GPS Tracking is a Search!


The U.S. Supreme Court ruled today (3/30/2015) that if the government puts a GPS tracker in any of your personal effects, it constitutes a search and is governed by the 4th amendment. This is a huge win for privacy, over-invasive government and personal freedom.

You can read more about the ruling in this ruling for Torrey Dale Grady vs. North Carolina.

http://www.supremecourt.gov/opinions/14pdf/14-593_o7jq.pdf

You can also read this article on the subject by The Atlantic.

http://www.theatlantic.com/technology/archive/2015/03/supreme-court-if-youre-being-gps-tracked-youre-being-searched/389114/

Remove Unwanted SameTime Statuses


The IBM® Sametime Connect client allows you to customize the messages that show when you’re in different statuses (e.g. available, away, in a meeting, etc.). However, the interface provides no way to remove any customized messages you’ve created unless you want to “Restore Defaults” and remove all of them.

These messages are stored in a simple XML format so they are easy to edit. When you want to remove a status follow this process.

  1. Open Command Prompt.
  2. Type echo %appdata% and press Enter.
  3. The path it shows will be used in place of {ApplicationData} in the path below.
  4. Open Windows Explorer.
  5. Navigate to one of the following locations, depending on your operating system and configuration.
    1. Use the path from step 3 above in place of {ApplicationData} below.
    2. {ApplicationData}\Lotus\Sametime\.metadata\.plugins\com.ibm.collaboration.realtime.community.sametime
  6. Edit the community-config.xml file in a text editor such as Notepad.
  7. Delete the entire line corresponding to the message you wish to delete.
  8. Save the file.
  9. Exit and Restart Sametime.

Note, you should not use a program that is not text-only editor like Notepad. These could inadvertently add additional characters into the file.

NSA “Equation group” Puts Spyware in Hard Drive Firmware


Here we go again! My previous article “” showed how the NSA has been listening and recording through your mobile phone for years (“Clapper Program”) whether it’s on or off. Of course U.S. District Judge William Pauley said in a 53 page ruling that it was legal as long as they do it to everyone.

Well the NSA never ceases to amaze me. Now Moscow-based security software maker Kaspersky Labs has found spyware hidden inside the firmware of hard drives made by most major manufacturers. Those found to contain the spyware include Western Digital, Seagate, Toshiba, IBM, Micron Technology and Samsung. Experts agree that the NSA would have required the source code for the hard drive’s firmware in order to embed the malicious program in it. That’s easy though. They say the Pentagon wants a bunch of hard drives, but the NSA has to review the source code for security purposes and bingo they have the source code.

Over 30 countries have been found to be infected with the spyware including Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists.

This is now costing the US because foreign governments don’t want to purchase our hardware for fear it’s been corrupted with NSA spying technology. Peter Swire, one of five members of U.S. President Barack Obama’s Review Group on Intelligence and Communications Technology, said the Kaspersky report showed that it is essential for the country to consider the possible impact on trade and diplomatic relations before deciding to use its knowledge of software flaws for intelligence gathering. “There can be serious negative effects on other U.S. interests,” Swire said.

Russian researchers expose breakthrough U.S. spying program

C# WMI Tutorial


Overview

I recently had a project where I was writing an agent that would collect data from various servers on the network. I needed information like the server name, IP address, OS drive, free and total space on the OS drive, Windows folder and so on. In addition to this I also needed to be able to collect information on specific files on each server as well as registry information from particular registry keys on each server. This would all be consolidated into a database and referred to at a future date.

In order to gather this information I turned to using WMI (See Background & Terminology below) within a C# application. The problem is that none of the research I performed turned up very good information on how to use WMI within C# and what was available to gather from within WMI.

This tutorial will provide a step-by-step process to follow in order to use WMI. It will provide information about the tools you need, how to use them and finally how to code to get information from WMI.

Background & Terminology

This article deals with coding for and consuming WMI (Windows Management Instrumentation). WMI is a set of extensions Microsoft created to provide instrumentation (measurement) information from within Windows. However, WMI is a Microsoft-specific set of extensions that are actually built upon the WBEM (Web-Based Enterprise Management) and CIM (Common Information Model) standards developed by the DMTF (Distributed Management Task Force).

The WMI set of instrumentation comes pre-installed in all Windows 2000 or newer operating systems from Microsoft and can be downloaded for older OS’s like Windows NT, 95 and 98. It’s powerful because it can be utilized by languages like VBScript, PowerShell and .NET to manage the operating system and gather a wide variety of information on it.

WBEM Test Tool

You’re going to need to become familiar with a tool called WBEMTest. This tool is pre-installed, along with WMI, on Windows 2000 and newer operating systems from Microsoft. To run it do the following.

  1. Open Run dialog (Win+R, Start->Run, etc.).
  2. Type ‘wbemtest’ and click OK.

The following dialog will appear.

WBEMTest

There are three things we need to know before using this tool. First you must connect to a WMI repository in order to pull anything from WMI. The default namespace you’ll be using is generally “root\cimv2″. Also, similar to .NET there are classes and instances of those classes. The class itself only defines what type of information might be provided in any particular instance of that class. The instances contain the information itself. To more fully understand this we’ll run through some examples.

Example 1: Obtain Drive Information

  1. Open WBEMTest as noted above.
  2. Click Connect.
  3. Ensure the Namespace is set to “root\cimv2″ and click Connect.
  4. Click Open Class.
  5. Enter “Win32_LogicalDisk” and click OK.
  6. Info:
    1. The Properties (middle) list shows the information you can obtain from each instance.
  7. Click Instances.
  8. Info:
    1. The list will show all instances of Win32_LogicalDisk (drives) on your system (C, D, E, etc.).
    2. Notice the list shows the “DeviceID” property is what is set to the drive letter.
    3. We will gather information on the C drive (DeviceID=”C:”).
  9. Click Close and Close again to get back to the main window.
  10. Click Open Instance.
  11. Enter “Win32_LogicalDisk.DeviceID=’C:'” and click OK.
  12. Info:
    1. The Properties windows now contains information for each property in the class as it relates to the C drive.
    2. Later we will obtain information in C# on one of these properties.
    3. We’ll need to note the class (Win32_LogicalDisk), the DeviceID (C:) and the property name we want (“FreeSpace”).

Example 2: Obtain Windows Information

  1. Open WBEMTest as noted above.
  2. Click Connect.
  3. Ensure the Namespace is set to “root\cimv2″ and click Connect.
  4. Click Open Class.
  5. Enter “Win32_OperatingSystem” and click OK.
  6. Info:
    1. The Properties (middle) list shows the information you can obtain from each instance.
  7. Click Instances.
  8. Info:
    1. The list will show all instances of Win32_OperatingSystem on your system.
    2. Notice the list doesn’t show anything behind Win32_OperatingSystem other than the “@” sign.
    3. We will gather information on this default OS instance (@).
  9. Click Close and Close again to get back to the main window.
  10. Click Open Instance.
  11. Enter “Win32_OperatingSystem=@” and click OK.
  12. Info:
    1. The Properties windows now contains information for each property in the class.
    2. Later we will obtain information in C# on one of these properties.
    3. We’ll need to note the class (Win32_OperatingSystem) and the property name we want.

Get WMI Information in C#

Now we will code the two examples above in order to obtain the information from the properties we saw in the examples. We will start with example 1. In this example “Win32_LogicalDisk” is the class we’ll be looking at.

  • Create a new C# Console Application in Visual Studio.
  • Add “System.Management” to the project references.
  • Add a “using System.Management;” statement to the top of the Program.cs file.
  • Perform the remaining steps inside the Main method (or wherever you want it).
  • Define your query (what you want to return from WMI).
    var dskQuery = new SelectQuery("Win32_LogicalDisk", "DriveType=3");
  • Define your scope (what system you want to connect to and WMI path).
    var mgmtScope = new ManagementScope("\\\\COMPUTERNAME\\root\\cimv2");
  • Connect to WMI.
    mgmtScope.Connect();
  • Define a searcher for the query.
    var mgmtSrchr = new ManagementObjectSearcher(mgmtScope, dskQuery);
  • Call searcher’s Get method and loop through results.
    foreach (var disk in mgmtSrchr.Get()) {
  • Get the DeviceID of the current loop item and compare to the drive we want info on.
    var devId = disk.GetPropertyValue("DeviceID").ToString();
    if (!string.IsNullOrEmpty(devId) && devId == "C:") {
  • Get the value of the property we want (FreeSpace) and validate.
    var freeWmi = disk.GetPropertyValue("FreeSpace").ToString();
    var freeInt = 0;
    if (!string.IsNullOrEmpty(freeWmi) && int.TryParse(freeWmi, out freeInt)) {
    Console.WriteLine("Free Space on " + devId + " Drive: " + freeInt.ToString());
    }}
  • Close out the for-each loop.
    }

The second example is coded as follows in order to get operating system information from the single default instance. In this example “Win32_OperatingSystem” is the class we’ll be looking at.

  • Create a new C# Console Application in Visual Studio.
  • Add “System.Management” to the project references.
  • Add a “using System.Management;” statement to the top of the Program.cs file.
  • Perform the remaining steps inside the Main method (or wherever you want it).
  • Define your query (what you want to return from WMI).
    var osQuery = new SelectQuery("Win32_OperatingSystem");
  • Define your scope (what system you want to connect to and WMI path).
    var mgmtScope = new ManagementScope("\\\\COMPUTERNAME\\root\\cimv2");
  • Connect to WMI.
    mgmtScope.Connect();
  • Define a searcher for the query.
    var mgmtSrchr = new ManagementObjectSearcher(mgmtScope, osQuery);
  • Call searcher’s Get method and loop through results.
    foreach (var os in mgmtSrchr.Get()) {
  • Get the value of the property we want (Version) and validate.
    var osVer = os.GetPropertyValue("Version").ToString();
    if (!string.IsNullOrEmpty(osVer))
    Console.WriteLine("OS Version: " + osVer);
  • Close out the for-each loop.
    }

Summary

The only remaining thing left to do is to determine what all of the Classes are that you can gather information on. This site contains WMI Class Information by the type of information you want. Keep in mind security considerations when trying to open remote WMI repositories. You can find more about maintaining WMI Security here.

I hope this help you get the entire picture of how to find and consume WMI information.

Connecting to Integration Services Failed with “Access Denied”


Overview

Today, when trying to connect to my local SQL Server Integration Services instance for the first time I received an error message.

SSIS Error

It was a new installation of SQL 2012 so I didn’t know for sure that it was even running. I checked to verify that SSIS was actually installed and that the service was running. I also verified DCOM permissions for MsDtsServer100 and added myself to the Distributed COM Users group, even though I am a local administrator. Of course none of that worked.

However, after a little looking I was able to find some talk about User Account Control (UAC) potentially causing this issue. UAC is able to intercept requests for administrative access and ask you about them before they’re allowed or terminate them all together. In this case it was terminating the request and SSMS was returning an Access Denied message.

To fix this problem you have one of two options. First you can close SSMS then right-click the icon, selecting Run as Administrator, each time you want to run it and connect to SSIS. The second option is to disable UAC. Of course this poses additional security risks since you’ll no longer be notified of requests for administrative access. However, if you want to do this the instructions are below.

Disabling UAC

  1. Click Start and then Control Panel.
  2. Click User Accounts and then User Accounts again in the next window.
  3. Click the Change User Account Control settings link.
  4. Slide setting down to “Never notify” and click OK.
  5. Restart your system.

Delete Visual Studio Online Project


Overview
I recently had a project that I wanted to remove from my Visual Studio Online source control system. I hadn’t done this before so I went about attempting to remove the projects via the normal means. Here is how I went about it.

Trial and Error
Naturally I first logged into my Visual Studio Online account, opened the project in the Collection Administration page and searched for some way to delete the project. However, I found that there was no available way to do this.

The next thing I tried is to delete the project from within Visual Studio 2013. I connected to my Visual Studio Online source control system, opened the Source Control Explorer and found that there was an option to right-click the project and select Delete. Of course it wasn’t that easy though. Upon selecting Delete the following error dialog appeared.

Delete Project Error

Error displayed when trying to delete a Visual Studio Online project locally.

Now I’m the administrator of the entire site so I knew permissions weren’t an issue. It also surprised me that there was an option to delete a project from within Visual Studio, but that it wasn’t supported. I tried searching the Visual Studio Online support pages. I did find entries for deleting projects from Visual Studio Online. However, all of them directed me to pages for removing projects from within Visual Studio itself. Then I stumbled upon another article that showed me what I was missing.

How to Delete Projects
It turns out I was actually pretty close the first time. Here is how you delete a project from your Visual Studio Online account.

  1. Login to your Visual Studio Online account (you must be an admin).
  2. Click the gear to the right of your name in the upper-right hand corner.
  3. In the Control Panel page, click the “View the collection administration page” link at the bottom of the right pane.
  4. Right-click the project you wish to delete from the list of projects on the right.
  5. Check the “I understand that all data in the team project XXX will be deleted.” check box.
  6. Click the Delete Project button.
  7. Click the Close button.
  8. Click the refresh button on the project list (circular arrow) occasionally to check for when the project has been deleted.

Summary

That’s it! The project has now been deleted. The part I missed was step 4 (right-clicking the project name). It seems silly now that I wouldn’t try that. I guess I don’t generally expect web pages to have right-click functionality. There’s also nothing that I found to indicate that this functionality is available or how to do it. Now you know!

Clear Server Names From List in SQL Server Management Studio


Overview
In Microsoft SQL Server Management Studio (SSMS) a history of the server names you connect to are kept in the connection dialog’s server name field drop down list. Often servers can be replaced, you move on to other projects, connect to the wrong server, etc. and this list can become cluttered.

Here is how you clear items from this list.

  1. Open the Microsoft SQL Server Management Studio (SSMS) version you want to affect.
  2. Open the Connect to Server dialog (File->Connect Object Explorer, Object Explorer->Connect->Database Engine, etc.).
  3. Click on the Server Name field drop down list’s down arrow.
  4. Hover over the items you want to remove.
  5. Press the delete (DEL) key on your keyboard.
  6. Repeat 4-5 for each server you want to remove from the list.

There are other ways to do this as well, like removing your MRU.DAT or SqlStudio.bin file from SSMS’s directory. However, it’s a little more difficult and resets all of your customized settings (those in Tools->Options). This could lead to changes to your Transaction Isolation Level, Results or Text Editor settings, etc. That isn’t much fun since we all spend a bunch of time getting those setup just right.