http://www.internetweek.com/security02/showArticle.jhtml?articleID=15200576&pgno=1
Swen virus activity, and how Greyware Automation Products dealt with an attack.
Very interesting, and I agree that a "quiet" virus may be spreading as we speak. Since the MS patch didn't work, and users are slow in applying the patches that do work - there is plenty of opportunity for someone to write a virus that doesn't attack or do anything exciting except to self-install when the opportunity is presented (during a download for example) to do so and then lay idle...doing a date check on boot waiting for the date to activate. I guess like Herpes or HIV?
Monday, September 29, 2003
Worker unrest? Gasp!
I'm telling you, people who outsource off shore are setting themselves up for a world of hurt in the next few years. Not only are you dealing with people who will do exactly what you tell them to do, you are dealing with different cultures. Telemarketing is probably an OK thing to outsource (thanks to the do not call list that may dwindle off to nothingness anyway). But moving critical application development to a foreign country (CHINA? for crying out loud? How about you send the code / idea / hardware you want to work with to Cuba and North Korea too?) is suicide. Not only is your application going to be riddled with security risks (oh, I'm not worried about that, I've got QA...go ahead and live in your little world) and probably ripped off and developed by another team to sell to your customers (and competitors). And, when your customer calls in for support, and gets the person with a funny accent, who doesn't speak English that well, you will alienate your customer base. Sure, all this stuff looks good on paper, but when customers find out what you are doing (hello HP?) and they discover that you offer 24/7 support, but it is scripted and sucks - they will go away, they won't tell you why (unless they like you), they just won't renew the contract, upgrade to the next version, whatever keeps your revenue coming in. That is going to affect the bottom line but by the time that happens, I hope that your customers have moved to a company that kept their customer service / development here in the US and that that company will keep that customer for life, cutting you out.
Man! OK. I'm feeling a little bit better.
I'm telling you, people who outsource off shore are setting themselves up for a world of hurt in the next few years. Not only are you dealing with people who will do exactly what you tell them to do, you are dealing with different cultures. Telemarketing is probably an OK thing to outsource (thanks to the do not call list that may dwindle off to nothingness anyway). But moving critical application development to a foreign country (CHINA? for crying out loud? How about you send the code / idea / hardware you want to work with to Cuba and North Korea too?) is suicide. Not only is your application going to be riddled with security risks (oh, I'm not worried about that, I've got QA...go ahead and live in your little world) and probably ripped off and developed by another team to sell to your customers (and competitors). And, when your customer calls in for support, and gets the person with a funny accent, who doesn't speak English that well, you will alienate your customer base. Sure, all this stuff looks good on paper, but when customers find out what you are doing (hello HP?) and they discover that you offer 24/7 support, but it is scripted and sucks - they will go away, they won't tell you why (unless they like you), they just won't renew the contract, upgrade to the next version, whatever keeps your revenue coming in. That is going to affect the bottom line but by the time that happens, I hope that your customers have moved to a company that kept their customer service / development here in the US and that that company will keep that customer for life, cutting you out.
Man! OK. I'm feeling a little bit better.
Friday, September 26, 2003
Thursday, September 25, 2003
FlexStand - Flexible Web Camera Stand
There it is, the amazon.com entry for the FlexStand. Please note that they don't have it in stock, because we haven't sent them any yet. Oh...this is too cool. I'm still quivering.
There it is, the amazon.com entry for the FlexStand. Please note that they don't have it in stock, because we haven't sent them any yet. Oh...this is too cool. I'm still quivering.
Wednesday, September 24, 2003
This is funny. Banned because it is "immoral" in the country with the naked news.
Quirky people they have over there.
Quirky people they have over there.
OK, the ruling in favor of Eolas against M$ has people shook up (including the W3C).
Now, above and beyond, that. This is more than M$, for example Netscape is probably lible as well for royalties, since they use plug-in technology as well.
I got curious about Eolas and looked at their technology page. There is a patent there that makes me wonder if they are going to sue the computer gaming industry next.
From their site:
The patent also covers image space collision detection technology believed to be currently in widespread use throughout the computer game industry.
Now, above and beyond, that. This is more than M$, for example Netscape is probably lible as well for royalties, since they use plug-in technology as well.
I got curious about Eolas and looked at their technology page. There is a patent there that makes me wonder if they are going to sue the computer gaming industry next.
From their site:
The patent also covers image space collision detection technology believed to be currently in widespread use throughout the computer game industry.
Tuesday, September 23, 2003
Only 80 stars?
This makes me sad, because surely more than 80 people in the CIA have died serving our country?
This makes me sad, because surely more than 80 people in the CIA have died serving our country?
This is an interesting read about the origins of Murphy's Law. I haven't been able to go through the whole thing, but you may want to bookmark it for future reference.
Origin of Murphy's Law
Origin of Murphy's Law
Monday, September 22, 2003
Yahoo! IM shutting out Trillian.
I tried Trillian in early? 2001. It was a pain in the buttocks. It was such a pain, I have never tried it again. I'm on Yahoo! Messenger & I have an ICQ# laying around that I never use (I don't like ICQ either). I don't like MSN Messenger, nor do I like AOLs Messenger. Unless and until Yahoo! does something seriously stupid, I'll be sticking with them and their IM software. So, go ahead and call me either stubborn, loyal, or lazy (all three or a combination, would be acceptable as well).
As far as Trillian goes, I've heard that if you pay for it, it works much better than the free version does. One day, I may have to debase myself, and see how the webcam integration is going for each (~shudder~). I've already been through an MSN Messenger installation (after they announced the webcam integration in their latest version - I do believe I mentioned that it was not nearly as easy to use as Yahoo! and was .... icky) and I'm still working on disinfecting my home computer.
Ah, the sacrifices I make for my work.
I tried Trillian in early? 2001. It was a pain in the buttocks. It was such a pain, I have never tried it again. I'm on Yahoo! Messenger & I have an ICQ# laying around that I never use (I don't like ICQ either). I don't like MSN Messenger, nor do I like AOLs Messenger. Unless and until Yahoo! does something seriously stupid, I'll be sticking with them and their IM software. So, go ahead and call me either stubborn, loyal, or lazy (all three or a combination, would be acceptable as well).
As far as Trillian goes, I've heard that if you pay for it, it works much better than the free version does. One day, I may have to debase myself, and see how the webcam integration is going for each (~shudder~). I've already been through an MSN Messenger installation (after they announced the webcam integration in their latest version - I do believe I mentioned that it was not nearly as easy to use as Yahoo! and was .... icky) and I'm still working on disinfecting my home computer.
Ah, the sacrifices I make for my work.
Thursday, September 18, 2003
Wednesday, September 17, 2003
Tuesday, September 16, 2003
Well. Here is some more excitement about computer vulnerability:
http://www.kb.cert.org/vuls/id/333628
CERT Advisory
Vulnerability Note VU#333628
OpenSSH contains a buffer management error
Another buffer overrun/overflow issue. When are they going to fix the code that they write with/the compiler?
http://www.kb.cert.org/vuls/id/333628
CERT Advisory
Vulnerability Note VU#333628
OpenSSH contains a buffer management error
Another buffer overrun/overflow issue. When are they going to fix the code that they write with/the compiler?
I have returned from the new members breakfast for the Houston Northwest Chamber of Commerce.
I will be taken out back and horsewhipped, because I forgot to take business cards with me (networking, networking, networking). We are considering also offering a computer troubleshooting business, and small project computer programming to Strange Solutions, Inc's list of offerings. Tony and I are both "computer people," you know - the person who gets called by ex-wives and family members to do phone tech support for free. I think we should turn that into another (biz talk here) revenue stream.
I will be taken out back and horsewhipped, because I forgot to take business cards with me (networking, networking, networking). We are considering also offering a computer troubleshooting business, and small project computer programming to Strange Solutions, Inc's list of offerings. Tony and I are both "computer people," you know - the person who gets called by ex-wives and family members to do phone tech support for free. I think we should turn that into another (biz talk here) revenue stream.
Monday, September 15, 2003
Friday, September 12, 2003
Open Source Search Engine
http://www.nutch.org/
Being able to view the algorithms responsible for the search results returned, and for indexing will be interesting. The only concern I have is fraud/spam results. Look at the "google dance" watchers. People literally sit around and watch what Google's reaction to their website is and then tweak it. If you could view the source, surely that would make the results that much more contrived?
http://www.nutch.org/
Being able to view the algorithms responsible for the search results returned, and for indexing will be interesting. The only concern I have is fraud/spam results. Look at the "google dance" watchers. People literally sit around and watch what Google's reaction to their website is and then tweak it. If you could view the source, surely that would make the results that much more contrived?
Here is an article that is confusing.
The title is:
Bottled water blamed for rush of cavities
Missing out on fluoride
One of the paragraphs is:
Problems are particularly pronounced among certain pockets of low-income children, with Montreal and Winnipeg, for instance, facing near-crisis levels of young people who need so much work they must be put under general anesthetic.
So, low-income people have enough money to purchase and only consume bottled water? I don't think so. I think they are looking for a reason to blame business, instead of parents.
The title is:
Bottled water blamed for rush of cavities
Missing out on fluoride
One of the paragraphs is:
Problems are particularly pronounced among certain pockets of low-income children, with Montreal and Winnipeg, for instance, facing near-crisis levels of young people who need so much work they must be put under general anesthetic.
So, low-income people have enough money to purchase and only consume bottled water? I don't think so. I think they are looking for a reason to blame business, instead of parents.
Oh man! OK, here is an excellent example to make sure that your business name doesn't overlap with any Trademark or other corporation's name.
YES folks! Apple Corps is suing Apple Computer Inc. (again).
I find this funny. I actually smiled about it. I hadn't heard of the earlier suits, but now that I have, I think it is hilarious. I wonder if Steve Jobs is wishing that he would have named his company Kiwi, or Pear, or some other fruit?
YES folks! Apple Corps is suing Apple Computer Inc. (again).
I find this funny. I actually smiled about it. I hadn't heard of the earlier suits, but now that I have, I think it is hilarious. I wonder if Steve Jobs is wishing that he would have named his company Kiwi, or Pear, or some other fruit?
Thursday, September 11, 2003
A warning regarding offshore programming.
Boils down to - if you get your code offshore, how are you going to know that a trojan or backdoor wasn't included (nevermind that they almost always are, because programmers are lazy)? And if say a fortune 500 company gets their application developed overseas, how ethical are the people doing the work? How much money could they get for proprietary information that would be accessible? Since they work for so little anyway, I'd guess that it wouldn't cost that much to bribe them to include a little "easter egg" in the package.
Boils down to - if you get your code offshore, how are you going to know that a trojan or backdoor wasn't included (nevermind that they almost always are, because programmers are lazy)? And if say a fortune 500 company gets their application developed overseas, how ethical are the people doing the work? How much money could they get for proprietary information that would be accessible? Since they work for so little anyway, I'd guess that it wouldn't cost that much to bribe them to include a little "easter egg" in the package.
Wednesday, September 10, 2003
I thought Microsoft had fixed the DCOM issue? I suppose not.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-039.asp
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-039.asp
"Hello, New York times? I'm calling to let you know that I just compromised your network."
"Yes, I'm more than willing to tell you exactly how I did it, and how you can fix it."
"No, no, sir - I don't want any money. I just want to make sure that your network is secure."
Knock, knock, knock.
BANG BANG BANG
Police! Open UP!
"We consider the breach of The New York Times Company's internal corporate network in February 2002 to be a serious security matter, and have been cooperating with the FBI and local authorities in their investigation of Adrian Lamo," The New York Times Company said in a statement provided by spokeswoman Christine Mohan.
Geez. What is the NYT hiding that they feel compelled to get someone arrested who was trying to help them? Now - I'll admit that it wasn't the smartest thing to do. But, if you are walking through the neighborhood, if you come across an open door, should you open it? If you open it, and then call the owners of the house and let them know thier door is unlocked - should they then work with the FBI to get you arrested for trying the doorknob?
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Since writing this I've received more information. Apparently he logged in and started messing around with their network, 3 months after his initial alert to them that their information was not secure. So - this is kinda' like a guy finding an unlocked door notifying the ower, going back 3 months later, finding the door still unlocked and deciding that he'd go in and take a look around. So, I don't know how I feel about it now.
"Yes, I'm more than willing to tell you exactly how I did it, and how you can fix it."
"No, no, sir - I don't want any money. I just want to make sure that your network is secure."
Knock, knock, knock.
BANG BANG BANG
Police! Open UP!
"We consider the breach of The New York Times Company's internal corporate network in February 2002 to be a serious security matter, and have been cooperating with the FBI and local authorities in their investigation of Adrian Lamo," The New York Times Company said in a statement provided by spokeswoman Christine Mohan.
Geez. What is the NYT hiding that they feel compelled to get someone arrested who was trying to help them? Now - I'll admit that it wasn't the smartest thing to do. But, if you are walking through the neighborhood, if you come across an open door, should you open it? If you open it, and then call the owners of the house and let them know thier door is unlocked - should they then work with the FBI to get you arrested for trying the doorknob?
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Since writing this I've received more information. Apparently he logged in and started messing around with their network, 3 months after his initial alert to them that their information was not secure. So - this is kinda' like a guy finding an unlocked door notifying the ower, going back 3 months later, finding the door still unlocked and deciding that he'd go in and take a look around. So, I don't know how I feel about it now.
Tuesday, September 09, 2003
What can be said about this? I cannot imagine something like this happening in the US. If we get government medicine, I supposed it could. It is quite sad really. I wonder how much guilt the families of the people who died feel? I hope quite a bit. You can blame doctors, nurses, caretakers, whoever...but really, if you had an elderly parent, wouldn't you call from your beach-side hotel and make sure that they were ok?
15,000 people. Fifteen THOUSAND people. Five times the deaths from the WTC on 9/11/01. This isn't a tragedy, it is genocide on old people. When is the United Nations going to launch an investigation?
15,000 people. Fifteen THOUSAND people. Five times the deaths from the WTC on 9/11/01. This isn't a tragedy, it is genocide on old people. When is the United Nations going to launch an investigation?
This was a big day today. I went to the ribbon cutting for By Design Interiors. Very nice people. BIG office space.
Here is part of what was written about them in the Profiles magazine, Summer 2003 edition.
By Design Interiors, Inc. has been providing distinctively exquisite interior design and decorating in NW Houston’s finest communities for years. With an incredibly creative design staff they often utilize a team concept approach. The design team works together from conceptual design through the final phase of accessorizing to achieve for their clients an interior of comfortable elegance. Years of experience as general contractors will ensure that you are receiving highly qualified and professionally trained individuals, to carefully critique blueprints. Thus, earning their remodeling slogan..."More than just a contractor."
By Design Interiors encourages their clients to consider unique options by introducing them to new and innovative products and ideas from a studio fully staffed and equipped with a wealth of resources. From exquisite accessories and furniture to state-of the art design, you'll be truly impressed by their talent, professionalism, impeccable taste, desire to please and most assuredly...their reputation of utmost integrity. You will, see why beautiful interiors don't just happen...they are created "By Design."
And may I add to what the article said? They were all quite nice to me. Which is saying quite a bit, considering that I'm slightly socially inept. They weren't snooty - which I think has been the stereotype for interior designers in general. I would scan in the pictures from the magazine, but I'm not home (I'm breaking the rules and posting from work). Some of the accessories that they had in their offices were beautiful. There is a whole couch of pillows that were beaded - gorgeous hand work from the look of it. Going by their offices, which were functional but stylish, I'd say that they do some very nice work.
Just my 2 cents.
Last week I joined the Houston Northwest Chamber of Commerce. This was a big step for Strange Solutions, but I think it will be worth it. If I can just get myself to deal with people in person (as opposed to through e-mail and chat).
Here is part of what was written about them in the Profiles magazine, Summer 2003 edition.
By Design Interiors, Inc. has been providing distinctively exquisite interior design and decorating in NW Houston’s finest communities for years. With an incredibly creative design staff they often utilize a team concept approach. The design team works together from conceptual design through the final phase of accessorizing to achieve for their clients an interior of comfortable elegance. Years of experience as general contractors will ensure that you are receiving highly qualified and professionally trained individuals, to carefully critique blueprints. Thus, earning their remodeling slogan..."More than just a contractor."
By Design Interiors encourages their clients to consider unique options by introducing them to new and innovative products and ideas from a studio fully staffed and equipped with a wealth of resources. From exquisite accessories and furniture to state-of the art design, you'll be truly impressed by their talent, professionalism, impeccable taste, desire to please and most assuredly...their reputation of utmost integrity. You will, see why beautiful interiors don't just happen...they are created "By Design."
And may I add to what the article said? They were all quite nice to me. Which is saying quite a bit, considering that I'm slightly socially inept. They weren't snooty - which I think has been the stereotype for interior designers in general. I would scan in the pictures from the magazine, but I'm not home (I'm breaking the rules and posting from work). Some of the accessories that they had in their offices were beautiful. There is a whole couch of pillows that were beaded - gorgeous hand work from the look of it. Going by their offices, which were functional but stylish, I'd say that they do some very nice work.
Just my 2 cents.
Last week I joined the Houston Northwest Chamber of Commerce. This was a big step for Strange Solutions, but I think it will be worth it. If I can just get myself to deal with people in person (as opposed to through e-mail and chat).
Well, isn't this interesting. AOL took a swipe at MSN through RoadRunner. I guess it is a bid for more money, or a slap for some insult MS handed AOL.
Oh man. No way! Peach Money?!!? It starts with the $20 and I guess other bills will be modified over time. *sigh* I guess the phrase "green backs" will go away and become "peach backs?" Talk about Monopoly money.
Friday, September 05, 2003
I just remember hearing on the radio a caller saying that a plane had crashed into the WTC in New York. The DJ (a woman) said that that report was unconfirmed. I immediately called home and asked what was going on. Tony didn't know, he turned on the TV and the Tower was smoking. I got home and the second Tower had been hit.
Never Forget
Never Forget
Thursday, September 04, 2003
OH MY GOODNESS!
On the night of Wednesday, August 27, two men dressed as computer technicians and carrying tool bags entered the cargo processing and intelligence centre at Sydney International Airport.
The men, described as being of Pakistani-Indian-Arabic appearance, took a lift to the third floor of the Charles Ulm building in Link Road, next to the customs handling depot and the Qantas Jet Base.
They presented themselves to the security desk as technicians sent by Electronic Data Systems, the outsourced customs computer services provider which regularly sends people to work on computers after normal office hours.
After supplying false names and signatures, they were given access to the top-security mainframe room. They knew the room's location and no directions were needed.
Inside, they spent two hours disconnecting two computers, which they put on trolleys and wheeled out of the room, past the security desk, into the lift and out of the building.
Talk about physical security or lack thereof. The article says that it had to be an inside job - but surely an observant person after a month or so of watching could have figured: EDS is the provider, Techs go in and out of the server room, the server room is over there.
The question is - it sounds like the servers removed were targed specifically which would make me think that they had information from someone who works there (all servers look the same on the outside pretty much). And the big question is - Were they running Microsoft? I wonder how long it will take for this to become MicroSoft's fault?
On the night of Wednesday, August 27, two men dressed as computer technicians and carrying tool bags entered the cargo processing and intelligence centre at Sydney International Airport.
The men, described as being of Pakistani-Indian-Arabic appearance, took a lift to the third floor of the Charles Ulm building in Link Road, next to the customs handling depot and the Qantas Jet Base.
They presented themselves to the security desk as technicians sent by Electronic Data Systems, the outsourced customs computer services provider which regularly sends people to work on computers after normal office hours.
After supplying false names and signatures, they were given access to the top-security mainframe room. They knew the room's location and no directions were needed.
Inside, they spent two hours disconnecting two computers, which they put on trolleys and wheeled out of the room, past the security desk, into the lift and out of the building.
Talk about physical security or lack thereof. The article says that it had to be an inside job - but surely an observant person after a month or so of watching could have figured: EDS is the provider, Techs go in and out of the server room, the server room is over there.
The question is - it sounds like the servers removed were targed specifically which would make me think that they had information from someone who works there (all servers look the same on the outside pretty much). And the big question is - Were they running Microsoft? I wonder how long it will take for this to become MicroSoft's fault?
I must talk about this:
http://www.extremetech.com/article2/0,3973,1234663,00.asp
"Parson is being charged with modifying the original "Blaster" or "LovSan" virus and releasing it on the Internet, infecting at least 7,000 PCs and using them as "drones" to mount a distributed denial of service (DDoS) attack, according to the complaint filed by the U.S. Attorney's office. Antivirus vendor Symantec Corp. said the worm infected over 500,000 machines, which were programmed to attack Microsoft's WindowsUpdate.com web site, which Microsoft redirected in a successful bid to avoid the worm. "
This person is responsible for 1.4% of the infected computers. OK - where is the jerk who wrote the original virus? Why is this one guy being played up so much? He is a moronic child, and should have been caught - but the fact that the original blaster writer remains free is a testament to the Feebies inability to get to an intelligent criminal. How about the sobig virus writer? (S)He has released several different versions of a virus and hasn't been caught.
I guess what I'm trying to say is : "Good job - now catch the real bad-guy. And don't break your arm patting yourself on the back for catching an idiot who is probably continually surprised by the sunrise and needs help tying his shoes."
http://www.extremetech.com/article2/0,3973,1234663,00.asp
"Parson is being charged with modifying the original "Blaster" or "LovSan" virus and releasing it on the Internet, infecting at least 7,000 PCs and using them as "drones" to mount a distributed denial of service (DDoS) attack, according to the complaint filed by the U.S. Attorney's office. Antivirus vendor Symantec Corp. said the worm infected over 500,000 machines, which were programmed to attack Microsoft's WindowsUpdate.com web site, which Microsoft redirected in a successful bid to avoid the worm. "
This person is responsible for 1.4% of the infected computers. OK - where is the jerk who wrote the original virus? Why is this one guy being played up so much? He is a moronic child, and should have been caught - but the fact that the original blaster writer remains free is a testament to the Feebies inability to get to an intelligent criminal. How about the sobig virus writer? (S)He has released several different versions of a virus and hasn't been caught.
I guess what I'm trying to say is : "Good job - now catch the real bad-guy. And don't break your arm patting yourself on the back for catching an idiot who is probably continually surprised by the sunrise and needs help tying his shoes."
Subscribe to:
Posts (Atom)