(The) R. M. Pawnyk Corporation

Small Business (SMB) Specialists

Notices

Last Updated: May 4, 2008 9:00 AM

The Notices page is the most frequently visited resource by customers and interested end users. It provides pertinent information regarding product issues, releases and information categorized by product. The newest information will always be displayed in bold print to help you locate recent changes.

Rescue and Recovery Services

Rescue, recovery and data retrieval services for desktop and laptop operating systems at a flat rate everyone can afford. Identify, isolate and remove viruses and spyware that slows your system to a crawl and jeopardizes your privacy and security. Or if you accidentally hit that "Delete" key instead of the "Insert" key and your project is now "GONE". Trust your confidential information to a Certified Microsoft Business Solutions Partner who really understands your needs and Microsoft products. Restrictions apply - call for details.

We are amazed at the number of end users who leave their workstations powered up all day long. With the always on internet through DSL subscriber lines, and the general lack of protection with inadequate or non-existent spyware and antivirus products, do you really think that someone won't take advantage of your invitation to hack into your computer? At a minimum, turn off the network interface at the workstation. Many users don't even know how their local routers with firewalls are set up. No wonder that privacy issues and fraud are rampant, with little or no exposure for detection, much less prosecution.

Forensic consulting services are available to help companies prepare and deal with a variety of security issues. Offering the expertise of Mr. Roman Pawnyk, his accounting, technical and law enforcement background can help you formulate an internal plan with the appropriate tools to setup audit and control procedures that deal with potential intrusion and security issues faced by SMB organizations. His industry management experience spans several decades in organizations such as Price Waterhouse, Honeywell, Microsoft, American Telephone & Telegraph, Bell Laboratories, Shared Medical, University Hospitals, American Red Cross and local law enforcement. Call for a confidential meeting to review your management concerns.

Microsoft Dynamics GP 10.0

Try Microsoft Dynamics GP 10.0. Order the 90 day trial of the new version of Microsoft Great Plains directly from Microsoft Business Solutions. Use the URL appearing below to get your free copy.

http://www.microsoft.com/dynamics/gp/default.mspx

Service Pack 1 for 10.0 available for download

Service Pack 3 for v9.0 available for download

Microsoft Small Business Financials 9.0

RealWorld Classic & Expertise

Unsupported by Microsoft as of September, 2007. Call us directly for your support. Need to move up - call about migrations to Great Plains and Small Business Financials.

Realworld posting to wrong year in some instances (1908 instead of 2008). Accounting information may be impacted with transactions appearing in the wrong years. Call for resolution and workaround recommendations.

Product Promotions

Expires June 20, 2008: all new customers are invited to take advantage of a special pricing promotion when purchasing Microsoft Dynamics Great Plains. Purchase a Business Ready License for Business Essentials and receive a 20% discount per user on the first (5) users.

Horizons International Manufacturing Suite

Starship

Retail Management System (RMS)

Microsoft Customer Relationship Management (CRM)

FRx Report Writer

Service Pack 9 available for download.

Microsoft Small Business Accounting 2007

Microsoft Point of Sale (POS)

Miscellaneous

"Looking around the Internet, it appears that users are having problems with the Dell Support Center 2.0 upgrade. And the new feature that Dell most enthusiastically touts for the new version is its "proactive alerts." Users received warnings of dire consequences of not upgrading, just a sample of how proactive Dell is. It's one thing for a vendor to take an aggressive approach to helping its customers, but it's quite another if the aggression is really aimed at drumming up business for its paid support."

Dell Neglects Small Biz System Problems

When Dell launched its Vostro line of computers for the small business market, it said it would make it more attractive for customers by not bundling any of "trialware" junk. Unfortunately, as one reader reports, Vostro customers are discovering that owning the systems can nonetheless be quite a trial. "Dell's effort to court the small business market with its new Vostro line of computers may be foundering. Recent messages on Dell's Community Forum have complained about new Vostro 200s that fail to boot. The problem appears to be related to an error in the current BIOS or a configuration error in the image used to install Windows XP. Dell's response has been to ignore the issue, leaving its small business customers to fend for themselves in an effort to come up with a solution. This doesn't seem like a very promising approach to winning customer confidence."

In the same category, Microsoft's Windows Live One-Care free workstation scan seems to be alerting on a Trojan win32.alureon.gen!c which Symantec Anti-Virus Corporate Edition isn't aware of, and assures the user that with auto-protect enabled, the workstation is secure and not infected. Placing a call the support center, an offshore script-reading customer service representative finally recommended that the "experts" needed to remotely diagnose this situation for $99.95. Either Symantec is calling this particular Trojan something else and is trying to extract additional support revenues, or Live One-Care is attempting to coerce users into investing $19.95 for a paid subscription. Using another anti-virus product from Sunbelt Software, CounterSpy failed to identify the aforementioned Trojan as being active on the system. Who do you believe?

Microsoft has been quoted as intending to release SP3 for Windows XP during the first half of 2008.

As if Microsoft's Vista problems aren't enough, Microsoft has come under criticism recently regarding its' Vista Capable labeling on new computers being sold. One would assume that a Vista Capable workstation would be capable of running any version of Vista. WRONG !!! If you plan on purchasing a new Vista computer with the intention of upgrading to a more capable version of Vista after the purchase, you may be at risk!

Microsoft's actual position is that for a computer to be labeled "Vista Capable", it only had to be able to run Vista Home Basic. That means a computer that can't run Vista Home Premium or Vista Ultimate could still be labeled "Vista Capable" even though it can't run many of the features advertised with Vista.

Intel motherboards with the 915 embedded graphics chipset may not be able to run all versions of Microsoft's newest OS, Vista. The Vista Capable labeling is currently being litigated as a class action lawsuit.

Bravo Yahoo !! As many of you are aware, Yahoo has attempted to put into place additional filters to reduce the amount of spam being addressed to email users around the world. Not only was there a major disruption in service, but major ISPs such as AT&T and SBC who outsourced to Yahoo all outbound mail services, are only willing to offer a $5.00 credit for the inconvenience caused by poorly tested, fractionally implemented and wholly uncontrolled updates. Assuming, one had the patience to endure the total ineptitude of the developers, the spammers have figured out a way to get around all the fancy filters, blocks, verifications etc., in a matter of one week. Behold, my email inbox now contains the familiar Viagra, meet sexy singles, work from home and the Nigerian scams that I was finally getting used to. To Yahoo, SBC, AT&T and others involved in this fiasco, JOB WELL DONE !

Bruce Schneier on Security

A blog covering security and security technology.

April 18, 2008

Oklahoma Data Leak

Usually I don't bother blogging about these, but this one is particularly bad. Anyone with with basic SQL knowledge could have registered anyone he wanted as a sex offender.

One of the cardinal rules of computer programming is to never trust your input. This holds especially true when your input comes from users, and even more so when it comes from the anonymous, general public. Apparently, the developers at Oklahoma�s Department of Corrections slept through that day in computer science class, and even managed to skip all of Common Sense 101. You see, not only did they trust anonymous user input on their public-facing website, but they blindly executed it and displayed whatever came back.
The result of this negligently bad coding has some rather serious consequences: the names, addresses, and social security numbers of tens of thousands of Oklahoma residents were made available to the general public for a period of at least three years. Up until yesterday, April 13 2008, anyone with a web browser and the knowledge from Chapter One of SQL For Dummies could have easily accessed � and possibly, changed � any data within the DOC�s databases. It took me all of a minute to figure out how to download 10,597 records � SSNs and all � from their website.

May 2, 2008 Let's Make It Easy for the Identity Thieves !!

"California's Riverside County Superior Court's Web site is serving up document images containing SSNs and detailed medical records relating to civil cases, according to a couple of privacy advocates. All of the documents are free to anyone who knows where to look for them. 'Searches done on the court's Web site turned up various documents related to civil cases that contained sensitive information. Included were complete tax filings, medical reports pertaining to cases handled by the court, and images of checks complete with signatures as well as account and bank-routing numbers.'"

Windows XP SP3 will be available for public download April 29, 2008. Whoa ! Microsoft pulls release due to last minute issue with Retail Management System software.

Discontinuance Notices

Payroll Year End Notices

New Customer Promotions

Network Intrusions and Attacks

Throughout the normal business day, our network records and captures many attempts (potential attacks) to sniff out our network defenses. These logs are reviewed daily and trends are tracked. Most small businesses are extremely vulnerable to intrusions emanating from mainland China. They have increased dramatically and the most obvious offender's ISPs are listed as follows:

61.11.0.0 - 60.11.255.255	CNCGROUP Heilongjiang Province Network	Blacklist Status=Clear
61.180.228.224 - 61.180.228.255	CNCGROUP Heilongjiang Province Network	Blacklist Status=Clear
202.99.128.0 - 202.99.191.255	CNCGROUP Hebei Province Network	Currently Listed
221.1.204.224 - 221.1.204.255	CNCGROUP Shandong Province Network	Blacklist Status=Clear
221.1.206.128 - 221.1.206.159	CNCGROUP Shandong Province Network	Blacklist Status=Clear
221.200.0.0 - 221.203.255.255	CNCGROUP Liaoning Province Network	Blacklist Status=Clear
222.134.45.48 - 222.134.45.55	CNCGROUP Shandong Province Network	Currently Listed

Tired of the spam? Send us $20.00 with your email address, and we'll provide you with our spam domains (updated daily). Import into your junk email filter (1250+ spam domains) and begin to filter out the junk. No restrictions to the number of machines that you can update.

If you are connected to the internet, you need to review the robustness of your firewall, your anti-virus and your malware and spyware monitors. These represent three distinct vulnerabilities, and it is very foolish to think that just by having an antivirus product, you are protected from those individuals whose agenda doesn't include your best interests. To remain safe from these intrusions, you need to address all three areas.

Questions regarding posted information or requests for additional information should be directed to the address appearing below.

E-Mail:

Sales @ RMPCORP.NET