collects the URLs and then sends a malware scanner to the site to check for dodgy stuff so it can blacklist the URL in future.

You can’t scan the whole web for malware; it’d take too long by a spectacular margin. Scanning the relatively small subset of URLs your customers are actually accessing is as good a way of directing your effort as any.

So why’s the ICO making the headlines? Just to show they’re on the ball, I suppose. And TalkTalk makes an easy target. This is probably the first time ever I’ve defended them on any issue.

DVLA tax disc renewal problems

Like most New-Labour government computer systems, the DVLA is broken. I don’t just mean it’s propensity for making mistakes – I mean it’s systemically flawed.

It goes something like this…

You buy a car in March and keep it for, say, four years (i.e. until it requires an MOT). The Tax Disc will expire at the end of February, as does the MOT and insurance. You’re expected to buy a new tax disc in advance – it should let you buy one from the 5th day of the month it’s due to expire. But it won’t – it says your MOT and insurance are about to expire (which is true, they’re bound to). So you get your MOT a couple of weeks early (wasting a couple of weeks of MOT time) and persuade your insurance company to insure you for eleven months instead of one year, or some such fiddle, to get the renewal dates out of alignment.

Why should you be forced into this performance? Life’s too short to argue, but any fool can see the system is flawed.

Couple this with the fact that they can’t organise a computer system properly and you have big problems – as I do now. The DVLA computer reckons my car isn’t insured. My insurer (of fifteen years) says it was renewed as usual at the start of the month, and can’t understand why the DVLA is having problems registering it.

You can call Swansea on 0300-7906802 if you actually need to speak to a person, although they’re not keen on giving this out, preferring the premium rate automated system numbers. I did this and was advised that I couldn’t drive my car now that the tax had expired, and that the government computer system responsible for the error wasn’t their responsibility. I could, if I wished, drive to the nearest post office issuing manual tax discs and they might be able to help – apparently they can now take faxed documentation but I bet they don’t know that! Anyway, how am I supposed to drive to the nearest Post Office if I don’t have a car.

To cap it all, they said they wouldn’t actually fine me for not renewing or declaring the vehicle off-road for 14 days. That’s big of them!

I asked about who to appeal to concerning DVLA problems and got the email address for their customer services department. I don’t I’ll get much satisfaction. My MP shall be hearing about this, although he’s not morally responsible for New Labour computer systems.

I think it’s time something was done about the DVLA, and would be interested in hearing about people having similar problems.

NHS Direct is unwell

NHS Direct has the skids well and truly under it. Vandalism! Cutbacks! Distruction of the People’s NHS cries Labour.

But what was it all about? If you were ill, you were supposed to call NHS Direct and they’d tell you what to do about it – generally “Get the down to A+E or your GP service to check it out.” If you, or your child are ill, this is what you’re going to do anyway.

Having an telephone helpline for discussion of medical matters is a good thing, especially for anyone without any books on the subject or access to the Internet. Apparently this is just what we’re getting instead – it’ll be cheaper than having medically qualified on the end asking the questions and then suggesting a personal visit anyway. “Civilians” cand do that, as long as they’re briefed not to overstep their remit.

GPs came out against NHS Direct yet again in June, so presumably we’ll be hearing they’re pleased with the result. No one I know has every had much joy in calling them, although the “worried well” may have had some comfort – or had their hypochondria fueled. It’s just New Labour, upset that the new government has stopped paying for their gimmick. As to the staff that’ll be made redundent, apart from the management consultants they’re generally qualified nurses answering the ‘phone. Don’t we need more nurses actually nursing to the extent we’re importing them from the third world? I don’t see a problem with them being redeployed.