Who Is Barrister Global Services?

Barrister Global Services Network (barrister.com) provides IT services within the United States. They serve customers in the commercial, government and consumer markets through direct and indirect channels. Business partners include equipment manufacturers, service companies, resellers, and distributors.

Barrister Global Services Network has moved its headquarters from Buffalo, New York to Hammond, Louisiana, near New Orleans, a region that also is home to Barrister's new president. The company was lured by incentives that will pay the company up to $1.5 million over the next 10 years.

Hammond, northwest of Lake Pontchartrain, has a population of about 18,000. The city was the home base for production of the first season of the NBC dramatic television series In the Heat of the Night. The show dealt with issues including racism, drug abuse, rape, murder, incest, and government corruption.

The number of complaints by contractors has risen dramatically since the company's relocation. It is reasonable to assume that the local judiciary is effectively a "home-town referee". You have been warned.

Barrister Global Services has earned the Geeks Informed Smell Test rating of Very Stinky.

Read More

Who is AT&T ConnecTech?

Parks Associates projects that that the home technology service market will be worth nearly $1 billion by the end of 2011 (from $450 million in 2007). The market is attracting attention from the BBG (big bloated guys). AT&T, telecom industry giant, has introduced a new service called ConnecTech. ConnecTech is AT&T's venture into technical services, designed to compete with Geek Squad (Best Buy). The service is available only to residential customers in the United States.

Another BBG (and former AT&T spinoff), Verizon (formerly Bell Atlantic) has also joined the effort to milk their name recognition. The company has launched "Expert Care", which offers tech support for computer problems and home electronics.

With the demise of CompUSA and Circuit City, there are opportunities for companies like AT&T's ConnecTech. The Circuit City brand plans to sell its trademark property to Systemax Inc., the same company that purchased CompUSA's carcass when it closed last year. Systemax, also known as Tiger Direct, closed the majority of the CompUSA brick and mortar stores, and is operating elsewhere as a web-only entity.

AT&T remains strong in computer networks, but otherwise, AT&T, once a bastion of technology (inventions, patents, and Nobel Prizes), has been reduced to a pitiful paper lion. According to a report by the scientific journal Nature, as of July 2008, only four scientists remained in the Bell Labs physics basic research group.

AT&T, the company that invented Unix (Ken Thompson, a programmer at AT&T's Bell Labs invented Unix in 1969) was otherwise a failure in the computer market, and exited this marketplace almost 20 years ago. In addition, AT&T was never a significant player in consumer electronics, the second service marketplace that ConnecTech covets.

Bureaucracies are an essential aspect of all organizations and societies; however, when bureaucracies become self-serving and self-perpetuating, this is a problem. How can the economy evolve, if bloated antiquated organizations siphon off so much energy?

AT&T is now best known for their retail stores selling phones made by someone else. AT&T hit the mother-lode with the agreement with Apple to sell the iPhone. At many stores, one must take a number to wait their turn for the privilege to buy an iPhone.

“AT&T has long been a familiar face in the homes of Americans," said Carmen Nava, senior vice president, Consumer Marketing Operations for AT&T. “The home services industry represents a billion dollar marketplace.”

AT&T has a nice website. In addition, many sporting venues, golf events, and at least two automobile races carry on the AT&T tradition.

AT&T ConnecTech Plan

AT&T has partnered with OnForce, a company comparable to Ebay (and another bureacratic layer with little real contribution), to perform liason with the contractor workforce.

AT&T ConnecTech has earned the Geeks Informed Smell Test rating of Somewhat Stinky.

The AT&T ConnecTech system can sometimes resemble a Rube Goldberg machine. For example, Samsung uses AT&T ConnecTech to maintain its televisions. If a customer called the retailer who originally sold them their Samsung TV for service,

the retailer calls Samsung,

who then calls AT&T ConnecTech,

who then calls OnForce,

who then (finally) submits the job for bids to find the cheapest contractor.

1. Five different entities: the retailer, Samsung, AT&T, OnForce, and the local contractor each get a portion of the payment, and there is a ridiculous amount of bureacracy to wade through for the poor contractor at the end of the chain. As many customers of this system have discovered, too many cooks "spoils the broth".

A bureaucrat is the most despicable of men though he is needed as vultures are needed, but one hardly admires vultures.” Cicero

The next logical step would be for AT&T ConnecTech to add partnerships with U.S. Steel and Xerox that could provide additional prestige. This would facilitate additional bureacratic layers, and would complete the "Russian-French" model.

Read More

Can Anyone Challenge Cisco For Leadership in Network and Data Equipment?

By Michael Lemm

When it comes to network providers and data equipment vendors can anyone really compete with Cisco? The perception may be no. But the reality may be far different. Or at least a little muddy.

Yes, Cisco commands a whopping share of the networking industry pie. However HP, Nortel, Alcatel, Huwaei have of late been aggressively eyeing this space for more of the market share. But for anyone to truly challenge Cisco's dominance ... they have their work cut out for them.

In my opinion, Cisco just keeps smaller players like Juniper and Foundry in the data networking market to avoid monopoly situations. With the largest footprint, deep market penetration and wide open breadth of high quality product portfolio, it has built a significant level of durability into its competitive business strategy.

As far as Alcatel (or Alcatel-Lucent), and Nortel goes, they can be classified as telecom players more than data comm players and HP is too diversified to compare with Cisco as a pure data networking player.

Cisco's business can only be threatened by changes in consumer preferences/demand (external) or technological obsolescence of their current products (internal), both of which are hard to imagine due to the capital resources it spends on marketing research and niche acquisitions.

Juniper is positioning themselves on many levels to compete with Cisco. With their newly released switch platform and the J series routers and the acquisition of Netscreen and Redline etc. Juniper already has competed fiercely for the core network space and has done marginally well with the ISP market. They have not cracked the enterprise very well, though. With their new product launches aimed directly at knocking Cisco off their perch, we may see the landscape change. Large corporations like to have more than one vendor to play off each other. Healthy competition forces innovation and drives price down.

If Juniper can ever figure out an effective marketing plan and lay off the stupid cartoons attempting to be funny, they may have a legitimate shot. They did a very brilliant thing a couple years ago and offered free classes to current and potential customers to get engineers more familiar and comfortable with JunOS. Remember OS/2 did not die because it lacked quality or desirable features.

Nortel has established the necessary feature, functionality and footprint within the voice industry. As the line between voice and traditional data blurs, Nortel will be an increasing threat.

However the one component of the question left out was "why does Cisco have this position?" The answer to this question can be found in the answer to how many IT graduates have studied Cisco courses, or are Cisco accredited, or have used Cisco equipment during their education? Interestingly the answer is most. There are very few Juniper accredited graduates, and even fewer Nortel graduates, let alone Huawei. But this doesn't mean that their respective products are better, worse or equal to Cisco. Iit just means that Cisco has cleverly used brand to differentiate itself from its competitors. People by their nature gravitate to what they know or feel comfortable with. This doesn't mean its right or wrong, its a comfort thing. The same question can be asked about McDonalds, Coke, Pepsi, and Nike.

The difference is not so much the technical side of the equipment vendors, it's more the marketing approach of the companies.

Cisco, although a manfacturer, has marketed itself as a 'system provider' which is only accomplished by joint strategies with larger system integrators. This has led the client to believe that Cisco is larger and more versitile than it actually is, a very clever approach. Cisco has always run a platform to enable its clients to adopt IP strategy in the data and voice arena without massive initial cost. Thereby crossing the boundary of voice and data ( a normal strict division).

Juniper markets to the voice elements i.e. the old PABX people in voice such as the telecoms market.

Procurve sells to a strict SMB market place and is a cheap reseller product.

The Chinese have developed a Cisco competitor based in Basingstoke, UK. However it lacks a strong marketing plan with clients.

This is why we all talk about voice and data convergence. It is what most companies try to sell. However there are still strong divisions in the end-user/client job roles ... with data rooms being one area ... and voice frames in another.

The end deal is simple .... each manufacturer, each integarator from different arenas with different skill sets needs to work together to resolve/serve a clients needs. The client requires an aspirin for his headache .... and not the ingredients to make his own. Cisco will dominate in its market due to a strong stategic partnership program with direct relationships with the client. If someone wants to challenge this they have a lot of work to do yet ... this is not really a question of technical ability.

But ... I honestly believe that Cisco is poised to take a fall just as IBM did back in the early 90s. They have forgotten that people think of them primarily as a networking company. They are no longer the first out with new ideas. They seem to think that a "me to" attitude will suffice.

For example a friend's company has just done an evaluation between 3com, Cisco and HP. All three companies make products that can easily provide him with a fantastic network. In the end Cisco has offered huge discounts, which make it competitive, but is unwilling to extend the discounts for any period of time.

They are already a Cisco shop, and they are really only comparing them to other companies for several reasons. The big one is this ... in the last couple of years they've been installing HP and 3com switches to expand their network. Because, in general both products are around 1/3 the cost. Every time they decide to purchase a new switch, they research and just can't justify the additional expense, since both of the other products will meet their requirements.

HP is a sound product line, well thought out, and has a lifetime warranty. They know exactly how to position their product, and where to price it. Their sales folk run circles around the competition. They clearly intend to clean Cisco's clock in the small to mid sized market, and have the resources to do so. The HP solution allows you to use Chassis in the wiring closets ... if you so choose ... without paying any real premium. Their switch OS seems to be very very much like Cisco's, but there are fundamental differences which some will find refreshing and some frustrating. Cisco better watch out for these guys.

3com has an awesome produce line in the 4500, 5500, 5500G and 8800 products. The performance is astounding, for over 2 years now in their 5500 G product line, they have been able to stack logically and physically with a 192Gbps. backplane speed. If you want to turn a non powered switch into a powered one ... all you have to do is change out the power supply. Which costs only as much as the differential in cost between the powered and non-powered switches. There has been a 10G slot in back since it was designed. They now offer an OSM module which can go in the 10G slot. The OSM module is a linux card with backplane access.

The switch OS is somewhat IOSish ... but is improved in the way you can query it, ("display this" is awesome) and the way the debugs work.

In the last 3 years 3com has vastly improved their support staff. They actually call you on the phone (which Cisco people seem not to want to do anymore) and seem to offer a high level of expertise.

3com offers 2 IP PBX lines the NBX and the VCX. Comparing these 2 today is similar to comparing the Mitel SX100 in 80s and 90s with the ROLM. The NBX is a rock solid medium to small PBX that works great, and offers lots of features. It comes up short, however, if you are looking at an enterprise level solution. This is where the VCX comes in. It can scale virtually as large as you want it to, offers great features, and although they struggled with it at first, it is now a very stable product.

This product line is awesome, and they can beat Cisco's price even with Cisco coming in at incredibly high discounts. If 3com is ever forgiven for leaving the Core market when they did, and if they ever learn how to market their products effectively, they could easily capture a significant piece of Cisco's market share.

My friend has not made a decision yet, but it does seem a little unlikely that he will continue to drink the Cisco Kool Aide any longer. Cisco is an amazing company, and he and I believe they will discover their vulnerabilities and react well, but not before they feel lot's of pain. My friend has worked with their products for 18 years, and is sorry to see what has happened to them because of their amazing growth to power. Hopefully Cisco can recover their leadership aptitude and attitude.

Michael is the owner of FreedomFire Communications....including DS3-Bandwidth.com. Michael also authors Broadband Nation where you're always welcome to drop in and catch up on the latest BroadBand news, tips, insights, and ramblings for the masses.

Cisco to Lay-off up to 10,000

LON Administrator; July 12, 2011

Cisco's revenue has increased by more than 10% per year for the past five years. but the Cisco business plan called for growth of 12-17%. As a result, Cisco may eliminate as many as 10,000 jobs, or about 14 percent of its workforce. (Bloomberg)

Read More

Is Geeks On Call Done?

Geeks On Call has been found in default and received a notice of impending foreclosure from a senior creditor on a note secured by the total assets of the corporation.

The Geeks On Call (GOC) saga took a new turn in October, with the company's acquisition by Intellisuites. Intellisuites is owned by Glenn Davis, a Virginia Beach city council member. The death spiral had begun.

This move was not totally unexpected. GOC had failed to file required financial statements for almost a year. Former CEO (and founder) Richard Cole is no longer connected with the operation.

As recently as 2006, Entrepreneur.com ranked GOC as the 30th fastest growing franchise in the United States.

The GOC carcass included 29 remaining employees, and 57 franchise agreements. Richard Artese, vice president and CIO, and Keith Wesp, vice president of finance, were still employees of the company.

Geeks On Call (GOC) was formed in Norfolk, Virginia in 2001. The company was founded by Richard Cole, an advertising executive and Michael Joynes, a personal injury attorney. They currently operate under the names "Geeks On Call" and "CallTheGeeks.com". The company was formerly known as "Lightview".

Historically, GOC was organized differently than the typical Geek operation. Most of the storefronts were franchises (owned locally, and affiliated in a partnership with GOC).

Earlier this year, GOC modified its organization. It now appears to have been an act of desperation. The company moved one-time employees who worked at company owned locations into contractor status. Franchise locations still operate under the previous model.

GOC utilized OnForce (a contractor broker similar to Ebay) to service many of its customers. The reason for the decision was that Geeks On Call, because of the limited number of storefronts, does not have comprehensive coverage of the United States, only offering services for less than half of potential customers. This problem has become worse with the failures of so many franchises, and the recent parting of ways with 56 franchised territories. OnForce will fill in the considerable gaps.

The company earlier this year faced suits filed by 10 franchise owners, claiming fraud, among other allegations. Those suits were dismissed from Norfolk Circuit and most of the plaintiff franchisees were released from the GOC system along with the fees they had paid into the system.

Geeks On has earned the Geeks Informed Smell Test rating of Somewhat Stinky.Call

Read More

Who Is Prism Pointe Technologies?

The story of Prism Pointe's problems is closely related to failure of a business partner, MPC Computers in Nampa, Idaho (formerly Micron Computers). You may be more familiar with Gateway Computers. In 2007, Gateway Computers sold its government and industrial division to MPC Computers. Gateway Computers is now a part of Acer computers.

MPC Computers is currently in bankruptcy liquidation, and was sued by Prism Pointe in August of last year. MPC Computers owes Prism Pointe more than $730,000. Coincidentally, Prism Pointe stopped paying their bills last spring.

Prism Pointe Technologies (prismpointe.com) is headquartered in Fairburn, Georgia, a city with a population of about 9000. Prism Pointe claims a network of over 13,000 contractor service professionals at over 1,500 locations.

Companies like Prism Pointe will accept a work order from a company like MPC Computers, and then hire a contractor. And like many companies in the National Service Organization (NSO) market segment, Prism Pointe is not completely illegitimate. Many customers have had a successful repair, if the contractor that was hired happened to be competent. In most cases, the NSO never meets the contractor, except over the telephone or Internet.

This kind of problem (Prism Pointe Technologies) is not uncommon. In a complaint against Prism Pointe, a contractor in Colorado Springs states:

"this is the fourth such company in six years of business we have worked for doing this type of third party work. None have come through with payment."

Firms like Prism Pointe will pretend that they are local, even maintaining local phone numbers in major cities. Also, one should be careful of advertisements on the Internet for obvious reasons. Until there is effective industry or governmental oversight of the National Service Industry, it will continue to be a very dangerous environment, for both the customer and contractor.

The unethical behavior in the National Service Organization Industry is creating a larger negative impact. The resulting lack of credibility will negatively affect business industry wide. A higher standard for business ethics is required.

Prism Pointe USS has earned the Geeks Informed Smell Test rating of Somewhat Stinky.

Read More

Computer Malware (Spyware, Viruses, etc.)

Malware (a combination of the words malicious and software) is software code designed to infiltrate and/or damage a computer system without the owner's knowledge. Sometimes people use the term "computer virus" interchangeably with the term malware. Surveys report that 95 per cent of people use antivirus software, but infections remain common.

Computer professionals consider viruses to be a subset of malware. Malware includes computer viruses, worms, adware, spyware, trojan horses, and other malicious software.

There is a war underway between malware professionals from companies like Norton and McAfee, and the bad guys who are often from Eastern Europe. As of today, the bad guys are winning.

Barack Obama has promised to appoint a "Cyber Czar" to lead the fight. Obama emphasized that the cyber threat is "one of the most serious economic and national security challenges we face as a nation. It's also clear that we're not as prepared as we should be, as a government or as a country."

An unacceptable percentage of PCs are infected. According to Harvard Law professor Jonathan Zittrain's interview on 60 Minutes, 30% of computers have malware on them at any one time. PandaLabs Security estimates that just one virus, Conficker, infects 6% of the world's computer population.

According to Symantec, unsolicited e-mail (spam) makes up over 90 percent of all messages on corporate networks. Symantec further reported that almost 60 percent of spam is now generated by malware botnets, computers that have been hijacked by criminals. Dunbot, the worst of the spamming botnets, generates over 18 percent of all spam.

Malware gangsters now commonly use websites that sell fake anti-virus software or offer bogus downloads to distribute their malware. Video "Codecs", which is software for viewing on-line video, is a commonly infected download.

Panda Security estimates that up to 35 million computers worldwide may be infected with fake antivirus programs each month.

Industry Response

Intel technical marketing manager Steve Cutler predicts that malware will eventually be conquered with hardware-based techniques that protect the computer at the deepest level.

Intel is promoting its 'trusted execution technology' which is a set of processor hardware extensions and chipsets that have security characteristics such as measured launch and protected execution. This design is capable of creating an environment in which applications can run within their own memory space, protected from all other software on the system. The success of this hardware-based security is dependent on software vendors designing their products to utilize this security. Intel predicts that once it is known that there is a solution that can successfully address the problem of malware, the market will demand that software vendors comply.

Conficker

The Conficker Worm is the latest major challenge to the system. This worm has already infected several million computers. On April 1, the worm on infected computers connected over the Internet to the “botnet”, a network of host computers set up by the worm’s creators. Security professionals know which Internet server computers are the hosts for the botnet, so the system was prepared, but the worm infection rate is now too high for containment. Microsoft has offered a $250,000 bounty for the identity of the Conficker hoodlums.

Security professionals have methods for measuring the rate of computers infected. Using these techniques, PandaLabs Security has reached the conclusion that about 6% of computers worldwide are infected with Conficker, and about 50,000 new PCs are infected every day, according to Guy Bunker, a computer security expert at Symantec. According to stats from the Conficker Working Group, the number of unique IPs detected as infected with Conficker has risen in June, from 3.7 million on May 31, to 5.1 million at the end of the month.

                       Worldwide Conficker Infection Map
Conficker takes advantage of a design flaw in Windows. If a computer is current with its security updates, the design flaw has been closed since last October. But many people do not stay current, either because they are running a pirated copy of Windows, or from lax computer housekeeping. Unlike most malware, Conficker is very good at spreading because it can identify vulnerable PCs on its own and doesn't require human interaction to infect a computer.

The worm’s creators are in position to generate enormous levels of spam, spread new malware, or do damage to web resources. In recent months, Conficker's creators have updated the worm so that infected computers have been given new ways to communicate.

"The worm did exactly what everyone thought it was going to do, which is update itself," security expert Dan Kaminsky, who helped develop a widely-used Conficker scanner in the days leading up to April 1, told us: "the Conficker developers have cemented their ability to push updates through any fences the good guys have managed to build in February and March."

As far as what comes next? More waiting. Good methods now exist for detecting (Conficker Test) and cleansing Conficker from infected machines on a network (and, let's not forget, a months-old security patch from Microsoft is all you need to protect yourself), but by now the size of Conficker's infected army of nodes spread around the world is big enough to function with devastating consequences even if most PCs are secure.

Gumblar

Gumblar, a malware worm, is attacking computers through vulnerabilities in older versions of Adobe's PDF reader and Flash player software. The worm can redirect the user's Google search results to sites that download more malware onto the machine or allow criminals to conduct "phishing" attacks. Gumblar will disable the links found on the Google search results, and instead connect the web browser to sites that further compromise the system. Although Gumblar is not new, it has resurfaced in the new form recently.

"The Gumblar attacks have morphed again," said Mary Landesman, a senior security researcher with ScanSafe.

The rate of Gumblar infections increased by more than 200% last week. Sophos estimates that Gumblar is currently responsible for 42% of "drive-by" malware on websites.

Detecting an infection is complex, and not fool-proof. According to ScanSafe to find out if your PC has been hijacked by Gumblar, locate the file sqlsodbc.chm in the Windows system folder: C:\Windows\System32.

Obtain the Sha1 of the installed sqlsodbc.chm using FileAlyzer , a free tool for obtaining the Sha1 of a file. Sha1 is an automatically generated digital identifier for files designed by the National Security Agency (NSA), and used by security applications to confirm that a file is correct.

Compare the obtained Sha1 code and the file's size to the list located on the ScanSafe STAT Blog.

If the Sha1 and corresponding file size do not match with a pair on the reference list, it's a potential sign of a Gumblar infection.

Adobe

Adobe modules are now frequently targeted by the malware bad-guys. This includes both Adobe Flash player and Adobe Reader. Adobe Reader is the program frequently used to distribute documents such as technical manuals.

"Adobe Reader is the new Internet Explorer," said Mikko Hypponen, chief research officer with the Finnish antivirus company F-Secure.

According to Hypponen, of the total malware attacks recorded this year, 50 per cent have exploited the six known security vulnerabilities in Adobe's PDF products. Last year (2008), it was Microsoft Word which was most often the target, with about 35 per cent of total attacks. Attacks on Adobe Reader this year are up by approximately 1800%, as compared to the same period last year.

Contaminated PDF files are often used as part of a targeted attack when they are sent to a specifically selected recipient attached to an e-mail. The methods used by the recently reported spy network, which infiltrated computers belonging to the Dalai Lama, included crafted PDF files.

Hypponen suggested referring to pdfreaders.org for a list of free alternatives to Adobe Reader that may be more resistant to the malware. He warned that at the time of Internet Explorer 6's security problems, many people switched over to using Firefox, but as that browser gained significant market share, it also drew the malware hacker attention.

Hypponen said that Adobe's lack of regular security updates is a significant part of the problem. In late July, Adobe released patches for both the Flash player and Adobe Reader.

Adobe has a patch the "Zero-Day" security issue that has been using to break into computers through the Adobe Flash module.

Adobe's patches close security holes in the integer overflow, stack overflow, and heap overflow code modules that could allow to remote control of the software.

Users of Adobe Flash Player 9.x and 10.x or earlier versions should update to Adobe Flash Player 9.0.246.0 and 10.0.32.18. In addition, Adobe also recommends users of Adobe AIR version 1.5.1 and earlier versions update to Adobe AIR 1.5.2.

Users of Adobe Reader 9 and Acrobat 9 or earlier versions should update to Adobe Reader 9.1.3 and Acrobat 9.1.3.

Microsoft Office

The office suite has frequently been the target of attack. This is not surprising, given the popularity of the line. Outlook, Word, Excel, and Powerpoint have each been the target of malware attacks.

Microsoft recently issued a statement that it will no longer provide security updates for Office 2000 products. This is Microsoft's standard policy of a 10 year support period. It also provides incentive for users to upgrade to newer versions of Microsoft's products.

AntiVirus professionals are sometimes very vocal in their contempt of Microsoft Office. Kaspersky Lab has pointed out that Microsoft should secure its Office suite, and not rely on the "Band-Aid over a gaping wound" method of issuing patches for each vulnerability, but instead should address the technology that powers and processes OLE objects.
OLE is Microsoft's interprocess communication mechanism based on the Component Object Model (COM). Microsoft sometimes just calls the technology "automation".

A common method of attack involves a file posted on the Internet for download. When the file is opened, the malware is activated.

Fake Harry Potter Downloads

There is a scam out there in the form of Harry Potter downloads. This is an old trick, in a new lure. Video Codecs have been used before to spread malware. This time the lure is 'Watch "Harry Potter and the Half-Blood Prince". The scam involves getting you to download a "Streamviewer" that the site leads you to believe is needed to see the movie, but is actually malware. This is a "Trojan Horse".

There are ways to detect the scam. One of the ways is to carefully check the link. At first glance, it may look OK, but under close scrutiny, the URL will be suspicious. You can check downloads by uploading the file to VirusTotal.com, where the file will be tested.

Microsoft Windows 7

Windows operating systems are used in about 90 percent of the world's computers. Windows 7 is in beta site testing, and should be generally available for the upcoming Christmas shopping season. But Microsoft has warned that cybercriminals are already selling booby-trapped versions of the software.

"It's so important for customers to get their copies of Windows from a trusted source," Joe Williams, general manager, Worldwide Genuine Windows at Microsoft.

"With Windows Vista, we made significant strides in reducing the threat pirated copies posed to customers, our partners and Microsoft software, and we anticipate we'll do even better with Windows 7," Williams said.

Microsoft research estimates that as many as a third of the company's customers worldwide are running counterfeit copies of Windows.

"We see many cases of customers who wanted to buy genuine software and believed they did, only to find out later that they were victims of software piracy," Williams said.

In the case of Windows 7, the pirated software may include compromised security and tailored malware.

Reference

Virus: A virus is computer program code that will try to spread from one file to another on a single computer and/or from one computer to another. A classic virus is not an independent program, but instead, is code that attaches to an existing file on a computer. Kapersky Virus Lab reports that 200-300 new virus samples are received in their office every day.

Trojan Horse: Trojan Horses are a subset of viruses. They
get their name by the fact that they pretend to be legitimate.

Worms: A worm is a self-replicating computer program. It sends copies of itself to other computers over the Internet or other network. Unlike a virus, a worm is an independent program.

Adware: Adware generates advertisements such as pop-up windows on Web pages. The objective of adware is to earn income from advertisers.

Spyware: Spyware is a program that tracks your habits. Because it is a computer program, spyware can ensure that the spyware keeps running and may influence web navigation.

Most of time we think about Malware as the product of some pimply-faced geek. But recently, spyware didn't come from some Eastern European hacker ring. It came from one of the premier names in U.S. commerce: Sears.

"It's quite off-putting to think of a company tracking these kinds of things about you," said Benjamin Edelman, a longtime spyware researcher and an assistant professor at the Harvard Business School.

Rick Quaresima, Federal Trade Commision lawyer said the agency's primary concern was that consumers were likely unaware of how much information Sears was collecting. Sears monitored "nearly all of the Internet behavior that occurs on consumers' computers," and also collected data about the users' computers, printers, and other devices, said the FTC.

For most Malware today, the primary intent is not damage to the computer. If the user does not recognize the infection, then the program can steal passwords, credit card numbers, or use the computer to send spam to other computers on the network.

According to FBI Deputy Assistant Director Steve Martinez, Eastern European gangs are turning increasingly to cybercrime. He said the FBI had urged law enforcement agencies in other countries to go after the gangs.

Most malware is not the result of a rogue geek, but instead is the product of adult professional criminals.

"There's a lot of money in the Internet. On the last count of malware I did, only 10 percent was written by teenagers. Ninety percent is developed by criminals. This malware is designed for criminal needs such as stealing money, distributing spam and Internet rackets." said Eugene Kaspersky, head of antivirus research for Kaspersky Labs.

Kaperky further said that criminals are turning to the Internet because of the lack of security and policing.

Read More

Who is Geek Housecalls?

Geek Housecalls, Inc.
7 Cypress Drive
Burlington, MA 01803
email: dehlke@geekhousecalls.com

MA: 781-863-8111
RI: 401-351-8111
Toll Free: 1-877-4PC-GEEK (472-4335)

Web: www.geekhousecalls.com
Blog: www.geekablog.com
BBB Rating: A+

Geek Housecalls (GH) was a founded in July of 1999 by Andy Trask and Dave Ehlke. Geek Housecalls was once sued by Geek Squad (Best Buy), who asserted control of the use of the word "Geek".

In recent years, GH acquired "Home PC Networks", and "Downcity Systems", both regional service companies in New England.

Geek Housecalls employs 9 full-time, and 20 part-time tech support employees.

Geek Housecalls has earned the Geeks Informed Smell Test rating of Smells OK.

Read More

Windows 7 Beta Review - Windows 7 is Already More Stable Than Vista

By Dave Williams

Windows 7 Beta Review - It's Time To Get Familiar - Will You skip Vista SP2?

I've got two computers running Windows 7 Beta. They are very different computers in that one is almost 5 years old and one is absolutely cutting edge with all the latest graphics cards, etc. Both run Windows 7 Beta very well and without any errors.

The new Windows 7 Aero theme is pretty and a bit more organized and intuitive than Windows Vista Aero. Enabling the mouse gestures makes Windows 7 much nicer. An example mouse gesture that I use is to wiggle the mouse back and forth like you are scratching something off a list. This instantly clears the desktop by hiding all the open windows. The new interface also allows you to click the thumbnails of the programs that are running. It's a bit Apple OSX like, except not so animated and annoying in my humble opinion.

I am still concerned about compatibility issues, but even the few games I've run have been no problem for Windows 7. Even the latest Fallout 3 ran flawlessly. Given that a Windows 7 beta will be readily downloadable in the near future and given that the apparent quality of the release exceeds that of Vista SP2 Beta, I have to ask who will bother to upgrade to Vista SP2?

In addition to frame rate increases in games, the internet connection scores nearly 10% higher throughput. On our 1GB connections, the difference is even more noticeable. Even if you do not have machine to test drive Microsoft Windows 7 on, you can use Vmware's free desktop virtualization software to set up and start exploring.

It's coming fairly soon. It's going to be good and if you work in a corporate IT department, you'll have to support it. To set up Windows 7 on Vmware, just tell vmware that you will be using Vista. This works well because one of the explicit goals of Windows 7 is driver and hardware compatibility with Vista.

Installation is a breeze. It basically looks just like the Windows Vista installer with upgraded graphics. Like all new Windows releases, Microsoft has tried to appeal to users on the current platform. The result is that there is a lot going on under the hood that has changed but that you won't see until you're in a support situation and relealize that some of your tried and true debugging rituals no longer work.

Conclusion:I think it's wise to start preparing to support this operating system now, especially if you've been holding off corporate users waiting for a better version of Vista. By the time Windows Vista SP2 Beta is stable and out the door, you'll be on the heels of Microsoft's Windows 7 release date. At the least you should install a virtual machine on Vmware for familiarization.

If you have applications that need to be tested on Windows 7, the time to start that is right now. Developers should have their beta copy very shortly.

Read more about Windows Vista SP2 Beta and Windows 7 at boutnewtech.com

Director of Geekdom at http://aboutnewtech.com and during my waking life I play a CIO for a fortune 500 Retailer.

Editor's Note: Windows 7 Release Date is October 22, 2009.

Read More

Handheld "Crash Cart" for Network Server Systems (KVM2USB)

Recovering an out of operation ("Down") server quickly is always a priority. When this objective can be achieved while also making the job easier, everyone wins. Most network servers today are “headless”, meaning they have no keyboard, video, or mouse. For those who work in the server environment, this results in a significant annoyance: "crash carts" (monitor, keyboard and mouse), that are needed to interface with these systems.




Although there are remote monitoring and access tools, there are times when one needs to isolate the server and connect directly. In most cases, one is left with a choice, either unplug the server and bring it to the shop, or you have a push cart with your monitor, keyboard and mouse that you lug around in data center to bring them to the network appliance you need to diagnose.

A more elegant solution to this problem is the KVM2USB from the Canadian company, Epiphan Systems (Ephiphan.com). With this small device, you connect it into your computer’s USB 2.0 port. To connect to the server, it has cables to connect to the KVM ports. It will run on-screen emulation of the server screen right through your laptop screen.





Epiphan Systems KVM2USB product is a compact device that conveys the VGA stream from any host computer to a laptop, while emulating the laptop's keyboard and mouse outputs. It's the equivalent of a handheld crash cart. The second generation KVM2USB has a more powerful microprocessor, on-board RAM buffer, and a faster and more reliable video synchronization.

The KVM2USB is compatible with Windows 2000, XP, Vista, Windows 7 (i386, x64), Mac OS X 10.4 and up (ppc, i386, x86_64), and Linux (x86, x86_64). The KVM2USB sells for about $400, and includes all required hardware and cabling.

Read More

Who Is Field Nation?

Field Nation (FieldNation.com), based in Minneapolis, is a broker of independent field service contractor-technicians to the computer service and consumer electronics industries.

Field Nation is a web based business that appears to have been designed to compete with OnForce. Like OnForce, Field Nation rates are based on the market. With more than 28 million people in the U.S. unemployed or underemployed, and with so many technical jobs outsourced overseas, this market often results in bids by contractors below the cost required to provide the service.

There can be confusion with the name "Field Nation". There are two companies with the same name. There is a marketing research company (surveys, etc.) in Vancouver, Canada at the website: http://www.fieldnation.ca/ and there is the technical service broker at the website: http://www.fieldnation.com/ located in Minneapolis, Minnesota. The two companies are unrelated.


New Field Nation company address: 2303 Kennedy St. NE, Suite 100
Minneapolis, MN 55413
Tel: 952-955-4072
Fax: 952-400-3408
info@fieldnation.com

Read More

Mileage Logger from Vulocity

It is tax season again. Many self-employed people claim automobile expenses as a tax deduction. If you are like me, you keep your mileage log on paper. This is a major pain. Now there is a new system that will save you time now, by eliminating the manually logged data, and later, when it is time to do your taxes. It's called "Mileage Logger", a product from Vulocity (www.vulocity.com).

The device automatically tracks the mileage using GPS and sends this information over the cell phone data network to Vulocity.

The device is designed to record using motion activation, and to require no human interaction. The device also has manual stop and start buttons. The device is small, about the size of a laptop power supply. If necessary, the device can be moved independent of the vehicle using a rechargeable battery.

This gadget will enhance your credibility with the IRS. Last year, vehicle expense accounted for about 15% of all tax deductions. Mileage Logger uses GPS to log your miles, and sends the data over the GSM cellular network to Vulocity's servers.

To see your activity, you log in to Vulocity's servers. Here, you can assign trips to business or personal use, and manually input mileage. Each record contains addresses and maps to help you remember the purpose of the trip. You can export the records to an Excel importable file, and merge, delete or add records.

There is an optional "locate on demand" feature that can be used to locate your vehicle if it is stolen, or to track your fleet of vehicles. This service costs $1 a month, in addition to the normal subscription fee.


IRS

IRS standard business mileage rate deduction for 2009 is 55¢ per mile (30,000 business miles equates to a $16,500 reduction in taxable income). The business mileage rate was 50.5 cents in the first half of 2008 and 58.5 cents in the second half. The number of IRS Schedule C Audits have increased by more than 100% over the last decade. With this year's increase in mileage rate, a further increase in audit rate is anticipated. The Mileage Logger exceeds the IRS imposed mileage log book requirements.

"I spend most of my time in representation of clients before the IRS, and that includes audits", says Charles Bell, an "IRS Enrolled Agent" (certified specialization in IRS accounting) based in Richardson, Texas. "I see often that very few people are prepared for audits regarding substantiating their mileage. It should be an easy task, but it’s just one of those things that human nature says, let’s not bother with it now, we’ll deal with it later."

A recent Syracuse University study has revealed that an increasing number of small businesses are being targeted by the IRS for audits. The smallest businesses were audited 41 percent more often in 2007 than in 2005.



OBD 2 Port



Mileage Logger connects to your vehicle via the OBD 2 port. This port is designed for vehicle diagnostics, especially pollution control, and has been required equipment for all vehicles since 1996.

The OBD 2 connector will be located within three feet of the driver. It is probably under the dash or behind an ashtray.


Mileage Logger currently sales for $200 plus a $19 per month subscription fee.

Read More

Who Is OnForce?

OnForce (OnForce.com) provides access to over 12,000 service professionals in a number of technology categories, including computers, printers, networking, voice over internet (VoIP), point of sale technology, and consumer electronics.
Services include repair, training, and installation throughout the USA and Canada. OnForce currently processes about 23,000 work orders per month. This is about 10% higher than last year.

This service allows small companies to easily provide service and support nationwide. Approximately 60% of OnForce work orders are for troubleshooting and repair. The rest is primarily installation or deinstallation of equipment.

OnForce, formerly ComputerRepair.com, is often compared to Ebay, but instead of merchandise, OnForce auctions technical services. In fact, some of the OnForce executives came from Ebay. The OnForce system typically results in work being awarded to the contractor who will agree to work at the lowest rate. OnForce and similar services have their share of detractors.

Certifications are tracked, and buyers can filter service providers by these certifications. The number of different certifications tracked by OnForce has recently been increased. This has historically been an important weakness of the OnForce system. Certifications from BICSI, Cisco, Dell, Microsoft, Nortel, Samsung, Sun, and SonicWall are now also tracked. With these changes, OnForce now earns a "Fair" grade (upgraded from "Poor") with their certification tracking. A comprehensive Microsoft certification list is the most glaring oversight.

OnForce also includes a system for tracking criminal background checks and drug tests. The contractor must pay for these checks, but since buyers often filter by these attributes, the contractor is encouraged to participate.

OnForce Technology

OnForce technology is reminiscent of early Ebay technology. Remember that Ebay was "technology-challenged" in the early years.

OnForce interfaces with the contractor via a web portal. Since most contractors in this type of work are mobile, OnForce also sends an SMS (cellphone text) message, to alert the contractor that they need to check their account. If the contractor has a web enabled phone, he can log in and accept the work order. SMS can be a weak link in the system since SMS relays are notoriously unreliable. Remember that the tech may only have a couple of minutes after the SMS message is received (if he is lucky!).

The next time that you see a service vehicle cut across 3 lanes of traffic for a highway exit, you might consider that it could be an OnForce tech racing the clock to bid on a job.

Remember when Domino's Pizza was sued for pressuring their drivers to drive recklessly to deliver pizzas on time? Dominos should have reorganized their drivers into a contractor workforce ... Shazaam!!!      Zero Responsibility!

Enhancements to the system by OnForce are promised. OnForce is undoubtedly an important development in the IT services chronology.

AT&T ConnecTech Now Partners with OnForce

AT&T now offers on-site tech support, called "ConnecTech" that include services such like PC repair or Audio-Video services. Zip Express Installations (a spin-off of Best Buy) also uses OnForce, primarily for flat-screen installs.

Because these tech support services are hard to manage with a unionized labor force, companies like AT&T are contracting with third parties like OnForce for these services.

The on-site IT market does not have a clear leader at the moment. With the bankruptcies of Circuit City and CompUSA, it is clear that there is not a retailer that's well positioned to fill that role.

OnForce has earned the Geeks Informed Smell Test rating of Somewhat Stinky.

Read More

The Switch to Digital TV, 24 Hours and Counting: Are We Ready?

6/11/09


Days, Hours... on Friday the U.S. broadcast television industry goes "digital". Make a mental note to check on your neighbors and family. One survey this week said that 2 million homes are still not prepared for the switch.

TV reception is not a luxury. If you are reading this article, you are likely tech savvy. This will be a day to be generous with your skills.

Not everyone is pleased with the transition's efficiency. "This is a $650 million mistake," said Rep. Joe L. Barton (R-Tex.), who was an opponent of transition postponement. If the transition program uses all of the money, "they've managed to spend $1,000 per household for a device that costs $50."

Digital TV is intended to give our TV broadcast system a needed update. Digital technology results in higher quality reception, and is more efficient in the use of RF spectrum. With increased efficiency, more channels can be broadcast, and Rf spectrum can be used for other services, such as wireless broadband and public safety communications.

TV stations, in conjunction with the Federal Communications Commission have conducted several 5 minute interuptions of the legacy analog signal. These tests allow viewers to identify their readiness status for the transition, and publicize the upcoming event.

The last "soft test" was on May 21, and resulted in over 55,000 calls to the FCC's hotline. Just over half of the calls were requests for information for the agency's coupon subsidy program.

"It was a wake-up call for consumers who are unprepared, alerting them to the fact that they need to take the necessary steps before the June 12 DTV transition." said acting FCC Chairman Michael Copps.

The new deadline is now
less than 20 days away,
but will we be ready on June 12?

The answer depends on one's perspective. If we wait until 100% of consumers have completed their preparations, we might as well cancel the plan. It will never happen. However, if we set our perspective realistically, the country as a whole is well prepared.

In January, according to research firm Nielsen, 6.5 million U.S. households were unprepared for the switch to digital television, still receiving only analog signals over antennas. Now the number of households said to be unprepared has been cut nearly in half, to about 3.5 million (approximately 3 percent of households).

Approximately one-third of full-power TV broadcast stations are already completely transitioned, and more will do so soon. In total, about 45% of TV stations will have already switched to digital-only broadcasting before June 12.

The National Telecommunications and Information Administration (NTIA) is again sending out analog converter set-top box discount coupons. The NTIA will even exchange expired coupons. To date, 26 million coupons have been redeemed.

There is concern about the demand for the converter boxes needed might exceed supply. But according to Gary Shapiro, president of the Consumer Electronics Association (CEA), "Our survey data suggest that manufacturers and retailers will likely meet consumer demand for converter boxes and antenna through the end of the transition".

Most Americans are aware of the switch, said Anne Elliott, vice president of communications at Nielsen. "At this point, I think it would be hard to imagine that anybody who watches television has not heard of this transition." But "there are always folks who buy presents on Christmas Eve and people who line up at the post office on April 15" to file their taxes.

Read More

Cyberwar in Estonia and the Middle East

By Aviram Jenik

Did a member of your family help launch a cyber attack that brought an entire nation to its knees? No, seriously, don't laugh. In April 2007, communications in the Baltic state of Estonia were crippled through a coordinated attack that relied on the computers of millions of innocent users around the world, just like you and your kin. The strike was notable in fully demonstrating how cyber war had moved from idea to reality. And it all started with the movements of a single soldier.

The Bronze Soldier is a two-meter statue which formerly stood in a small square in Tallinn, the Estonian capital, above the burial site of Soviet soldiers lost in the Second World War. The memorial has long divided the population of the country, with native Estonians considering it a symbol of Soviet (and formerly Nazi) occupation and a large minority population (around 25% of the total) of ethnic Russian immigrants seeing it as an emblem of Soviet victory over the Nazis and Russian claims over Estonia. When the country's newly appointed Ansip government initiated plans to relocate the statue and the remains as part of a 2007 electoral mandate, the move sparked the worst riots the country had ever seen - and a startling cyber attack from Russia.

On April 27, as two days of rioting shook the country and the Estonian embassy in Moscow found itself under siege, a massive distributed denial-of service (DDoS) attack overwhelmed most of Estonia's internet infrastructure, bringing online activity almost to a standstill. The targets were not military websites but civilian sites belonging to organizations such as banks, newspapers, internet service providers (ISPs), and even home users. Much of the onslaught came from hackers using ISP addresses in Russia, but the most devastating element in the attack was a botnet which co-opted millions of previously virus infected computers around the globe to pummel the Estonian infrastructure.

Anatomy of a Cyber Attack

The botnet fooled Estonian network routers into continuously resending useless packets of information to one another, rapidly flooding the infrastructure used to conduct all online business in the country. The attack centered mainly on small websites which were easy to knock out, but nevertheless was devastatingly effective. Bank websites became unreachable, paralyzing most of Estonia's financial activity. Press sites also came under attack, in an attempt to disable news sources. And ISPs were overwhelmed, blacking out internet access for significant portions of the population.

While the Estonian government was expecting there to be an online backlash to its decision to move the statue, it was completely unprepared for the scale of the cyber attack. Estonia's defense minister went on record to declare the attack "a national security situation", adding "it can effectively be compared to when your ports are shut to the sea."(1)

Once it became clear that most of the country's online business infrastructure was being affected, the Computer Emergency Response Team for Estonia (CERT-EE) issued a plea for help from IT security specialists worldwide and an ad-hoc digital rescue team was assembled, which included people from my own firm, Beyond Security. It took us a few days to get to the bottom of the threat and begin setting up frontline defenses, which mainly involved implementing BCP 38 network ingress filtering techniques across affected routers to prevent source address spoofing of internet traffic. The attack waned quickly once we started taking defensive measures. But in the days it took to fight off the attack, it is likely that the country lost billions of Euros in reduced productivity and business downtime.

Cyber War in the Middle East

The Estonian incident will go down in history as the first major (and hopefully biggest ever) example of full-blown cyber warfare. However, there is one place on earth where cyber war has become part of the day-to-day online landscape - and it is still ongoing.

In the Middle East, the Arab-Israeli conflict has a significant online element, with thousands of attacks and counter-attacks a year. This has been the situation since the collapse of peace talks in the region and was preceded by a spontaneous wide-scale cyber war between Arab and Israeli hackers in 1999 and 2000. Arab sympathizers from many nations are involved. A group of Moroccan hackers have been defacing Israeli web sites for the last six years or so, and recently Israel's military radio station was infiltrated by an Iraqi hacker.

Unlike the blitzkrieg-like strike in Estonia, this protracted warfare is not intended to paralyze critical enemy functions but more to sap morale, drain resources and hamper the economy. The targets are typically low-hanging fruit in internet terms: small transactional, informational and even homespun web sites whose security can easily be compromised. Taking over and defacing these sites is a way of intimidating the opposition - creating a feeling of 'if they are here, where else might they be?' - and leads to significant loss of data, profits and trust for the site owners.

Cyber War Spreads

If the Estonia and Middle East examples were our only experiences of cyber warfare then it might be tempting to put them down to local factors and therefore not of concern to the wider security community. Sadly, however, these instances are simply part of a much larger trend towards causing disruption on digital communications platforms. In January this year, for example, two of Kyrgyzstan's four ISPs were knocked out by a major DDoS hit whose authors remain unknown.(2) Although details are sketchy, the attack is said to have disabled as much as 80% of all internet traffic between the former Soviet Union republic and the west.

The strike appeared to have originated from Russian networks which are thought to have had links to criminal activity in the past, and probably the only thing preventing widespread disruption in this instance was the fact that Kyrgyzstan's online services, unlike those in Estonia, are poor at the best of times. It was apparently not the first such attack in the country, either.(3) It is claimed there was a politically-motivated DDoS in the country's 2005 presidential elections, allegedly attributed to a Kyrgyz journalist sympathizing with the opposition party.

China has also engaged in cyber warfare in recent years, albeit on a smaller scale. Hackers from within the country are said to have penetrated the laptop of the US defense secretary, sensitive French networks, US and German government computers, New Zealand networks and Taiwan's police, defense, election and central bank computer systems.

In a similar fashion, in 2003 cyber pests hacked into the UK Labor Party's official website and posted up a picture of US President George Bush carrying his dog - with the head of Tony Blair, the Prime Minister of the UK at the time, superimposed on it.(4) The incident drew attention to government sites' lax approach to security although in this particular event it was reported that hackers had exploited the fact that monitoring equipment used by the site hosting company had not been working properly. And as long ago as 2001, animal rights activists were resorting to hacking as a way of protesting against the fur trade, defacing luxury brand Chanel's website with images of slaughtered animals. (5)

The Case for the Defense

What do all these incidents mean for policy makers worldwide? Both the Estonian and Middle Eastern experiences show clearly that cyber war is a reality and the former, in particular, demonstrates its devastating potential. In fairness, Estonia was in some ways the perfect target for a cyber strike. Emerging from Russian sovereignty in the early 1990s with little legacy communications infrastructure, the nation was able to leapfrog the developments of western European countries and establish an economy firmly based on online services, such as banking, commerce and e-government. At the same time, the small size of the country - it is one of the least populous in the European Union - meant that most of its web sites were similarly minor and could be easily overwhelmed in the event of an attack. Last but not least, at the time of the Estonian incident, nothing on a similar scale had been experienced before.

It is safe to say that other nations will now not be caught out so easily. In fact, if anything, what happened in Estonia will have demonstrated to the rest of the world that cyber weapons can be highly effective, and so should be considered a priority for military and defense planning.

What might make cyber warfare the tactic of choice for a belligerent state? There are at least five good reasons. The first is that it is 'clean'. It can knock out a target nation's entire economy without damaging any of the underlying infrastructure.

The second is that it is an almost completely painless form of engagement for the aggressor: an attack can be launched at the press of a button without the need to commit a single soldier.

The third reason is cost-effectiveness. A 21,000-machine botnet can be acquired for 'just a few thousand dollars', a fraction of the cost of a conventional weapon, and yet can cause damage and disruption easily worth hundreds of times that.(6)

The fourth is that it is particularly difficult for national administrations to police and protect their online borders. A DDoS attack may be prevented simply by installing better firewalls around a web site (for example), but no nation currently has the power to tell its ISPs, telecommunications companies and other online businesses that they should do this, which leaves the country wide open to cyber strikes.

The last but by no means least reason is plausible deniability. In none of the cyber war attacks seen so far has it been possible to link the strike with a government authority, and in fact it would be almost impossible to do so. In the case of the Chinese hack attacks, for instance, the authorities have provided a defense which amounts to saying: 'There are probably a billion hackers on our soil and if it was us we would have to be stupid to do it from a Chinese IP address.'

A similar logic potentially provides absolution to the Russian administration in the case of Estonia: if it is so cheap and easy to get a botnet to mount a DDoS attack, why would the Russians bother mounting hack attacks from their own ISPs? And in the Kyrgyz attack, although the source of the DDoS clearly points to a Russian hand, the motives for Russia's involvement remain hazy, leading to a suggestion that it may have been caused by Kyrgyzstan's own incumbent party, acting with hired cyber criminals from Russia.

Tactics For Protection

With all these advantages, it is unlikely that any military power worth its salt is by this stage still ignoring the potential of cyber warfare. In fact, since the Estonia incident it is even possible that the incidence of cyber warfare has increased, and we are simply not aware of the fact because the defensive capabilities of the sparring nations have increased. After all, another important lesson from Estonia is that it is possible to mount a defense against cyber attacks. There is no single solution, no silver bullet, but a range of measures can be taken to deal with the kinds of DDoS issues faced by Estonia and the kinds of hacker attacks still going on in the Middle East.

For DDoS strike avoidance, there are four types of defense:
• Blocking SYN floods, which are caused when the attacker (for example) spoofs the return address of a client machine so that a server receiving a connection message from it is left hanging when it attempts to acknowledge receipt.
• Implementing BCP 38 network ingress filtering techniques to guard against forged information packets, as employed successfully in Estonia.
• Zombie Zappers, which are free, open source tools that can tell a device (or 'zombie') which is flooding a system to stop doing so.
• Low-bandwidth web sites, which prevent primitive DDoS attacks simply by not having enough capacity to help propagate the flood.

For hacker attacks such as those seen in the Middle East, meanwhile, there are
three main types of defense:
• Scanning for known vulnerabilities in the system.
• Checking for web application holes.
• Testing the entire network to detect the weakest link and plug any potential entry points.

A Doomsday Scenario?
All the above are useful defensive tactics, but what about strategic actions? First and foremost, the Estonian experience showed that it is important for the local CERT to have priority in the event of an attack, in order to ensure that things can return to normal as soon as possible.

Authorities can also as far as possible check national infrastructures for DoS and DDoS weaknesses,, and finally, national CERTs can scan all the networks they are responsible for - something the Belgian CERT has already started doing. Given the openness of the internet and the differing challenges and interests of those operating on it, these measures will of course only provide partial protection. But it is hoped they would be enough to prevent another Estonia incident. Or would they?

There is, unfortunately, another type of cyber war strike which we have yet to see and which could be several times more devastating that what happened in Estonia. Rather than trying to hack into web sites just to deface them - a time-consuming effort with relatively little payback - this tactic would involve placing 'time bombs' in the web systems concerned. These could be set to lay dormant until triggered by a specific time and date or a particular event, such as a given headline in the national news feed. They would then activate and shut down their host web site, either using an internal DoS or some other mechanism.

The code bombs could lay dormant for long enough for a malicious agency to crack and infect most or all of the major web sites of a country. And in today's networked world, this is no longer about simply causing inconvenience. Think of the number of essential services, from telephone networks to healthcare systems, which now rely on internet platforms. Knocking all these out in one go could have a truly overwhelming impact on a nation's defensive capabilities, without the need for an aggressor to send a single soldier into combat.

The means to create such an attack definitely exist. So do the means to defeat it. What has happened in Estonia and the Middle East shows we now need to consider cyber warfare as a very real threat. What could happen if we fail to guard against it really does not bear thinking about.

References
1. Mark Landler and John Markoff: 'Digital fears emerge after data siege
in Estonia'. New York Times, 29 May 2007.
2. Danny Bradbury: 'The fog of cyberwar'. The Guardian, 5 February 2009.
3. Ibid.
4. 'Labour website hacked'. BBC News, 16 June 2003.
5. 'The fur flies'. Wired, 23 January 2001.
6. Spencer Kelly: 'Buying a botnet'. BBC
World News, 12 March 2009.

Aviram Jenik is the CEO of Beyond Security, which has developed tools that uncover security problems in servers and web sites, discover vulnerabilities in corporate networks, check computer systems for vulnerability to hostile external attack and audit vendor products for security risks.

Aviram Jenik

Beyond Security

http://www.beyondsecurity.com

1616 Anderson Road

McLean, VA 22102

1-800-801-2821

brianp@beyondsecurity.com

Read More

Archives

The Switch to Digital TV: Are We Ready?

E-Cycle

Read More

Segmenting Inside (Linux)

By Guy Smith

Once in a great while you see a company doing what would be sane in other markets, but might be a Herculean improbability in their own.

Yes, this has to do with the Linux market.

Specifically this has to do with the embedded Linux market, a realm so fragmented that 'chaos' is too polite a description. It is also one of Linux's silent success stories. Odds are that you are within five feet of one or more devices that have embedded Linux inside. Glancing about my office I count three (a printer, a router, and a cell phone, though I suspect the hub and print server at Linux-based as well).

The embedded Linux market is fragmented along several vectors. The primary vector of discord is the application. Router makers and printer makers and cell phone makers have different interest and needs with embedded Linux. A while back my neighbors at Wind River were toying with the notion of creating an online community where users in the different markets could share innovations in a non-competitive environment, but that initiative seems to have fallen in the gutter.

Now MontaVista wants to do the opposite.

Ignoring for a moment the unfortunate aspect of having the word 'vista' in their corporate name, the folks at MontaVista have decided that the proper approach to the market is to offer embedded Linux packages tailored to different market segments. They are not tackling the relative industries (routers, printers, cell phones, etc.). MontaVista is segmenting their embedded Linux offering by CPU/platform - Atom, PowerQUICC II Pro, PowerQUICC III, TI OMAP35x, etc.

Unlike the x86 server market, where use variations between box vendors are relatively limited, the chip market for embedded Linux is highly fractured. The differences are allegedly significant enough that loading a Linux distro down with cross platform packages is a burden to the buyers. MontaVista claims that many in the market buy an embedded Linux package and then customize it to their platform before using in production.

Which seems very odd given that the use of Linux Inside is typically for the more primitive functions.

MontaVista is segmenting their product to match the chip-based segment of the market. Now segmentation is a Good Thing^TM for marketers to do. What I find curious is that the assembly of a Linux package by CPU is a significant segmentation vector and that it has taken this long for a vendor to segment accordingly.

Which means it may not be a prime vector for segmenting.

Over at Wind River, they segment based the category of final product in which their Linux will be embedded. There are Wind River Linux distros for automotive devices, networking gear, consumer products as well as several medical and military specs. Instinctively this seems to be the more rational segmentation model. Consumer devices need user interface packages (image a G-Phone without the G-UI). Networking gear doesn't need fancy UIs, but it does need routing and network security functions that a consumer device might not.

The method to MontaVista's madness may be in their new Integration Platform (sigh, another use for the acronym IP). Akin to SuSE's openBuild system, the goal is to provide customers with ways of safely and sanely customizing MontaVista's core distro. This saves buyers the pain of finding, including and removing parts of a Linux distro to make it work for the intended application.

Here is a contrast in market approaches: Wind River has both a general purpose distro and a string of special builds for different industries. MontaVista has a general distro with some reconfiguration for different CPUs and with a tool to tailor the distro to your specific needs.

Which approach is better?

I'll have to give the short-term nod to Wind River. Business in competitive markets moves fast. Wind River provides products pre-configured for various industries, and yet which can still be tweaked by the customer (or by Wind River) if there is some exotic need. This helps customer get their products to market faster and possibly cheaper. If Wind River were to engineer an openSuse/MontaVista-IP type system for customization, then they would be hitting on all cylinders.

The marketing lesson herein is that segmentation is always driven by the customer base, not the convenience of the vendor. Segmenting by industry is a natural for many technology vendors, but it may not be the viable for your products. There are two primary goals in segmenting, which we'll be happy to explain once we land you as a client. Your segmentation model must meet these goals. If you don't then you will embed your company into the ground.

Guy Smith is the chief consultant for Silicon Strategies Marketing. Guy brings a combination of technical, managerial and marketing experience to Silicon Strategies projects.

Directly and as a consultant, Guy has worked with a variety of technology-producing organizations. A partial list of these technology firms include DeviceAnywhere (mobile applications), ORBiT Group (high-availability backup software), Telamon (wireless middleware), Wink Communications (interactive television), LogMeIn (remote desktop), FundNET (SaaS), DeviceAnywhere (mobile applications), Open-Xchange (groupware), VA Software (enterprise software), Virtual Iron (server virtualization), SUSE (Linux distributions and applications), BrainWave (application prototyping) and Novell.

http://www.SiliconStrat.com

Read More

Isotopic Variants Of The Intel Atom Processor

By Debasis Das

In one of my previous articles, I have mentioned how the Intel Atom processor is fueling the growth of Netbooks. Atom processors come in a range of variants; that are divided into a few families of devices depending on the resources available on the processor, clock speed, whether they support multi-threading etc.

Current Variants: The Atom isotopes or the current variants of the Atom processor are 200 family, 300 family, N270 series and Z5xx series processors. A large percentage netbooks have Atom variants powering them. That's how all pervasive it has become. What makes it so attractive! We shall take a quick look here at the features of these processors. According to Intel there are no particular significance to the numbers assigned to these components; performance or otherwise. For example the Z5xx family members are not necessarily higher performance, faster devices that the 200 family. There are different features to these families though and that is what we shall quickly review here. Ideal way of doing it would have been to present you a matrix of the isotopes vs. features available. However, the format of these articles is not quite suitable for a table like that. We shall try our best to highlight the differences anyway. The processor components available so far are Z540, Z530, Z520, Z510, Z500, N270, 330 and 230. Latest member to join the team is the N280. The major features look like as follows. The format used is the processor number followed by clock speed, L1 cache size, FSB speed and max TDP rating. Clock speed in GHz is a straightforward item. They are around the 1.6 GHz mark except for Z540 and N280 which are faster at 1.86 and 1.66 GHz respectively. Z500 has the slowest clock speed at 800 MHz.

The cache size specification is that of the first level or the so called L1. This is fairly uniform across the members except for the 330 which has a 1 MB L1 cache. The clock speed indicates a spread of raw processor speeds from 800 MHz to 1.86 GHz. That's quite a range. The L1 cache specs are almost the same except the 330 which should show a marginal advantage over similar clock speed processor when really sequential programs are involved. FSB (front side bus) is the interface to memory system off chip. The memory system here is the main memory or the system memory; as they are variously called. This is a specification that largely determines the system performance.

Even though the on-chip processor is really fast, FSB speed really determines how fast the complete system will work on an average. N280 can handle fastest interface at 667 MHz while the Z510 and Z500 can handle only 400 MHz transactions. Other components work at 533 MHz. Unique thing about the N280 is that it can handle HD video, combined with the chipset GN40 it can go right up to 1080p video. What is really interesting about these processors is their extremely low power operation. TDP, thermal design power, is a specification for maximum power design inside the chip that should be taken into consideration for thermal designs. Except for 330 and 230 the ratings are at 2.5 watt levels. The lowest dissipation is on Z500. There are other features included in the processors that help manage the power dissipation closely within those specifications. We shall discuss those at some other future opportunity. The processors have all been designed with 45 nm lithography features and the physical chip measures just 13mmx14mm. Truly miniature sized wonders!

Debasis Das has worked with technology companies for close to four decades, 25 years of which has been with IT consulting companies. He has managed software and Geospatial industry outsourcing from India for International clientele. He has worked with customers from US, Europe, Japan and China. He is widely traveled and currently engaged in consultancy in software, embedded systems and technical contents.

Contact at ddas15847@yahoo.com
Web site at http://www.consult-debasis.com

Read More

Servers - A Tale of Two Technologies

By Arthur Cole

"It was the best of times, it was the worst of times..."

Dickens was describing London and Paris during the French Revolution. But in today's world, it is an apt description of the IT industry during the virtual revolution.

For the worst of times, we need look no further than the server industry, which reported another disastrous quarter earlier this week. According to IDC, worldwide shipments dropped some 26.5 percent year-over-year in the first quarter of 2009, with all of the major vendors showing double-digit revenue drops. Overall, the industry shipped only 1.49 million units, the largest decline in five years, with revenues down nearly a quarter to $9.9 billion.

The source of all this woe is the one-two punch of the recession and virtualization, which dampens the demand for new hardware through higher utilization of existing machines. While this may be good for capital budgets, as well as the environment, it's proving to be a real burden for the server industry, which had long counted on a steady refresh rate to keep its coffers full. The decline was most keenly felt in x86 devices.

IDC is also reporting that the picture seems to be the same for the second quarter so far, although they are predicting a tepid rebound by the fourth.

To their credit, many of the top server vendors are not trying to push back the tide but are actively embracing virtualization and other advanced technologies designed to produce more efficient hardware platforms. IBM, for instance, is gearing up for a new server line that takes advantage of Intel's forthcoming Nehalem-EX architecture that features up to 64 cores across eight processors. Although the system is likely to be expensive, it could do the job of multiple blade servers through its ability to handle up to 128 individual threads. The chip itself also provides 16 memory slots per socket and four QuickPath interconnect links for processing large amounts of data in tandem.

Now for the best of times. All of this virtual and multicore activity is clearly a boon to the networking side of the house, particularly wide-band solutions like 10 GbE. Dell'Oro Group reports that the 10 GbE market rebounded in the first quarter, following a decline in the fourth quarter of 2008. The company did not release any numbers from its Network Adapters Quarterly Report, although it did say that Intel is once again the new leader in adapter card revenue and port shipments, while Broadcom retained the spot as leader in silicon controllers.

This all makes perfect sense, of course, because as more and more data starts to run through fewer and fewer hardware devices, the focus of data center performance shifts from raw processing power to network agility and speed. Going forward, as cloud technologies allow enterprises to shift resources on a global scale, the question will no longer be "Do I have enough power to handle all this data?", but rather "How can I get this data quickly to my various end-points?"

And in this vein, there doesn't seem to be anyone interested in slowing things down. Mellanox, for example, just unveiled a 6-port, multiple-protocol 10 GbE physical layer that lays the groundwork for a new generation of high-density, low-power switches and pass-through devices. The PhyX supports all 10 Gigabit Ethernet physical layer functions and can be field-upgraded to FCoE with 2, 4, and 8 Gbps Fibre Channel gateway service without hardware modifications.

With such precipitous changes in data center hardware buying patterns, many wonder if things will ever get back to normal. While sales and revenue figures have fluctuated over the years, the hard news this time is that these changes look permanent. Once the recession is over, server sales should pick up, but they will be nowhere near previous numbers because those low utilization rates are gone forever.

The new normal will be relatively low server activity and increasingly fast networks as enterprises position themselves for the cloudy/virtual decade to come.

Read Art's article, "The Three Factors Shaping the Future of the Data Center" - http://bit.ly/LQD6h

Read More