Jeff Rivett has worked with and written about computers since the early 1980s. His first computer was an Apple II+, built by his father and heavily customized. Jeff's writing appeared in Computist Magazine in the 1980s, and he created and sold a game utility (Ultimaker 2, reviewed in the December 1983 Washington Apple Pi Journal) to international markets during the same period. Proceeds from writing, software sales, and contract programming gigs paid his way through university, earning him a Bachelor of Science (Computer Science) degree at UWO. Jeff went on to work as a programmer, sysadmin, and manager in various industries. There's more on the About page, and on the Jeff Rivett Consulting site.

All posts by jrivett


Firefox

Firefox showing serious performance problems

Leave a comment

Is it just me, or is Firefox behaving more like a lead weight than a web browser lately? Since about version 26, any time I browse a media-heavy site, Firefox starts consuming all my CPU, and doing a ton of I/O. This usually calms down after a while, but it’s extremely annoying.

Sometimes the excessive CPU use is associated with playing Flash videos, in which case a task viewer will usually show that it’s the plugin container and the Flash plugin that are consuming all the CPU. But that’s not always the case.

The Flash plugin seems to crash a lot these days as well. Like every other time I play a video in Firefox. Normally, I’d be happy to blame Adobe, but I’m not convinced it’s their fault this time, because Flash is currently working fine in my other browsers.

One other annoyance in recent versions of Firefox is the way animated GIFs play. They stop, start again, play really fast, then really slow, and so on. Eventually they seem to settle down, but it takes a while.

Is anyone else seeing these problems?

Update 2014Mar11: Disabling all my add-ons seems to have resolved this problem. Now to identify which one.

Microsoft, Windows XP

Windows XP will nag you to upgrade after support ends

Leave a comment

Microsoft will prod you to upgrade your Windows XP computers after support for that O/S ends in April.

According to Ars Technica, a message will pop up on the 8th of every month, starting on March 8, 2014. Although this may be viewed as a nuisance by some users, at least the message has a “don’t bother me again” checkbox.

Microsoft is also working on making the transition easier with migration tools and a web site that tells visitors whether they are in fact running Windows XP. And they are encouraging tech-savvy people to assist friends and family with upgrading.

The Windows XP end-of-support site is a good starting point for anyone still running XP.

Microsoft, Security, Windows

Microsoft EMET protection software bypassed

Leave a comment

When a new Windows vulnerability is discovered, and particularly when exploits for that vulnerability are discovered in the wild, a common refrain from Microsoft is “use EMET”. EMET is security software that protects Windows systems from certain types of behaviour common to vulnerability-based attacks.

Installing and configuring EMET properly provides a level of protection beyond that of regular anti-malware software. Well, that was the idea, anyway.

Now it appears that attackers have found a way past EMET. The EMET bypass was discovered by security researchers at Bromium Labs and the details published in a whitepaper.

Malicious hackers are likely to start using this new information soon. Microsoft is working with Bromium Labs, but it may not be possible to prevent the bypass by improving EMET, in which case EMET will be reduced to a minor speed bump for attackers.

Microsoft, Windows 7, Windows XP

Windows 7 Pro OEM available until at least February 2015

Leave a comment

We previously posted about Microsoft fiddling with Windows 7’s lifecycle dates. At the time, it seemed clear that Microsoft would be foolish to stop making Windows 7 available to computer builders in October 2014 as originally stated.

Microsoft recently updated the lifecycle dates for Windows 7 again, and now Windows 7 Professional OEM will be available until at least February 23, 2015 (a year from today). No specific cut off date is provided on the lifecycle page for Windows 7 Pro, but a footnote states that Microsoft will provide at least one year of notice before any cut-off date is actually set.

Meanwhile, other versions of Windows 7 (Home, Ultimate) will no longer be available as of October 31, 2014, as originally planned.

Anyone still running Windows XP and planning to upgrade to Windows 7 will find that Win7 is no longer available in retail stores. And now we know that even OEM packages for all but the Pro version will stop being available in October 2014.

Mac, Security

Extremely critical security flaw may affect Macs

Leave a comment

Apple recently patched a critical vulnerability in iOS, the operating system that runs all iPhones. Now it appears that the same flaw may affect all Macs running OS X as well. So far there is no official confirmation from Apple, but security experts are warning Mac users to avoid using public networks until we know more.

Update 2014Feb24: Apple released a patch for iOS that fixes this flaw on iPhones. Meanwhile, it looks like the flaw does affect Macs (OS X). A security researcher at ImperialViolet has created a proof-of-concept test page (no longer functional). Steer your Mac web browser to that page; if you get an error message, your browser is not affected by the flaw. Vulnerable Mac browsers will see a message to that effect. Tests on my own Mac show Safari as vulnerable, while Firefox is not.

Update 2014Feb25: TechDirt has an amusing article on the surprising lack of information coming from Apple. There’s a general sense of dissatisfaction with Apple, and increasing clamour for information – any information – on how this issue affects Macs.

Update 2014Feb26: Apple has released an update for OS X that addresses this issue. OS X 10.9.2 includes several other security fixes and bug fixes.

Adobe, Flash, Patches and updates, Security

Emergency update for Flash

Leave a comment

On February 20, Adobe announced a new version of Flash that addresses critical security vulnerabilities. Security bulletin apsb14-07 describes the vulnerabilities.

We strongly recommend upgrading to this new version of Flash (12.0.0.70) as soon as possible, especially if you have Flash enabled in a web browser and you use that web browser for web surfing.

As usual, Google Chrome will update itself to the latest version of Chrome, and Internet Explorer 10 and 11 will be updated to the latest Flash by way of Windows Update.

Ars Technica has more details.

Internet Explorer, Malware, Microsoft, Security

Internet Explorer vulnerable to new attack

2 Comments

Update 2014Feb19: Microsoft has released a ‘Fix-It’ patch that apparently removes this vulnerability in Internet Explorer 9 and 10. They are expected to release a regular update at some point, but for now, if you have to use IE9/10, you should apply this Fix-It.

Ars Technica reports on a new vulnerability affecting Internet Explorer 10 and 9. Visitors to the American Veterans of Foreign Wars (VFW) web site who are using Internet Explorer will become infected with malware.

The VFW site was recently compromised, and altered to include code that loads the malware from another site. Presumably the VFW site will be cleaned up very soon, but the vulnerability in IE remains, so we can expect to see this malware being served up by other compromised web sites very soon.

Microsoft said that they are aware of the problem but there’s no word yet on a possible fix.

For now, since there’s no way to know which web sites to avoid, we recommend not using Internet Explorer at all for general web surfing.