Digital Common Sense

It’s been online for a week or so, but I’ve seen very little comment on this pearl of true wisdom from Rands In Repose

Somewhere in your third year of being a manager, the Management Pixies will appear in your office in a puff of sweet smelling black smoke. There will be three of them and one will be carrying a gorgeous black top hat.

If you’re new to management, or striving for management, you really need to go read this post. Then bookmark it and come read it again in a few days. Cut and paste it and save if to refer back to. Commit it to memory.

If you’re a long-time manager, senior manager, and perhaps most important, if you’re a confident manager, you better go read too. It’s a great reminder of the world we live in . . . for now.

I’m making this required reading for all new managers. And yes, there will be a test.

Filed by Ken at 6:46 pm under General
No Comments

November 28, Reuters — Federal Trade Commission: Spam e−mail filters getting better. E−mail spammers are aggressive as ever but Internet providers are getting better at blocking junk messages before they reach users’ inboxes, according to a U.S. Federal Trade Commission (FTC) study released on Monday, November 28. The FTC found that spammers continue to “scrape” e−mail addresses from the Web using automated programs that look for the telltale “@” sign. But up to 96 percent of those messages were blocked by the two Web−based e−mail providers used by the FTC in its test. The FTC did not say which providers it used in its study. “This encouraging result suggests that anti−spam technologies may be dramatically reducing the burden of spam on consumers,” the report said. The FTC noted that Internet providers still must bear the burden of filtering out those messages.
FTC Press Release: http://www.ftc.gov/opa/2005/11/spam3.htm
FTC Spam study: http://www.ftc.gov/opa/2005/11/spamharvest.pdf
Source

I found this particularly interesting coming on the heels of Sophos revelation that the recent Sober variant impact has been estimated at 14% of the email on the net being infected and tied to Sober. There’s certainly been a goodly amount of that stuff getting through in the past week, and it looks like spam to my filters.

Filed by Ken at 5:53 pm under InfoSec, Technology
No Comments

November 21, Federal Computer Weekly — Lost records convince officials that encrypted digital backups are crucial. After Hurricane Katrina devastated the Gulf Coast region, along with many vital records, federal officials realized they needed to digitize such records to prevent future data loss. But storage analysts say federal agencies are behind the curve when it comes to safeguarding digitized records stored elsewhere. Federal agencies are not encrypting their off−site data, said Jon Oltsik, a senior analyst at research firm Enterprise Strategy Group. Katrina’s destruction demonstrated the importance of electronic backup copies of documents such as health records and flood maps. But by keeping copies of critical information, agencies also create new opportunities for data theft. Oltsik is the author of a recent survey that asked 388 agencies and companies whether they encrypt backup data as they copy it to tape. “Of the five industry segments we looked at, [the local/federal] government was the worst,” he said. Only three percent of government organizations said they always encrypt backup data, and 77 percent said they never do. Overall, only seven percent of the organizations surveyed said they always encrypt backup data, despite the fact that vendors have offered backup encryption tools for at least 15 years, Oltsik said.
Source: http://fcw.com/article91509−11−21−05−Print

Filed by Ken at 5:52 pm under General, InfoSec, Technology
No Comments

November 28, eWeek — Malicious keyloggers run rampant on net. Keylogging programs are the epitome of online stealth, and they’re also a mushrooming problem on the Internet. Reports of new keylogging programs soared higher this year, as part of a wave of multifunction malware with integrated keylogging features, according to VeriSign Inc.’s security information company iDefense Inc. The programs often evade detection by anti−virus tools and can be difficult to detect once installed, experts warn. More than 6,000 keylogging programs will be released by the end of this year, according to projections by iDefense. That’s an increase of 2,000 percent over the last five years, company officials said. Keyloggers have been around for years and are also sold as legitimate applications −− often as monitoring tools for concerned parents or suspicious spouses −− according to Ken Dunham, director of malicious code at iDefense, in Reston, VA. Malicious keyloggers are increasingly part of modular programs that contain Trojan horse, spamming and remote control features, as well, Dunham said. Anti−virus companies have developed signatures that will stop many of those programs before they can be installed, but new programs with unique signatures are readily available from malicious code download sites.
Source: http://www.eweek.com/article2/0,1895,1893515,00.asp

Filed by Ken at 5:52 pm under InfoSec
No Comments

November 29, Security Focus — Microsoft Windows SynAttackProtect predictable hash remote denial of service vulnerability. Microsoft Windows is prone to a denial of service vulnerability. The vulnerability arises due to a design error in the function responsible for the hash table management for “SynAttackProtect.” Reports indicate that the affected function used by the TCP/IP stack creates a predictable hash, allowing an attacker to send a large number of SYN packets with an identical hash value. A successful attack can eventually lead to a denial of service condition due to the lookup algorithm becoming very inefficient at performing searches.
Solution: http://www.securityfocus.com/bid/15613/solution
Source: http://www.securityfocus.com/bid/15613/references

Filed by Ken at 5:52 pm under InfoSec, Technology
No Comments

My son posted a Letter to Pope Benedict XVI.

Letter to Pope Benedict XVI

November 29, 2005

His Holiness Pope Benedict XVI
Vatican City State, 00120
Italy

Your Holiness:

I am writing to you on a matter of grave importance. As I was viewing the list of patron saints on Catholic Online, I noticed a big oversight. There is no patron saint for fools or idiots! I find it hard to believe that a church that cares so deeply for people and has patron saints watching over just about any person or cause, does not have a patron saint for fools and idiots. There are a great many fools and idiots in the world, you know?

I am writing to respectfully request that George W. Bush, President of the United States, be canonized and made the patron saint of idiots and fools.

Yes, that’s parental pride in a son who thinks through very complex issues and does a fabulous job of cutting through the crap.

I see my own header tag “distilling fact from the vapor of nuance” and appreciate that, while our interests and passions are different in many ways, he is a chip off the old block.

Filed by Ken at 5:50 pm under General
1 Comment

pierrotsfolly showed a sign of life, but Harry, you’re speaking in tongues.

测试卫生部部长介绍艾滋病防治工作(进行中) 视频

Filed by Ken at 7:32 pm under General
1 Comment

Miami Police Take New Tack Against Terror

Nov 28 9:28 PM US/Eastern
By CURT ANDERSON
Associated Press Writer

MIAMI

Miami police announced Monday they will stage random shows of force at hotels, banks and other public places to keep terrorists guessing and remind people to be vigilant.

Deputy Police Chief Frank Fernandez said officers might, for example, surround a bank building, check the IDs of everyone going in and out and hand out leaflets about terror threats.

“This is an in-your-face type of strategy. It’s letting the terrorists know we are out there,” Fernandez said.

If there were ever a law enforcement agency looking to piss of and alienate the community, well I guess I might have figured Miami would have been on my list of candidates. Dade County does have a reputation to uphold.

This is about the dumbest idea and the surest way to ensure no citizen is going to think nice thoughts about your local police force. Sheer stupidity. Waste of time. Waste ot taxpayer dollars. And I bet the poor cops on the street are shaking their head wondering what the hell the upstream fools are thinking.

Filed by Ken at 6:28 pm under General
2 Comments

in a Web 2.0 world here. Very unidirectional and frustrating and I’m just not going to bother attempting a return comment again. Frustration at unidirectional folks who talk but don’t listen

Filed by Ken at 6:28 pm under General
No Comments

I should have posted this earlier, but it escaped my attention here as I was involved in addressing several areas in the document.

DHS | Department of Homeland Security | Research & Technology

Homeland Security Presidential Directive-7 (HSPD-7) called for a national critical infrastructure protection research and development plan to address the sustained science, engineering, and technology base needed to prevent or minimize the impact of future attacks on our physical and cyber infrastructure systems. The National Critical Infrastructure Protection Research and Development Plan was developed through an intensive, collaborative, interagency effort. This public document highlights the targeted investments needed to help secure and fortify the Nation’s key infrastructures and resources from acts of terrorism, natural disasters, or other emergencies. Download National Critical Infrastructure Protection Research and Development Plan (PDF, 96 pages — 2 MB)

Filed by Ken at 12:12 pm under Technology
2 Comments

So in this news story, we learn -

SINGAPORE (Reuters) - Singapore scientists looking for ways to transmit the sense of touch over the Internet have devised a vibration jacket for chickens and are thinking about electronic children’s pyjamas for cyberspace hugs.

A wireless jacket for chickens or other pets can be controlled with a computer and gives the animal the feeling of being touched by its owner, researchers at Nanyang Technological University (NTU) told Monday’s edition of The Straits Times.

The next step would be to use the same concept to transmit hugs over the Internet, it said.

But isn’t it really just a variation on this -

Horny Brits plug into internet vibrator

Net-controlled remote rumpy-pumpy

Right, let’s get down to business - you’ve warmed yourself up with the vibrating knickers, plugged the iPod into the Muff Dock and slipped into the backless thong, but there’s still something standing between you and an earth-shattering climax…

Ah yes, your boyfriend is at a data networking conference in Birmingham. But while this would previously have been an insurmountable barrier to sexual intimacy, distance can no longer keep the tech-savvy rumpy-pumpyists from enjoying a private moment together.

Indeed, while less connected couples would have to make do with a bit of solo flying, those with a broadband connection and £79.95 to spare can now avail themselves of the Highjoy Internet Enabled Rabbit, 10.5 inches of non-toxic vinyl rubber net joy which “invites couples to join the online sexual revolution”.

Gotta love those Brits.

Filed by Ken at 11:06 pm under General
No Comments

Deadline Passes for Internet Phone Service
By JENNIFER C. KERR, Associated Press Writer Mon Nov 28, 9:39 PM ET

WASHINGTON - Companies that provide Internet-based phone service could be barred from signing up new customers in at least some areas for failing to meet a federal mandate to provide reliable emergency 911 service in all their markets.
ADVERTISEMENT

The deadline to show the government where enhanced 911, or E911, is available was Monday. However, companies and the
Federal Communications Commission were tightlipped, refusing to disclose details of compliance reports.

It was widely expected that no company would meet the deadline since the FCC had given them only 120 days to comply. The VON Coalition, an industry group, has said as much. The coalition did its own survey and estimated that about two-thirds of Internet phone users would have enhanced 911 by the deadline.

Filed by Ken at 10:59 pm under Unified Communications
No Comments

It’s pretty clear from this story, and several others, that we with our Republican Party’s culture of corruption aren’t alone in having woes with corruption problems.

The Canadian government has lost a vote of no confidence in the country’s parliament which was triggered by a corruption scandal.

Canada’s three opposition parties, which control a majority in parliament, voted against Paul Martin’s government, claiming his Liberal Party no longer has the moral authority to lead the nation.

The loss means an election for all 308 seats in the lower house, which is expected to be held on January 23, and an election campaign throughout the Christmas holiday period.

Filed by Ken at 10:52 pm under General
No Comments

My friend and colleague who I haven’t traded email with in quite some time unleashed a rant over at the The Universal Church of Cosmic Uncertainty today.

He brought out, way at the end, a universal trutch -
“Force of will” is not an appropriate management style.

I’ll add my own corollary -
Inappropriate perhaps, but widely used as the way to manage projects.

Filed by Ken at 1:13 pm under General, Technology
No Comments

November 26, TechNewsWorld — Identity theft by insiders to grow dramatically next year according to forecaster. The data security forecast by Joseph Ansanelli, chief executive officer of the data security firm Vontu, indicates that in 2006, as employees continue to learn about the value of sensitive customer information −− and if they are not trained and encouraged properly to protect this information −− there is a real risk that this information will increasingly be misused by retail employees. “Many retailers have not educated their employees on the value of customer information to the company, nor have they educated them on employee
responsibilities towards protecting and correctly handling this information. One example would be the use of skimmers in restaurants. Several thefts have been reported due to wait staff taking the customers’ credit card then running it through their skimmer in order to later be able to retrieve this number,” said Ansanelli. “Employees need to be aware of the value of this information to the company, and the ramifications of not treating this information according to the company policies. They also need to understand what they can do outside their roles to help protect this information and honor the company’s security commitment to their customers,” said Ansanelli.
Source

Filed by Ken at 9:05 am under General
No Comments

There’s a reasonably good story in Business Week Online about the state of VoIP.

If there’s a drawback to the story, it’s the drawback so many articles show lately. It’s very focused on consumer VoIP, Skype and the provider market. No mention of enterprise VoIP being deployed by business.

There’s a lot of enterprise deployment going on and it seems stuck under the radar of the popular press. Mostly because they still don’t “get it.”

Filed by Ken at 8:02 am under Unified Communications
No Comments

According to the Pew Internet & American Life Project Report search engine use has been shooting up in the past year. It’s edging toward email, which still remains the primary internet application

The full report is available at -
http://www.pewinternet.org/pdfs/PIP_SearchData_1105.pdf

Filed by Ken at 8:41 pm under Technology
No Comments

I don’t put a whole lot of stock in Technorati. It’s never been anything above mediocre in my mind, even at its best. But it insists that I haven’t in 7 days. I think I’ve been tagged as a “scan every 90 days” blog perhaps since I said bad things about their suckage.

Actually, I looked up a bunch of other blogs that have updated in the last 48 hours and find the outdated Technorattiness is fairly common. Just ongoing perpetration of mediocrity in ranking and rating (rankling and raping?) the weblog community.

technorati suckage

Filed by Ken at 8:18 pm under General
1 Comment

Matt Rose, CERIAS, Purdue University

When security policies and technologies impede a user’s ability to perform his or her job, what does that tell the employee about his or her value to the organization? If an employee is not given sufficient resources to perform his or her duties, the impression is that his or her services are not valuable or worthwhile to the organization; security initiatives that detract from an employee’s ability to perform his or her job essentially send the same message.

Some great observations from Matt Rose at Purdue.

InfoSec
Information Security
Network Security

Filed by Ken at 7:26 pm under Technology
No Comments

I was in a conversation the other day talking about how we learn, and how we gather information and structure it heirarchically for searching and indexing. But not in a detailed computer database sort of way. Not in a library indexing fashion. We were talking more at the everyday human level.

We encounter a glut of data every day. But data is just raw facts. Infiltered and useless without a schema for prioritization and evaluation. This simple peek and the DIKW model of information management really takes the complex knowledge management sector down to it’s very simplest points.

We take raw data and index it with correlating factors to warehouse information. Information can be correlated further to provide demographics and trends.

Putting pieces of information together we can construct knowledge about a topic. Knowledge lets us make inferences based on known data and information.

Wisdom, ahh now that’s another matter entirely, and outside the realm of hardware computing resources. Wisdom is a very human characteristic. On wisdom, opinions vary widely -

It is characteristic of wisdom not to do desperate things. - Henry David Thoreau

Science is organized knowledge. Wisdom is organized life. - Immanuel Kant

Besides the noble art of getting things done, there is the noble art of leaving things undone. The wisdom of life consists in the elimination of non-essentials. - Lin Yutang

The function of wisdom is to discriminate between good and evil. - Cicero

Knowledge is a process of piling up facts; wisdom lies in their simplification. - Martin Fischer
(who also said that the conclusion is where you got tired of thinking).

Filed by Ken at 4:53 pm under General
No Comments