Alexander’s Blog

I had a client who asked me the other day if it is possbile to prevent out-of-office messages in Exchange 2007 from being sent to anyone not on the users’ contacts list. Luckily, in Outlook 2007 Microsoft allows us to set two different out-of-office messages.

Sending out-of-office messages to anyone could be a security risk and can also help spammers who are ableto verify your e-mail address. Bad guys can benefit from information about you that they shouldn’t have. For example, there are known cases of people getting robbed when out-of-office message informed the would-be robbers that people will be out of town on certain dates. Out-of-office messages also pose additional social engineering threats.

In Outlook 2007, you have much better control over out-of-office replies. Not only can you send out-of-office replies during specific dates, which is very helpful, you can configure one auto-reply for people that are inside your organization and another for people who are outside your organization. For example, you can configure the dates for when you are out-of-office ahead of time and Outlook 2007 will automatically turn on the feature during the dates that you are out of office. To configure out-of-office auto replies in Outlook 2007 you go to Tools, Out of Office Assistant. Notice that when you enable the feature by clicking “Send Out of Office auto-replies” you have two tabs: one for “Inside My Organization” and another for “Outside My Organization: When you type a message for users “Outside My Organization”, you can choose to either select “My contacts only” or “Anyone outside my organization” (which is the default setting).

The ability to limit out-of-office replies only to users that are on your contacts list is a major improvement in Outlook 2007.

Another fascinating research story from University of Washington. I saw this article on Washington Post’s Web site that I had to share.

“Move over, Bionic Man. Engineers at the University of Washington in Seattle have come up with a nanotech device that Steve Austin would have loved: a contact lens that displays images, letting a person surf the Web, read e-mail, scan a spreadsheet or play a video game, all without using a computer screen.

The lens has not undergone human trials, but it has been tested on rabbits for up to 20 minutes without ill effects.”

Click here for this interesting story posted by Washington Post.

The research activities at the University of Washington (UW) in Seattle are often fascinating. I just read the other day that the UW, along with researchers from Harvard and UMass Amherst showed how it is possible for someone to extract patients’ private medical infromation from implantable devices. Not only that, but it is also possible to reprogram the medical settings without patients’ approval or knowledge.

The research has been reported widely in the medical community and in the press. According to the uwnews. org “In computer laboratory bench tests, the research team used an inexpensive software radio to intercept and capture signals sent from the implantable device. They were able to obtain detailed information about a hypothetical patient, including name, diagnosis, date of birth and medical ID number. Researchers could determine the make and model of the device and access real-time electrocardiogram results as well as data on the hypothetical patient’s heart rate and cardiac activity.”

You can read the entire news story here.