Archive for February, 2007

Laughing At Spammers – Revenge is Sweet (New Book Review)

News from Lucianne:

We’ve all been spammed by the pathetic Nigerian emails offering to make us endless riches. Steve Graham fought back. He answered them and began a correspondence with a dark and seedy world of international crooks. It is desk-poundingly funny and guaranteed to get you off the keyboard for the most outrageously hilarious trip through the swamps of con. This is the first and only book Lucianne.com has endorsed. We don’t know the author in person and all funds go to him for beer and double fried chicken. Click here for Amazon and give yourself a treat.

Steve is scheduled to appear on Fox News tomorrow. The Good, The Spam and The Ugly has already appeared on Amazon’s list of Movers and Shakers today (click image at right to enlarge).

Amazon’s description of the book suggests a must-read for techies and anyone who has worn out a DELETE key in frustration:

Armed with a scathing sense of humor, Graham quickly turned the tables on his tormentors–with side-splittingly hilarious results. Whether he’s referring to his fictional lawyer Biff Wellington, complaining about the injury he received while milking a lactating sloth, or offering the Preparation H helpline as his phone number, Graham–using aliases such as Wile E. Coyote, Barney Rubble, and Herman Munster–offers proof that spamming the spammers is the best revenge.

Buy it. And buy another copy for that gullible relative of yours who often believes this stuff.

Microsoft Windows Vista Review Including Benchmarks vs Win95

Personal Reflections on Microsoft’s New Vision… in three parts.

Microsoft Windows – Vista – First Thoughts

I have now been working with Vista for a while, and here are my personal impressions.

1. Looks cool
2. Windows XP… SP3</li>
3. User Account Control (UAC) – DOA. This was really funny when I tried to un-install some software that I had installed – it wouldn’t let me. It said: Check with System Administrator. BUT I AM THE SYSTEM ADMINISTRATOR! you whacked out piece of junk, and I have no idea why you won’t let me un-install this software. I had to turn off UAC, reboot, so I could un-install.
4. Everything is slightly different (kind of like the transition from 2000 to XP). In my opinion, this works against Microsoft – I now am immune to distinctions in the UI, since I transition from 98/2000/XP/Vista/Linux distros/Mac OS, etc. So there is nothing special about MS Windows that I am used to, e.g. no loyalty or comfort that makes me resist something different. Just recreating the UI to be different is like painting the house so no one sees the cracks. The reality is that the cracks are still there.
5. Security – I guess better, but more annoying, and from everything I’ve read, not a whole lot better than XP SP2
6. Code signing – took a few days and $400 / 2 years, but I can now sign our code – whoopee!
7. You get immune to the cool effects pretty quickly, and they do nothing to improve your performance within the system.
8. The search in the start menu is OK, but I’ve experienced stuff where it doesn’t find things I know I have, so I had to tweak search settings – there is nothing more annoying than MS making these decisions on what can be searched – yes, yes, I know it isn’t my computer anymore.
9. I would like to completely ignore Vista entirely, but I have no choice. The things we do for money…
10. My Intel Duo core system compiles really fast – if nothing else, I like the hardware…

Second Thoughts
This is from slashdot - very accurate & funny…

There’s a much, much bigger hole than any programmer could possibly exploit: The annoyance factor.

Last night, I restored my old XP partition after figuring I’d give Vista a shot for just a couple of days. You know, just to experience it myself instead of taking other people’s word for what it’s like.

The theme of Vista seems to be simple: Annoy the hell out of he end user. You want to run an application, is that okay? You want to copy a file, is that okay? You want to change your desktop background, is that okay? You want to copy text from IE7, is that okay? You want to delete an old text file, is that okay? You want to paste text into a form field in IE7, is that okay? The list goes on and on. Almost every action in Vista is actually compose of two separate actions: the one you want to do, and the confirmation to do it.

After getting Windows Vista installed, I took an hour or so to configure my personal settings and install a couple of applications. I had to acknowledge somewhere between 50 and 100 dialog boxes asking me if it was okay to do what I was doing. No, I’m not exaggerating.

Now, I’m a very experienced computer user, and I’ve worked for over a decade supporting PCs, servers, networks, and so on. Yes, I know, I could disable UAC if I want to, but that kind of defeats the point of Vista’s so-called beefed up security.

Even I became so numb to clicking OK in two short days that I wouldn’t think twice about it. You want to move that shortcut on your start menu, is that okay? You want to install the Pwnzjoo virus, is that okay? You want to send your bank account numbers to Nigeria, is that okay? Yes, yes, yes, dammit!

If Microsoft wants to really get serious about security, they have to get it through their heads that it’s not about locking everything down and popping up prompt after prompt after prompt to the user. It’s about being smart, letting the user do normal things without interference or interruption, and having the level of alerts match the danger of what’s being done.

As it is, Vista cries wolf so often that when the real wolves show up, I’d be surprised if any user, newbie or guru, listens.

Third Thoughts: Standing Still – Faster Than Ever

I had a few minutes to kill waiting for a meeting, so I thought I’d verify the boot speed issue.

IBM 380ED Laptop
Pentium: Blazing at 166Mhz
RAM: a whopping 32MB
OS: Win 95 B

Intel special (motherboard/processor)
Core Duo: 6400 at 2.13Ghz
RAM: 2 GB
OS: Vista business

I realized some of the boot time is the system hardware itself, and the Vista box initializes significantly slower than the laptop (part of this is a SATA raid option that needs to be on due to some quirk in the Intel motherboard – when off, the hard drive LED doesn’t work – so I had to turn it back on, but this adds several seconds to the whole startup cycle, and has nothing to do with Vista). So I timed the 2 booting up side by side once past the hardware initialization and you know what? Just about the same, both getting to the logon prompt, and also hitting enter once the password is in to get to the desktop.

So in 12 years, and a 1200% increase in performance, you still wait just as long to use your computer. This is the kind of progress that makes your jaw drop…

Kermit Komm – CTO/Innovation Management Group, Inc., Contributing Editor

Adding Podcasts to Your Website in Ten Minutes or Less

I’m usually on the bleeding edge of technology, but have been a slow adopter of adding audio to websites and blogs I manage. This week, my Logitech 350 headset arrived and in under 45 minutes, I had online audio.

I’m going to explain how you can accomplish the same in one-third the time, assuming you have your own website and can FTP or transfer files to it and that you know how to do that. Oh, and I’m assuming you’re using a PC and not a Mac. Macs come out of the box better at doing multimedia than PCs do. If you’re a Mac guru and aren’t too haughty about it, comment on how you create your podcasts and I’ll gladly link to your site. The program I’m using has both PC and Mac versions.

• Buy decent USB headset. Plug it in. As I mentioned, above, I got the Logitech 350
• Download and install Audacity. Windows has a silly Sound Recorder program that has a 60-second limit. Audacity has tons of bells and whistles that I’ll never need. Don’t get the Beta version unless you’re feeling daring. There is also a version of Audacity for Macs.
• Download and install the MP3 LAME encoder for Audacity for your PC or Mac. This will add an Export as MP3 command to your Audacity allowing you to convert big WAV files to smaller MP3 files suitable for websites or copying to your iPod or MP3-ready PDA (I’ve got a Palm Tungsten E).
• Start Audacity. Click the image to the right to display the Audacity screen.
  1) Change the audio rate from 44000 to 11500 rate by pressing the 44000
  2) Press the red record button to start.
  3) Press the square to stop or || to pause.
  4) Press the green arrow to play.
  5) From the File menu, select Export as MP3. The first time you do this, you will be prompted to locate the LAME MP3 encoder whereever you installed it.

Upload it to your site to an easy-to-remember location like www.mysite.com/audio/2007Feb08-YourName-YourTopic.mp3

My habit is to name my files with the date, the speaker and the topic. This makes them easily identifiable at a glance.

Now listen to the result:

COMING SOON: Want good marketing content for your website? From your desk — and without a recording studio — you can record and publish 5-minute audio interviews with your enthusiastic clients on how your company solved their business problems. Oh, and aside from the headset you already bought to do the podcast recording, above… it’s FREE! Look for my next article next week as I focus on inexpensive applied business technology.

Add Techtalk’s RSS feed to your feedreader so you’ll keep abreast of the latest news.

The Day the Internet Went Down… And We Didn’t Notice

You probably didn’t notice, but the Internet suffered a set of attacks on its infrastructure today stronger than anything seen since 2002.

There are 13 primary “Root” servers that serve as the authoritative domain name to IP address naming devices for the whole Internet. All other Domain Name System (DNS) Servers update their mapping tables from these root servers either directly or indirectly through some number of intermediaries. 3 of the 13 root servers were pounded Tuesday and temporarily overwhelmed. The attack was focused on boxes serving public domain spaces like .org and the US Department of Defense (apparently .mil but unclear from the wire reports).

The 12 hour attack was reported as a reasonably straightforward denial of service attack, but was remarkable mostly in scope and volume of data slamming down the pipes into 3 key servers. More on ZD News, the BBC or more interestingly on LittleGreenFootballs where the back and forth comments are much more fun to read.

Here’s the story:

WASHINGTON – Hackers briefly overwhelmed at least three of the 13 computers that help manage global computer traffic Tuesday in one of the most significant attacks against the Internet since 2002.

Experts said the unusually powerful attacks lasted as long as 12 hours but passed largely unnoticed by most computer users, a testament to the resiliency of the Internet. Behind the scenes, computer scientists worldwide raced to cope with enormous volumes of data that threatened to saturate some of the Internet’s most vital pipelines.

The motive for the attacks was unclear, said Duane Wessels, a researcher at the Cooperative Association for Internet Data Analysis at the San Diego Supercomputing Center. “Maybe to show off or just be disruptive; it doesn’t seem to be extortion or anything like that,” Wessels said.

Other experts said the hackers appeared to disguise their origin, but vast amounts of rogue data in the attacks were traced to South Korea.

The attacks appeared to target UltraDNS, the company that operates servers managing traffic for Web sites ending in “org” and some other suffixes, experts said. Officials with NeuStar Inc., which owns UltraDNS, confirmed only that it had observed an unusual increase in traffic.

Among the targeted “root” servers that manage global Internet traffic were ones operated by the Defense Department and the Internet’s primary oversight body.

Check it out, with comments from the forces of truth, goodness and the American way at LittleGreenFootballs.com.

Wikipedia news points to an article DDoSers bombard Military root server (and more) on The Register.

DomainFest

We spent a couple of days at an interesting internet trade show called DomainFest.

Did you ever notice how often you do a search and find a domain name exactly matching your search term. (eg. SeattleSailBoat.com, click image at right). As often as not you’ll find the page is full of PayPerClick links, Google ads, Yahoo ads etc. You have stumbled into the domain parking industry.

There are three major components in the parking marketplace.

1. Domainers – companies, or from the looks of the attendees – reformed xbox addicts- that own dozens, hundreds or even hundreds of thousands of either targeted or obscure keyword based domain names. (Fabulous.com claims to own over 500000 domains).
2. Domain name parking services – they will take your domains and use backend software to display appropriate advertisements (the ppc/overture/google ads that earn money) and they’ll split any revenue they make with the domainer.
3. PPC companies and advertisers that pay for the whole deal.

My sense is that eventually the search engines will come to see this as clutter and they’ll start to cut these very thin, contentless clickthrough lists out of their search results. But until they do, go grab yourself some cool domains, find a parking company (try parkingpanel.com or fabulous.com) and make yourself a few extra dollars per month.

If you want an excellent domain, you can even finance it through a company called DomainCapital and pay it off over 1-5 years.

Dan Warner of Fabulous advises that you look for domains that have:

• Brandability
• Mindshare
• Commerciality
• Specificity
• Realization
• Immediacy and
• Intent

Check Fabulous where he explains what he means.

Data and Information Security

This week TechTalk is focused on data security and information security, and we couldn’t have picked a better week. Every day you read another piece about a corporate data security breach. As more info moves into digital form and finds its way into databases, the opportunities to use that info as a business tool grows, but the risks of exposing that data to nasties increases.

So who’s hot in info security? Who are the players?

InfoSecurityProductsGuide named its picks for hot players in the security market this week. It includes old standbys like Novell, 3Com, PGP, PortAuthority, but also lots of up and comers like IPlocks.

Selected from an industry analysis of more than 500 prominent information security vendors, winners of this prestigious honor are chosen based upon a stern selection criteria of 4Ps. Nominees are evaluated on Products, People, Performance and Potential..

Check out the list

Here are a few choice picks:

IPLOCKS:

Ncircle:

nCircle is the leading provider of enterprise-class security risk and compliance management solutions. Global enterprises and government agencies rely on nCircle’s proactive security solutions to identify, measure, manage, and reduce security risk and automate compliance on their worldwide networks. nCircle has won numerous industry awards for growth, innovation and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the USA and in London, Toronto and Tokyo. Additional information about nCircle is available at http://www.ncircle.com